diff --git a/modules/consent/templates/consentform.php b/modules/consent/templates/consentform.php index e5e7d4aef5e6a6b62b2efe73dc7950bff7c84ec8..fed9e8cc4bbf840df7512e8c530418940c64b761 100644 --- a/modules/consent/templates/consentform.php +++ b/modules/consent/templates/consentform.php @@ -3,119 +3,49 @@ * Template form for giving consent. * * Parameters: - * - 'srcMetadata': Metadata/configuration for the source. - * - 'dstMetadata': Metadata/configuration for the destination. * - 'yesTarget': Target URL for the yes-button. This URL will receive a POST request. - * - 'yesData': Parameters which should be included in the yes-request. * - 'noTarget': Target URL for the no-button. This URL will receive a GET request. - * - 'noData': Parameters which should be included in the no-request. - * - 'attributes': The attributes which are about to be released. * - 'sppp': URL to the privacy policy of the destination, or FALSE. * * @package SimpleSAMLphp */ -assert(is_array($this->data['srcMetadata'])); -assert(is_array($this->data['dstMetadata'])); assert(is_string($this->data['yesTarget'])); -assert(is_array($this->data['yesData'])); assert(is_string($this->data['noTarget'])); -assert(is_array($this->data['noData'])); -assert(is_array($this->data['attributes'])); -assert(is_array($this->data['hiddenAttributes'])); assert($this->data['sppp'] === false || is_string($this->data['sppp'])); // Parse parameters -if (array_key_exists('name', $this->data['srcMetadata'])) { - $srcName = $this->data['srcMetadata']['name']; -} elseif (array_key_exists('OrganizationDisplayName', $this->data['srcMetadata'])) { - $srcName = $this->data['srcMetadata']['OrganizationDisplayName']; -} else { - $srcName = $this->data['srcMetadata']['entityid']; -} - -if (is_array($srcName)) { - $srcName = $this->t($srcName); -} - -if (array_key_exists('name', $this->data['dstMetadata'])) { - $dstName = $this->data['dstMetadata']['name']; -} elseif (array_key_exists('OrganizationDisplayName', $this->data['dstMetadata'])) { - $dstName = $this->data['dstMetadata']['OrganizationDisplayName']; -} else { - $dstName = $this->data['dstMetadata']['entityid']; -} - -if (is_array($dstName)) { - $dstName = $this->t($dstName); -} - -$srcName = htmlspecialchars($srcName); -$dstName = htmlspecialchars($dstName); - -$attributes = $this->data['attributes']; +$dstName = $this->data['dstName']; $this->data['header'] = $this->t('{consent:consent:consent_header}'); -$this->data['head'] = '<link rel="stylesheet" type="text/css" href="/' . - $this->data['baseurlpath'] . 'module.php/consent/style.css" />' . "\n"; +$this->data['head'] = '<link rel="stylesheet" type="text/css" href="' . + SimpleSAML\Module::getModuleURL("consent/style.css") . '" />' . "\n"; $this->includeAtTemplateBase('includes/header.php'); ?> -<p> -<?php -echo $this->t( - '{consent:consent:consent_accept}', - array( 'SPNAME' => $dstName, 'IDPNAME' => $srcName) -); +<p><?php echo $this->data['consent_accept']; ?></p> -if (array_key_exists('descr_purpose', $this->data['dstMetadata'])) { - echo '</p><p>' . $this->t( - '{consent:consent:consent_purpose}', - array( - 'SPNAME' => $dstName, - 'SPDESC' => $this->getTranslator()->getPreferredTranslation( - SimpleSAML\Utils\Arrays::arrayize( - $this->data['dstMetadata']['descr_purpose'], - 'en' - ) - ), - ) - ); +<?php +if (isSet($this->data['consent_purpose'])) { + echo '<p>' . $this->data['consent_purpose'] . '</p>'; } ?> -</p> - -<form style="display: inline; margin: 0px; padding: 0px" - action="<?php echo htmlspecialchars($this->data['yesTarget']); ?>"> -<p style="margin: 1em"> +<form id="consent_yes" action="<?php echo htmlspecialchars($this->data['yesTarget']); ?>"> <?php if ($this->data['usestorage']) { $checked = ($this->data['checked'] ? 'checked="checked"' : ''); echo '<input type="checkbox" name="saveconsent" ' . $checked . ' value="1" /> ' . $this->t('{consent:consent:remember}'); -} - -// Embed hidden fields... -foreach ($this->data['yesData'] as $name => $value) { - echo '<input type="hidden" name="' . htmlspecialchars($name) . - '" value="' . htmlspecialchars($value) . '" />'; -} +} // Embed hidden fields... ?> - </p> + <input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" /> <button type="submit" name="yes" class="btn" id="yesbutton"> <?php echo htmlspecialchars($this->t('{consent:consent:yes}')) ?> </button> </form> -<form style="display: inline; margin-left: .5em;" action="<?php echo htmlspecialchars($this->data['noTarget']); ?>" - method="get"> - -<?php -foreach ($this->data['noData'] as $name => $value) { - echo('<input type="hidden" name="' . htmlspecialchars($name) . - '" value="' . htmlspecialchars($value) . '" />'); -} -?> +<form id="consent_no" action="<?php echo htmlspecialchars($this->data['noTarget']); ?>"> + <input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" /> <button type="submit" class="btn" name="no" id="nobutton"> <?php echo htmlspecialchars($this->t('{consent:consent:no}')) ?> </button> @@ -123,113 +53,12 @@ foreach ($this->data['noData'] as $name => $value) { <?php if ($this->data['sppp'] !== false) { - echo "<p>" . htmlspecialchars($this->t('{consent:consent:consent_privacypolicy}')) . " "; + echo "<p>" . htmlspecialchars($this->t('{consent:consent:consent_privacypolicy}')); echo "<a target='_blank' href='" . htmlspecialchars($this->data['sppp']) . "'>" . $dstName . "</a>"; echo "</p>"; } -/** - * Recursive attribute array listing function - * - * @param SimpleSAML_XHTML_Template $t Template object - * @param array $attributes Attributes to be presented - * @param string $nameParent Name of parent element - * - * @return string HTML representation of the attributes - */ -function present_attributes($t, $attributes, $nameParent) -{ - $translator = $t->getTranslator(); - - $alternate = array('odd', 'even'); - $i = 0; - $summary = 'summary="' . $t->t('{consent:consent:table_summary}') . '"'; - - if (strlen($nameParent) > 0) { - $parentStr = strtolower($nameParent) . '_'; - $str = '<table class="attributes" ' . $summary . '>'; - } else { - $parentStr = ''; - $str = '<table id="table_with_attributes" class="attributes" '. $summary .'>'; - $str .= "\n" . '<caption>' . $t->t('{consent:consent:table_caption}') . - '</caption>'; - } - - foreach ($attributes as $name => $value) { - $nameraw = $name; - $name = $translator->getAttributeTranslation($parentStr . $nameraw); - - if (preg_match('/^child_/', $nameraw)) { - // insert child table - $parentName = preg_replace('/^child_/', '', $nameraw); - foreach ($value as $child) { - $str .= "\n" . '<tr class="odd"><td style="padding: 2em">' . - present_attributes($t, $child, $parentName) . '</td></tr>'; - } - } else { - // insert values directly - - $str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] . - '"><td><span class="attrname">' . htmlspecialchars($name) . '</span>'; - - $isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true); - if ($isHidden) { - $hiddenId = SimpleSAML\Utils\Random::generateID(); - - $str .= '<div class="attrvalue" style="display: none;" id="hidden_' . $hiddenId . '">'; - } else { - $str .= '<div class="attrvalue">'; - } - - if (sizeof($value) > 1) { - // we hawe several values - $str .= '<ul>'; - foreach ($value as $listitem) { - if ($nameraw === 'jpegPhoto') { - $str .= '<li><img src="data:image/jpeg;base64,' . - htmlspecialchars($listitem) . - '" alt="User photo" /></li>'; - } else { - $str .= '<li>' . htmlspecialchars($listitem) . '</li>'; - } - } - $str .= '</ul>'; - } elseif (isset($value[0])) { - // we hawe only one value - if ($nameraw === 'jpegPhoto') { - $str .= '<img src="data:image/jpeg;base64,' . - htmlspecialchars($value[0]) . - '" alt="User photo" />'; - } else { - $str .= htmlspecialchars($value[0]); - } - } // end of if multivalue - $str .= '</div>'; - - if ($isHidden) { - $str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">'; - $str .= '... '; - $str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId; - $str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">'; - $str .= $t->t('{consent:consent:show_attribute}'); - $str .= '</a>'; - $str .= '</div>'; - } - - $str .= '</td></tr>'; - } // end else: not child table - } // end foreach - $str .= isset($attributes)? '</table>':''; - return $str; -} - -echo '<h3 id="attributeheader">' . - $this->t( - '{consent:consent:consent_attributes_header}', - array( 'SPNAME' => $dstName, 'IDPNAME' => $srcName) - ) . - '</h3>'; - -echo present_attributes($this, $attributes, ''); +echo '<h3 id="attributeheader">' . $this->data['consent_attributes_header'] . '</h3>'; +echo $this->data['attributes_html']; $this->includeAtTemplateBase('includes/footer.php'); diff --git a/modules/consent/templates/noconsent.php b/modules/consent/templates/noconsent.php index 79858840ecd97b63b1cad22d7cdf82dd4b822108..160787d1c74d1e7a2aabe9ef074bce23c817f2db 100644 --- a/modules/consent/templates/noconsent.php +++ b/modules/consent/templates/noconsent.php @@ -1,23 +1,11 @@ <?php -if (array_key_exists('name', $this->data['dstMetadata'])) { - $dstName = $this->data['dstMetadata']['name']; -} elseif (array_key_exists('OrganizationDisplayName', $this->data['dstMetadata'])) { - $dstName = $this->data['dstMetadata']['OrganizationDisplayName']; -} else { - $dstName = $this->data['dstMetadata']['entityid']; -} -if (is_array($dstName)) { - $dstName = $this->t($dstName); -} -$dstName = htmlspecialchars($dstName); - $this->data['header'] = $this->t('{consent:consent:noconsent_title}');; $this->includeAtTemplateBase('includes/header.php'); echo '<h2>' . $this->data['header'] . '</h2>'; -echo '<p>' . $this->t('{consent:consent:noconsent_text}', array('SPNAME' => $dstName)) . '</p>'; +echo '<p>' . $this->data['noconsent_text'] . '</p>'; if ($this->data['resumeFrom']) { echo('<p><a href="' . htmlspecialchars($this->data['resumeFrom']) . '">'); @@ -31,6 +19,6 @@ if ($this->data['aboutService']) { echo('</a></p>'); } -echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->t('{consent:consent:abort}', array('SPNAME' => $dstName)) . '</a></p>'); +echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->data['noconsent_abort'] . '</a></p>'); $this->includeAtTemplateBase('includes/footer.php'); diff --git a/modules/consent/www/getconsent.php b/modules/consent/www/getconsent.php index 40185506646b7c829785fcf54230c6fb56846b29..cf649904edfaf54c00419816cea0230f85aadb9a 100644 --- a/modules/consent/www/getconsent.php +++ b/modules/consent/www/getconsent.php @@ -29,8 +29,7 @@ if (!array_key_exists('StateId', $_REQUEST)) { ); } -$id = $_REQUEST['StateId']; -$state = SimpleSAML_Auth_State::loadState($id, 'consent:request'); +$state = SimpleSAML_Auth_State::loadState($_REQUEST['StateId'], 'consent:request'); if (array_key_exists('core:SP', $state)) { $spentityid = $state['core:SP']; @@ -98,17 +97,61 @@ $para = array( // Reorder attributes according to attributepresentation hooks SimpleSAML\Module::callHooks('attributepresentation', $para); +// Parse parameters +if (array_key_exists('name', $state['Source'])) { + $srcName = $state['Source']['name']; +} elseif (array_key_exists('OrganizationDisplayName', $state['Source'])) { + $srcName = $state['Source']['OrganizationDisplayName']; +} else { + $srcName = $state['Source']['entityid']; +} + +if (array_key_exists('name', $state['Destination'])) { + $dstName = $state['Destination']['name']; +} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) { + $dstName = $state['Destination']['OrganizationDisplayName']; +} else { + $dstName = $state['Destination']['entityid']; +} + // Make, populate and layout consent form $t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:consentform.php'); -$t->data['srcMetadata'] = $state['Source']; -$t->data['dstMetadata'] = $state['Destination']; $t->data['yesTarget'] = SimpleSAML\Module::getModuleURL('consent/getconsent.php'); -$t->data['yesData'] = array('StateId' => $id); $t->data['noTarget'] = SimpleSAML\Module::getModuleURL('consent/noconsent.php'); -$t->data['noData'] = array('StateId' => $id); -$t->data['attributes'] = $attributes; +$t->data['stateId'] = $_REQUEST['StateId']; $t->data['checked'] = $state['consent:checked']; +$srcName = htmlspecialchars(is_array($srcName) ? $t->t($srcName) : $srcName); +$dstName = htmlspecialchars(is_array($dstName) ? $t->t($dstName) : $dstName); + +$t->data['consent_attributes_header'] = $t->t( + '{consent:consent:consent_attributes_header}', + array('SPNAME' => $dstName, 'IDPNAME' => $srcName) +); + +$t->data['consent_accept'] = $t->t( + '{consent:consent:consent_accept}', + array('SPNAME' => $dstName, 'IDPNAME' => $srcName) +); + +if (array_key_exists('descr_purpose', $state['Destination'])) { + $t->data['consent_purpose'] = $t->t( + '{consent:consent:consent_purpose}', + array( + 'SPNAME' => $dstName, + 'SPDESC' => $t->getTranslator()->getPreferredTranslation( + SimpleSAML\Utils\Arrays::arrayize( + $state['Destination']['descr_purpose'], + 'en' + ) + ), + ) + ); +} + +$t->data['srcName'] = $srcName; +$t->data['dstName'] = $dstName; + // Fetch privacypolicy if (array_key_exists('privacypolicy', $state['Destination'])) { $privacypolicy = $state['Destination']['privacypolicy']; @@ -139,11 +182,7 @@ switch ($state['consent:focus']) { break; } -if (array_key_exists('consent:store', $state)) { - $t->data['usestorage'] = true; -} else { - $t->data['usestorage'] = false; -} +$t->data['usestorage'] = array_key_exists('consent:store', $state); if (array_key_exists('consent:hiddenAttributes', $state)) { $t->data['hiddenAttributes'] = $state['consent:hiddenAttributes']; @@ -151,4 +190,102 @@ if (array_key_exists('consent:hiddenAttributes', $state)) { $t->data['hiddenAttributes'] = array(); } +$t->data['attributes_html'] = present_attributes($t, $attributes, ''); + $t->show(); + + +/** + * Recursive attribute array listing function + * + * @param SimpleSAML_XHTML_Template $t Template object + * @param array $attributes Attributes to be presented + * @param string $nameParent Name of parent element + * + * @return string HTML representation of the attributes + */ +function present_attributes($t, $attributes, $nameParent) +{ + $translator = $t->getTranslator(); + + $alternate = array('odd', 'even'); + $i = 0; + $summary = 'summary="' . $t->t('{consent:consent:table_summary}') . '"'; + + if (strlen($nameParent) > 0) { + $parentStr = strtolower($nameParent) . '_'; + $str = '<table class="attributes" ' . $summary . '>'; + } else { + $parentStr = ''; + $str = '<table id="table_with_attributes" class="attributes" '. $summary .'>'; + $str .= "\n" . '<caption>' . $t->t('{consent:consent:table_caption}') . + '</caption>'; + } + + foreach ($attributes as $name => $value) { + $nameraw = $name; + $name = $translator->getAttributeTranslation($parentStr . $nameraw); + + if (preg_match('/^child_/', $nameraw)) { + // insert child table + $parentName = preg_replace('/^child_/', '', $nameraw); + foreach ($value as $child) { + $str .= "\n" . '<tr class="odd"><td class="td_odd">' . + present_attributes($t, $child, $parentName) . '</td></tr>'; + } + } else { + // insert values directly + + $str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] . + '"><td><span class="attrname">' . htmlspecialchars($name) . '</span>'; + + $isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true); + if ($isHidden) { + $hiddenId = SimpleSAML\Utils\Random::generateID(); + + $str .= '<div class="attrvalue hidden" id="hidden_' . $hiddenId . '">'; + } else { + $str .= '<div class="attrvalue">'; + } + + if (sizeof($value) > 1) { + // we hawe several values + $str .= '<ul>'; + foreach ($value as $listitem) { + if ($nameraw === 'jpegPhoto') { + $str .= '<li><img src="data:image/jpeg;base64,' . + htmlspecialchars($listitem) . + '" alt="User photo" /></li>'; + } else { + $str .= '<li>' . htmlspecialchars($listitem) . '</li>'; + } + } + $str .= '</ul>'; + } elseif (isset($value[0])) { + // we hawe only one value + if ($nameraw === 'jpegPhoto') { + $str .= '<img src="data:image/jpeg;base64,' . + htmlspecialchars($value[0]) . + '" alt="User photo" />'; + } else { + $str .= htmlspecialchars($value[0]); + } + } // end of if multivalue + $str .= '</div>'; + + if ($isHidden) { + $str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">'; + $str .= '... '; + $str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId; + $str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">'; + $str .= $t->t('{consent:consent:show_attribute}'); + $str .= '</a>'; + $str .= '</div>'; + } + + $str .= '</td></tr>'; + } // end else: not child table + } // end foreach + $str .= isset($attributes) ? '</table>' : ''; + return $str; +} diff --git a/modules/consent/www/noconsent.php b/modules/consent/www/noconsent.php index 7fcd57b1285be5e1056fe5759aabcb8f291bce48..5aee2625b2a390381355240ea4e907ff46b70bea 100644 --- a/modules/consent/www/noconsent.php +++ b/modules/consent/www/noconsent.php @@ -23,7 +23,6 @@ $logoutLink = SimpleSAML\Module::getModuleURL( array('StateId' => $id) ); - $aboutService = null; if (!isset($state['consent:showNoConsentAboutService']) || $state['consent:showNoConsentAboutService']) { if (isset($state['Destination']['url.about'])) { @@ -37,11 +36,24 @@ if (isset($state['Destination']['entityid'])) { } SimpleSAML_Stats::log('consent:reject', $statsInfo); +if (array_key_exists('name', $state['Destination'])) { + $dstName = $state['Destination']['name']; +} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) { + $dstName = $state['Destination']['OrganizationDisplayName']; +} else { + $dstName = $state['Destination']['entityid']; +} + $globalConfig = SimpleSAML_Configuration::getInstance(); $t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:noconsent.php'); -$t->data['dstMetadata'] = $state['Destination']; $t->data['resumeFrom'] = $resumeFrom; $t->data['aboutService'] = $aboutService; $t->data['logoutLink'] = $logoutLink; + +$dstName = htmlspecialchars(is_array($dstName) ? $t->t($dstName) : $dstName); + +$t->data['noconsent_text'] = $t->t('{consent:consent:noconsent_text}', array('SPNAME' => $dstName)); +$t->data['noconsent_abort'] = $t->t('{consent:consent:abort}', array('SPNAME' => $dstName)); + $t->show(); diff --git a/modules/consent/www/style.css b/modules/consent/www/style.css index 573ca554bd5adf62e97c31f1a5bd6b0914688ab0..33bef3d64a6c17123c12518e796453e5c1465dd4 100644 --- a/modules/consent/www/style.css +++ b/modules/consent/www/style.css @@ -33,3 +33,22 @@ table#table_with_attributes ul { margin: 0px; padding-left: 1em; } + +form#consent_yes { + display: inline; + margin: 0px; + padding: 0px; +} + +form#consent_no { + display: inline; + margin-left: .5em; +} + +.hidden { + display: none; +} + +td.td_odd { + padding: 2em; +}