diff --git a/modules/consentAdmin/www/consentAdmin.php b/modules/consentAdmin/www/consentAdmin.php
index c1c77cdf8f37eb77957053db0edc3363e9791da4..fd75bc1d348fdc3cb6f909075c1ab06ced5e1982 100644
--- a/modules/consentAdmin/www/consentAdmin.php
+++ b/modules/consentAdmin/www/consentAdmin.php
@@ -1,265 +1,273 @@
-<?php
-/*
- * consentAdmin - Consent administration module
- *
- * This module enables the user to add and remove consents given for a given
- * Service Provider.
- *
- * The module relies on methods and functions from the Consent module and can
- * not be user without it.
- *
- * Author: Mads Freen <freek@ruc.dk>, Jacob Christiansen <jach@wayf.dk>
- */
-
-/*
- * Runs the processingchain and ignores all filter which have user
- * interaction.
- */
-function driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid, $attributes, $userid, $hashAttributes = FALSE) {
-
- /*
- * Create a new processing chain
- */
- $pc = new SimpleSAML_Auth_ProcessingChain($idp_metadata, $sp_metadata, 'idp');
-
- /*
- * Construct the state.
- * REMEMBER: Do not set Return URL if you are calling processStatePassive
- */
- $authProcState = array(
- 'Attributes' => $attributes,
- 'Destination' => $sp_metadata,
- 'Source' => $idp_metadata,
- 'isPassive' => TRUE,
- );
-
- /*
- * Call processStatePAssive.
- * We are not interested in any user interaction, only modifications to the attributes
- */
- $pc->processStatePassive($authProcState);
-
- $attributes = $authProcState['Attributes'];
-
- /*
- * Generate identifiers and hashes
- */
- $destination = $sp_metadata['metadata-set'] . '|' . $sp_entityid;
-
- $targeted_id = sspmod_consent_Auth_Process_Consent::getTargetedID($userid, $source, $destination);
- $attribute_hash = sspmod_consent_Auth_Process_Consent::getAttributeHash($attributes, $hashAttributes);
-
- SimpleSAML_Logger::info('consentAdmin: user: ' . $userid);
- SimpleSAML_Logger::info('consentAdmin: target: ' . $targeted_id);
- SimpleSAML_Logger::info('consentAdmin: attribute: ' . $attribute_hash);
-
- /* Return values */
- return array($targeted_id, $attribute_hash, $attributes);
-}
-
-// Get config object
-$config = SimpleSAML_Configuration::getInstance();
-$cA_config = SimpleSAML_Configuration::getConfig('module_consentAdmin.php');
-$authority = $cA_config->getValue('authority');
-
-$as = new SimpleSAML_Auth_Simple($authority);
-
-// If request is a logout request
-if(array_key_exists('logout', $_REQUEST)) {
- $returnURL = $cA_config->getValue('returnURL');
- $as->logout($returnURL);
-}
-
-$hashAttributes = $cA_config->getValue('attributes.hash');
-
-/* Check if valid local session exists */
-$as->requireAuth();
-
-// Get released attributes
-$attributes = $as->getAttributes();
-
-// Get metadata storage handler
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-
-/*
- * Get IdP id and metadata
- */
-
-
-$local_idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
-$local_idp_metadata = $metadata->getMetaData($local_idp_entityid, 'saml20-idp-hosted');
-
-if($as->getAuthData('saml:sp:IdP') !== NULL) {
- /*
- * From a remote idp (as bridge)
- */
- $idp_entityid = $as->getAuthData('saml:sp:IdP');
- $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
-} else {
- /*
- * from the local idp
- */
- $idp_entityid = $local_idp_entityid;
- $idp_metadata = $local_idp_metadata;
-}
-
-// Get user ID
-$userid_attributename = (isset($local_idp_metadata['userid.attribute']) && is_string($local_idp_metadata['userid.attribute'])) ? $local_idp_metadata['userid.attribute'] : 'eduPersonPrincipalName';
-
-$userids = $attributes[$userid_attributename];
-
-if (empty($userids)) {
- throw new Exception('Could not generate useridentifier for storing consent. Attribute [' .
- $userid_attributename . '] was not available.');
-}
-
-$userid = $userids[0];
-
-// Get all SP metadata
-$all_sp_metadata = $metadata->getList('saml20-sp-remote');
-
-// Parse action, if any
-$action = null;
-$sp_entityid = null;
-if (!empty($_GET['cv'])) {
- $sp_entityid=$_GET['cv'];
-}
-if (!empty($_GET['action'])) {
- $action=$_GET["action"];
-}
-
-SimpleSAML_Logger::critical('consentAdmin: sp: ' .$sp_entityid.' action: '.$action);
-
-// Remove services, whitch have consent disabled
-if(isset($idp_metadata['consent.disable'])) {
- foreach($idp_metadata['consent.disable'] AS $disable) {
- if(array_key_exists($disable, $all_sp_metadata)) {
- unset($all_sp_metadata[$disable]);
- }
- }
-}
-
-SimpleSAML_Logger::info('consentAdmin: '.$idp_entityid);
-
-// Calc correct source
-$source = $idp_metadata['metadata-set'] . '|' . $idp_entityid;
-
-// Parse consent config
-$consent_storage = sspmod_consent_Store::parseStoreConfig($cA_config->getValue('consentadmin'));
-
-// Calc correct user ID hash
-$hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source);
-
-// If a checkbox have been clicked
-if ($action !== null && $sp_entityid !== null) {
- // Get SP metadata
- $sp_metadata = $metadata->getMetaData($sp_entityid, 'saml20-sp-remote');
-
- // Run AuthProc filters
- list($targeted_id, $attribute_hash, $attributes_new) = driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid, $attributes, $userid, $hashAttributes);
-
- // Add a consent (or update if attributes have changed and old consent for SP and IdP exists)
- if($action == 'true') {
- $isStored = $consent_storage->saveConsent($hashed_user_id, $targeted_id, $attribute_hash);
- if($isStored) {
- $res = "added";
- } else {
- $res = "updated";
- }
- // Remove consent
- } else if($action == 'false') {
- // Got consent, so this is a request to remove it
- $rowcount = $consent_storage->deleteConsent($hashed_user_id, $targeted_id, $attribute_hash);
- if($rowcount > 0) {
- $res = "removed";
- }
- // Unknown action (should not happen)
- } else {
- SimpleSAML_Logger::info('consentAdmin: unknown action');
- $res = "unknown";
- }
- /*
- * Init template to enable translation of status messages
- */
- $et = new SimpleSAML_XHTML_Template($config, 'consentAdmin:consentadminajax.php', 'consentAdmin:consentadmin');
- $et->data['res'] = $res;
- $et->show();
- exit;
-}
-
-// Get all consents for user
-$user_consent_list = $consent_storage->getConsents($hashed_user_id);
-
-// Parse list of consents
-$user_consent = array();
-foreach ($user_consent_list as $c) {
- $user_consent[$c[0]]=$c[1];
-}
-
-$template_sp_content = array();
-
-// Init template
-$et = new SimpleSAML_XHTML_Template($config, 'consentAdmin:consentadmin.php', 'consentAdmin:consentadmin');
-$sp_empty_name = $et->getTag('sp_empty_name');
-$sp_empty_description = $et->getTag('sp_empty_description');
-
-// Process consents for all SP
-foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
- // Get metadata for SP
- $sp_metadata = $metadata->getMetaData($sp_entityid, 'saml20-sp-remote');
-
- // Run attribute filters
- list($targeted_id, $attribute_hash, $attributes_new) = driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid, $attributes, $userid, $hashAttributes);
-
- // Check if consent exists
- if (array_key_exists($targeted_id, $user_consent)) {
- $sp_status = "changed";
- SimpleSAML_Logger::info('consentAdmin: changed');
- // Check if consent is valid. (Possible that attributes has changed)
- if ($user_consent[$targeted_id] == $attribute_hash) {
- SimpleSAML_Logger::info('consentAdmin: ok');
- $sp_status = "ok";
- }
- // Consent does not exists
- } else {
- SimpleSAML_Logger::info('consentAdmin: none');
- $sp_status = "none";
- }
-
- // Set name of SP
- if(isset($sp_values['name']) && is_array($sp_values['name'])) {
- $sp_name = $sp_metadata['name'];
- } else if(isset($sp_values['name']) && is_string($sp_values['name'])) {
- $sp_name = $sp_metadata['name'];
- } elseif(isset($sp_values['OrganizationDisplayName']) && is_array($sp_values['OrganizationDisplayName'])) {
- $sp_name = $sp_metadata['OrganizationDisplayName'];
- } else {
- $sp_name = $sp_empty_name;
- }
-
- // Set description of SP
- if(empty($sp_metadata['description']) || !is_array($sp_metadata['description'])) {
- $sp_description = $sp_empty_description;
- } else {
- $sp_description = $sp_metadata['description'];
- }
-
- // Add a URL to the service if present in metadata
- $sp_service_url = isset($sp_metadata['ServiceURL']) ? $sp_metadata['ServiceURL'] : null;
-
- // Fill out array for the template
- $sp_list[$sp_entityid] = array(
- 'spentityid' => $sp_entityid,
- 'name' => $sp_name,
- 'description' => $sp_description,
- 'consentStatus' => $sp_status,
- 'consentValue' => $sp_entityid,
- 'attributes_by_sp' => $attributes_new,
- 'serviceurl' => $sp_service_url,
- );
-}
-
-$et->data['header'] = 'Consent Administration';
-$et->data['spList'] = $sp_list;
-$et->data['showDescription'] = $cA_config->getValue('showDescription');
-$et->show();
+<?php
+/*
+ * consentAdmin - Consent administration module
+ *
+ * This module enables the user to add and remove consents given for a given
+ * Service Provider.
+ *
+ * The module relies on methods and functions from the Consent module and can
+ * not be user without it.
+ *
+ * Author: Mads Freek <freek@ruc.dk>, Jacob Christiansen <jach@wayf.dk>
+ */
+
+/*
+ * Runs the processing chain and ignores all filter which have user
+ * interaction.
+ */
+function driveProcessingChain(
+ $idp_metadata,
+ $source,
+ $sp_metadata,
+ $sp_entityid,
+ $attributes,
+ $userid,
+ $hashAttributes = false
+) {
+
+ /*
+ * Create a new processing chain
+ */
+ $pc = new SimpleSAML_Auth_ProcessingChain($idp_metadata, $sp_metadata, 'idp');
+
+ /*
+ * Construct the state.
+ * REMEMBER: Do not set Return URL if you are calling processStatePassive
+ */
+ $authProcState = array(
+ 'Attributes' => $attributes,
+ 'Destination' => $sp_metadata,
+ 'Source' => $idp_metadata,
+ 'isPassive' => true,
+ );
+
+ /*
+ * Call processStatePAssive.
+ * We are not interested in any user interaction, only modifications to the attributes
+ */
+ $pc->processStatePassive($authProcState);
+
+ $attributes = $authProcState['Attributes'];
+
+ /*
+ * Generate identifiers and hashes
+ */
+ $destination = $sp_metadata['metadata-set'].'|'.$sp_entityid;
+
+ $targeted_id = sspmod_consent_Auth_Process_Consent::getTargetedID($userid, $source, $destination);
+ $attribute_hash = sspmod_consent_Auth_Process_Consent::getAttributeHash($attributes, $hashAttributes);
+
+ SimpleSAML_Logger::info('consentAdmin: user: '.$userid);
+ SimpleSAML_Logger::info('consentAdmin: target: '.$targeted_id);
+ SimpleSAML_Logger::info('consentAdmin: attribute: '.$attribute_hash);
+
+ /* Return values */
+ return array($targeted_id, $attribute_hash, $attributes);
+}
+
+// Get config object
+$config = SimpleSAML_Configuration::getInstance();
+$cA_config = SimpleSAML_Configuration::getConfig('module_consentAdmin.php');
+$authority = $cA_config->getValue('authority');
+
+$as = new SimpleSAML_Auth_Simple($authority);
+
+// If request is a logout request
+if (array_key_exists('logout', $_REQUEST)) {
+ $returnURL = $cA_config->getValue('returnURL');
+ $as->logout($returnURL);
+}
+
+$hashAttributes = $cA_config->getValue('attributes.hash');
+
+/* Check if valid local session exists */
+$as->requireAuth();
+
+// Get released attributes
+$attributes = $as->getAttributes();
+
+// Get metadata storage handler
+$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+
+/*
+ * Get IdP id and metadata
+ */
+
+
+$local_idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+$local_idp_metadata = $metadata->getMetaData($local_idp_entityid, 'saml20-idp-hosted');
+
+if ($as->getAuthData('saml:sp:IdP') !== null) {
+ // from a remote idp (as bridge)
+ $idp_entityid = $as->getAuthData('saml:sp:IdP');
+ $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
+} else {
+ // from the local idp
+ $idp_entityid = $local_idp_entityid;
+ $idp_metadata = $local_idp_metadata;
+}
+
+// Get user ID
+$userid_attributename = (isset($local_idp_metadata['userid.attribute']) && is_string($local_idp_metadata['userid.attribute'])) ? $local_idp_metadata['userid.attribute'] : 'eduPersonPrincipalName';
+
+$userids = $attributes[$userid_attributename];
+
+if (empty($userids)) {
+ throw new Exception('Could not generate useridentifier for storing consent. Attribute ['.
+ $userid_attributename.'] was not available.');
+}
+
+$userid = $userids[0];
+
+// Get all SP metadata
+$all_sp_metadata = $metadata->getList('saml20-sp-remote');
+
+// Parse action, if any
+$action = null;
+$sp_entityid = null;
+if (!empty($_GET['cv'])) {
+ $sp_entityid = $_GET['cv'];
+}
+if (!empty($_GET['action'])) {
+ $action = $_GET["action"];
+}
+
+SimpleSAML_Logger::critical('consentAdmin: sp: '.$sp_entityid.' action: '.$action);
+
+// Remove services, whitch have consent disabled
+if (isset($idp_metadata['consent.disable'])) {
+ foreach ($idp_metadata['consent.disable'] AS $disable) {
+ if (array_key_exists($disable, $all_sp_metadata)) {
+ unset($all_sp_metadata[$disable]);
+ }
+ }
+}
+
+SimpleSAML_Logger::info('consentAdmin: '.$idp_entityid);
+
+// Calc correct source
+$source = $idp_metadata['metadata-set'].'|'.$idp_entityid;
+
+// Parse consent config
+$consent_storage = sspmod_consent_Store::parseStoreConfig($cA_config->getValue('consentadmin'));
+
+// Calc correct user ID hash
+$hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source);
+
+// If a checkbox have been clicked
+if ($action !== null && $sp_entityid !== null) {
+ // Get SP metadata
+ $sp_metadata = $metadata->getMetaData($sp_entityid, 'saml20-sp-remote');
+
+ // Run AuthProc filters
+ list($targeted_id, $attribute_hash, $attributes_new) = driveProcessingChain($idp_metadata, $source, $sp_metadata,
+ $sp_entityid, $attributes, $userid, $hashAttributes);
+
+ // Add a consent (or update if attributes have changed and old consent for SP and IdP exists)
+ if ($action == 'true') {
+ $isStored = $consent_storage->saveConsent($hashed_user_id, $targeted_id, $attribute_hash);
+ if ($isStored) {
+ $res = "added";
+ } else {
+ $res = "updated";
+ }
+ // Remove consent
+ } else {
+ if ($action == 'false') {
+ // Got consent, so this is a request to remove it
+ $rowcount = $consent_storage->deleteConsent($hashed_user_id, $targeted_id, $attribute_hash);
+ if ($rowcount > 0) {
+ $res = "removed";
+ }
+ // Unknown action (should not happen)
+ } else {
+ SimpleSAML_Logger::info('consentAdmin: unknown action');
+ $res = "unknown";
+ }
+ }
+ // init template to enable translation of status messages
+ $et = new SimpleSAML_XHTML_Template($config, 'consentAdmin:consentadminajax.php', 'consentAdmin:consentadmin');
+ $et->data['res'] = $res;
+ $et->show();
+ exit;
+}
+
+// Get all consents for user
+$user_consent_list = $consent_storage->getConsents($hashed_user_id);
+
+// Parse list of consents
+$user_consent = array();
+foreach ($user_consent_list as $c) {
+ $user_consent[$c[0]] = $c[1];
+}
+
+$template_sp_content = array();
+
+// Init template
+$et = new SimpleSAML_XHTML_Template($config, 'consentAdmin:consentadmin.php', 'consentAdmin:consentadmin');
+$sp_empty_name = $et->getTag('sp_empty_name');
+$sp_empty_description = $et->getTag('sp_empty_description');
+
+// Process consents for all SP
+foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
+ // Get metadata for SP
+ $sp_metadata = $metadata->getMetaData($sp_entityid, 'saml20-sp-remote');
+
+ // Run attribute filters
+ list($targeted_id, $attribute_hash, $attributes_new) = driveProcessingChain($idp_metadata, $source, $sp_metadata,
+ $sp_entityid, $attributes, $userid, $hashAttributes);
+
+ // Check if consent exists
+ if (array_key_exists($targeted_id, $user_consent)) {
+ $sp_status = "changed";
+ SimpleSAML_Logger::info('consentAdmin: changed');
+ // Check if consent is valid. (Possible that attributes has changed)
+ if ($user_consent[$targeted_id] == $attribute_hash) {
+ SimpleSAML_Logger::info('consentAdmin: ok');
+ $sp_status = "ok";
+ }
+ // Consent does not exists
+ } else {
+ SimpleSAML_Logger::info('consentAdmin: none');
+ $sp_status = "none";
+ }
+
+ // Set name of SP
+ if (isset($sp_values['name']) && is_array($sp_values['name'])) {
+ $sp_name = $sp_metadata['name'];
+ } else {
+ if (isset($sp_values['name']) && is_string($sp_values['name'])) {
+ $sp_name = $sp_metadata['name'];
+ } elseif (isset($sp_values['OrganizationDisplayName']) && is_array($sp_values['OrganizationDisplayName'])) {
+ $sp_name = $sp_metadata['OrganizationDisplayName'];
+ } else {
+ $sp_name = $sp_empty_name;
+ }
+ }
+
+ // Set description of SP
+ if (empty($sp_metadata['description']) || !is_array($sp_metadata['description'])) {
+ $sp_description = $sp_empty_description;
+ } else {
+ $sp_description = $sp_metadata['description'];
+ }
+
+ // Add a URL to the service if present in metadata
+ $sp_service_url = isset($sp_metadata['ServiceURL']) ? $sp_metadata['ServiceURL'] : null;
+
+ // Fill out array for the template
+ $sp_list[$sp_entityid] = array(
+ 'spentityid' => $sp_entityid,
+ 'name' => $sp_name,
+ 'description' => $sp_description,
+ 'consentStatus' => $sp_status,
+ 'consentValue' => $sp_entityid,
+ 'attributes_by_sp' => $attributes_new,
+ 'serviceurl' => $sp_service_url,
+ );
+}
+
+$et->data['header'] = 'Consent Administration';
+$et->data['spList'] = $sp_list;
+$et->data['showDescription'] = $cA_config->getValue('showDescription');
+$et->show();
diff --git a/modules/consentSimpleAdmin/www/consentAdmin.php b/modules/consentSimpleAdmin/www/consentAdmin.php
index cb7aa80f36d295bff7049c2a075dfde87019a6d1..1c576e9e486c7cefc8dac8a4a1b4f5f64527778d 100644
--- a/modules/consentSimpleAdmin/www/consentAdmin.php
+++ b/modules/consentSimpleAdmin/www/consentAdmin.php
@@ -1,91 +1,87 @@
-<?php
-/*
- * consentSimpleAdmin - Simple Consent administration module
- *
- * This module is a simplification of the danish consent administration module.
- *
- * @author Andreas Ă…kre Solberg <andreas.solberg@uninett.no>
- * @author Mads Freen - WAYF
- * @author Jacob Christiansen - WAYF
- * @package simpleSAMLphp
- */
-
-
-// Get config object
-$config = SimpleSAML_Configuration::getInstance();
-$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');
-
-$as = $consentconfig->getValue('auth');
-$as = new SimpleSAML_Auth_Simple($as);
-$as->requireAuth();
-
-// Get all attributes
-$attributes = $as->getAttributes();
-
-
-
-// Get user ID
-$userid_attributename = $consentconfig->getValue('userid', 'eduPersonPrincipalName');
-if (empty($attributes[$userid_attributename])) {
- throw new Exception('Could not generate useridentifier for storing consent. Attribute [' .
- $userid_attributename . '] was not available.');
-}
-
-$userid = $attributes[$userid_attributename][0];
-
-// Get metadata storage handler
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-
-/*
- * Get IdP id and metadata
- */
-if($as->getAuthData('saml:sp:IdP') !== null) {
- // From a remote idp (as bridge)
- $idp_entityid = $as->getAuthData('saml:sp:IdP');
- $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
-} else {
- // from the local idp
- $idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
- $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');
-}
-
-SimpleSAML_Logger::debug('consentAdmin: IdP is ['.$idp_entityid . ']');
-
-$source = $idp_metadata['metadata-set'] . '|' . $idp_entityid;
-
-
-// Parse consent config
-$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));
-
-// Calc correct user ID hash
-$hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source);
-
-
-
-// Check if button with withdraw all consent was clicked.
-if (array_key_exists('withdraw', $_REQUEST)) {
-
- SimpleSAML_Logger::info('consentAdmin: UserID ['.$hashed_user_id . '] has requested to withdraw all consents given...');
-
- $consent_storage->deleteAllConsents($hashed_user_id);
-
-}
-
-
-
-// Get all consents for user
-$user_consent_list = $consent_storage->getConsents($hashed_user_id);
-
-$consentServices = array();
-foreach($user_consent_list AS $c) $consentServices[$c[1]] = 1;
-
-SimpleSAML_Logger::debug('consentAdmin: no of consents [' . count($user_consent_list) . '] no of services [' . count($consentServices) . ']');
-
-// Init template
-$t = new SimpleSAML_XHTML_Template($config, 'consentSimpleAdmin:consentadmin.php');
-
-$t->data['consentServices'] = count($consentServices);
-$t->data['consents'] = count($user_consent_list);
-
-
-$t->show();
+<?php
+/*
+ * consentSimpleAdmin - Simple Consent administration module
+ *
+ * This module is a simplification of the danish consent administration module.
+ *
+ * @author Andreas Ă…kre Solberg <andreas.solberg@uninett.no>
+ * @author Mads Freek - WAYF
+ * @author Jacob Christiansen - WAYF
+ * @package SimpleSAMLphp
+ */
+
+
+// Get config object
+$config = SimpleSAML_Configuration::getInstance();
+$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');
+
+$as = $consentconfig->getValue('auth');
+$as = new SimpleSAML_Auth_Simple($as);
+$as->requireAuth();
+
+// Get all attributes
+$attributes = $as->getAttributes();
+
+
+// Get user ID
+$userid_attributename = $consentconfig->getValue('userid', 'eduPersonPrincipalName');
+if (empty($attributes[$userid_attributename])) {
+ throw new Exception('Could not generate useridentifier for storing consent. Attribute ['.
+ $userid_attributename.'] was not available.');
+}
+
+$userid = $attributes[$userid_attributename][0];
+
+// Get metadata storage handler
+$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+
+// Get IdP id and metadata
+if ($as->getAuthData('saml:sp:IdP') !== null) {
+ // From a remote idp (as bridge)
+ $idp_entityid = $as->getAuthData('saml:sp:IdP');
+ $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
+} else {
+ // from the local idp
+ $idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+ $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');
+}
+
+SimpleSAML_Logger::debug('consentAdmin: IdP is ['.$idp_entityid.']');
+
+$source = $idp_metadata['metadata-set'].'|'.$idp_entityid;
+
+
+// Parse consent config
+$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));
+
+// Calc correct user ID hash
+$hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source);
+
+
+// Check if button with withdraw all consent was clicked.
+if (array_key_exists('withdraw', $_REQUEST)) {
+
+ SimpleSAML_Logger::info('consentAdmin: UserID ['.$hashed_user_id.'] has requested to withdraw all consents given...');
+
+ $consent_storage->deleteAllConsents($hashed_user_id);
+}
+
+
+// Get all consents for user
+$user_consent_list = $consent_storage->getConsents($hashed_user_id);
+
+$consentServices = array();
+foreach ($user_consent_list AS $c) {
+ $consentServices[$c[1]] = 1;
+}
+
+SimpleSAML_Logger::debug('consentAdmin: no of consents ['.count($user_consent_list).'] no of services ['.count($consentServices).']');
+
+// Init template
+$t = new SimpleSAML_XHTML_Template($config, 'consentSimpleAdmin:consentadmin.php');
+
+$t->data['consentServices'] = count($consentServices);
+$t->data['consents'] = count($user_consent_list);
+
+
+$t->show();