Group misc functions into misc.php on the idp and sp

Add Federation Terminaison metadata on the idp and sp Add view off federation on the sp Add cancel federation button on the sp and idp Defederation is not working yet
author: Christophe Nowicki <cnowicki@easter-eggs.com> 2004-09-23 16:00:54 +0000
committer: Christophe Nowicki <cnowicki@easter-eggs.com> 2004-09-23 16:00:54 +0000
commit: f94170a65c5585a2c955d14360becd3e2ca98ac2 (patch)
tree: 925f029ba25f31676fa92ca40113660c6423c5b5 /php/Attic/examples/sample-sp
parent: 662764422bbf1b01decc01d414a7ab9d0db63958 (diff)
8 files changed, 502 insertions, 45 deletions
diff --git a/php/Attic/examples/sample-sp/admin_user.php b/php/Attic/examples/sample-sp/admin_user.php
index 30efe3c6..48a903dd 100644
--- a/php/Attic/examples/sample-sp/admin_user.php
+++ b/php/Attic/examples/sample-sp/admin_user.php
@@ -24,13 +24,18 @@
 
   $config = unserialize(file_get_contents('config.inc'));
 
+  require_once 'Log.php';
   require_once 'DB.php';
-
-
+  
+  // connect to the data base
   $db = &DB::connect($config['dsn']);
-
   if (DB::isError($db)) 
-	  die($db->getMessage());
+	die($db->getMessage());
+
+  // create logger 
+  $conf['db'] = $db;
+  $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf);
+
 
   if (!empty($_GET['dump'])) {
   	$query = "SELECT identity_dump FROM users WHERE user_id=".$db->quoteSmart($_GET['dump']);
@@ -38,6 +43,7 @@
 	if (DB::isError($res)) 
 	  print $res->getMessage(). "\n";
 	$row = $res->fetchRow();
+	
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
@@ -78,6 +84,15 @@
 	  die($res->getMessage());
   }
 	
+  lasso_init();
+
+  // Create Lasso Server
+  $server_dump = file_get_contents($config['server_dump_filename']);
+  $server = LassoServer::newFromDump($server_dump);
+
+  // Lasso User
+  $login = new LassoLogin($server);
+  
   $query = "SELECT * FROM users";
   $res =& $db->query($query);
   if (DB::isError($res)) 
@@ -107,7 +122,7 @@
 <thead>
 <tr align="center"><?php
   for ($i = 0; $i < $num_col; $i++) {
-	echo "<td>" . $tableinfo[$i]['name'] ."</td>";
+	echo "<td><b>" . $tableinfo[$i]['name'] ."</b></td>";
   }
 ?><td>&nbsp;</td>
 </tr>
@@ -127,6 +142,7 @@
 	  {
 		case "identity_dump":
   		  echo "<a href=javascript:openpopup('". $PHP_SELF . '?dump=' . $row[0] . "')>view</a>";
+		  $identity_dump = $row[$i];
 		  break;
 		  
 		default:
@@ -137,9 +153,29 @@
 	<?php
   }
   ?>
-  <td>
-  <a href="<?php echo $PHP_SELF . '?del=' . $row[0]; ?>">delete</a>
-  </td>
+  <td rowspan='2'><a href="<?php echo $PHP_SELF . '?del=' . $row[0]; ?>">delete</a></td>
+</tr>
+<tr>
+	<td colspan='<?php echo $num_col; ?>' align='center'>
+<?
+	// get all federations for this user
+        if (!empty($identity_dump))
+        {
+            $login->setIdentityFromDump($identity_dump);
+            $identity = $login->identity;
+            $providerIDs = $identity->providerIds;
+	    
+	    for($i = 0; $i <  $providerIDs->length() ; $i++)
+	    {
+		if ($i)
+			echo "<br>";
+		echo  $providerIDs->getItem($i);
+	    }
+	}
+	else
+            echo "Not Federated with an Service Provider.";
+?>
+	</td>
 </tr>
 <?php
 }
@@ -165,4 +201,5 @@
 </html>
 <?php
   $db->disconnect();
+  lasso_shutdown();
 ?>
diff --git a/php/Attic/examples/sample-sp/assertionConsumer.php b/php/Attic/examples/sample-sp/assertionConsumer.php
index 727c2c0f..f7d38d32 100644
--- a/php/Attic/examples/sample-sp/assertionConsumer.php
+++ b/php/Attic/examples/sample-sp/assertionConsumer.php
@@ -25,6 +25,7 @@
   require_once 'Log.php';
   require_once 'DB.php';
   require_once 'session.php';
+  require_once 'misc.php';
 
   $config = unserialize(file_get_contents('config.inc'));
 
@@ -55,7 +56,7 @@
 
   $login = new LassoLogin($server);
 
-  $logger->log('Request from ' . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO);
+  $logger->info('Request from ' . $_SERVER['REMOTE_ADDR']);
   $login->initRequest($_SERVER['QUERY_STRING'], lassoHttpMethodRedirect);
   $login->buildRequestMsg();
 
@@ -72,36 +73,8 @@
   $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno));
   socket_set_timeout($fp, 10);
   fwrite($fp, $soap);
-
-  // header
-  do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header));
-
-  // chunked encoding
-  if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header))
-  {
-	do {
-	  $byte = '';
-	  $chunk_size = '';
-	  
-	  do {
-		$chunk_size .= $byte;
-		$byte = fread($fp, 1);
-	  } while ($byte != "\\r");     
-	  
-	  fread($fp, 1);    
-	  $chunk_size = hexdec($chunk_size); 
-  	  $response .= fread($fp, $chunk_size);
-	  fread($fp, 2);          
-  	} while ($chunk_size);        
-  }
-  else
-  {
-	if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches))
-	  $response = @fread($fp, $matches[1]);
-	else 
-	  while (!feof($fp)) $response .= fread($fp, 1024);
-  }
-  fclose($fp);
+  
+  read_http_response($fp, $header, $response);
 
   $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG);
   $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG);
@@ -151,8 +124,10 @@
 	$login->acceptSso();
 	
 	$session = $login->session; 
+	$identity = $login->identity; 
   
         $_SESSION['nameidentifier'] = $login->nameIdentifier;
+        $_SESSION['identity_dump'] = $identity->dump();
         $_SESSION['session_dump'] = $session->dump();
         $_SESSION['user_id'] = $user_id;
 
@@ -209,6 +184,7 @@
 
 	
 	$_SESSION['nameidentifier'] = $login->nameIdentifier;
+        $_SESSION['identity_dump'] = $identity->dump();
         $_SESSION['session_dump'] = $session->dump();
         $_SESSION['user_id'] = $user_id;
 
diff --git a/php/Attic/examples/sample-sp/cancel_federation.php b/php/Attic/examples/sample-sp/cancel_federation.php
new file mode 100644
index 00000000..66a2076d
--- /dev/null
+++ b/php/Attic/examples/sample-sp/cancel_federation.php
@@ -0,0 +1,200 @@
+<?php
+/*  
+ * Service Provider Example -- Cancel Federation with an Identity Provider 
+ *
+ * Copyright (C) 2004 Entr'ouvert
+ * http://lasso.entrouvert.org
+ * 
+ * Authors: Christophe Nowicki <cnowicki@easter-eggs.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+ require_once 'Log.php';
+ require_once 'DB.php';
+ require_once 'session.php';
+ require_once 'misc.php';
+
+ $config = unserialize(file_get_contents('config.inc'));
+
+ $methodes = array('redirect' => lassoHttpMethodRedirect, 'soap' => lassoHttpMethodSoap);
+
+ // connect to the data base
+ $db = &DB::connect($config['dsn']);
+ if (DB::isError($db)) 
+	die($db->getMessage());
+	
+ // create logger 
+ $conf['db'] = $db;
+ $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf);
+
+ // session handler
+ session_set_save_handler("open_session", "close_session", 
+ "read_session", "write_session", "destroy_session", "gc_session");
+
+ if (empty($_GET['profile']))
+ {
+	$logger->err("Cancel Federation called without profile.");
+	die("Cancel Federation called without profile.");
+ }
+
+ if (empty($_GET['with']))
+ {
+	$logger->err("Cancel Federation called without providerID.");
+	die("Cancel Federation called without providerID.");
+ }
+
+ session_start();
+
+ lasso_init();
+
+ if (empty($_SESSION['user_id']))
+ {
+	$logger->err("UserID is empty, user is not logged in.");
+	die("UserID is empty, user is not logged in.");
+ }
+ 
+ if (empty($_SESSION['identity_dump']))
+ {
+	$logger->err("Identity Dump is empty, user is not federated.");
+	die("Identity Dump is empty, user is not federated.");
+ }
+
+ if (!in_array($_GET['profile'], array_keys($methodes)))
+ {
+	die("Unknown defederation profile : " . $_GET['profile']);
+	$logger->err("Unknown defederation profile : " . $_GET['profile']);
+ }
+ 
+ $user_id = $_SESSION['user_id'];
+ 
+ $server_dump = file_get_contents($config['server_dump_filename']);
+ $server = LassoServer::newFromDump($server_dump);
+
+ $defederation = new LassoDefederation($server, lassoProviderTypeSp);
+ $defederation->setIdentityFromDump($_SESSION['identity_dump']);
+
+ if (!empty($_SESSION['session_dump']))
+	$defederation->setSessionFromDump($_SESSION['session_dump']);
+
+ $logger->debug("Create Cancel Federation Notification for User '" . $_SESSION["user_id"] .
+ "' with Identity Provider '" . $_GET['with']. "'");
+ 
+ $defederation->initNotification($_GET['with'], $methodes[$_GET['profile']]);
+ 
+ $defederation->buildNotificationMsg();
+ $nameIdentifier = $defederation->nameIdentifier;
+ if (empty($nameIdentifier))
+ {
+ 	$loggery>err("Name Identifier is empty.");
+	die("Name Identifier is empty.");
+ }
+
+ $identity = $defederation->identity;
+ if (isset($defederation->identity))
+ {
+	// Update identity dump
+	$identity_dump = $identity->dump();
+	$_SESSION['identity_dump'] = $identity_dump;
+	$query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump);
+ }
+ else	// Delete identity and session dumps
+	$query = "UPDATE users SET identity_dump=''";
+ $query .= " WHERE user_id='$user_id'";
+
+ $res =& $db->query($query);
+ if (DB::isError($res)) 
+ {
+	$logger->crit("DB Error :" . $res->getMessage());
+	$logger->debug("DB Error :" . $res->getDebugInfo());
+	die("Internal Server Error");
+ }
+ $logger->debug("Update user '$user_id' identity dump in the database");
+
+ // Update session dump, if available
+ if (!empty($_SESSION['sesion_dump']) && $defederation->isSessionDirty)
+ {
+	$session = $defederation->session;
+	$session_dump = $session->dump();
+	$_SESSION['session_dump'] = $session_dump;
+			
+	$query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump);
+	$query .= " WHERE user_id='$user_id'";
+
+	$res =& $db->query($query);
+	if (DB::isError($res)) 
+	{
+		$logger->crit("DB Error :" . $res->getMessage());
+		$logger->debug("DB Error :" . $res->getDebugInfo());
+		die("Internal Server Error");
+	}
+	$logger->debug("Update user '$user_id' session dump in the database");
+}
+
+// Delete Name Identifier
+$query = "DELETE FROM nameidentifiers WHERE user_id='$user_id' ";
+$query .= "AND name_identifier='$nameIdentifier'";
+
+$res =& $db->query($query);
+if (DB::isError($res)) 
+{
+	$logger->crit("DB Error :" . $res->getMessage());
+	$logger->debug("DB Error :" . $res->getDebugInfo());
+	die("Internal Server Error");
+}
+
+$logger->info("Delete Name Identifier '$nameIdentifier' for User '$user_id'");
+
+switch($_GET['profile'])
+{
+	case 'redirect':
+		$url = $defederation->msgUrl;
+	        $logger->info("Redirect user to $url");
+		
+		header("Request-URI: $url");
+		header("Content-Location: $url");
+		header("Location: $url\r\n\r\n");
+		break;
+	case 'soap':
+		$url = parse_url($defederation->msgUrl);
+		$soap = sprintf(
+		"POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n",
+		$url['path'], $url['host'], $url['port'], strlen($defederation->msgBody), $defederation->msgBody);
+		
+		$logger->info('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path']);
+		$logger->debug('SOAP Request : ' . $soap);
+
+		$fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno));
+		socket_set_timeout($fp, 10);
+		fwrite($fp, $soap);
+
+		read_http_response($fp, $header, $reponse);
+
+		fclose($fp);
+
+		$logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG);
+		$logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG);
+
+		// TODO : check reponse status
+
+
+		break;
+ }
+
+?>
+
+<?php
+	lasso_shutdown();
+?>
diff --git a/php/Attic/examples/sample-sp/index.php b/php/Attic/examples/sample-sp/index.php
index 62c5faef..43948017 100644
--- a/php/Attic/examples/sample-sp/index.php
+++ b/php/Attic/examples/sample-sp/index.php
@@ -64,7 +64,11 @@ You can get more informations about <b>Lasso</b> at <br>
 
   session_start();
 
+
   lasso_init();
+
+  $server_dump = file_get_contents($config['server_dump_filename']);
+  $server = LassoServer::newFromDump($server_dump);
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
@@ -104,11 +108,48 @@ You can get more informations about <b>Lasso</b> at <br>
   <td><?php echo $config['providerID']; ?></td>
   <td><a href="login.php?profile=post">post</a> | <a href="login.php?profile=artifact">artifact</a></td>
 </tr>
-<?php } else { ?>
+<?php } else { 
+        // User is federated with an Service Provider
+	if (isset($_SESSION['identity_dump']))
+	{
+		$login = new LassoLogin($server);
+		$login->setIdentityFromDump($_SESSION['identity_dump']);
+		if (!empty($_SESSION['session_dump']))
+			$login->setSessionFromDump($_SESSION['session_dump']);
+		$identity = $login->identity;
+		$providerIDs = $identity->providerIds;
+
+		if ($providerIDs->length())
+		{
+?>
 <tr>
-  <td colspan="2">Single Logout</td>
+	<td align='center' colspan='2'>Cancel a Federation with :</td>
+</tr>
+<tr>
+	<td align='center'>Identity Provider</td><td align='center'>Profile</td>
+</tr>
+<?php
+			for($i = 0; $i <  $providerIDs->length() ; $i++)
+			{
+				$providerID = $providerIDs->getItem($i);
+?>
+<tr>
+	<td align='center'><?php echo $providerID; ?></td>
+	<td align='center'>
+		<a href="cancel_federation.php?profile=redirect&with=<?php echo $providerID; ?>">Redirect</a> |
+		<a href="cancel_federation.php?profile=soap&with=<?php echo $providerID; ?>">SOAP</a>
+	</td>
+</tr>
+<tr>
+	<td colspan='2'>&nbsp;</td>
+</tr>
+<?php
+			}
+		}
+	}
+?>
 <tr>
-  <td colspan="2"><a href="logout.php">Logout!</a></td>
+  <td>Single Logout using </td><td><a href="logout.php?profile=soap">SOAP</a></td>
 </tr>
 <?php } ?>
 </table>
diff --git a/php/Attic/examples/sample-sp/metadata_idp1.xml b/php/Attic/examples/sample-sp/metadata_idp1.xml
index 5dda1a22..afa9c9b2 100644
--- a/php/Attic/examples/sample-sp/metadata_idp1.xml
+++ b/php/Attic/examples/sample-sp/metadata_idp1.xml
@@ -4,14 +4,18 @@
     xmlns="urn:liberty:metadata:2003-08">
  <IDPDescriptor>
 
-  <SingleSignOnServiceURL>https://idp1:1998/singleSignOn.php</SingleSignOnServiceURL>
+  <SingleSignOnServiceURL>https://idp1:1998/singleSignOn</SingleSignOnServiceURL>
   <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
 
-  <SingleLogoutServiceURL>https://idp1:1998/singleLogout.php</SingleLogoutServiceURL>
+  <SingleLogoutServiceURL>https://idp1:1998/singleLogout</SingleLogoutServiceURL>
   <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
 
-  <RegisterNameIdentifierServiceURL>https://idp1:1998/registerNameIdentifier.php</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierServiceURL>https://idp1:1998/registerNameIdentifier</RegisterNameIdentifierServiceURL>
   <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+   <FederationTerminationServiceURL>https://idp1:1998/federationTermination</FederationTerminationServiceURL>
+  <FederationTerminationServiceReturnURL>https://idp1:1998/federationTerminationReturn</FederationTerminationServiceReturnURL>
+  <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</FederationTerminationNotificationProtocolProfile>
+
 
   <SoapEndpoint>https://idp1:1998/soapEndpoint.php</SoapEndpoint>
 
diff --git a/php/Attic/examples/sample-sp/misc.php b/php/Attic/examples/sample-sp/misc.php
new file mode 100644
index 00000000..df9709e5
--- /dev/null
+++ b/php/Attic/examples/sample-sp/misc.php
@@ -0,0 +1,55 @@
+<?php
+/*  
+ * Service Provider Example -- Misc functions
+ *
+ * Copyright (C) 2004 Entr'ouvert
+ * http://lasso.entrouvert.org
+ * 
+ * Authors: Christophe Nowicki <cnowicki@easter-eggs.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+function read_http_response($fp, &$header, &$response)
+{
+	// header
+	do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header));
+
+	// chunked encoding
+	if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header))
+	{
+		do {
+			$byte = '';
+			$chunk_size = '';
+			
+			do {
+				$chunk_size .= $byte;
+				$byte = fread($fp, 1);
+			} while ($byte != "\\r");     
+	
+			fread($fp, 1);    
+			$chunk_size = hexdec($chunk_size); 
+			$response .= fread($fp, $chunk_size);
+			fread($fp, 2);          
+		} while ($chunk_size);        
+	}
+	else
+	{
+		if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches))
+			$response = @fread($fp, $matches[1]);
+		else 
+			while (!feof($fp)) $response .= fread($fp, 1024);
+	}
+}
diff --git a/php/Attic/examples/sample-sp/setup.php b/php/Attic/examples/sample-sp/setup.php
index 2886c88a..a27d3d05 100644
--- a/php/Attic/examples/sample-sp/setup.php
+++ b/php/Attic/examples/sample-sp/setup.php
@@ -284,6 +284,7 @@
   ob_end_flush();
   ob_end_flush();
   ?>
+<p><a href='index.php'>Back to Index</a></p>  
 </body>
 </html>
 <?php
diff --git a/php/Attic/examples/sample-sp/soapEndpoint.php b/php/Attic/examples/sample-sp/soapEndpoint.php
new file mode 100644
index 00000000..ef7dcc8a
--- /dev/null
+++ b/php/Attic/examples/sample-sp/soapEndpoint.php
@@ -0,0 +1,143 @@
+<?php
+/*  
+ * Identity Provider Example -- SOAP Endpoint
+ *
+ * Copyright (C) 2004 Entr'ouvert
+ * http://lasso.entrouvert.org
+ * 
+ * Authors: Christophe Nowicki <cnowicki@easter-eggs.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+  require_once 'Log.php';
+  require_once 'DB.php';
+  require_once 'session.php';
+
+
+  $config = unserialize(file_get_contents('config.inc'));
+   
+  $server_dump = file_get_contents($config['server_dump_filename']);
+
+  header("Content-Type: text/xml\r\n");
+
+  // connect to the data base
+  $db = &DB::connect($config['dsn']);
+  if (DB::isError($db)) 
+  {
+    header("HTTP/1.0 500 Internal Server Error");
+    exit;
+  }
+
+   // create logger 
+  $conf['db'] = $db;
+  $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf);
+
+  // session handler
+  session_set_save_handler("open_session", "close_session", 
+   "read_session", "write_session", "destroy_session", "gc_session");
+
+  session_start();
+
+  if (empty($HTTP_RAW_POST_DATA))
+  {
+   $logger->log("HTTP_RAW_POST_DATA is empty", PEAR_LOG_WARNING);
+   die("HTTP_RAW_POST_DATA is empty!"); 
+  }
+
+  lasso_init();
+
+  $requestype = lasso_getRequestTypeFromSoapMsg($HTTP_RAW_POST_DATA);
+  $server = LassoServer::newFromDump($server_dump);
+
+  switch ($requestype) 
+  {
+	case lassoRequestTypeLogout:
+		$logger->info("SOAP Logout Request from " . $_SERVER['REMOTE_ADDR']);
+
+		break;
+	case lassoRequestTypeDefederation:
+		$logger->info("SOAP Defederation Request from " . $_SERVER['REMOTE_ADDR']);
+
+		$defederation = new LassoDefederation($server, lassoProviderTypeSp);
+		$defederation->processNotificationMsg($HTTP_RAW_POST_DATA, lassoHttpMethodSoap);
+
+		$nameIdentifier = $defederation->nameIdentifier; 
+		if (empty($nameIdentifier))
+		{
+			header("HTTP/1.0 500 Internal Server Error");
+			$logger->err("Name Identifier is empty");
+			exit;
+		}
+
+		$query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameIdentifier'";
+		$res =& $db->query($query);
+		if (DB::isError($res)) 
+		{
+			header("HTTP/1.0 500 Internal Server Error");
+			$logger->crit("DB Error :" . $res->getMessage());
+			$logger->debug("DB Error :" . $res->getDebugInfo());
+			exit;
+		}
+		if (!$res->numRows())
+		{
+			header("HTTP/1.0 500 Internal Server Error");
+			$logger->err("Name identifier '$nameIdentifier' doesn't correspond to any user");
+			exit;
+		}
+
+		$row = $res->fetchRow();
+		$user_id = $row[0];
+		$logger->debug("UserID is '$user_id");
+		
+		$query = "SELECT identity_dump FROM users WHERE user_id='$user_id'";
+		$res =& $db->query($query);
+		
+		if (DB::isError($res)) 
+		{
+			header("HTTP/1.0 500 Internal Server Error");
+			$logger->crit("DB Error :" . $res->getMessage());
+			$logger->debug("DB Error :" . $res->getDebugInfo());
+			exit;
+		}
+		
+		if (!$res->numRows())
+		{
+			header("HTTP/1.0 500 Internal Server Error");
+			$logger->err("User is not federated.");
+			exit;
+		}
+		$row = $res->fetchRow();
+		$identity_dump = $row[0];
+
+		$defederation->setIdentityFromDump($identity_dump);
+
+		// TODO : Get Session
+
+		$defederation->validateNotification();
+
+		$identity = $defederation->identity;
+
+		if (!isset($identity->dump))
+		{
+			$identity_dump = $identity->dump;
+		}
+		
+		break;
+	default:
+		header("HTTP/1.0 500 Internal Server Error");
+		$logger->crit("Unknown or unsupported SOAP request");
+  }
+
+?>
author	Christophe Nowicki <cnowicki@easter-eggs.com>	2004-09-23 16:00:54 +0000
committer	Christophe Nowicki <cnowicki@easter-eggs.com>	2004-09-23 16:00:54 +0000
commit	f94170a65c5585a2c955d14360becd3e2ca98ac2 (patch)
tree	925f029ba25f31676fa92ca40113660c6423c5b5 /php/Attic/examples/sample-sp
parent	662764422bbf1b01decc01d414a7ab9d0db63958 (diff)