PageRenderTime 48ms CodeModel.GetById 21ms RepoModel.GetById 1ms app.codeStats 0ms

/Supportworks Server/html/simplesamlphp/modules/consent/www/getconsent.php

https://bitbucket.org/bittercreek_projects/supportworks
PHP | 154 lines | 108 code | 20 blank | 26 comment | 21 complexity | 6fd3d8baa9b019ad8d838c67205bbf66 MD5 | raw file
Possible License(s): MIT, LGPL-2.1, Apache-2.0, BSD-3-Clause 
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Consent script
    4. 

  4.  *
    5. 

  5.  * This script displays a page to the user, which requests that the user
    6. 

  6.  * authorizes the release of attributes.
    7. 

  7.  *
    8. 

  8.  * @package SimpleSAMLphp
    9. 

  9.  */
    10. 

  10. /**
    11. 

  11.  * Explicit instruct consent page to send no-cache header to browsers to make 
    12. 

  12.  * sure the users attribute information are not store on client disk.
    13. 

  13.  * 
    14. 

  14.  * In an vanilla apache-php installation is the php variables set to:
    15. 

  15.  *
    16. 

  16.  * session.cache_limiter = nocache
    17. 

  17.  *
    18. 

  18.  * so this is just to make sure.
    19. 

  19.  */
    20. 

  20. session_cache_limiter('nocache');
    21. 

  21. 

  22. $globalConfig = SimpleSAML_Configuration::getInstance();
    23. 

  23. 

  24. SimpleSAML_Logger::info('Consent - getconsent: Accessing consent interface');
    25. 

  25. 

  26. if (!array_key_exists('StateId', $_REQUEST)) {
    27. 

  27.     throw new SimpleSAML_Error_BadRequest(
    28. 

  28.         'Missing required StateId query parameter.'
    29. 

  29.     );
    30. 

  30. }
    31. 

  31. 

  32. $id = $_REQUEST['StateId'];
    33. 

  33. $state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
    34. 

  34. 

  35. if (array_key_exists('core:SP', $state)) {
    36. 

  36.     $spentityid = $state['core:SP'];
    37. 

  37. } else if (array_key_exists('saml:sp:State', $state)) {
    38. 

  38.     $spentityid = $state['saml:sp:State']['core:SP'];
    39. 

  39. } else {
    40. 

  40.     $spentityid = 'UNKNOWN';
    41. 

  41. }
    42. 

  42. 

  43. 

  44. // The user has pressed the yes-button
    45. 

  45. if (array_key_exists('yes', $_REQUEST)) {
    46. 

  46.     if (array_key_exists('saveconsent', $_REQUEST)) {
    47. 

  47.         SimpleSAML_Logger::stats('consentResponse remember');		
    48. 

  48.     } else {
    49. 

  49.         SimpleSAML_Logger::stats('consentResponse rememberNot');
    50. 

  50.     }
    51. 

  51. 

  52.     $statsInfo = array(
    53. 

  53.         'remember' => array_key_exists('saveconsent', $_REQUEST),
    54. 

  54.     );
    55. 

  55.     if (isset($state['Destination']['entityid'])) {
    56. 

  56.         $statsInfo['spEntityID'] = $state['Destination']['entityid'];
    57. 

  57.     }
    58. 

  58.     SimpleSAML_Stats::log('consent:accept', $statsInfo);
    59. 

  59. 

  60.     if (   array_key_exists('consent:store', $state) 
    61. 

  61.         && array_key_exists('saveconsent', $_REQUEST)
    62. 

  62.         && $_REQUEST['saveconsent'] === '1'
    63. 

  63.     ) {
    64. 

  64.         // Save consent
    65. 

  65.         $store = $state['consent:store'];
    66. 

  66.         $userId = $state['consent:store.userId'];
    67. 

  67.         $targetedId = $state['consent:store.destination'];
    68. 

  68.         $attributeSet = $state['consent:store.attributeSet'];
    69. 

  69. 

  70.         SimpleSAML_Logger::debug(
    71. 

  71.             'Consent - saveConsent() : [' . $userId . '|' .
    72. 

  72.             $targetedId . '|' .  $attributeSet . ']'
    73. 

  73.         );	
    74. 

  74.         try {
    75. 

  75.             $store->saveConsent($userId, $targetedId, $attributeSet);
    76. 

  76.         } catch (Exception $e) {
    77. 

  77.             SimpleSAML_Logger::error('Consent: Error writing to storage: ' . $e->getMessage());
    78. 

  78.         }
    79. 

  79.     }
    80. 

  80. 

  81.     SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
    82. 

  82. }
    83. 

  83. 

  84. // Prepare attributes for presentation
    85. 

  85. $attributes = $state['Attributes'];
    86. 

  86. $noconsentattributes = $state['consent:noconsentattributes'];
    87. 

  87. 

  88. // Remove attributes that do not require consent
    89. 

  89. foreach ($attributes AS $attrkey => $attrval) {
    90. 

  90.     if (in_array($attrkey, $noconsentattributes)) {
    91. 

  91.         unset($attributes[$attrkey]);
    92. 

  92.     }
    93. 

  93. }
    94. 

  94. $para = array(
    95. 

  95.     'attributes' => &$attributes
    96. 

  96. );
    97. 

  97. 

  98. // Reorder attributes according to attributepresentation hooks
    99. 

  99. SimpleSAML_Module::callHooks('attributepresentation', $para);
    100. 

  100. 

  101. // Make, populate and layout consent form
    102. 

  102. $t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:consentform.php');
    103. 

  103. $t->data['srcMetadata'] = $state['Source'];
    104. 

  104. $t->data['dstMetadata'] = $state['Destination'];
    105. 

  105. $t->data['yesTarget'] = SimpleSAML_Module::getModuleURL('consent/getconsent.php');
    106. 

  106. $t->data['yesData'] = array('StateId' => $id);
    107. 

  107. $t->data['noTarget'] = SimpleSAML_Module::getModuleURL('consent/noconsent.php');
    108. 

  108. $t->data['noData'] = array('StateId' => $id);
    109. 

  109. $t->data['attributes'] = $attributes;
    110. 

  110. $t->data['checked'] = $state['consent:checked'];
    111. 

  111. 

  112. // Fetch privacypolicy
    113. 

  113. if (array_key_exists('privacypolicy', $state['Destination'])) {
    114. 

  114.     $privacypolicy = $state['Destination']['privacypolicy'];
    115. 

  115. } elseif (array_key_exists('privacypolicy', $state['Source'])) {
    116. 

  116.     $privacypolicy = $state['Source']['privacypolicy'];
    117. 

  117. } else {
    118. 

  118.     $privacypolicy = false;
    119. 

  119. }
    120. 

  120. if ($privacypolicy !== false) {
    121. 

  121.     $privacypolicy = str_replace(
    122. 

  122.         '%SPENTITYID%',
    123. 

  123.         urlencode($spentityid), 
    124. 

  124.         $privacypolicy
    125. 

  125.     );
    126. 

  126. }
    127. 

  127. $t->data['sppp'] = $privacypolicy;
    128. 

  128. 

  129. // Set focus element
    130. 

  130. switch ($state['consent:focus']) {
    131. 

  131. case 'yes':
    132. 

  132.     $t->data['autofocus'] = 'yesbutton';
    133. 

  133.     break;
    134. 

  134. case 'no':
    135. 

  135.     $t->data['autofocus'] = 'nobutton';
    136. 

  136.     break;
    137. 

  137. case null:
    138. 

  138. default:
    139. 

  139.     break;
    140. 

  140. }
    141. 

  141. 

  142. if (array_key_exists('consent:store', $state)) {
    143. 

  143.     $t->data['usestorage'] = true;
    144. 

  144. } else {
    145. 

  145.     $t->data['usestorage'] = false;
    146. 

  146. }
    147. 

  147. 

  148. if (array_key_exists('consent:hiddenAttributes', $state)) {
    149. 

  149.     $t->data['hiddenAttributes'] = $state['consent:hiddenAttributes'];
    150. 

  150. } else {
    151. 

  151.     $t->data['hiddenAttributes'] = array();
    152. 

  152. }
    153. 

  153. 

  154. $t->show();
    155. 

  155.