From b8595adcb6075f26b2ce7b00d872033fe5b9ccff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Fri, 31 Oct 2008 13:31:57 +0000
Subject: [PATCH] Apologize for earlier checking in untested changes to the
 consent module. Im fixing it now, this was the first step...

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@956 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/consent/lib/Auth/Process/Consent.php | 24 ++++++++------------
 modules/consent/lib/Consent/Store/Cookie.php | 10 +++++++-
 modules/consent/www/getconsent.php           | 24 ++++++++++++--------
 3 files changed, 33 insertions(+), 25 deletions(-)

diff --git a/modules/consent/lib/Auth/Process/Consent.php b/modules/consent/lib/Auth/Process/Consent.php
index 331d17606..e9ee4453e 100644
--- a/modules/consent/lib/Auth/Process/Consent.php
+++ b/modules/consent/lib/Auth/Process/Consent.php
@@ -124,28 +124,24 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt
 		assert('array_key_exists("metadata-set", $state["Source"])');
 
 		if ($this->store !== NULL) {
-			$userId = sha1($state['UserID'] . SimpleSAML_Utilities::getSecretSalt());;
-			$destination = $state['Destination']['metadata-set'] . '|' . $state['Destination']['entityid'];
-			$source = $state['Source']['metadata-set'] . '|' . $state['Source']['entityid'];
-
-#			echo 'destination: ' . $destination . '  : source: ' . $source; exit;
 
-			$idpentityid = $state['Source']['metadata-set']['entityid'];
+			$source = $state['Source']['metadata-set'] . '|' . $state['Source']['entityid'];
+			$destination = $state['Destination']['metadata-set'] . '|' . $state['Destination']['entityid'];
 
-			$attributeSet = array_keys($state['Attributes']);
-			sort($attributeSet);
-			$attributeSet = implode(',', $attributeSet);
-			$attributeSet = sha1($attributeSet);
+			$userId = self::getHashedUserID($state['UserID'], $source);
+			$targetedId = self::getTargetedID($state['UserID'], $source, $destination);
+			$attributeSet = self::getAttributeHash($state['Attributes'], $this->includeValues);
 
-			if ($this->store->hasConsent($userId, $destination, $attributeSet)) {
+			SimpleSAML_Logger::debug('Consent - hasConsent() : [' . $userId . '|' . $targetedId . '|' .  $attributeSet . ']');
+			if ($this->store->hasConsent($userId, $targetedId, $attributeSet)) {
 				/* Consent already given. */
 				return;
 			}
 
 			$state['consent:store'] = $this->store;
-			$state['consent:store.userId'] = self::getHashedUserID($state['UserID'], $source);
-			$state['consent:store.destination'] = self::getTargetedID($state['UserID'], $source, $destination);
-			$state['consent:store.attributeSet'] = self::getAttributeHash($state['Attributes'], $this->includeValues);
+			$state['consent:store.userId'] = $userId;
+			$state['consent:store.destination'] = $targetedId;
+			$state['consent:store.attributeSet'] = $attributeSet;
 			
 		}
 
diff --git a/modules/consent/lib/Consent/Store/Cookie.php b/modules/consent/lib/Consent/Store/Cookie.php
index 4d96f8930..e65c5ec10 100644
--- a/modules/consent/lib/Consent/Store/Cookie.php
+++ b/modules/consent/lib/Consent/Store/Cookie.php
@@ -40,6 +40,10 @@ class sspmod_consent_Consent_Store_Cookie extends sspmod_consent_Store {
 		assert('is_string($attributeSet)');
 
 		$cookieName = self::getCookieName($userId, $destinationId);
+		
+		$data = $userId . ':' . $attributeSet . ':' . $destinationId;
+		
+		SimpleSAML_Logger::debug('Consent cookie - Get [' . $data . ']');
 
 		if (!array_key_exists($cookieName, $_COOKIE)) {
 			SimpleSAML_Logger::debug('Consent cookie - no cookie with name \'' . $cookieName . '\'.');
@@ -50,7 +54,8 @@ class sspmod_consent_Consent_Store_Cookie extends sspmod_consent_Store {
 			return FALSE;
 		}
 
-		$data = $userId . ':' . $attributeSet . ':' . $destinationId;
+
+		
 		$data = self::sign($data);
 
 		if ($_COOKIE[$cookieName] !== $data) {
@@ -81,6 +86,9 @@ class sspmod_consent_Consent_Store_Cookie extends sspmod_consent_Store {
 
 		$name = self::getCookieName($userId, $destinationId);
 		$value = $userId . ':' . $attributeSet . ':' . $destinationId;
+		
+		SimpleSAML_Logger::debug('Consent cookie - Set [' . $value . ']');
+		
 		$value = self::sign($value);
 		$this->setConsentCookie($name, $value);
 	}
diff --git a/modules/consent/www/getconsent.php b/modules/consent/www/getconsent.php
index 284f904fc..d76c51713 100644
--- a/modules/consent/www/getconsent.php
+++ b/modules/consent/www/getconsent.php
@@ -8,6 +8,8 @@
  * @version $Id$
  */
 
+SimpleSAML_Logger::info('Consent - getconsent: Accessing consent interface');
+
 if (!array_key_exists('StateId', $_REQUEST)) {
 	throw new SimpleSAML_Error_BadRequest('Missing required StateId query parameter.');
 }
@@ -25,9 +27,11 @@ if (array_key_exists('yes', $_REQUEST)) {
 		/* Save consent. */
 		$store = $state['consent:store'];
 		$userId = $state['consent:store.userId'];
-		$destination = $state['consent:store.destination'];
+		$targetedId = $state['consent:store.destination'];
 		$attributeSet = $state['consent:store.attributeSet'];
-		$store->saveConsent($userId, $destination, $attributeSet);
+		
+		SimpleSAML_Logger::debug('Consent - saveConsent() : [' . $userId . '|' . $targetedId . '|' .  $attributeSet . ']');	
+		$store->saveConsent($userId, $targetedId, $attributeSet);
 	}
 
 	SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
@@ -60,14 +64,14 @@ if($privacypolicy !== FALSE) {
 $t->data['sppp'] = $privacypolicy;
 
 switch ($state['consent:focus']) {
-case NULL:
-	break;
-case 'yes':
-	$t->data['autofocus'] = 'yesbutton';
-	break;
-case 'no':
-	$t->data['autofocus'] = 'nobutton';
-	break;
+	case NULL:
+		break;
+	case 'yes':
+		$t->data['autofocus'] = 'yesbutton';
+		break;
+	case 'no':
+		$t->data['autofocus'] = 'nobutton';
+		break;
 }
 
 if (array_key_exists('consent:store', $state)) {
-- 
GitLab