From de23de984f762e45527f045017dcfb6ecec4086c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Tue, 23 Oct 2007 11:30:01 +0000
Subject: [PATCH] I've added SAML 2.0 IdP Discovery support for Shibboleth 1.3
 SP. Off course you can still use regular Shibboleth 1.3 WAYF if you want,
 just by configuring the WAYF as an IdP.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@49 44740490-163a-0410-bde0-09ae8108e29a
---
 www/shib13/sp/idpdisco.php | 60 ++++++++++++++++++++++++++++++++++++++
 www/shib13/sp/initSSO.php  | 12 ++++++++
 2 files changed, 72 insertions(+)
 create mode 100644 www/shib13/sp/idpdisco.php

diff --git a/www/shib13/sp/idpdisco.php b/www/shib13/sp/idpdisco.php
new file mode 100644
index 000000000..56783dd77
--- /dev/null
+++ b/www/shib13/sp/idpdisco.php
@@ -0,0 +1,60 @@
+<?php
+
+require_once('../../_include.php');
+
+
+require_once('SimpleSAML/Utilities.php');
+require_once('SimpleSAML/Session.php');
+require_once('SimpleSAML/XHTML/Template.php');
+require_once('SimpleSAML/XML/MetaDataStore.php');
+
+session_start();
+
+$config = SimpleSAML_Configuration::getInstance();
+$metadata = new SimpleSAML_XML_MetaDataStore($config);
+
+
+$session = SimpleSAML_Session::getInstance();
+		
+try {
+
+	if (!isset($_GET['entityID'])) throw new Exception('Missing parameter: entityID');
+	if (!isset($_GET['return'])) throw new Exception('Missing parameter: return');
+	if (!isset($_GET['returnIDParam'])) throw new Exception('Missing parameter: returnIDParam');
+
+	$spentityid = $_GET['entityID'];
+	$return = $_GET['return'];
+	$returnidparam = $_GET['returnIDParam'];
+	
+} catch (Exception $exception) {
+
+	$et = new SimpleSAML_XHTML_Template($config, 'error.php');
+	$et->data['message'] = 'Error getting required parameters for IdP Discovery Service';	
+	$et->data['e'] = $exception;	
+	$et->show();
+	exit(0);
+}
+
+
+if (isset($_GET['idpentityid'])) {
+
+	$idpentityid = $_GET['idpentityid'];
+
+	$returnurl = SimpleSAML_Utilities::addURLparameter($return, $returnidparam . '=' . $idpentityid);
+	header('Location: ' . $returnurl);
+	exit(0);
+}
+
+
+$idplist = $metadata->getList('shib13-idp-remote');
+
+
+$t = new SimpleSAML_XHTML_Template($config, 'selectidp.php');
+$t->data['header'] = 'Select your identity provider';
+$t->data['idplist'] = $idplist;
+$t->data['urlpattern'] = htmlentities(SimpleSAML_Utilities::selfURL() . '&idpentityid=');
+$t->show();
+
+
+
+?>
\ No newline at end of file
diff --git a/www/shib13/sp/initSSO.php b/www/shib13/sp/initSSO.php
index ccb3a799d..fd7344a14 100644
--- a/www/shib13/sp/initSSO.php
+++ b/www/shib13/sp/initSSO.php
@@ -45,6 +45,18 @@ try {
 
 if (!isset($session) || !$session->isValid() ) {
 	
+	
+	if ($idpentityid == null) {
+	
+		$returnURL = urlencode(SimpleSAML_Utilities::selfURL());
+		$discservice = '/' . $config->getValue('baseurlpath') . 'shib13/sp/idpdisco.php?entityID=' . $spentityid . 
+			'&return=' . $returnURL . '&returnIDParam=idpentityid';
+		header('Location: ' . $discservice);
+		exit(0);
+		
+	}
+	
+	
 	try {
 		$ar = new SimpleSAML_XML_Shib13_AuthnRequest($config, $metadata);
 		$ar->setIssuer($spentityid);	
-- 
GitLab