Group misc functions into misc.php on the idp and sp

Add Federation Terminaison metadata on the idp and sp
Add view off federation on the sp
Add cancel federation button on the sp and idp
Defederation is not working yet

1 files changed, 200 insertions, 0 deletions

diff --git a/php/Attic/examples/sample-sp/cancel_federation.php b/php/Attic/examples/sample-sp/cancel_federation.php
new file mode 100644
index 00000000..66a2076d
--- /dev/null
+++ b/php/Attic/examples/sample-sp/cancel_federation.php
@@ -0,0 +1,200 @@
+<?php
+/*  
+ * Service Provider Example -- Cancel Federation with an Identity Provider 
+ *
+ * Copyright (C) 2004 Entr'ouvert
+ * http://lasso.entrouvert.org
+ * 
+ * Authors: Christophe Nowicki <cnowicki@easter-eggs.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+ require_once 'Log.php';
+ require_once 'DB.php';
+ require_once 'session.php';
+ require_once 'misc.php';
+
+ $config = unserialize(file_get_contents('config.inc'));
+
+ $methodes = array('redirect' => lassoHttpMethodRedirect, 'soap' => lassoHttpMethodSoap);
+
+ // connect to the data base
+ $db = &DB::connect($config['dsn']);
+ if (DB::isError($db)) 
+	die($db->getMessage());
+	
+ // create logger 
+ $conf['db'] = $db;
+ $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf);
+
+ // session handler
+ session_set_save_handler("open_session", "close_session", 
+ "read_session", "write_session", "destroy_session", "gc_session");
+
+ if (empty($_GET['profile']))
+ {
+	$logger->err("Cancel Federation called without profile.");
+	die("Cancel Federation called without profile.");
+ }
+
+ if (empty($_GET['with']))
+ {
+	$logger->err("Cancel Federation called without providerID.");
+	die("Cancel Federation called without providerID.");
+ }
+
+ session_start();
+
+ lasso_init();
+
+ if (empty($_SESSION['user_id']))
+ {
+	$logger->err("UserID is empty, user is not logged in.");
+	die("UserID is empty, user is not logged in.");
+ }
+ 
+ if (empty($_SESSION['identity_dump']))
+ {
+	$logger->err("Identity Dump is empty, user is not federated.");
+	die("Identity Dump is empty, user is not federated.");
+ }
+
+ if (!in_array($_GET['profile'], array_keys($methodes)))
+ {
+	die("Unknown defederation profile : " . $_GET['profile']);
+	$logger->err("Unknown defederation profile : " . $_GET['profile']);
+ }
+ 
+ $user_id = $_SESSION['user_id'];
+ 
+ $server_dump = file_get_contents($config['server_dump_filename']);
+ $server = LassoServer::newFromDump($server_dump);
+
+ $defederation = new LassoDefederation($server, lassoProviderTypeSp);
+ $defederation->setIdentityFromDump($_SESSION['identity_dump']);
+
+ if (!empty($_SESSION['session_dump']))
+	$defederation->setSessionFromDump($_SESSION['session_dump']);
+
+ $logger->debug("Create Cancel Federation Notification for User '" . $_SESSION["user_id"] .
+ "' with Identity Provider '" . $_GET['with']. "'");
+ 
+ $defederation->initNotification($_GET['with'], $methodes[$_GET['profile']]);
+ 
+ $defederation->buildNotificationMsg();
+ $nameIdentifier = $defederation->nameIdentifier;
+ if (empty($nameIdentifier))
+ {
+ 	$loggery>err("Name Identifier is empty.");
+	die("Name Identifier is empty.");
+ }
+
+ $identity = $defederation->identity;
+ if (isset($defederation->identity))
+ {
+	// Update identity dump
+	$identity_dump = $identity->dump();
+	$_SESSION['identity_dump'] = $identity_dump;
+	$query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump);
+ }
+ else	// Delete identity and session dumps
+	$query = "UPDATE users SET identity_dump=''";
+ $query .= " WHERE user_id='$user_id'";
+
+ $res =& $db->query($query);
+ if (DB::isError($res)) 
+ {
+	$logger->crit("DB Error :" . $res->getMessage());
+	$logger->debug("DB Error :" . $res->getDebugInfo());
+	die("Internal Server Error");
+ }
+ $logger->debug("Update user '$user_id' identity dump in the database");
+
+ // Update session dump, if available
+ if (!empty($_SESSION['sesion_dump']) && $defederation->isSessionDirty)
+ {
+	$session = $defederation->session;
+	$session_dump = $session->dump();
+	$_SESSION['session_dump'] = $session_dump;
+			
+	$query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump);
+	$query .= " WHERE user_id='$user_id'";
+
+	$res =& $db->query($query);
+	if (DB::isError($res)) 
+	{
+		$logger->crit("DB Error :" . $res->getMessage());
+		$logger->debug("DB Error :" . $res->getDebugInfo());
+		die("Internal Server Error");
+	}
+	$logger->debug("Update user '$user_id' session dump in the database");
+}
+
+// Delete Name Identifier
+$query = "DELETE FROM nameidentifiers WHERE user_id='$user_id' ";
+$query .= "AND name_identifier='$nameIdentifier'";
+
+$res =& $db->query($query);
+if (DB::isError($res)) 
+{
+	$logger->crit("DB Error :" . $res->getMessage());
+	$logger->debug("DB Error :" . $res->getDebugInfo());
+	die("Internal Server Error");
+}
+
+$logger->info("Delete Name Identifier '$nameIdentifier' for User '$user_id'");
+
+switch($_GET['profile'])
+{
+	case 'redirect':
+		$url = $defederation->msgUrl;
+	        $logger->info("Redirect user to $url");
+		
+		header("Request-URI: $url");
+		header("Content-Location: $url");
+		header("Location: $url\r\n\r\n");
+		break;
+	case 'soap':
+		$url = parse_url($defederation->msgUrl);
+		$soap = sprintf(
+		"POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n",
+		$url['path'], $url['host'], $url['port'], strlen($defederation->msgBody), $defederation->msgBody);
+		
+		$logger->info('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path']);
+		$logger->debug('SOAP Request : ' . $soap);
+
+		$fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno));
+		socket_set_timeout($fp, 10);
+		fwrite($fp, $soap);
+
+		read_http_response($fp, $header, $reponse);
+
+		fclose($fp);
+
+		$logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG);
+		$logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG);
+
+		// TODO : check reponse status
+
+
+		break;
+ }
+
+?>
+
+<?php
+	lasso_shutdown();
+?>