diff options
| author | Christophe Nowicki <cnowicki@easter-eggs.com> | 2005-01-25 15:31:39 +0000 |
|---|---|---|
| committer | Christophe Nowicki <cnowicki@easter-eggs.com> | 2005-01-25 15:31:39 +0000 |
| commit | acafd6b03f4b92587f3e4ec0af0c46cb3d037ba6 (patch) | |
| tree | 1f302ebcbad5efb37607401a50ceb583883752ed /php | |
| parent | f0d06800bae38641b2ebdc77e2984c58423e9030 (diff) | |
| download | lasso-acafd6b03f4b92587f3e4ec0af0c46cb3d037ba6.tar.gz lasso-acafd6b03f4b92587f3e4ec0af0c46cb3d037ba6.tar.xz lasso-acafd6b03f4b92587f3e4ec0af0c46cb3d037ba6.zip | |
Remove php samples from the lasso repository
I'm still working on it. I will release an independant Pear
package for Lasso 0.6.
The pear package repository is here:
https://meuh.dyndns.org/cgi-bin/viewcvs.cgi/lasso_pear/
Diffstat (limited to 'php')
46 files changed, 0 insertions, 5844 deletions
diff --git a/php/Attic/examples/.cvsignore b/php/Attic/examples/.cvsignore deleted file mode 100644 index 22a4e729..00000000 --- a/php/Attic/examples/.cvsignore +++ /dev/null @@ -1,3 +0,0 @@ -Makefile -Makefile.in - diff --git a/php/Attic/examples/Makefile.am b/php/Attic/examples/Makefile.am deleted file mode 100644 index 79505f8d..00000000 --- a/php/Attic/examples/Makefile.am +++ /dev/null @@ -1 +0,0 @@ -SUBDIRS = sample-sp sample-idp diff --git a/php/Attic/examples/README b/php/Attic/examples/README deleted file mode 100644 index 6c58ac9b..00000000 --- a/php/Attic/examples/README +++ /dev/null @@ -1,180 +0,0 @@ -Lasso Exemples ----------------------------------- - -SOFTWARE - This directory include a Liberty Alliance Service Provider (sample-sp) - and a Liverty Alliance Identity Provider (sample-idp) written in PHP - with the Lasso extension. - -INSTALLATION - You need the fallowing components : - - The Apache Web Server with SSL support (http://www.apache.org) - - OpenSSL (http://www.openssl.org) - - PHP4 version 4.3 with OpenSSL support enabled (http://www.php.net) - - The Lasso Extension for PHP (http://lasso.entrouvert.org) - - A PostgreSQL database server (http://www.postgresql.org/) - - PHP Pear modules : DB, HTML_QuickForm, Log (http://pear.php.net) - - Debian packages for the Lasso extension are available, they are included - in the current development version (sid) and packages for the current stable - version (sarge) are available in the entr'ouvert's apt repository: - - deb http://www.entrouvert.org ./debian/lasso/ - - Add this line in your /etc/apt/sources.list and install the fallow packages : - - apt-get install apache-ssl php4 php4-lasso php4-pgsql php4-pear postgresql - - Pear packages can be installed with the pear command : - - # pear install DB HTML_Common HTML_Form HTML_QuickForm Log - -CONFIGURATION - - PostgreSQL - - Change user "postgres" password to access the database. - You can do this by executing in a shell : - - # su - postgres - $ psql template1 - template1=# ALTER USER postgres password 'new_pass'; - ALTER USER - template1=# \q - - Change your PostgreSQL server configuration to use passwords to - authenticate users writing in your /etc/postgresql/pg_hba.conf file: - - local all all password - host all all 127.0.0.1 255.255.255.255 password - - Then, restart the postmaster with /etc/init.d/postgresql restart. - - # /etc/init.d/postgresql restart - - Now you can create users idp and sp in postgres. Thoses users can create - database. - - $ createuser -A -d -P idp - Enter password for new user: - Enter it again: - Password: <-- postgres's password used to access the database - CREATE USER - - $ createuser -A -d -P sp - [ ... ] - - Create databases for idp and sp. - - $ createdb -U idp idp - Password: <-- idp's password - CREATE DATABASE - - $ createdb -U sp sp - [ ... ] - - Database setup is finished. - - Copy example source code in /var/lib/www : - - # cp -r sample-idp /var/www/idp - # cp -r sample-sp /var/www/sp - # chown -R www-data: /var/www/idp /var/www/sp - - OpenSSL - - To generate SSL certificat for the Identity Provider and the Service - Provider you need the openssl command line utility. - You need to create a certificate, a public and private key for the idp - and the sp. In order to proceed, you can run the gen_keys.sh script or use - the openssl command line utility : - - # cd /var/www/sp - # openssl req -out certificate_sp1.pem -keyout private-key-raw_sp1.pem -x509 -nodes -newkey rsa:2048 - [ ... ] - Common Name (eg, YOUR name) []:sp1 - [ ... ] - # openssl x509 -in certificate_sp1.pem -noout -pubkey > public-key_sp1.pem - # chown www-data: *.pem - - # cd /var/www/idp - # openssl req -out certificate_idp1.pem -keyout private-key-raw_idp1.pem -x509 -nodes -newkey rsa:2048 - [ ... ] - Common Name (eg, YOUR name) []:idp1 - [ ... ] - # openssl x509 -in certificate_idp1.pem -noout -pubkey > public-key_idp1.pem - # chown www-data: *.pem - - Then, copy the IdP's certificate and public key in the SP directory : - - # cd /var/www - # cp -p idp/certificate_idp1.pem idp/public-key_idp1.pem sp/ - - Copy the SP's certificate and public key in the IdP directory : - - # cd /var/www - # cp -p sp/certificate_sp1.pem sp/public-key_sp1.pem idp/ - - Enable PHP in Apache - - Change you Apache's configuration file to load PHP as module in your - /etc/apache-ssl/modules.conf file : - - LoadModule php4_module /usr/lib/apache/1.3/libphp4.so - - Add Type Mime for PHP - - In /etc/apache-ssl/httpd.conf write : - - # - # And for PHP 4.x, use: - # - AddType application/x-httpd-php .php - - PHP 4 - - Edit PHP 4 configuration file to enable the Lasso and Postgres extension - at the end of /etc/php4/apache/php.ini file : - - extension=pgsql.so - extension=lasso.so - - Configure Virtual Host in Apache - - With a two virtual hosts setup, one for the IdP and another for the SP, - you can try Lasso on one physical machine. - - At first we need to add two hosts in the /etc/hosts file : - - 127.0.0.2 idp1 idp1.lasso.lan - 127.0.0.3 sp1 sp1.lasso.lan - - In the Apache configuration file add two lines : - - Listen idp1:1998 - Listen sp1:2006 - - <VirtualHost 127.0.0.2:1998> - DocumentRoot /var/www/idp - ServerName idp1 - SSLCertificateFile /var/www/idp/certificate_idp1.pem - SSLCertificateKeyFile /var/www/idp/private-key-raw_idp1.pem - </VirtualHost> - - <VirtualHost 127.0.0.3:2006> - DocumentRoot /var/www/sp - ServerName sp1 - SSLCertificateFile /var/www/sp/certificate_sp1.pem - SSLCertificateKeyFile /var/www/sp/private-key-raw_sp1.pem - </VirtualHost> - - -SETUP - - Now launch your favorite web browser and go to : - - https://idp1:1998/setup.php - - or - - https://sp1:2006/setup.php diff --git a/php/Attic/examples/gen_keys.sh b/php/Attic/examples/gen_keys.sh deleted file mode 100755 index cb674a30..00000000 --- a/php/Attic/examples/gen_keys.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -# -# Generate OpenSSL certificats for PHP IdP and SP Lasso samples -# - -SP=sample-sp -SP_CFG=$SP/sp_openssl.cnf -SP_PRV=$SP/private-key-raw_sp1.pem -SP_CRT=$SP/certificate_sp1.pem -SP_PUB=$SP/public-key_sp1.pem - -IDP=sample-idp -IDP_CFG=$IDP/idp_openssl.cnf -IDP_PRV=$IDP/private-key-raw_idp1.pem -IDP_CRT=$IDP/certificate_idp1.pem -IDP_PUB=$IDP/public-key_idp1.pem - -openssl req -config $SP_CFG -out $SP_CRT -keyout $SP_PRV -x509 -nodes -newkey -batch -openssl x509 -in $SP_CRT -noout -pubkey > $SP_PUB - -openssl req -config $IDP_CFG -out $IDP_CRT -keyout $IDP_PRV -x509 -nodes -newkey -batch -openssl x509 -in $IDP_CRT -noout -pubkey > $IDP_PUB - -cp -p $IDP_CRT $IDP_PUB $SP -cp -p $SP_CRT $SP_PUB $IDP diff --git a/php/Attic/examples/sample-idp/.cvsignore b/php/Attic/examples/sample-idp/.cvsignore deleted file mode 100644 index 22a4e729..00000000 --- a/php/Attic/examples/sample-idp/.cvsignore +++ /dev/null @@ -1,3 +0,0 @@ -Makefile -Makefile.in - diff --git a/php/Attic/examples/sample-idp/Makefile.am b/php/Attic/examples/sample-idp/Makefile.am deleted file mode 100644 index 5f2818fb..00000000 --- a/php/Attic/examples/sample-idp/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -EXTRA_DIST = \ - admin_user.php \ - cancel_federation.php \ - create_metadata.php \ - defederate.php \ - edit_metadata.php \ - federate.php \ - index.php \ - log_view.php \ - login.php \ - logout.php \ - metadata_idp1.xml \ - metadata_sp1.xml \ - misc.php \ - session.php \ - setup.php \ - singleSignOn.php \ - soapEndpoint.php \ - user_add.php \ - view_session.php \ - README diff --git a/php/Attic/examples/sample-idp/README b/php/Attic/examples/sample-idp/README deleted file mode 100644 index e69de29b..00000000 --- a/php/Attic/examples/sample-idp/README +++ /dev/null diff --git a/php/Attic/examples/sample-idp/admin_user.php b/php/Attic/examples/sample-idp/admin_user.php deleted file mode 100644 index 05767f14..00000000 --- a/php/Attic/examples/sample-idp/admin_user.php +++ /dev/null @@ -1,306 +0,0 @@ -<?php -/* - * Identity Provider Example -- User Administration - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - $number_of_users = 5; - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - // Show XML dump - if (!empty($_GET['dump']) && !empty($_GET['type'])) - { - $query = "SELECT " . ($_GET['type'] == 'identity' ? 'identity' : 'session') . - $query .= "_dump FROM users WHERE user_id=".$db->quoteSmart($_GET['dump']); - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $row = $res->fetchRow(); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<body onLoad="window.focus();"> -<table> -<caption><?php echo ($_GET['type'] == 'identity' ? 'Identity' : 'Session'); ?> Dump</caption> -<tr> - <td> - <textarea rows="15" cols="50"><?php echo htmlentities($row[0], ENT_QUOTES); ?></textarea> - </td> -</tr> -<tr> -<td align="center"><a href="javascript:window.close(self)">Close</a></td> -</tr> -</table> -</body> -</html> -<?php - exit; - } - - if (!empty($_GET['del'])) { - - $query = "DELETE FROM nameidentifiers WHERE user_id=".$db->quoteSmart($_GET['del']); - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $query = "DELETE FROM users WHERE user_id=".$db->quoteSmart($_GET['del']); - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $logger->log("Delete User '".$_GET['del']."'", PEAR_LOG_NOTICE); - } - - lasso_init(); - - // Create Lasso Server - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); - - // Lasso User - $login = new LassoLogin($server); - - // Count users - $query = "SELECT COUNT(*) FROM users"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $row = $res->fetchRow(); - $count = $row[0]; - - - $startUser = ((empty($_GET['startUser'])) ? 0 : $_GET['startUser']); - - $query = "SELECT * FROM users"; - - if (!isset($_GET['show_all'])) - $query .= " OFFSET $startUser LIMIT " . ($startUser + $number_of_users); - $res =& $db->query($query); - - if (DB::isError($db)) - die($db->getMessage()); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<title>Lasso Identity Provider Example : Users Management</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -<script language="JavaScript" type="text/javascript"> -<!-- - - function openpopup(popurl) - { - var winpops=window.open(popurl,"","width=400,height=300") - } - - function ToggleAll() - { - for (var i = 0; i < document.frm.elements.length; i++) - { - if(document.frm.elements[i].type == 'checkbox') - document.frm.elements[i].checked = !(document.frm.elements[i].checked); - } - } - -//--> -</script> -</head> - -<body> -<form name='frm' method=> -<table border="1" align="center"> -<caption>Users</caption> -<?php - $num_col = $res->numCols(); - $tableinfo = $db->tableInfo($res); -?> -<thead> -<tr> - <td colspan='<?php echo $num_col + 1; ?>'> - - <?php - if ($startUser) - echo "<a href=$PHP_SELF?startUser=" . ($startUser - $number_of_users) . ">Previous</a>"; - else - echo "Previous" - ?> - | - <?php - if ((($count - $startUser) > $number_of_users) && !isset($_GET['show_all'])) - echo "<a href=$PHP_SELF?startUser=" . ($startUser + $number_of_users) . ">Next</a>"; - else - echo "Next"; - - if (isset($_GET['show_all'])) - echo "| <a href=\"" . $PHP_SELF ."?startUser=0\">Paginate</a>"; - else - { - for ($i = 0; $i < $count; $i += $number_of_users) - if ($i == $startUser) - echo "| " . ( $i / $number_of_users); - else - echo "| <a href=\"$PHP_SELF?startUser=$i\">" . ( $i / $number_of_users) . "</a>"; - if ($count > $number_of_users) - echo "| <a href=\"$PHP_SELF?show_all=1\">Show All</a>"; - } - if ($count) - { - ?> - | <a href="javascript:void(0)" onClick="ToggleAll();">Toggle All</a> - <?php - } - ?> - </td> - <td align='right'><a href="javascript:openpopup('user_add.php')">add user</a></td> -</tr> -<tr align="center"> -<td> </td> -<?php - for ($i = 0; $i < $num_col; $i++) { - echo "<td><b>" . $tableinfo[$i]['name'] ."</b></td>"; - } -?> -<td> </td> -</tr> -</thead> -<tbody> -<?php - while ($row =& $res->fetchRow()) { -?> -<tr align="center"> -<td rowspan="2"> - <input type='checkbox' name='uid' value='<?php $row[0]; ?>'> -</td> -<?php - for ($i = 0; $i < $num_col; $i++) - { - ?> - <td> - <?php - // show row content - switch ($tableinfo[$i]['name']) - { - case "identity_dump": - $identity_dump = $row[$i]; - if (empty($row[$i])) - echo " "; - else - echo "<a href=javascript:openpopup('". $PHP_SELF . '?dump=' . $row[0] . "&type=identity')>view</a>"; - break; - case "session_dump": - $session_dump = $row[$i]; - if (empty($row[$i])) - echo " "; - else - echo "<a href=javascript:openpopup('". $PHP_SELF . '?dump=' . $row[0] . "&type=session')>view</a>"; - break; - default: - echo (empty($row[$i])) ? " " : $row[$i]; - } - ?> - </td> - <?php - } - ?> - <td rowspan="2"> - <a href="<?php echo $PHP_SELF . '?del=' . $row[0]; ?>">delete</a> - <a href="javascript:openpopup('user_edit.php?user_id=<?php echo ?>')">edit</a> - </td> -</tr> -<tr> - <td colspan="<?php echo $num_col; ?>" align='center'> - <?php - // get all federations for this user - if (!empty($identity_dump)) - { - $login->setIdentityFromDump($identity_dump); - $identity = $login->identity; - $providerIDs = $identity->providerIds; -?> -<table width="100%"> -<?php - for($i = 0; $i < $providerIDs->length() ; $i++) - { -?> -<tr> - <td align='center'><?php echo $providerIDs->getItem($i); ?></td> - <td align='right'><a href="">cancel federation</a></td> -</tr> -<?php - } -?> -</table> -<?php - } - else - echo "Not Federated with an Service Provider."; - ?> - </td> -</tr> -<?php -} -?> -</tbody> -<tfoot> -<tr> - <td colspan="<?php echo $num_col + 1; ?>"> </td> - <td>Total: <?php echo $count; ?> Users</td> -</tr> -</tfoot> -</table> -</form> - -<br> -<p align='center'><a href='index.php'>Index</a> -</p> - -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> - -</body> - -</html> -<?php - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-idp/cancel_federation.php b/php/Attic/examples/sample-idp/cancel_federation.php deleted file mode 100644 index 9593d957..00000000 --- a/php/Attic/examples/sample-idp/cancel_federation.php +++ /dev/null @@ -1,225 +0,0 @@ -<?php -/* - * Identity Provider Example -- Cancel Federation with an Service Provider - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - $methodes = array('redirect' => lassoHttpMethodRedirect, 'soap' => lassoHttpMethodSoap); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - if (empty($_GET['profile'])) - { - $logger->err("Cancel Federation called without profile."); - die("Cancel Federation called without profile."); - } - - if (empty($_GET['with'])) - { - $logger->err("Cancel Federation called without providerID."); - die("Cancel Federation called without providerID."); - } - - session_start(); - - lasso_init(); - - if (empty($_SESSION['user_id'])) - { - $logger->err("UserID is empty, user is not logged in."); - die("UserID is empty, user is not logged in."); - } - - if (empty($_SESSION['identity_dump'])) - { - $logger->err("Identity Dump is empty, user is not federated."); - die("Identity Dump is empty, user is not federated."); - } - - if (!in_array($_GET['profile'], array_keys($methodes))) - { - die("Unknown defederation profile : " . $_GET['profile']); - $logger->err("Unknown defederation profile : " . $_GET['profile']); - } - - $user_id = $_SESSION['user_id']; - - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); - - $defederation = new LassoDefederation($server, lassoProviderTypeIdp); - $defederation->setIdentityFromDump($_SESSION['identity_dump']); - - if (!empty($_SESSION['session_dump'])) - $defederation->setSessionFromDump($_SESSION['session_dump']); - - $logger->debug("Create Cancel Federation Notification for User '" . $_SESSION["user_id"] . - "' with Service Provider '" . $_GET['with']. "'"); - - $defederation->initNotification($_GET['with'], $methodes[$_GET['profile']]); - - $defederation->buildNotificationMsg(); - $nameIdentifier = $defederation->nameIdentifier; - if (empty($nameIdentifier)) - { - $loggery>err("Name Identifier is empty."); - die("Name Identifier is empty."); - } - - $identity = $defederation->identity; - if (isset($defederation->identity)) - { - // Update identity dump - $identity_dump = $identity->dump(); - $_SESSION['identity_dump'] = $identity_dump; - $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump); - } - else // Delete identity and session dumps - $query = "UPDATE users SET identity_dump=''"; - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - die("Internal Server Error"); - } - $logger->debug("Update user '$user_id' identity dump in the database"); - - // Update session dump, if available - if (!empty($_SESSION['sesion_dump']) && $defederation->isSessionDirty) - { - $session = $defederation->session; - $session_dump = $session->dump(); - $_SESSION['session_dump'] = $session_dump; - - $query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump); - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - die("Internal Server Error"); - } - $logger->debug("Update user '$user_id' session dump in the database"); -} - -// Delete Name Identifier -$query = "DELETE FROM nameidentifiers WHERE user_id='$user_id' "; -$query .= "AND name_identifier='$nameIdentifier'"; - -$res =& $db->query($query); -if (DB::isError($res)) -{ - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - die("Internal Server Error"); -} - -$logger->info("Delete Name Identifier '$nameIdentifier' for User '$user_id'"); - -switch($_GET['profile']) -{ - case 'redirect': - $url = $defederation->msgUrl; - $logger->info("Redirect user to $url"); - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\r\n\r\n"); - break; - case 'soap': - $url = parse_url($defederation->msgUrl); - $soap = sprintf( - "POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", - $url['path'], $url['host'], $url['port'], strlen($defederation->msgBody), $defederation->msgBody); - - $logger->info('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path']); - $logger->debug('SOAP Request : ' . $soap); - - $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno)); - socket_set_timeout($fp, 10); - fwrite($fp, $soap); - - // header - do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header)); - - // chunked encoding - if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header)) - { - do { - $byte = ''; - $chunk_size = ''; - - do { - $chunk_size .= $byte; - $byte = fread($fp, 1); - } while ($byte != "\\r"); - - fread($fp, 1); - $chunk_size = hexdec($chunk_size); - $response .= fread($fp, $chunk_size); - fread($fp, 2); - } while ($chunk_size); - } - else - { - if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches)) - $response = @fread($fp, $matches[1]); - else - while (!feof($fp)) $response .= fread($fp, 1024); - } - fclose($fp); - - $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); - $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); - - // TODO : check reponse status - - - break; - } - -?> - -<?php - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-idp/create_metadata.php b/php/Attic/examples/sample-idp/create_metadata.php deleted file mode 100644 index e55e79ab..00000000 --- a/php/Attic/examples/sample-idp/create_metadata.php +++ /dev/null @@ -1,144 +0,0 @@ -<?php -/* - * Identity Provider Example -- Form for creating Service Provider Metadata - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'HTML/QuickForm.php'; - - $form = new HTML_QuickForm('frm'); - - $form->setDefaults(array( - 'providerID' => 'https://', - 'AssertionConsumerService' => 'https://', - 'SoapEndpoint' => 'https://', - 'SingleLogoutService' => 'https://', - 'RegisterNameIdentifierService' => 'https://', - 'AuthnRequestsSigned' => 1, - 'filename' => getcwd().'/metadata.xml' - )); - - $form->addElement('header', null, 'Create Liberty Alliance Metadata for an Service Provider'); - $form->addElement('text', 'providerID', 'providerID:', array('size' => 60, 'maxlength' => 255)); - - $form->addElement('text', 'AssertionConsumerService', 'AssertionConsumerService:', array('size' => 60, 'maxlength' => 255)); - - $form->addElement('text', 'SingleLogoutService', 'SingleLogoutService:', array('size' => 60, 'maxlength' => 255)); - $form->addElement('select', 'SingleLogoutProtocolProfile', 'SingleLogoutProtocolProfile:', array('http://projectliberty.org/profiles/slo-idp-soap')); - - $form->addElement('text', 'RegisterNameIdentifierService', 'RegisterNameIdentifierService:', array('size' => 60, 'maxlength' => 255)); - $form->addElement('select', 'RegisterNameIdentifierProtocolProfile', 'RegisterNameIdentifierProtocolProfile:', array('http://projectliberty.org/profiles/rni-sp-soap')); - - $form->addElement('text', 'SoapEndpoint', 'SoapEndpoint:', array('size' => 60, 'maxlength' => 255)); - $form->addElement('checkbox', 'AuthnRequestsSigned', 'Authn Requests must be signed? :', ''); - - $form->addElement('textarea', 'metadata', 'Metadata:', array('cols' => 60, 'rows' => 15)); - $form->addElement('text', 'filename', 'Filename:', array('size' => 60, 'maxlength' => 255)); - - $button[] = &HTML_QuickForm::createElement('button', null, 'Preview', array('onclick' => "write_metadata_preview();")); - $button[] = &HTML_QuickForm::createElement('submit', null, 'Write Metadata'); - - $form->addGroup($button, null, null, ' ', false); - - if ($form->validate()) { - - $xml = "<?xml version=\"1.0\"?> -<EntityDescriptor providerID=\"". $form->exportValue('providerID') ."\" xmlns=\"urn:liberty:metadata:2003-08\"> -<SPDescriptor> - <AssertionConsumerServiceURL id=\"AssertionConsumerServiceURL1\" isDefault=\"true\">" . $form->exportValue('AssertionConsumerService') . "</AssertionConsumerServiceURL>\n - <SingleLogoutServiceURL>" . $form->exportValue('SingleLogoutService') . "</SingleLogoutServiceURL> - <SingleLogoutProtocolProfile>" . $form->exportValue('SingleLogoutProtocolProfile') . "</SingleLogoutProtocolProfile>\n - <RegisterNameIdentifierServiceURL>" . $form->exportValue('RegisterNameIdentifierService') . "</RegisterNameIdentifierServiceURL> - <RegisterNameIdentifierProtocolProfile>" . $form->exportValue('RegisterNameIdentifierProtocolProfile') . "</RegisterNameIdentifierProtocolProfile>\n - <SoapEndpoint>" . $form->exportValue('SoapEndpoint') . "</SoapEndpoint>\n - <AuthnRequestsSigned>" . (($form->exportValue('AuthnRequestsSigned')) ? 'true' : 'false') . "</AuthnRequestsSigned> -</SPDescriptor> -</EntityDescriptor>"; - - - if (($fd = fopen($form->exportValue('filename'), "w"))) - { - fwrite($fd, $xml); - fclose($fd); - } - else - die("Could not write metadata file :" . $form->exportValue('filename')); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<script type="text/javascript"> -<!-- - function set_and_close() - { - opener.document.frm.metadata.value = '<?php echo $form->exportValue('filename'); ?>'; - window.close(); - } -// --> -</script> -</head> -<body onLoad="set_and_close()"> -</body> -</html> -<?php - exit; - } -?> - -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<script language="JavaScript" type="text/javascript"> -<!-- - - function write_metadata_preview(popurl) - { - frm = document.frm; - - frm.metadata.value = - '<\?xml version=\"1.0\"\?>\n' + - '<EntityDescriptor\n' + - 'providerID="' + frm.providerID.value + '\"\n' + - 'xmlns=\"urn:liberty:metadata:2003-08\">\n' + - '<SPDescriptor>\n' + - '<AssertionConsumerServiceURL id=\"AssertionConsumerServiceURL1\" isDefault=\"true\">' + - frm.AssertionConsumerService.value + '</AssertionConsumerServiceURL>\n' + - '<SingleLogoutServiceURL>' + frm.SingleLogoutService.value + '</SingleLogoutServiceURL>\n' + - '<SingleLogoutProtocolProfile>' + frm.SingleLogoutProtocolProfile.options[frm.SingleLogoutProtocolProfile.value].text + '</SingleLogoutProtocolProfile>\n' + - '<RegisterNameIdentifierServiceURL>' + frm.RegisterNameIdentifierService.value + '</RegisterNameIdentifierServiceURL>\n' + - '<RegisterNameIdentifierProtocolProfile>' + frm.RegisterNameIdentifierProtocolProfile.options[frm.RegisterNameIdentifierProtocolProfile.value].text + '</RegisterNameIdentifierProtocolProfile>\n' + - '<SoapEndpoint>' + frm.SoapEndpoint.value + '</SoapEndpoint>\n' + - '<AuthnRequestsSigned>' + ((frm.AuthnRequestsSigned.value) ? 'true' : 'false') + '</AuthnRequestsSigned>\n' + - '</SPDescriptor>\n' + - '</EntityDescriptor>'; - } -//--> -</script> -</head> -<body> -<?php - $form->display(); -?> -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> diff --git a/php/Attic/examples/sample-idp/defederate.php b/php/Attic/examples/sample-idp/defederate.php deleted file mode 100644 index e2c107e8..00000000 --- a/php/Attic/examples/sample-idp/defederate.php +++ /dev/null @@ -1,32 +0,0 @@ -<?php -/* - * Identity Provider Example -- Destroy Federation - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - session_start(); - - if (!isset($_SESSION['user_id'])) - { - die("User is not logged in!\n"); - } - -?> diff --git a/php/Attic/examples/sample-idp/edit_metadata.php b/php/Attic/examples/sample-idp/edit_metadata.php deleted file mode 100644 index 78795c57..00000000 --- a/php/Attic/examples/sample-idp/edit_metadata.php +++ /dev/null @@ -1,61 +0,0 @@ -<?php -/* - * Identity Provider Example -- Setup - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - $filename = $_GET['filename']; - if (!empty($filename) && file_exists($filename)) - { - require_once 'HTML/QuickForm.php'; - - $form = new HTML_QuickForm('frm'); - - $form->addElement('header', null, 'Edit Liberty Alliance Metadata for an Service Provider'); - $form->addElement('text', 'providerID', 'providerID:', array('size' => 60, 'maxlength' => 255)); - - $form->addElement('text', 'AssertionConsumerService', 'AssertionConsumerService:', array('size' => 60, 'maxlength' => 255)); - - $form->addElement('text', 'SingleLogoutService', 'SingleLogoutService:', array('size' => 60, 'maxlength' => 255)); - $form->addElement('select', 'SingleLogoutProtocolProfile', 'SingleLogoutProtocolProfile:', array('http://projectliberty.org/profiles/slo-idp-soap')); - - $form->addElement('text', 'RegisterNameIdentifierService', 'RegisterNameIdentifierService:', array('size' => 60, 'maxlength' => 255)); - $form->addElement('select', 'RegisterNameIdentifierProtocolProfile', 'RegisterNameIdentifierProtocolProfile:', array('http://projectliberty.org/profiles/rni-sp-soap')); - - $form->addElement('text', 'SoapEndpoint', 'SoapEndpoint:', array('size' => 60, 'maxlength' => 255)); - $form->addElement('checkbox', 'AuthnRequestsSigned', 'Authn Requests must be signed? :', ''); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> - <title>Edit Metadata</title> -</head> -<body> -<?php - $form->display(); -?> -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> -<?php - } -?> diff --git a/php/Attic/examples/sample-idp/federate.php b/php/Attic/examples/sample-idp/federate.php deleted file mode 100644 index 46da3fc9..00000000 --- a/php/Attic/examples/sample-idp/federate.php +++ /dev/null @@ -1,32 +0,0 @@ -<?php -/* - * Identity Provider Example -- Create Federation - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - session_start(); - - if (!isset($_SESSION['user_id'])) - { - die("User is not logged in!\n"); - } - -?> diff --git a/php/Attic/examples/sample-idp/idp_openssl.cnf b/php/Attic/examples/sample-idp/idp_openssl.cnf deleted file mode 100644 index 7336057c..00000000 --- a/php/Attic/examples/sample-idp/idp_openssl.cnf +++ /dev/null @@ -1,19 +0,0 @@ -[ req ] -default_bits = 2048 -encrypt_key = yes -distinguished_name = req_dn -x509_extensions = cert_type -prompt = no - -[ req_dn ] -C=FR -ST=Ile de France -L=Paris -O=Entrouvert -OU=Automatically-generated SSL key -CN=idp1 -emailAddress=webmaster@domain.com - -[ cert_type ] -nsCertType = server - diff --git a/php/Attic/examples/sample-idp/index.php b/php/Attic/examples/sample-idp/index.php deleted file mode 100644 index 3fda8a13..00000000 --- a/php/Attic/examples/sample-idp/index.php +++ /dev/null @@ -1,193 +0,0 @@ -<?php -/* - * Identity Provider Example -- Index File - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'DB.php'; - require_once 'session.php'; - - if(!extension_loaded('lasso')) { - $ret = @dl('lasso.' . PHP_SHLIB_SUFFIX); - if ($ret == FALSE) - { -?> -<p align='center'><b>The Lasso Extension is not available</b><br> -Please check your PHP extensions<br> -You can get more informations about <b>Lasso</b> at <br> -<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p> -<?php - exit(); - } - } - - if (!file_exists('config.inc')) - { -?> -<p align='center'><b>Identity Provider Configuration file is not available</b><br> -Please run the setup script :<br> -<a href='setup.php'>Lasso Service Provider Setup</a><br> -You can get more informations about <b>Lasso</b> at <br> -<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p> -<?php - exit(); - } - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - lasso_init(); - - // Create Lasso Server - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Lasso Identity Provider Example</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -</head> - -<body> -<p align='center'> - <b>Identity Provider Administration</b><br> - <a href="setup.php">Setup</a><br> - <a href="admin_user.php">Users Management</a><br> - <a href="view_session.php">View Online Users</a> -<?php if ($config['log_handler'] == 'sql') { ?> - <br><a href="log_view.php">View log</a> -<?php } ?> -</p> -<p align='center'> - <b>Identity Provider Fonctionnality</b> -</p> -<?php - if (!isset($_SESSION["user_id"])) { - ?> -<p align='center'> - <a href="login.php">Local Login</a></p> -<?php - } - else - { - if (isset($_SESSION['identity_dump'])) - { - $login = new LassoLogin($server); - $login->setIdentityFromDump($_SESSION['identity_dump']); - if (!empty($_SESSION['session_dump'])) - $login->setSessionFromDump($_SESSION['sesion_dump']); - $identity = $login->identity; - $providerIDs = $identity->providerIds; - - if ($providerIDs->length()) - { -?> -<p align='center'>Cancel a Federation with :</p> -<p align='center'> -<table align='center'> -<thead> -<tr> - <td align='center'>Service Provider</td> - <td align='center'>Profile</td> -</tr> -</thead> -<tbody> -<?php - for($i = 0; $i < $providerIDs->length() ; $i++) - { - $providerID = $providerIDs->getItem($i); -?> -<tr> - <td align='center'><?php echo $providerID; ?></td> - <td align='center'> - <a href="cancel_federation.php?profile=redirect&with=<?php echo $providerID; ?>">Redirect</a> | - <a href="cancel_federation.php?profile=soap&with=<?php echo $providerID; ?>">SOAP</a> - </td> -</tr> -<?php - } -?> -</tbody> -</table> -</p> -<?php - } - else - { -?> -<p align='center'>Your are not Federated with an Service Provider.</p> -<?php - } - } -?> -<p align='center'> -<a href="logout.php">Local Logout</a></p> -<?php } ?> - -<p align='center'> -<table align='center'> -<caption><b>Status</b></caption> -<tr> - <?php - if (!isset($_SESSION["user_id"])) - { - echo "<td>User is <b>not</b> logged in!</td>"; - } - else - { - ?> - <td colspan='2' align="center">User <b>is</b> logged in!</td> -</tr> -<tr> - <td><b>UserID:</b></td><td><?php echo $_SESSION["user_id"]; ?></td> -</tr> -<tr> - <td><b>User Name:</b></td><td><?php echo $_SESSION["username"]; ?></td> -</tr> -<tr> - <td><b>PHP Session ID:</b></td><td><?php echo session_id(); ?></td> -</tr> -<?php - } -?> -</table> - -<br> -<p align='center'>Copyright © 2004, 2005 Entr'ouvert</p> - -</body> - -</html> -<?php - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-idp/log_view.php b/php/Attic/examples/sample-idp/log_view.php deleted file mode 100644 index 40f2025d..00000000 --- a/php/Attic/examples/sample-idp/log_view.php +++ /dev/null @@ -1,160 +0,0 @@ -<?php -/* - * Identity Provider Example -- View log - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'HTML/QuickForm.php'; - require_once 'DB.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - if ($config['log_handler'] != 'sql') - die("Unsupported log handler"); - - $number_of_msg = 8; - - // Count log messages - $query = "SELECT COUNT(*) FROM log"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $row = $res->fetchRow(); - $count = $row[0]; - - $startMsg = ((empty($_GET['startMsg'])) ? 0 : $_GET['startMsg']); - - $query = "SELECT * FROM log ORDER BY id DESC"; - if (!isset($_GET['show_all'])) - $query .= " OFFSET $startMsg LIMIT " . ($startMsg + $number_of_msg); - - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $numRows = $res->numRows(); - -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<head> - <title>Lasso Identity Provider Example : View Logs</title> -</head> -<body> -<br> -<table border='1' width='100%'> -<caption>Logged events</caption> -<thead> -<tr> - <td colspan='4'> - <?php - if ($startMsg) - echo "<a href=$PHP_SELF?startMsg=" . ($startMsg - $number_of_msg) . ">Previous</a>"; - else - echo "Previous" - ?> - | - <?php - if ((($count - $startMsg) > $number_of_users) && !isset($_GET['show_all'])) - echo "<a href=\"" . $PHP_SELF . "?startMsg=" . ($startMsg + $number_of_msg) . "\">Next</a>"; - else - echo "Next"; - - if (isset($_GET['show_all'])) - echo "| <a href=\"" . $PHP_SELF ."?startMsg=0\">Paginate</a>"; - else - { - for ($i = 0; $i < $count; $i += $number_of_msg) - if ($i == $startMsg) - echo "| " . ( $i / $number_of_msg); - else - echo "| <a href=\"$PHP_SELF?startMsg=$i\">" . ( $i / $number_of_msg) . "</a>"; - if ($count > $number_of_msg) - echo "| <a href=\"$PHP_SELF?show_all=1\">Show All</a>"; - } - ?> - </td> -</tr> -<tr> - <td align='center'>date</td> - <td align='center'>filename</td> - <td align='center'>priority</td> - <td align='center'>message</td> -</tr> -</thead> -<tbody> -<?php - if ($numRows) - { - $num_col = $res->numCols(); - $tableinfo = $db->tableInfo($res); - - $desc = array("emergency", "alert", "critical", "error", "warning", "notice", "informational", "debug"); - - while($row = $res->fetchRow()) - { - echo "<tr>"; - for ($i = 0; $i < $num_col; $i++) - { - switch ($tableinfo[$i]['name']) - { - case "id": - break; - case "priority": - echo "<td align='center'>" . $desc[$row[$i]] . "</td>"; - break; - case "message": - echo "<td>" . $row[$i] . "</td>"; - break; - default: - echo "<td align='center'>" . $row[$i] . "</td>"; - } - } - echo "</tr>"; - } - } -?> -<tr> -</tr> -</tbody> -<tfoot> -<tr> - <td colspan='4'> </td> -</tr> -</tfoot> -</table> -<br> -<p align='center'><a href='index.php'>Index</a> -</p> -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> - diff --git a/php/Attic/examples/sample-idp/login.php b/php/Attic/examples/sample-idp/login.php deleted file mode 100644 index 7c4d3c3d..00000000 --- a/php/Attic/examples/sample-idp/login.php +++ /dev/null @@ -1,182 +0,0 @@ -<?php -/* - * Identity Provider Example -- Local Login - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'HTML/QuickForm.php'; - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - /* - * - */ - function sendHTTPBasicAuth() - { - global $logger; - - header('WWW-Authenticate: Basic realm="Lasso Identity Provider One"'); - header('HTTP/1.0 401 Unauthorized'); - echo "Acces Denied"; - $logger->log("User from '" . $_SERVER['REMOTE_ADDR'] . "' pressed the cancel button during HTTP basic authentication request", PEAR_LOG_NOTICE); - } - - function startLocalSession($user_id, $username) - { - global $db, $logger; - - $_SESSION['user_id'] = $user_id; - $_SESSION['username'] = $username; - - $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; - - $res =& $db->query($query); - - if (DB::isError($res)) - { - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - die("Could not fetch identity and session dump"); - } - if ($res->numRows()) - { - $row = $res->fetchRow(); - if (!empty($row[0])) - $_SESSION['identity_dump'] = $row[0]; - if (!empty($row[1])) - $_SESSION['session_dump'] = $row[1]; - } - - $logger->log("User '$username' ($user_id) authenticated, local session started", PEAR_LOG_NOTICE); - - $url = 'index.php'; - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\r\n\r\n"); - exit; - } - - /* - * This function authentificate the user against the Users Database - */ - function authentificateUser($db, $username, $password) - { - global $logger; - - $query = "SELECT user_id FROM users WHERE username=".$db->quoteSmart($username); - $query .= " AND password=".$db->quoteSmart($password); - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - die("Internal Server Error"); - } - - if ($res->numRows()) - { - $row = $res->fetchRow(); - return ($row[0]); - } - return (0); - } - - if ($config['auth_type'] == 'auth_basic') - { - if (!isset($_SERVER['PHP_AUTH_USER'])) - { - sendHTTPBasicAuth(); - exit; - } - else - { - // Check Login and Password - if (!($user_id = authentificateUser($db, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) - { - $logger->warning("Authentication failure with login '". $_SERVER['PHP_AUTH_USER'] . " password '" - . $_SERVER['PHP_AUTH_PW'] ."' IP " . $_SERVER['REMOTE_ADDR']); - sendHTTPBasicAuth(); - exit; - } - else - startLocalSession($user_id, $_SERVER['PHP_AUTH_USER']); - } - } - else if ($config['auth_type'] == 'auth_form') - { - - $form = new HTML_QuickForm('frm'); - - $form->addElement('header', null, 'Login on the Lasso Identity Provider Example'); - - $form->addElement('text', 'username', 'Username:', array('size' => 50, 'maxlength' => 255)); - $form->addElement('password', 'password', 'Password:', array('size' => 50, 'maxlength' => 255)); - $form->addElement('submit', null, 'Ok'); - - $form->addRule('username', 'Please enter the Username', 'required', null, 'client'); - $form->addRule('password', 'Please enter the Password', 'required', null, 'client'); - - if ($form->validate()) - { - if (($user_id = authentificateUser($db, $form->exportValue('username'), $form->exportValue('password')))) - { - startLocalSession($user_id, $form->exportValue('username')); - } - else - $logger->log("Authentication failure with login '".$form->exportValue('username')." password '". $form->exportValue('password') ."' IP '" . $_SERVER['REMOTE_ADDR']."'", PEAR_LOG_WARNING); - } -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<body> -<?php - $form->display(); -?> -</body> -</html> -<?php - } - else - { - $logger->log("Unknown authentification type '". $config['auth_type'] ."', check IdP setup", PEAR_LOG_ALERT); - die('Unknown authentification type'); - } -?> diff --git a/php/Attic/examples/sample-idp/logout.php b/php/Attic/examples/sample-idp/logout.php deleted file mode 100644 index 4089c8dd..00000000 --- a/php/Attic/examples/sample-idp/logout.php +++ /dev/null @@ -1,55 +0,0 @@ -<?php -/* - * Identity Provider Example -- Local Logout - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - // Destroy The PHP Session - $_SESSION = array(); - session_destroy(); - - $url = "index.php"; - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\r\n\r\n"); - exit; -?> diff --git a/php/Attic/examples/sample-idp/metadata_idp1.xml b/php/Attic/examples/sample-idp/metadata_idp1.xml deleted file mode 100644 index af84f259..00000000 --- a/php/Attic/examples/sample-idp/metadata_idp1.xml +++ /dev/null @@ -1,44 +0,0 @@ -<?xml version="1.0"?> -<EntityDescriptor - providerID="https://idp1.lasso.lan/metadata" - xmlns="urn:liberty:metadata:2003-08"> - <IDPDescriptor> - - <SingleSignOnServiceURL>https://idp1.lasso.lan:1998/singleSignOn</SingleSignOnServiceURL> - <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</SingleSignOnProtocolProfile> - <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</SingleSignOnProtocolProfile> - - <SingleLogoutServiceURL>https://idp1.lasso.lan:1998/singleLogout</SingleLogoutServiceURL> - <SingleLogoutServiceReturnURL>https://idp1.lasso.lan:1998/singleLogoutReturn</SingleLogoutServiceReturnURL> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</SingleLogoutProtocolProfile> - - <FederationTerminationServiceURL>https://idp1.lasso.lan:1998/federationTermination</FederationTerminationServiceURL> - <FederationTerminationServiceReturnURL>https://idp1.lasso.lan:1998/federationTerminationReturn</FederationTerminationServiceReturnURL> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</FederationTerminationNotificationProtocolProfile> - - <RegisterNameIdentifierServiceURL>https://idp1.lasso.lan:1998/registerNameIdentifier</RegisterNameIdentifierServiceURL> - <RegisterNameIdentifierServiceReturnURL>https://idp1.lasso.lan:1998/registerNameIdentifierReturn</RegisterNameIdentifierServiceReturnURL> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile> - - <NameIdentifierMappingProtocolProfile>http://projectliberty.org/profiles/nim-sp-http</NameIdentifierMappingProtocolProfile> - - <SoapEndpoint>https://idp1.lasso.lan:1998/soapEndpoint</SoapEndpoint> - -</IDPDescriptor> - -<Organization> - <OrganizationName>Identity Provider idp1.lasso.lan</OrganizationName> - <OrganizationDisplayName xml:lang="en">Identity Provider 1</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://idp1.lasso.lan/</OrganizationURL> -</Organization> - -</EntityDescriptor> diff --git a/php/Attic/examples/sample-idp/metadata_sp1.xml b/php/Attic/examples/sample-idp/metadata_sp1.xml deleted file mode 100644 index cf2fad08..00000000 --- a/php/Attic/examples/sample-idp/metadata_sp1.xml +++ /dev/null @@ -1,42 +0,0 @@ -<?xml version="1.0"?> -<EntityDescriptor - providerID="https://sp1.lasso.lan/metadata" - xmlns="urn:liberty:metadata:2003-08"> - <SPDescriptor> - - <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://sp1.lasso.lan:2006/assertionConsumer</AssertionConsumerServiceURL> - - <SingleLogoutServiceURL>https://sp1.lasso.lan:2006/singleLogout</SingleLogoutServiceURL> - <SingleLogoutServiceReturnURL>https://sp1.lasso.lan:2006/singleLogoutReturn</SingleLogoutServiceReturnURL> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</SingleLogoutProtocolProfile> - - <FederationTerminationServiceURL>https://sp1.lasso.lan:2006/federationTermination</FederationTerminationServiceURL> - <FederationTerminationServiceReturnURL>https://sp1.lasso.lan:2006/federationTerminationReturn</FederationTerminationServiceReturnURL> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</FederationTerminationNotificationProtocolProfile> - - <RegisterNameIdentifierServiceURL>https://sp1.lasso.lan:2006/registerNameIdentifier</RegisterNameIdentifierServiceURL> - <RegisterNameIdentifierServiceReturnURL>https://sp1.lasso.lan:2006/registerNameIdentifierReturn</RegisterNameIdentifierServiceReturnURL> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile> - - <SoapEndpoint>https://sp1.lasso.lan:2006/soapEndpoint</SoapEndpoint> - - <AuthnRequestsSigned>true</AuthnRequestsSigned> - - </SPDescriptor> - -<Organization> - <OrganizationName>Service Provider sp1.lasso.lan</OrganizationName> - <OrganizationDisplayName xml:lang="en">Service Provider 1</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://sp1.lasso.lan/</OrganizationURL> -</Organization> - -</EntityDescriptor> diff --git a/php/Attic/examples/sample-idp/misc.php b/php/Attic/examples/sample-idp/misc.php deleted file mode 100644 index 9f305b13..00000000 --- a/php/Attic/examples/sample-idp/misc.php +++ /dev/null @@ -1,68 +0,0 @@ -<?php -/* - * Service Provider Example -- Misc functions - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -function read_http_response($fp, &$header, &$response) -{ - // header - do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header)); - - // chunked encoding - if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header)) - { - do { - $byte = ''; - $chunk_size = ''; - - do { - $chunk_size .= $byte; - $byte = fread($fp, 1); - } while ($byte != "\\r"); - - fread($fp, 1); - $chunk_size = hexdec($chunk_size); - $response .= fread($fp, $chunk_size); - fread($fp, 2); - } while ($chunk_size); - } - else - { - if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches)) - $response = @fread($fp, $matches[1]); - else - while (!feof($fp)) $response .= fread($fp, 1024); - } -} - -function isDBError($res) -{ - global $logger; - - if (DB::isError($res)) - { - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - die("Internal Server Error"); - } -} - diff --git a/php/Attic/examples/sample-idp/session.php b/php/Attic/examples/sample-idp/session.php deleted file mode 100644 index b51bb893..00000000 --- a/php/Attic/examples/sample-idp/session.php +++ /dev/null @@ -1,86 +0,0 @@ -<?php -/* - * Pear::DB session handler - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - -function open_session ($save_path, $session_name) { - return(true); -} - -function close_session() { - global $db; - $db->disconnect(); - return(true); -} - -function read_session ($id) { - global $db; - - $query = "SELECT * FROM sessions WHERE id='$id'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - exit; - die($res->getMessage()); - } - - if ($res->numRows() == 1) - { - $row = $res->fetchRow(); - return ($row[2]); - } else { - return(""); - } -} - -function write_session ($id, $sess_data) { - global $db; - - $query = "DELETE FROM sessions WHERE id='$id'"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $query = "INSERT INTO sessions(id, lastupdate, data) VALUES('$id', NOW(),"; - $query .= $db->quoteSmart($sess_data).")"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); -} - -function destroy_session ($id) { - global $db; - - $query = "DELETE FROM sessions WHERE id='$id'"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - return true; -} - -function gc_session ($maxlifetime) { - return true; -} - -?> diff --git a/php/Attic/examples/sample-idp/setup.php b/php/Attic/examples/sample-idp/setup.php deleted file mode 100644 index ddc956a5..00000000 --- a/php/Attic/examples/sample-idp/setup.php +++ /dev/null @@ -1,604 +0,0 @@ -<?php -/* - * Identity Provider Example -- Setup - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<?php - if(!extension_loaded('lasso')) { - $ret = @dl('lasso.' . PHP_SHLIB_SUFFIX); - if ($ret == FALSE) - { - print "<p align='center'><b>The Lasso Extension is not available</b><br>"; - print "Please check your PHP extensions<br>"; - print "You can get more informations about <b>Lasso</b> at <br>"; - print "<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p>"; - exit(); - } - } - - /* - * This callback function is called by array_walk and - * add an service provider to the identity provider. - */ - function add_service_provider(&$item, $key, $server) - { - print "<br>$key : "; - - $ret = $server->addProvider(LASSO_PROVIDER_ROLE_SP, - $item['metadata'], - $item['public_key'], - $item['ca']); - - /* FIXME : check addProvider return value - if ($ret != TRUE) - { - print "Failed"; - break; - } - else */ - print "OK"; - } - - function write_config_inc($config) - { - $config_ser = serialize($config); - $filename = "config.inc"; - - if ($fd = fopen($filename, "w")) - { - fwrite($fd, $config_ser); - fclose($fd); - return TRUE; - } - return FALSE; - } - - require_once 'DB.php'; - - # default config - if (!file_exists('config.inc')) - { - $cwd = getcwd(); - $config = array( - 'dsn' => "pgsql://idp:idp@localhost/idp", - 'server_dump_filename' => "lasso_server_dump.xml", - 'log_handler' => 'sql', - 'auth_type' => 'auth_form', - 'idp-metadata' => $cwd . "/metadata_idp1.xml", - 'idp-private_key' => $cwd . "/private-key-raw_idp1.pem", - 'idp-secret_key' => "", - 'idp-ca' => $cwd . "/certificate_idp1.pem", - 'sp' => array( - 'sp1' => array( - 'metadata' => $cwd . "/metadata_sp1.xml", - 'public_key' => $cwd . "/public-key_sp1.pem", - 'ca' => $cwd . "/certificate_sp1.pem") - /* another service provider - 'sp2' => array( - 'metadata' => "/home/cnowicki/mcvs/lasso/tests/data/sp2-la/metadata.xml", - 'public_key' => "/home/cnowicki/mcvs/lasso/tests/data/sp2-la/public-key.pem", - 'ca' => "/home/cnowicki/mcvs/lasso/tests/data/ca1-la/certificate.pem") */ - )); - - $config_ser = serialize($config); - if (!write_config_inc($config)) - die("Could not write default config file, - if you get a \"permission denied\" error, check the owner of the - sample directory. (it must be www-data)."); - } - else - { - $config = unserialize(file_get_contents('config.inc')); - } - - $keys = array_keys($_POST); - - $to_del = preg_grep('/delete_(\w)/', $keys); - - if (!empty($to_del)) - { - $keys = array_values($to_del); - foreach($keys as $key) - { - $name = substr($key, 7); - unset($config['sp'][$name]); - write_config_inc($config); - } - } - - $to_update = preg_grep('/update_(\w)/', $keys); - - if (!empty($to_update)) - { - $keys = array_values($to_update); - foreach($keys as $key) - { - $name = substr($key, 7); - $config['sp'][$name]['metadata'] = $_POST['sp^'.$name.'^metadata']; - $config['sp'][$name]['public_key'] = $_POST['sp^'.$name.'^public_key']; - $config['sp'][$name]['ca'] = $_POST['sp^'.$name.'^ca']; - write_config_inc($config); - } - } - - - if (array_key_exists('new', $_POST)) - { - $form = array('sp' => 'Name', - 'metadata' => 'Metadata', - 'public_key' => 'Public Key', - 'ca' => 'Certificate'); - - foreach ($form as $input => $name) - if (empty($_POST[$input])) - die("Field <b>$name</b> is empty"); - - $config['sp'][$_POST['sp']] = array( - 'metadata' => $_POST['metadata'], - 'public_key' => $_POST['public_key'], - 'ca' => $_POST['ca']); - - write_config_inc($config); - } - - if (array_key_exists('setup', $_POST)) - { - ob_start(); - - $setup = FALSE; - - print "<b>Lasso Identity Provider Setup</b><br>"; - - unset($_POST['setup'], $_POST['metadata'], $_POST['public_key'], $_POST['ca'], $_POST['sp']); - - $sps = array_values(preg_grep("/sp\^/", array_keys($_POST))); - - - $_POST['sp'] = array(); - - foreach ($sps as $sp) { - list($null, $name, $type) = split("\^", $sp, 3); - $_POST['sp'][$name][$type] = $_POST[$sp]; - unset($_POST[$sp]); - } - - $diff = array_diff($_POST, $config); - - foreach($diff as $key => $value) { - $config[$key] = $value; - } - - print "Check Data base : "; - - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) { - die("Failed (" . $db->getMessage() . ")"); - } - else - print "OK"; - - print "<br>Create sequence 'user_id_seq' : "; - - $query = "DROP SEQUENCE user_id_seq"; - $res =& $db->query($query); - - $query = "CREATE SEQUENCE user_id_seq"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'users' : "; - $query = "DROP TABLE users CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE users ( - user_id varchar(100) primary key, - username varchar(255) unique, - password varchar(255), - identity_dump text, - session_dump text, - created timestamp)"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Insert user 'test' into 'users' : "; - - $query = "INSERT INTO users(user_id, username, password, created) "; - $query .= "VALUES (nextval('user_id_seq'), 'test', 'test', NOW())"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - print "OK"; - - print "<br>Create table 'nameidentifiers' : "; - - $query = "DROP TABLE nameidentifiers CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE nameidentifiers ( - name_identifier varchar(100) primary key, - user_id varchar(100), - FOREIGN KEY (user_id) REFERENCES users (user_id))"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'assertions' : "; - $query = "DROP TABLE assertions CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE assertions ( - assertion text, - response_dump text, - created timestamp)"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'log' : "; - $query = "DROP TABLE log CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE log ( - id integer primary key, - logtime timestamp, - ident varchar(16), - priority integer, - message text)"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create sequence 'log_id' : "; - - $query = "DROP SEQUENCE log_id"; - $res =& $db->query($query); - - $query = "CREATE SEQUENCE log_id"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'sessions' : "; - $query = "DROP TABLE sessions CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE sessions ( - id varchar(32) primary key, - lastupdate timestamp, - data text)"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'sso_sessions' : "; - $query = "DROP TABLE sso_sessions CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE sso_sessions ( - name_identifier character varying(100), - session_id character varying(32), - ip integer - )"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - $db->disconnect(); - - // Check if IdP files does exists - $keys = array_keys($config); - $files = preg_grep("/idp/", $keys); - - foreach($files as $file) - { - print "<br>Check file " . $config[$file] . " : "; - if (!file_exists($config[$file])) - { - if ($file == 'idp-secret_key') - print "not found (optional)"; - else - die("Failed (file does not exist)"); - } - else - print "OK"; - } - - - foreach($config['sp'] as $key) - { - foreach ($key as $file) - { - print "<br>Check file " . $file . " : "; - if (!file_exists($file)) - { - die("Failed (file does not exist)"); - } - else - print "OK"; - - } - } - - lasso_init(); - - print "<br>Create Server : "; - - /* - $server = new LassoServer( - $config['idp-metadata'], - $config['idp-public_key'], - $config['idp-private_key'], - $config['idp-ca']); - */ - - $server = new LassoServer( - $config['idp-metadata'], - $config['idp-private_key'], - $config['idp-secret_key'], - $config['idp-ca']); - - if (empty($server)) - die("Failed"); - else - print "OK"; - - - print "<br>Add Service Provider(s) :"; - - array_walk($config['sp'], 'add_service_provider', $server); - - print "<br>Write XML Server Dump : "; - - $dump = $server->dump(); - - if (($fd = fopen($config['server_dump_filename'], "w"))) - { - fwrite($fd, $dump); - fclose($fd); - print "OK"; - } - else - die("Failed"); - - lasso_shutdown(); - - print "<br>Save configuration file : "; - - - # Save configuration file - $config_ser = serialize($config); - if (($fd = fopen("config.inc", "w"))) - { - fwrite($fd, $config_ser); - fclose($fd); - print "OK"; - } - else - { - print("Failed"); - break; - } - $setup = TRUE; - } - $setup_log = ob_get_contents(); - ob_end_clean(); -?> -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Setup script for Lasso (Liberty Alliance Single Sign On)</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -<?php - if ($setup == TRUE) { -?> -<meta http-equiv="Refresh" CONTENT="3; URL=index.php"> -</head> -<body> -<?php echo $setup_log; ?> -<p><a href='index.php'>Back to Index</a></p> -</body> -</html> -<?php - } - else - { -?> -<script language="JavaScript" type="text/javascript"> -<!-- - - function openpopup(popurl) - { - var winpops=window.open(popurl,"","width=745,height=600") - } -//--> -</script> -</head> -<body> -<form name='frm' action='<?php echo $PHP_SELF ?>' method='POST'> - -<p align='center'>Lasso Identity Provider Setup</p> -<hr> -<p> -<table> -<tr> - <td colspan='3' align='center'>Database</td> -</tr> -<tr> - <td>DSN (Data Source Name) :</td> - <td><input type='text' name='dsn' size='50' value='<?php echo $config['dsn']; ?>' maxlength='100'></td> - <td><a href='http://pear.php.net/manual/en/package.database.db.intro-dsn.php' target='_new'>Help</a></td> -</tr> -<tr> - <td colspan='3' align='center'>Authentification</td> -</tr> -<td> -<tr> - <td>Authentification type :</td> - <td> - <select name='auth_type'> - <option value="auth_form" <?php if ($config['auth_type'] == 'auth_form') echo 'selected="selected"'; ?>>HTML Login/Password Form</option> - <option value="auth_basic" <?php if ($config['auth_type'] == 'auth_basic') echo 'selected="selected"'; ?>>HTTP Auth Basic</option> - </select> - </td><td> </td> -</tr> -<tr> - <td colspan='3' align='center'>Logging</td> -</tr> -<tr> - <td>Handler :</td> - <td> - <select name='log_handler'> - <option value="null" <?php if ($config['log_handler'] == 'null') echo 'selected="selected"'; ?>>NULL (disabled)</option> - <option value="sql" <?php if ($config['log_handler'] == 'sql') echo 'selected="selected"'; ?>>Database</option> - <option value="syslog" <?php if ($config['log_handler'] == 'syslog') echo 'selected="selected"'; ?>>Syslog</option> - </select> - </td><td> </td> -</tr> -</table> -</p> -<hr> -<p> -<table> -<caption>Identity Provider</caption> - -<tr> - <td>Server XML Dump :</td><td><input type='text' name='server_dump_filename' size='50' value='<?php echo $config['server_dump_filename']; ?>' maxlength='100'></td><td> </td> -</tr> - -<tr> - <td>Metadata :</td><td><input type='text' name='idp-metadata' size='50' value='<?php echo $config['idp-metadata']; ?>'></td><td> </td> -</tr> - - -<tr> - <td>Private Key :</td><td><input type='text' name='idp-private_key' size='50' value='<?php echo $config['idp-private_key']; ?>'></td><td> </td> -</tr> - -<tr> - <td>Secret Key (optional) :</td><td><input type='text' name='idp-secret_key' size='50' value='<?php echo $config['idp-secret_key']; ?>'></td><td> </td> -</tr> - -<tr> - <td>Certificate :</td><td><input type='text' name='idp-ca' size='50' value='<?php echo $config['idp-ca']; ?>'></td><td> </td> -</tr> -</table> -</p> - -<hr> -<?php - foreach ($config['sp'] as $sp => $name) - { -?> -<table> -<caption>Service Provider <b><?php echo $sp ?></caption> - -<tr> - <td>Metadata :</td><td><input type='text' name='sp^<?php echo $sp; ?>^metadata' size='50' value='<?php echo $config['sp'][$sp]['metadata']; ?>'></td> - <td><a href="javascript:openpopup('edit_metadata.php?filename=<?php echo $config['sp'][$sp]['metadata']; ?>')">Edit Metadata</a></td> -</tr> -<tr> - <td>Public Key :</td><td><input type='text' name='sp^<?php echo $sp; ?>^public_key' size='50' value='<?php echo $config['sp'][$sp]['public_key']; ?>'></td><td> </td> - -</tr> -<tr> - <td>Certificate :</td><td><input type='text' name='sp^<?php echo $sp; ?>^ca' size='50' value='<?php echo $config['sp'][$sp]['ca']; ?>'></td><td> </td> -</tr> - -<tr> - <td colspan='3' align='center'> - <input type='submit' name='update_<?php echo $sp; ?>' value='save / update'> - <input type='submit' name='delete_<?php echo $sp; ?>' value='delete'> - </td> -</tr> -</table> - -<?php - } -?> -</p> - -<p> -<table> -<caption>Add a new Service Provider</caption> - -<tr> - <td>Name :</td><td><input type='text' name='sp' size='50'></td><td> </td> -</tr> - -<tr> - <td>Metadata :</td><td><input type='text' name='metadata' size='50'></td> - <td><a href="javascript:openpopup('create_metadata.php')">Create Metadata</a></td> -</tr> - -<tr> - <td>Public Key :</td><td><input type='text' name='public_key' size='50'></td><td> </td> -</tr> - -<tr> - <td>Certificate :</td><td><input type='text' name='ca' size='50'></td><td> </td> -</tr> - -<tr> - <td colspan='3' align='center'> - <input type='submit' name='new' value='save / update'> - </td> -</tr> -</fieldset> -</table> -</p> -<hr> -<p> - <input type='submit' name='setup' value='setup'> -</p> -</form> -<p align='center'><a href='index.php'>Index</a> -</p> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> -<?php - } -?> diff --git a/php/Attic/examples/sample-idp/singleSignOn.php b/php/Attic/examples/sample-idp/singleSignOn.php deleted file mode 100644 index d4548bb9..00000000 --- a/php/Attic/examples/sample-idp/singleSignOn.php +++ /dev/null @@ -1,494 +0,0 @@ -<?php -/* - * Identity Provider Example -- Single Sing On - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'HTML/QuickForm.php'; - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - require_once 'misc.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - lasso_init(); - - // Create Lasso Server - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); - - // HTTP Basic Authentification - if ($config['auth_type'] == 'auth_basic') - { - if (!isset($_SERVER['PHP_AUTH_USER'])) - { - sendHTTPBasicAuth(); - exit; - } - else - { - $login = new LassoLogin($server); - - // init login - updateDumpsFromSession($login); - initFromAuthnRequest($login); - - - // User must *NOT* Authenticate with the IdP - if (!$login->mustAuthenticate()) - { - $user_id = authentificateUser($db, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); - if (!$user_id) - { - $logger->log("User must not authenticate, username and password are not available", PEAR_LOG_CRIT); - die("Unknown User"); - } - - $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); - if (empty($array)) - { - $logger->log("User must no authenticate, but I don't find session and identity - dump in the database", PEAR_LOG_CRIT); - die("Could not get Identity and Session Dump"); - } - - $login->setIdentityFromDump($array['identity_dump']); - if (!empty($array['session_dump'])) - { - $logger->log("Update Session from dump for User '$user_id'", PEAR_LOG_CRIT); - $login->setSessionFromDump($array['session_dump']); - } - - doneSingleSignOn($db, $login, $user_id); - exit; - } - - // Check Login and Password - if (!($user_id = authentificateUser($db, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) - { - sendHTTPBasicAuth(); - exit; - } - else - { - $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); - $is_first_sso = (isset($array['identity_dump']) ? FALSE : TRUE); - - if (!$is_first_sso) - $login->setIdentityFromDump($array['identity_dump']); - - if (!empty($array['session_dump'])) - $login->setSessionFromDump($array['session_dump']); - - doneSingleSignOn($db, $login, $user_id, $is_first_sso); - } - } - exit; - } - - // HTML Form Authentification - - // Create the form - $form = new HTML_QuickForm('frm'); - - $form->addElement('header', null, 'Single Sing On Login'); - - $form->addElement('text', 'username', 'Username:', array('size' => 50, 'maxlength' => 255)); - $form->addElement('password', 'password', 'Password:', array('size' => 50, 'maxlength' => 255)); - $form->addElement('submit', null, 'Ok'); - - $form->addRule('username', 'Please enter the Username', 'required', null, 'client'); - $form->addRule('password', 'Please enter the Password', 'required', null, 'client'); - - /* - * - */ - function sendHTTPBasicAuth() - { - global $logger; - - header('WWW-Authenticate: Basic realm="Lasso Identity Provider One"'); - header('HTTP/1.0 401 Unauthorized'); - echo "Acces Denied"; - $logger->log("User from '" . $_SERVER['REMOTE_ADDR'] . "' pressed the cancel button during HTTP basic authentication request", PEAR_LOG_NOTICE); - } - - /* - * Update Identity dump - */ - function updateIdentityDump($db, $user_id, $identity_dump) - { - global $logger; - - $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump); - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - - isDBError($res); - $logger->log("Update user '$user_id' identity dump in the database : $identity_dump", PEAR_LOG_DEBUG); - } - - /* - * Update Session dump - */ - function updateSessionDump($db, $user_id, $session_dump) - { - global $logger; - - $query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump); - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - isDBError($res); - $logger->log("Update user '$user_id' Session dump in the database : $session_dump", PEAR_LOG_DEBUG); - } - - /* - * Save the Assertion Artifact in the database - */ - function saveAssertionArtifact($db, $artifact, $assertion) - { - global $logger; - $assertion_dump = $assertion->dump(); - - if (empty($assertion_dump)) - { - $logger->log("assertion dump is empty", PEAR_LOG_ALERT); - die("assertion dump is empty"); - } - - // Save assertion - $query = "INSERT INTO assertions (assertion, response_dump, created) VALUES "; - $query .= "('".$artifact."',".$db->quoteSmart($assertion_dump).", NOW())"; - - $res =& $db->query($query); - isDBError($res); - } - - /* - * Update Session and Identity Dump from PHP Session variables - */ - function updateDumpsFromSession(&$login) - { - global $logger; - - // Get session and identity dump if there are available - if (!empty($_SESSION['session_dump'])) - { - $login->setSessionFromDump($_SESSION['session_dump']); - $logger->log("Update user's session dump", PEAR_LOG_DEBUG); - } - - if (!empty($_SESSION['identity_dump'])) - { - $login->setIdentityFromDump($_SESSION['identity_dump']); - $logger->log("Update user's identity dump", PEAR_LOG_DEBUG); - } - } - - /* - * Init Lasso login from AuthnRequestMsg - */ - function initFromAuthnRequest(&$login) - { - global $logger; - - switch ($_SERVER['REQUEST_METHOD']) - { - case 'GET': - $login->processAuthnRequestMsg($_SERVER['QUERY_STRING']); - $logger->log("processAuthnRequestMsg with method GET : " . $_SERVER['QUERY_STRING'], PEAR_LOG_DEBUG); - break; - case 'POST': - if (empty($_POST['LAREQ'])) - { - $logger->log("POST LARQ value is empty"); - die("POST LARQ value is empty"); - } - $login->processAuthnRequestMsg($_POST['LAREQ']); - $logger->log("processAuthnRequestMsg with method POST", PEAR_LOG_DEBUG); - break; - default: - $logger->log("initFromAuthnRequest with called an unknown method", PEAR_LOG_CRIT); - die("Unknown request method"); - } - } - - /* - * This function authentificate the user against the Postgres Database - */ - function authentificateUser($db, $username, $password) - { - global $logger; - - $query = "SELECT user_id FROM users WHERE username=".$db->quoteSmart($username); - $query .= " AND password=".$db->quoteSmart($password); - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - die($res->getMessage()); - } - - if ($res->numRows()) - { - $row = $res->fetchRow(); - return ($row[0]); - } - return (0); - } - - /* - * Get UserID from the NameIdentifier - * return user_id or 0 if not found - */ - function getUserIDFromNameIdentifier($db, $nameidentifier) - { - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameidentifier'"; - - $res =& $db->query($query); - isDBError($res); - - // UserID not found - if (!$res->numRows()) - return (0); - - $row = $res->fetchRow(); - return ($row[0]); - } - - /* - * - */ - function getIdentityDumpAndSessionDumpFromUserID($db, $user_id) - { - $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - if ($res->numRows()) - { - $row =& $res->fetchRow(); - $ret = array("identity_dump" => $row[0], "session_dump" => $row[1]); - return ($ret); - } - } - - - /* - * - */ - function doneSingleSignOn($db, &$login, $user_id) - { - global $logger; - - $authenticationMethod = (($_SERVER["HTTPS"] == 'on') ? LASSO_SAML_AUTHENTICATION_METHOD_SECURE_REMOTE_PASSWORD : LASSO_SAML_AUTHENTICATION_METHOD_REMOTE_PASSWORD); - - // reauth in session_cache_expire, default is 180 minutes - $reauthenticateOnOrAfter = strftime("%Y-%m-%dT%H:%M:%SZ", time() + session_cache_expire() * 60); - - $login->validateRequestMsg(TRUE, TRUE); - $login->buildAssertion($authenticationMethod, 0, - $reauthenticateOnOrAfter, "", ""); - - if ($login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART) - $login->buildArtifactMsg(LASSO_HTTP_METHOD_REDIRECT); - else if ($login->protocolProfile == lLASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST) - $login->buildAuthnResponseMsg(); - else - { - $logger->log("Unknown protocol profile", PEAR_LOG_CRIT); - die("Unknown protocol profile\n"); - } - - $query = "SELECT * FROM nameidentifiers WHERE name_identifier='"; - $query .= $login->nameIdentifier."' AND user_id='$user_id'"; - - $res =& $db->query($query); - isDBError($res); - - if (!$res->numRows()) - { - // register new name_identifier - $query = "INSERT INTO nameidentifiers (name_identifier, user_id) "; - $query .= "VALUES ('" . $login->nameIdentifier . "','$user_id')"; - - $res =& $db->query($query); - isDBError($res); - $logger->log("Register Name Identifier '" . $login->nameIdentifier ."' for User '$user_id'", PEAR_LOG_INFO); - } - - $identity = $login->identity; - // do we need to update identity dump? - if ($login->isIdentityDirty) - updateIdentityDump($db, $user_id, $identity->dump()); - - $session = $login->session; - // do we need to update session dump? - if ($login->isSessionDirty) - updateSessionDump($db, $user_id, $session->dump()); - - if (empty($login->assertionArtifact)) - { - $logger->log("Assertion Artifact is empty", PEAR_LOG_CRIT); - die("assertion Artifact is empty"); - } - - $logger->log("Assertion Artifact is '" . $login->assertionArtifact . "'", PEAR_LOG_DEBUG); - - saveAssertionArtifact($db, $login->assertionArtifact, $login->assertion); - - - // Save PHP Session ID in the sso_session table - $query = "INSERT INTO sso_sessions(name_identifier, session_id, ip)"; - $query .= " VALUES('" . $login->nameIdentifier . "','" . session_id() . "','"; - $query .= ip2long($_SERVER['REMOTE_ADDR']) . "')"; - - $res =& $db->query($query); - isDBError($res); - - unset($_SESSION['login_dump']); // delete login_dump - $_SESSION['identity_dump'] = $identity->dump(); - $_SESSION['session_dump'] = $session->dump(); - - $logger->log("New Single Sign On Session started for user '$user_id'", PEAR_LOG_INFO); - - switch($login->protocolProfile) - { - case LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART: - $url = $login->msgUrl; - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\n\n"); - lasso_shutdown(); - exit; - case LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST: - // TODO : lassoLoginProtocolProfileBrwsPost - die("Not yet implemented"); - default: - $logger->log("Unknown Login Protocol Profile :" . $login->protocolProfile, PEAR_LOG_CRIT); - die("Unknown Login Protocol Profile"); - } - } - - // validate login - if ($form->validate()) - { - if (empty($_SESSION['login_dump'])) - { - $logger->log("Login dump is not registred in the session", PEAR_LOG_ERR); - die("Login dump is not registred"); - } - - $login = LassoLogin::newFromDump($server, $_SESSION['login_dump']); - - if (($user_id = authentificateUser($db, $form->exportValue('username'), - $form->exportValue('password')))) - { - $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); - $is_first_sso = (isset($array['identity_dump']) ? FALSE : TRUE); - - if (!empty($array['identity_dump'])) - { - $logger->log("Update Identity dump for user '$user_id' from the database", PEAR_LOG_INFO); - $login->setIdentityFromDump($array['identity_dump']); - } - - if (!empty($array['identity_dump'])) - { - $logger->log("Update Identity dump for user '$user_id' from the database", PEAR_LOG_INFO); - $login->setIdentityFromDump($array['identity_dump']); - } - - - if (!empty($array['session_dump'])) - { - $logger->log("Update Session dump for user '$user_id' from the database", PEAR_LOG_INFO); - $login->setSessionFromDump($array['session_dump']); - } - - doneSingleSignOn($db, $login, $user_id); - exit; - } - else - $logger->log("Authentication failure with login '". $form->exportValue('username')." - password '". $form->exportValue('password') ."' IP '" . $_SERVER['REMOTE_ADDR']."'", PEAR_LOG_WARNING); - } - else - { - $login = new LassoLogin($server); - - // init login - updateDumpsFromSession($login); - initFromAuthnRequest($login); - - // User must NOT Authenticate with the IdP - if (!$login->mustAuthenticate()) - { - $user_id = getUserIDFromNameIdentifier($db, $login->nameIdentifier); - - if (!$user_id) - { - $logger->log("Could not get UserID from Name Identifier '" . $login->nameIdentifier . "'", PEAR_LOG_ERR); - die("Internal Server Error"); - } - doneSingleSignOn($db, $login, $user_id); - exit; - } - else - { - // register login dump in this session, - // we can not transfert xml dump with hidden input - $_SESSION['login_dump'] = $login->dump(); - } - } -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<body> -<?php - $form->display(); -?> -</body> -</html> diff --git a/php/Attic/examples/sample-idp/soapEndpoint.php b/php/Attic/examples/sample-idp/soapEndpoint.php deleted file mode 100644 index 2fe0d33c..00000000 --- a/php/Attic/examples/sample-idp/soapEndpoint.php +++ /dev/null @@ -1,393 +0,0 @@ -<?php -/* - * Identity Provider Example -- SOAP Endpoint - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - $server_dump = file_get_contents($config['server_dump_filename']); - - header("Content-Type: text/xml\r\n"); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - { - header("HTTP/1.0 500 Internal Server Error"); - exit; - } - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // shutdown function - function close_logger() - { - global $logger; - $logger->close(); - } - register_shutdown_function("close_logger"); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - if (empty($HTTP_RAW_POST_DATA)) - { - $logger->log("HTTP_RAW_POST_DATA is empty", PEAR_LOG_WARNING); - die("HTTP_RAW_POST_DATA is empty!"); - } - - lasso_init(); - - $requestype = lasso_getRequestTypeFromSoapMsg($HTTP_RAW_POST_DATA); - $server = LassoServer::newFromDump($server_dump); - - switch ($requestype) - { - // Login - case lassoRequestTypeLogin: - $logger->log("SOAP Login Request from " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO); - - $login = new LassoLogin($server); - $login->processRequestMsg($HTTP_RAW_POST_DATA); - $artifact = $login->assertionArtifact; - - $query = "SELECT response_dump FROM assertions WHERE assertion='" . $artifact . "'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - - // Good Artifact, send reponse_dump - if ($res->numRows()) - { - $row = $res->fetchRow(); - - $logger->log("Good artifact send by " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO); - - // Delete assertion from the database - $query = "DELETE FROM assertions WHERE assertion='" . $artifact . "'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - $logger->log("Delete assertion '$artifact'", PEAR_LOG_DEBUG); - - $login->setAssertionFromDump($row[0]); - $login->buildResponseMsg(); - header("Content-Length: " . strlen($login->msgBody) . "\r\n"); - echo $login->msgBody; - exit; - } - else - { - // Wrong Artifact - header("HTTP/1.0 403 Forbidden"); - header("Content-Length: 0\r\n"); - $logger->log("Wrong artifact send by " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_WARNING); - exit; - } - break; - case lassoRequestTypeLogout: - $logger->info("SOAP Logout Request from " . $_SERVER['REMOTE_ADDR']); - - // Logout - $logout = new LassoLogout($server, lassoProviderTypeIdp); - $logout->processRequestMsg($HTTP_RAW_POST_DATA, lassoHttpMethodSoap); - $nameIdentifier = $logout->nameIdentifier; - - // name identifier is empty, wrong request - if (empty($nameIdentifier)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("Name Identifier is empty"); - exit; - } - - $logger->log("Name Identifier '$nameIdentifier'", PEAR_LOG_DEBUG); - - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameIdentifier'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("Could not find user_id matching nameidentifier '$nameIdentifier'", PEAR_LOG_ERR); - exit; - } - - $row = $res->fetchRow(); - $user_id = $row[0]; - - $logger->log("Name Identifier '$nameIdentifier' match UserID '$user_id'", PEAR_LOG_DEBUG); - - $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("Could not fetch identity and session dump for user '$user_id'", PEAR_LOG_ERR); - exit; - } - - $row = $res->fetchRow(); - $user_dump = $row[0]; - $session_dump = $row[1]; - - if (!empty($session_dump)) - { - $logout->setSessionFromDump($session_dump); - $logger->log("Update session from dump", PEAR_LOG_DEBUG); - } - $logout->setIdentityFromDump($user_dump); - - // TODO : handle bad validate request - $logout->validateRequest(); - - if ($logout->isIdentityDirty) - { - $identity = $logout->identity; - $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity->dump()); - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - $logger->log("Update identity dump for user '$user_id'", PEAR_LOG_DEBUG); - } - - if ($logout->isSessionDirty) - { - $session = $logout->session; - $query = "UPDATE users SET session_dump="; - $query .= (($session == NULL) ? "''" : $db->quoteSmart($session->dump())); - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - if ($session) - $logger->log("Update session dump for user '$user_id'", PEAR_LOG_DEBUG); - else - $logger->log("Delete session dump for user '$user_id'", PEAR_LOG_DEBUG); - } - - - // TODO : try multiple sp logout - while(($providerID = $logout->getNextProviderId())) - { - $logout->initRequest($providerID, lassoHttpMethodAny); // FIXME - $logout->buildRequestMsg(); - $url = parse_url($logout->msgUrl); - - $logger->log("Send SOAP Logout Request to '$providerID' for user '$user_id'", PEAR_LOG_INFO); - - $soap = sprintf("POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", - $url['path'], $url['host'], $url['port'], strlen($logout->msgBody), $logout->msgBody); - - $logger->log('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path'], PEAR_LOG_INFO); - $logger->log('SOAP Request : ' . $soap, PEAR_LOG_DEBUG); - - $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30); - if (!$fp) - { - $logger->log("Could not send SOAP Logout Request to '$providerID' - for user '$user_id' : $errstr ($errno)", PEAR_LOG_WARN); - continue; - } - fwrite($fp, $soap); - - read_http_response($fp, $header, $response); - - $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); - $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); - - if (!preg_match("/^HTTP\/1\\.. 200/i", $header)) - { - $logger->log("Logout faild for user '$user_id' on '$providerID'", PEAR_LOG_WARN); - continue; - } - $logout->processResponseMsg($response, lassoHttpMethodSoap); - } - - $logout->buildResponseMsg(); - - // Get PHP session ID - $query = "SELECT session_id FROM sso_sessions WHERE name_identifier='$nameIdentifier'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - $row = $res->fetchRow(); - $session_id = $row[0]; - - $logger->log("Name Identifier '$nameIdentifier' match PHP Session ID '$session_id'", PEAR_LOG_DEBUG); - - // Delete SSO Session from table 'sso_sessions' - $query = "DELETE FROM sso_sessions WHERE name_identifier='$nameIdentifier'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - - $logger->log("Destroy PHP Session '$session_id'", PEAR_LOG_DEBUG); - $logger->log("User '$user_id' is logged out", PEAR_LOG_INFO); - - // Destroy The PHP Session - session_id($session_id); - $_SESSION = array(); - session_destroy(); - - header("Content-Length: " . strlen($logout->msgBody) . "\r\n"); - echo $logout->msgBody; - break; - case lassoRequestTypeDefederation: - $logger->info("SOAP Defederation Request from " . $_SERVER['REMOTE_ADDR']); - - $defederation = new LassoDefederation($server, lassoProviderTypeSp); - $defederation->processNotificationMsg($HTTP_RAW_POST_DATA, lassoHttpMethodSoap); - - $nameIdentifier = $defederation->nameIdentifier; - if (empty($nameIdentifier)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("Name Identifier is empty"); - exit; - } - - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameIdentifier'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - exit; - } - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("Name identifier '$nameIdentifier' doesn't correspond to any user"); - exit; - } - - $row = $res->fetchRow(); - $user_id = $row[0]; - $logger->debug("UserID is '$user_id"); - - $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; - $res =& $db->query($query); - - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - exit; - } - - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("User is not federated."); - exit; - } - $row = $res->fetchRow(); - $identity_dump = $row[0]; - $session_dump = $row[1]; - - $defederation->setIdentityFromDump($identity_dump); - if (!empty($session_dump)) - $defederation->setSessionFromDump($identity_dump); - - $defederation->validateNotification(); - - if (empty($defederation->msgUrl)): - header("HTTP/1.0 204 No Content"); - else - { - $url = $defederation->msgUrl; - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\n\n"); - } - break; - - default: - header("HTTP/1.0 500 Internal Server Error"); - $logger->crit("Unknown or unsupported SOAP request"); - } - - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-idp/user_add.php b/php/Attic/examples/sample-idp/user_add.php deleted file mode 100644 index 61d2cf16..00000000 --- a/php/Attic/examples/sample-idp/user_add.php +++ /dev/null @@ -1,111 +0,0 @@ -<?php -/* - * Identity Provider Example -- User Administration - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'HTML/QuickForm.php'; - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - $form = new HTML_QuickForm('frm'); - - $form->addElement('header', null, 'Add New User'); - $form->addElement('text', 'username', 'Username:', array('size' => 50, 'maxlength' => 255)); - $form->addElement('text', 'password', 'Password:', array('size' => 50, 'maxlength' => 255)); - $form->addElement('submit', null, 'Create'); - - $form->addRule('username', 'Please enter the Username', 'required', null, 'client'); - $form->addRule('password', 'Please enter the Password', 'required', null, 'client'); - - if ($form->validate()) - { - - $query = "INSERT INTO users (user_id, username, password, created) VALUES(nextval('user_id_seq'),"; - $query .= $db->quoteSmart($form->exportValue('username')) . ","; - $query .= $db->quoteSmart($form->exportValue('password')) . ", NOW())"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_ERR); - $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); - die("Username exist!"); - } - - $logger->log("Create User '" . $form->exportValue('username') . "'", PEAR_LOG_NOTICE); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<script type="text/javascript"> -<!-- - function reload_and_close() - { - opener.document.location.reload(); - window.close(); - } - -// --> -</script> -</head> -<body onLoad="reload_and_close();"> -</body> -</html> -<?php - } - else - { -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> - <title>Add User</title> -</head> -<body onLoad="window.focus();"> -<?php - $form->display(); -?> -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> -<?php - } -?> diff --git a/php/Attic/examples/sample-idp/view_session.php b/php/Attic/examples/sample-idp/view_session.php deleted file mode 100644 index 0c9fa429..00000000 --- a/php/Attic/examples/sample-idp/view_session.php +++ /dev/null @@ -1,121 +0,0 @@ -<?php -/* - * Service Provider Example -- Online User Viewer - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'DB.php'; - - if (!file_exists('config.inc')) - { -?> -<p align='center'><b>Service Provider Configuration file is not available</b><br> -Please run the setup script :<br> -<a href='setup.php'>Lasso Service Provider Setup</a><br> -You can get more informations about <b>Lasso</b> at <br> -<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p> -<?php - exit(); - } - $config = unserialize(file_get_contents('config.inc')); - - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) - die($db->getMessage()); - - $query = "SELECT nameidentifiers.user_id,users.username,ip "; - $query .= "FROM nameidentifiers,sso_sessions,users "; - $query .= "WHERE sso_sessions.name_identifier = nameidentifiers.name_identifier "; - $query .= "AND nameidentifiers.user_id = users.user_id"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $numRows = $res->numRows(); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Lasso Service Provider Example : View Online Users</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -</head> -<body> - -<p align='center'> -<table align='center' width='95%' border='1'> -<caption>Online Users</caption> -<thead> -<tr> - <td align='center'>User ID</td> - <td align='center'>User Name</td> - <td align='center'>Address IP</td> - <td align='center'>Started</td> - <td align='center'>Duration</td> -</tr> -</thead> -<tbody> -<?php - if ($numRows) - { - $num_col = $res->numCols(); - $tableinfo = $db->tableInfo($res); - - while($row = $res->fetchRow()) - { - echo "<tr>"; - for ($i = 0; $i < $num_col; $i++) - { - echo "<td align='center'>"; - switch ($tableinfo[$i]['name']) - { - case "ip": - echo long2ip($row[$i]); - break; - default: - echo $row[$i]; - } - echo "</td>"; - } - echo "</tr>"; - } - - } -?> -</tbody> -<tfoot> -<tr> - <td colspan='5'> </td> -</tr> -</tfoot> -</table> -</p> - -<br> -<p align='center'><a href='index.php'>Index</a> -</p> -<br> -<p align='center'>Copyright © 2004, 2005 Entr'ouvert</p> - -</body> -</html> diff --git a/php/Attic/examples/sample-sp/.cvsignore b/php/Attic/examples/sample-sp/.cvsignore deleted file mode 100644 index 22a4e729..00000000 --- a/php/Attic/examples/sample-sp/.cvsignore +++ /dev/null @@ -1,3 +0,0 @@ -Makefile -Makefile.in - diff --git a/php/Attic/examples/sample-sp/Makefile.am b/php/Attic/examples/sample-sp/Makefile.am deleted file mode 100644 index cdfc650e..00000000 --- a/php/Attic/examples/sample-sp/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -EXTRA_DIST = \ - admin_user.php \ - assertionConsumer.php \ - cancel_federation.php \ - index.php \ - login.php \ - logout.php \ - metadata_idp1.xml \ - metadata_sp1.xml \ - misc.php \ - register.php \ - session.php \ - setup.php \ - soapEndpoint.php \ - view_session.php \ - README - diff --git a/php/Attic/examples/sample-sp/README b/php/Attic/examples/sample-sp/README deleted file mode 100644 index a78f9817..00000000 --- a/php/Attic/examples/sample-sp/README +++ /dev/null @@ -1 +0,0 @@ -TODO ;0) diff --git a/php/Attic/examples/sample-sp/admin_user.php b/php/Attic/examples/sample-sp/admin_user.php deleted file mode 100644 index 72b29659..00000000 --- a/php/Attic/examples/sample-sp/admin_user.php +++ /dev/null @@ -1,205 +0,0 @@ -<?php -/* - * Service Provider Example -- User Administration - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - $config = unserialize(file_get_contents('config.inc')); - - require_once 'Log.php'; - require_once 'DB.php'; - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - - if (!empty($_GET['dump'])) { - $query = "SELECT identity_dump FROM users WHERE user_id=".$db->quoteSmart($_GET['dump']); - $res =& $db->query($query); - if (DB::isError($res)) - print $res->getMessage(). "\n"; - $row = $res->fetchRow(); - -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<body> -<table> -<caption>Identity Dump</caption> -<tr> -<td> -<textarea rows="15" cols="50"> -<?php - echo htmlentities($row[0], ENT_QUOTES); -?> -</textarea> -</td> -</tr> -<tr> -<td align="center"><a href="javascript:window.close(self)">Close</a></td> -</tr> -</table> -</body> -</html> -<?php - exit; - } - - if (!empty($_GET['del'])) - { - - $query = "DELETE FROM nameidentifiers WHERE user_id=".$db->quoteSmart($_GET['del']); - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $query = "DELETE FROM users WHERE user_id=".$db->quoteSmart($_GET['del']); - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - } - - lasso_init(); - - // Create Lasso Server - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); - - // Lasso User - $login = new LassoLogin($server); - - $query = "SELECT * FROM users"; - $res =& $db->query($query); - if (DB::isError($res)) - print $res->getMessage(). "\n"; -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<title>Lasso Service Provider Example : Users Management</title> -<script type="text/javascript"> - - function openpopup(popurl){ - var winpops=window.open(popurl,"","width=400,height=300") - } - -</script> -</head> -<body> - -<table border="1" align="center"> -<caption>Users</caption> -<?php - $num_col = $res->numCols(); - $tableinfo = $db->tableInfo($res); -?> -<thead> -<tr align="center"><?php - for ($i = 0; $i < $num_col; $i++) { - echo "<td><b>" . $tableinfo[$i]['name'] ."</b></td>"; - } -?><td> </td> -</tr> -</thead> -<tbody> -<?php - while ($row =& $res->fetchRow()) { -?> -<tr align="center"> -<?php - for ($i = 0; $i < $num_col; $i++) - { - ?> - <td> - <?php - switch ($tableinfo[$i]['name']) - { - case "identity_dump": - echo "<a href=javascript:openpopup('". $PHP_SELF . '?dump=' . $row[0] . "')>view</a>"; - $identity_dump = $row[$i]; - break; - - default: - echo (empty($row[$i])) ? " " : $row[$i]; - } - ?> - </td> - <?php - } - ?> - <td rowspan='2'><a href="<?php echo $PHP_SELF . '?del=' . $row[0]; ?>">delete</a></td> -</tr> -<tr> - <td colspan='<?php echo $num_col; ?>' align='center'> -<? - // get all federations for this user - if (!empty($identity_dump)) - { - $login->setIdentityFromDump($identity_dump); - $identity = $login->identity; - $providerIDs = $identity->providerIds; - - for($i = 0; $i < $providerIDs->length() ; $i++) - { - if ($i) - echo "<br>"; - echo $providerIDs->getItem($i); - } - } - else - echo "Not Federated with an Service Provider."; -?> - </td> -</tr> -<?php -} -?> -</tbody> -<tfoot> -<tr> -<td colspan="<?php echo $num_col; ?>"> </td> -<td>Total: <?php echo $res->numRows();?> Users</td> -</tr> -</tfoot> -</table> - -<br> -<p align='center'><a href='index.php'>Index</a> -</p> - -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> - -</body> - -</html> -<?php - $db->disconnect(); - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-sp/assertionConsumer.php b/php/Attic/examples/sample-sp/assertionConsumer.php deleted file mode 100644 index 46bc63a5..00000000 --- a/php/Attic/examples/sample-sp/assertionConsumer.php +++ /dev/null @@ -1,212 +0,0 @@ -<?php -/* - * Service Provider Example -- AssertionConsumer - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - require_once 'misc.php'; - - $config = unserialize(file_get_contents('config.inc')); - - if (!$_GET['SAMLart']) { - exit(1); - } - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - lasso_init(); - - $server_dump = file_get_contents($config['server_dump_filename']); - - $server = LassoServer::newFromDump($server_dump); - - $login = new LassoLogin($server); - - $logger->info('Request from ' . $_SERVER['REMOTE_ADDR']); - $login->initRequest($_SERVER['QUERY_STRING'], lassoHttpMethodRedirect); - $login->buildRequestMsg(); - - $url = parse_url($login->msgUrl); - - $soap = sprintf( - "POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", - $url['path'], $url['host'], $url['port'], strlen($login->msgBody), $login->msgBody); - - $logger->log('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path'], PEAR_LOG_INFO); - $logger->log('SOAP Request : ' . $soap, PEAR_LOG_DEBUG); - - # PHP 4.3.0 with OpenSSL support required - $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno)); - socket_set_timeout($fp, 10); - fwrite($fp, $soap); - - read_http_response($fp, $header, $response); - - $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); - $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); - - if (!preg_match("/^HTTP\/1\\.. 200/i", $header)) { - $logger->log("Wrong Artifact send by " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_ERR); - die("Wrong Artifact"); - } - - $login->processResponseMsg($response); - - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='" . $login->nameIdentifier . "'"; - $res =& $db->query($query); - - $logger->log("Name Identifier : " . $login->nameIdentifier, PEAR_LOG_DEBUG); - - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - - if ($res->numRows() > 0) - { - // User already exist in the database - $row =& $res->fetchRow(); - $user_id = $row[0]; - - # Get Identity Dump from the data base - $query = "SELECT identity_dump FROM users WHERE user_id='$user_id'"; - $res =& $db->query($query); - - if (DB::isError($db)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - - $row =& $res->fetchRow(); - - $login->setIdentityFromDump($row[0]); - - $res->free(); - - $login->acceptSso(); - - $session = $login->session; - $identity = $login->identity; - - $_SESSION['nameidentifier'] = $login->nameIdentifier; - $_SESSION['identity_dump'] = $identity->dump(); - $_SESSION['session_dump'] = $session->dump(); - $_SESSION['user_id'] = $user_id; - - $url = "index.php"; - - $logger->log("New session started for user '$user_id'", PEAR_LOG_INFO); - } - else - { - // New User - $login->acceptSso(); - - $identity = $login->identity; - $identity_dump = $identity->dump(); - - $session = $login->session; - - // Insert into users - $query = "INSERT INTO users (user_id,identity_dump,created) VALUES(nextval('user_id_seq'),"; - $query .= $db->quoteSmart($identity_dump) . ", NOW())"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - - - // Get UserID - $query = "SELECT last_value FROM user_id_seq"; - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - $row = $res->fetchRow(); - $user_id = $row[0]; - - $logger->log("New user($user_id) created", PEAR_LOG_NOTICE); - - // Insert into nameidentifiers - $query = "INSERT INTO nameidentifiers VALUES('".$login->nameIdentifier."', '$user_id')"; - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - - - $_SESSION['nameidentifier'] = $login->nameIdentifier; - $_SESSION['identity_dump'] = $identity->dump(); - $_SESSION['session_dump'] = $session->dump(); - $_SESSION['user_id'] = $user_id; - - $logger->log("New session started for user '$user_id', redirect to the registration form", PEAR_LOG_INFO); - - $url = "register.php"; - } - - // Update last_login - $query = "UPDATE users SET last_login=NOW() WHERE user_id='$user_id'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - $logger->log("Update last login for user '$user_id'", PEAR_LOG_INFO); - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\n\n"); - lasso_shutdown(); - exit(); -?> diff --git a/php/Attic/examples/sample-sp/cancel_federation.php b/php/Attic/examples/sample-sp/cancel_federation.php deleted file mode 100644 index 818f2b75..00000000 --- a/php/Attic/examples/sample-sp/cancel_federation.php +++ /dev/null @@ -1,200 +0,0 @@ -<?php -/* - * Service Provider Example -- Cancel Federation with an Identity Provider - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - require_once 'misc.php'; - - $config = unserialize(file_get_contents('config.inc')); - - $methodes = array('redirect' => lassoHttpMethodRedirect, 'soap' => lassoHttpMethodSoap); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - if (empty($_GET['profile'])) - { - $logger->err("Cancel Federation called without profile."); - die("Cancel Federation called without profile."); - } - - if (empty($_GET['with'])) - { - $logger->err("Cancel Federation called without providerID."); - die("Cancel Federation called without providerID."); - } - - session_start(); - - lasso_init(); - - if (empty($_SESSION['user_id'])) - { - $logger->err("UserID is empty, user is not logged in."); - die("UserID is empty, user is not logged in."); - } - - if (empty($_SESSION['identity_dump'])) - { - $logger->err("Identity Dump is empty, user is not federated."); - die("Identity Dump is empty, user is not federated."); - } - - if (!in_array($_GET['profile'], array_keys($methodes))) - { - die("Unknown defederation profile : " . $_GET['profile']); - $logger->err("Unknown defederation profile : " . $_GET['profile']); - } - - $user_id = $_SESSION['user_id']; - - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); - - $defederation = new LassoDefederation($server, lassoProviderTypeSp); - $defederation->setIdentityFromDump($_SESSION['identity_dump']); - - if (!empty($_SESSION['session_dump'])) - $defederation->setSessionFromDump($_SESSION['session_dump']); - - $logger->debug("Create Cancel Federation Notification for User '" . $_SESSION["user_id"] . - "' with Identity Provider '" . $_GET['with']. "'"); - - $defederation->initNotification($_GET['with'], $methodes[$_GET['profile']]); - - $defederation->buildNotificationMsg(); - $nameIdentifier = $defederation->nameIdentifier; - if (empty($nameIdentifier)) - { - $loggery>err("Name Identifier is empty."); - die("Name Identifier is empty."); - } - - $identity = $defederation->identity; - if (isset($defederation->identity)) - { - // Update identity dump - $identity_dump = $identity->dump(); - $_SESSION['identity_dump'] = $identity_dump; - $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump); - } - else // Delete identity and session dumps - $query = "UPDATE users SET identity_dump=''"; - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - die("Internal Server Error"); - } - $logger->debug("Update user '$user_id' identity dump in the database"); - - // Update session dump, if available - if (!empty($_SESSION['sesion_dump']) && $defederation->isSessionDirty) - { - $session = $defederation->session; - $session_dump = $session->dump(); - $_SESSION['session_dump'] = $session_dump; - - $query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump); - $query .= " WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - die("Internal Server Error"); - } - $logger->debug("Update user '$user_id' session dump in the database"); -} - -// Delete Name Identifier -$query = "DELETE FROM nameidentifiers WHERE user_id='$user_id' "; -$query .= "AND name_identifier='$nameIdentifier'"; - -$res =& $db->query($query); -if (DB::isError($res)) -{ - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - die("Internal Server Error"); -} - -$logger->info("Delete Name Identifier '$nameIdentifier' for User '$user_id'"); - -switch($_GET['profile']) -{ - case 'redirect': - $url = $defederation->msgUrl; - $logger->info("Redirect user to $url"); - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\r\n\r\n"); - break; - case 'soap': - $url = parse_url($defederation->msgUrl); - $soap = sprintf( - "POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", - $url['path'], $url['host'], $url['port'], strlen($defederation->msgBody), $defederation->msgBody); - - $logger->info('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path']); - $logger->debug('SOAP Request : ' . $soap); - - $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno)); - socket_set_timeout($fp, 10); - fwrite($fp, $soap); - - read_http_response($fp, $header, $reponse); - - fclose($fp); - - $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); - $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); - - // TODO : check reponse status - - - break; - } - -?> - -<?php - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-sp/index.php b/php/Attic/examples/sample-sp/index.php deleted file mode 100644 index 6ccd1b8b..00000000 --- a/php/Attic/examples/sample-sp/index.php +++ /dev/null @@ -1,214 +0,0 @@ -<?php -/* - * Service Provider Example -- Index File - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'DB.php'; - require_once 'session.php'; - - if(!extension_loaded('lasso')) { - $ret = @dl('lasso.' . PHP_SHLIB_SUFFIX); - if ($ret == FALSE) - { -?> -<p align='center'><b>The Lasso Extension is not available</b><br> -Please check your PHP extensions<br> -You can get more informations about <b>Lasso</b> at <br> -<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p> -<?php - exit(); - } - } - - if (!file_exists('config.inc')) - { -?> -<p align='center'><b>Service Provider Configuration file is not available</b><br> -Please run the setup script :<br> -<a href='setup.php'>Lasso Service Provider Setup</a><br> -You can get more informations about <b>Lasso</b> at <br> -<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p> -<?php - exit(); - } - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - - lasso_init(); - - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newFromDump($server_dump); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Lasso Service Provider Example</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -</head> - -<body> -<p align='center'> -<b>Service Provider Administration</b><br> -<a href="setup.php">Setup</a><br> -<a href="admin_user.php">Users Management</a><br> -<a href="view_session.php">View Online Users</a> -<?php if ($config['log_handler'] == 'sql') { ?> - <br><a href="log_view.php">View log</a> -<?php } ?> -</p> -<p align='center'> - <b>Serice Provider Fonctionnality</b> -<table align='center'> -<?php - if (!isset($_SESSION["nameidentifier"])) { - ?> -<tr> - <td colspan="2">Single SignOn using an Identity Provider</td> -</tr> -<tr> - <td colspan="2"> </td> -</tr> -<tr> - <td>Provider</td> - <td>Profile</td> -</tr> -<tr> - <td><?php echo $config['providerID']; ?></td> - <td><a href="login.php?profile=post">post</a> | <a href="login.php?profile=artifact">artifact</a></td> -</tr> -<?php } else { - // User is federated with an Service Provider - if (isset($_SESSION['identity_dump'])) - { - $login = new LassoLogin($server); - $login->setIdentityFromDump($_SESSION['identity_dump']); - if (!empty($_SESSION['session_dump'])) - $login->setSessionFromDump($_SESSION['session_dump']); - $identity = $login->identity; - $providerIDs = $identity->providerIds; - - if ($providerIDs->length()) - { -?> -<tr> - <td align='center' colspan='2'>Cancel a Federation with :</td> -</tr> -<tr> - <td align='center'>Identity Provider</td><td align='center'>Profile</td> -</tr> -<?php - for($i = 0; $i < $providerIDs->length() ; $i++) - { - $providerID = $providerIDs->getItem($i); -?> -<tr> - <td align='center'><?php echo $providerID; ?></td> - <td align='center'> - <a href="cancel_federation.php?profile=redirect&with=<?php echo $providerID; ?>">Redirect</a> | - <a href="cancel_federation.php?profile=soap&with=<?php echo $providerID; ?>">SOAP</a> - </td> -</tr> -<tr> - <td colspan='2'> </td> -</tr> -<?php - } - } - } -?> -<tr> - <td>Single Logout using </td><td><a href="logout.php?profile=soap">SOAP</a></td> -</tr> -<?php } ?> -</table> -</p> - -<p align='center'> -<table align='center'> -<caption><b>Status</b></caption> -<tr> - <?php - if (!isset($_SESSION["nameidentifier"])) - { - echo "<td>User is <b>not</b> logged in!</td>"; - } - else - { - ?> - <td colspan='2' align="center">User <b>is</b> logged in!</td> -</tr> -<tr> - <td><b>Name Identifier:</b></td><td><?php echo $_SESSION["nameidentifier"]; ?></td> -</tr> -<tr> - <td><b>UserID:</b></td><td><?php echo $_SESSION["user_id"]; ?></td> -</tr> -<?php - - $query = "SELECT * FROM users WHERE user_id='". $_SESSION["user_id"] ."'"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - list($user_id, $identity_dump, $first_name, $last_name, $last_login, $created) = $res->fetchRow(); - ?> -<tr> - <td><b>Last Name:</b></td><td><?php echo $last_name; ?></td> -</tr> -<tr> - <td><b>First Name:</b></td><td><?php echo $first_name; ?></td> -</tr> -<tr> - <td><b>PHP Session ID:</b></td><td><?php echo session_id(); ?></td> -</tr> -<tr> - <td><b>Account Created:</b></td><td><?php echo $created; ?></td> -</tr> -<tr> - <td><b>Last Login:</b></td><td><?php echo $last_login; ?></td> - <?php - } - ?> -</tr> -</table> -</p> -<br> -<p align='center'>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> -<?php - lasso_shutdown(); -?> diff --git a/php/Attic/examples/sample-sp/log_view.php b/php/Attic/examples/sample-sp/log_view.php deleted file mode 100644 index ccba208c..00000000 --- a/php/Attic/examples/sample-sp/log_view.php +++ /dev/null @@ -1,160 +0,0 @@ -<?php -/* - * Service Provider Example -- View log - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'HTML/QuickForm.php'; - require_once 'DB.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die("Could not connect to the database"); - - if ($config['log_handler'] != 'sql') - die("Unsupported log handler"); - - $number_of_msg = 8; - - // Count log messages - $query = "SELECT COUNT(*) FROM log"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $row = $res->fetchRow(); - $count = $row[0]; - - $startMsg = ((empty($_GET['startMsg'])) ? 0 : $_GET['startMsg']); - - $query = "SELECT * FROM log ORDER BY id DESC"; - if (!isset($_GET['show_all'])) - $query .= " OFFSET $startMsg LIMIT " . ($startMsg + $number_of_msg); - - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $numRows = $res->numRows(); - -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<head> - <title>Lasso Service Provider Example : View Logs</title> -</head> -<body> -<br> -<table border='1' width='100%'> -<caption>Logged events</caption> -<thead> -<tr> - <td colspan='4'> - <?php - if ($startMsg) - echo "<a href=$PHP_SELF?startMsg=" . ($startMsg - $number_of_msg) . ">Previous</a>"; - else - echo "Previous" - ?> - | - <?php - if ((($count - $startMsg) > $number_of_users) && !isset($_GET['show_all'])) - echo "<a href=\"" . $PHP_SELF . "?startMsg=" . ($startMsg + $number_of_msg) . "\">Next</a>"; - else - echo "Next"; - - if (isset($_GET['show_all'])) - echo "| <a href=\"" . $PHP_SELF ."?startMsg=0\">Paginate</a>"; - else - { - for ($i = 0; $i < $count; $i += $number_of_msg) - if ($i == $startMsg) - echo "| " . ( $i / $number_of_msg); - else - echo "| <a href=\"$PHP_SELF?startMsg=$i\">" . ( $i / $number_of_msg) . "</a>"; - if ($count > $number_of_msg) - echo "| <a href=\"$PHP_SELF?show_all=1\">Show All</a>"; - } - ?> - </td> -</tr> -<tr> - <td align='center'>date</td> - <td align='center'>filename</td> - <td align='center'>priority</td> - <td align='center'>message</td> -</tr> -</thead> -<tbody> -<?php - if ($numRows) - { - $num_col = $res->numCols(); - $tableinfo = $db->tableInfo($res); - - $desc = array("emergency", "alert", "critical", "error", "warning", "notice", "informational", "debug"); - - while($row = $res->fetchRow()) - { - echo "<tr>"; - for ($i = 0; $i < $num_col; $i++) - { - switch ($tableinfo[$i]['name']) - { - case "id": - break; - case "priority": - echo "<td align='center'>" . $desc[$row[$i]] . "</td>"; - break; - case "message": - echo "<td>" . $row[$i] . "</td>"; - break; - default: - echo "<td align='center'>" . $row[$i] . "</td>"; - } - } - echo "</tr>"; - } - } -?> -<tr> -</tr> -</tbody> -<tfoot> -<tr> - <td colspan='4'> </td> -</tr> -</tfoot> -</table> -<br> -<p align='center'><a href='index.php'>Index</a> -</p> -<br> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> - diff --git a/php/Attic/examples/sample-sp/login.php b/php/Attic/examples/sample-sp/login.php deleted file mode 100644 index f04ef8a5..00000000 --- a/php/Attic/examples/sample-sp/login.php +++ /dev/null @@ -1,94 +0,0 @@ -<?php -/* - * Service Provider Example -- Simple Sing On - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - lasso_init(); - - $server_dump = file_get_contents($config['server_dump_filename']); - - $server = LassoServer::newFromdump($server_dump); - - $login = new LassoLogin($server); - - if ($_GET['profile'] == 'post') - $login->initAuthnRequest(LASSO_HTTP_METHOD_POST); - elseif ($_GET['profile'] == 'artifact') - $login->initAuthnRequest(LASSO_HTTP_METHOD_REDIRECT); - else - die('Unknown Single Sign ON Profile'); - - $request = $login->authnRequest; - - $request->isPassive = FALSE; - $request->nameIdPolicy = LASSO_LIB_NAMEID_POLICY_TYPE_FEDERATED; - $request->consent = LASSO_LIB_CONSENT_OBTAINED; - - $login->buildAuthnRequestMsg($config['providerID']); - - $url = $login->msgUrl; - $msg = $login->msgBody; - switch ($_GET['profile']) - { - case 'post': -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml"> - <head> - <title>Authentication Request</title> - </head> - <body onLoad="document.forms[0].submit()"> - <form action="<?php echo $url; ?>" method="post"> - <p>You should be automaticaly redirected to an authentication server.</p> - <p>If this page is still visible after a few seconds, press the <em>Send</em> button below.</p> - <input type="hidden" name="LAREQ" value="<?php echo $msg; ?>" /> - <input type="submit" name="SendButton" value="Send" /> - </form> - </body> -</html> -<? - break; - case 'artifact' : - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\r\n\r\n"); - break; - } -?> diff --git a/php/Attic/examples/sample-sp/logout.php b/php/Attic/examples/sample-sp/logout.php deleted file mode 100644 index 0c9ba4c9..00000000 --- a/php/Attic/examples/sample-sp/logout.php +++ /dev/null @@ -1,145 +0,0 @@ -<?php -/* - * Service Provider Example -- Logout - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - if (!isset($_SESSION["nameidentifier"])) { - $logger->log("Not logged in user '" . $_SERVER['REMOTE_ADDR'] , "', try to register.", PEAR_LOG_WARN); - exit(0); - } - - lasso_init(); - - $server_dump = file_get_contents($config['server_dump_filename']); - - $server = LassoServer::newFromDump($server_dump); - - $logout = new LassoLogout($server, lassoProviderTypeSp); - - $query = "SELECT identity_dump FROM users WHERE user_id='"; - $query .= $_SESSION['user_id']."'"; - - $res =& $db->query($query); - - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die($db->getMessage()); - } - - $row = $res->fetchRow(); - - $logout->setIdentityFromDump($row[0]); - $logout->setSessionFromDump($_SESSION['session_dump']); - - $logout->initRequest(); - $logout->buildRequestMsg(); - - $url = parse_url($logout->msgUrl); - - $soap = sprintf( - "POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", - $url['path'], $url['host'], $url['port'], - strlen($logout->msgBody), $logout->msgBody); - - $logger->log('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path'], PEAR_LOG_INFO); - $logger->log('SOAP Request : ' . $soap, PEAR_LOG_DEBUG); - - # PHP 4.3.0 with OpenSSL support required - $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno)); - socket_set_timeout($fp, 10); - fwrite($fp, $soap); - - // header - do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header)); - - // chunked encoding - if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header)) - { - do { - $byte = ''; - $chunk_size = ''; - - do { - $chunk_size .= $byte; - $byte = fread($fp, 1); - } while ($byte != "\\r"); - - fread($fp, 1); - $chunk_size = hexdec($chunk_size); - $response .= fread($fp, $chunk_size); - fread($fp, 2); - } while ($chunk_size); - } - else - { - if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches)) - $response = fread($fp, $matches[1]); - else - while (!feof($fp)) $response .= fread($fp, 1024); - } - fclose($fp); - - $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); - $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); - - if (!preg_match("/^HTTP\/1\\.. 200/i", $header)) { - $logger->log("User is already logged out" . $_SERVER['REMOTE_ADDR'], PEAR_LOG_WARN); - die("User is already logged out"); - } - - # Destroy The PHP Session - $_SESSION = array(); - $logger->log("Destroy session '".session_id()."' for user '".$_SESSION['username']."'", PEAR_LOG_INFO); - session_destroy(); - - lasso_shutdown(); - - $url = "index.php"; - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\n\r\n"); - exit; -?> diff --git a/php/Attic/examples/sample-sp/metadata_idp1.xml b/php/Attic/examples/sample-sp/metadata_idp1.xml deleted file mode 100644 index af84f259..00000000 --- a/php/Attic/examples/sample-sp/metadata_idp1.xml +++ /dev/null @@ -1,44 +0,0 @@ -<?xml version="1.0"?> -<EntityDescriptor - providerID="https://idp1.lasso.lan/metadata" - xmlns="urn:liberty:metadata:2003-08"> - <IDPDescriptor> - - <SingleSignOnServiceURL>https://idp1.lasso.lan:1998/singleSignOn</SingleSignOnServiceURL> - <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</SingleSignOnProtocolProfile> - <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</SingleSignOnProtocolProfile> - - <SingleLogoutServiceURL>https://idp1.lasso.lan:1998/singleLogout</SingleLogoutServiceURL> - <SingleLogoutServiceReturnURL>https://idp1.lasso.lan:1998/singleLogoutReturn</SingleLogoutServiceReturnURL> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</SingleLogoutProtocolProfile> - - <FederationTerminationServiceURL>https://idp1.lasso.lan:1998/federationTermination</FederationTerminationServiceURL> - <FederationTerminationServiceReturnURL>https://idp1.lasso.lan:1998/federationTerminationReturn</FederationTerminationServiceReturnURL> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</FederationTerminationNotificationProtocolProfile> - - <RegisterNameIdentifierServiceURL>https://idp1.lasso.lan:1998/registerNameIdentifier</RegisterNameIdentifierServiceURL> - <RegisterNameIdentifierServiceReturnURL>https://idp1.lasso.lan:1998/registerNameIdentifierReturn</RegisterNameIdentifierServiceReturnURL> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile> - - <NameIdentifierMappingProtocolProfile>http://projectliberty.org/profiles/nim-sp-http</NameIdentifierMappingProtocolProfile> - - <SoapEndpoint>https://idp1.lasso.lan:1998/soapEndpoint</SoapEndpoint> - -</IDPDescriptor> - -<Organization> - <OrganizationName>Identity Provider idp1.lasso.lan</OrganizationName> - <OrganizationDisplayName xml:lang="en">Identity Provider 1</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://idp1.lasso.lan/</OrganizationURL> -</Organization> - -</EntityDescriptor> diff --git a/php/Attic/examples/sample-sp/metadata_sp1.xml b/php/Attic/examples/sample-sp/metadata_sp1.xml deleted file mode 100644 index cf2fad08..00000000 --- a/php/Attic/examples/sample-sp/metadata_sp1.xml +++ /dev/null @@ -1,42 +0,0 @@ -<?xml version="1.0"?> -<EntityDescriptor - providerID="https://sp1.lasso.lan/metadata" - xmlns="urn:liberty:metadata:2003-08"> - <SPDescriptor> - - <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://sp1.lasso.lan:2006/assertionConsumer</AssertionConsumerServiceURL> - - <SingleLogoutServiceURL>https://sp1.lasso.lan:2006/singleLogout</SingleLogoutServiceURL> - <SingleLogoutServiceReturnURL>https://sp1.lasso.lan:2006/singleLogoutReturn</SingleLogoutServiceReturnURL> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</SingleLogoutProtocolProfile> - <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</SingleLogoutProtocolProfile> - - <FederationTerminationServiceURL>https://sp1.lasso.lan:2006/federationTermination</FederationTerminationServiceURL> - <FederationTerminationServiceReturnURL>https://sp1.lasso.lan:2006/federationTerminationReturn</FederationTerminationServiceReturnURL> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</FederationTerminationNotificationProtocolProfile> - <FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</FederationTerminationNotificationProtocolProfile> - - <RegisterNameIdentifierServiceURL>https://sp1.lasso.lan:2006/registerNameIdentifier</RegisterNameIdentifierServiceURL> - <RegisterNameIdentifierServiceReturnURL>https://sp1.lasso.lan:2006/registerNameIdentifierReturn</RegisterNameIdentifierServiceReturnURL> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile> - <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile> - - <SoapEndpoint>https://sp1.lasso.lan:2006/soapEndpoint</SoapEndpoint> - - <AuthnRequestsSigned>true</AuthnRequestsSigned> - - </SPDescriptor> - -<Organization> - <OrganizationName>Service Provider sp1.lasso.lan</OrganizationName> - <OrganizationDisplayName xml:lang="en">Service Provider 1</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://sp1.lasso.lan/</OrganizationURL> -</Organization> - -</EntityDescriptor> diff --git a/php/Attic/examples/sample-sp/misc.php b/php/Attic/examples/sample-sp/misc.php deleted file mode 100644 index d1f5107a..00000000 --- a/php/Attic/examples/sample-sp/misc.php +++ /dev/null @@ -1,55 +0,0 @@ -<?php -/* - * Service Provider Example -- Misc functions - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -function read_http_response($fp, &$header, &$response) -{ - // header - do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header)); - - // chunked encoding - if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header)) - { - do { - $byte = ''; - $chunk_size = ''; - - do { - $chunk_size .= $byte; - $byte = fread($fp, 1); - } while ($byte != "\\r"); - - fread($fp, 1); - $chunk_size = hexdec($chunk_size); - $response .= fread($fp, $chunk_size); - fread($fp, 2); - } while ($chunk_size); - } - else - { - if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches)) - $response = @fread($fp, $matches[1]); - else - while (!feof($fp)) $response .= fread($fp, 1024); - } -} diff --git a/php/Attic/examples/sample-sp/register.php b/php/Attic/examples/sample-sp/register.php deleted file mode 100644 index 2e80e903..00000000 --- a/php/Attic/examples/sample-sp/register.php +++ /dev/null @@ -1,92 +0,0 @@ -<?php -/* - * Service Provider Example -- Register Form - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'DB.php'; - require_once 'session.php'; - - $config = unserialize(file_get_contents('config.inc')); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - die($db->getMessage()); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - if (!isset($_SESSION["nameidentifier"])) { - print "User is not logged in"; - exit(0); - } - - switch($_POST['action']) { - case "submit": - // Update User info - $query = "UPDATE users SET first_name=" . $db->quoteSmart($_POST['first_name']); - $query .= ",last_name=" . $db->quoteSmart($_POST['last_name']); - $query .= " WHERE user_id='".$_SESSION["user_id"]."'"; - - $res =& $db->query($query); - if (DB::isError($res)) - print $res->getMessage(). "\n"; - - $url = "index.php"; - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url\r\n\r\n"); - exit(); - default: -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html> -<head> -<title>Lasso Service Provider Example : Registration Form</title> -</head> - -<body> -<form name='frm' action="<?php echo $PHP_SELF; ?>" method='post'> -<table align="center"> -<caption>Registration Form</caption> -<tr> - <td>First Name:</td><td><input type='text' name="first_name" maxlength='50'></td> -</tr> -<tr> - <td>Last Name:</td><td><input type='text' name="last_name" maxlength='50'></td> -</tr> -<tr> - <td> </td><td><input type='submit' value="Ok"></td> -</tr> -</table> -<input type='hidden' name='action' value='submit'> -</form> - -</body> -</html> -<?php -} -?> diff --git a/php/Attic/examples/sample-sp/session.php b/php/Attic/examples/sample-sp/session.php deleted file mode 100644 index b51bb893..00000000 --- a/php/Attic/examples/sample-sp/session.php +++ /dev/null @@ -1,86 +0,0 @@ -<?php -/* - * Pear::DB session handler - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - -function open_session ($save_path, $session_name) { - return(true); -} - -function close_session() { - global $db; - $db->disconnect(); - return(true); -} - -function read_session ($id) { - global $db; - - $query = "SELECT * FROM sessions WHERE id='$id'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - exit; - die($res->getMessage()); - } - - if ($res->numRows() == 1) - { - $row = $res->fetchRow(); - return ($row[2]); - } else { - return(""); - } -} - -function write_session ($id, $sess_data) { - global $db; - - $query = "DELETE FROM sessions WHERE id='$id'"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $query = "INSERT INTO sessions(id, lastupdate, data) VALUES('$id', NOW(),"; - $query .= $db->quoteSmart($sess_data).")"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); -} - -function destroy_session ($id) { - global $db; - - $query = "DELETE FROM sessions WHERE id='$id'"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - return true; -} - -function gc_session ($maxlifetime) { - return true; -} - -?> diff --git a/php/Attic/examples/sample-sp/setup.php b/php/Attic/examples/sample-sp/setup.php deleted file mode 100644 index ab4b1399..00000000 --- a/php/Attic/examples/sample-sp/setup.php +++ /dev/null @@ -1,419 +0,0 @@ -<?php -/* - * - * Service Provider Example -- Installation Script - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - require_once 'DB.php'; -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<?php - if(!extension_loaded('lasso')) { - $ret = @dl('lasso.' . PHP_SHLIB_SUFFIX); - if ($ret == FALSE) - { - print "<p align='center'><b>The Lasso Extension is not available</b><br>"; - print "Please check your PHP extensions<br>"; - print "You can get more informations about <b>Lasso</b> at <br>"; - print "<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p>"; - exit(); - } - } - - - # default config - if (!file_exists('config.inc')) - { - $cwd = getcwd(); - $config = array( - 'dsn' => "pgsql://sp:sp@localhost/sp", - 'server_dump_filename' => "lasso_server_dump.xml", - 'log_handler' => "sql", - 'sp-metadata' => $cwd . "/metadata_sp1.xml", - 'sp-private_key' => $cwd . "/private-key-raw_sp1.pem", - 'sp-secret_key' => "", - 'sp-ca' => $cwd . "/certificate_sp1.pem", - 'providerID' => "https://idp1/metadata", - 'idp-metadata' => $cwd . "/metadata_idp1.xml", - 'idp-public_key' => $cwd . "/public-key_idp1.pem", - 'idp-ca' => $cwd . "/certificate_idp1.pem", - ); - - $config_ser = serialize($config); - - if (($fd = fopen("config.inc", "w"))) - { - fwrite($fd, $config_ser); - fclose($fd); - } - else - die("Could not write default config file, - if you get a \"permission denied\" error, check the owner of the - sample directory. (it must be www-data)."); - } - else - { - $config = unserialize(file_get_contents('config.inc')); - } - - if ($_POST['action'] == 'setup') - { - ob_start(); - - $setup = FALSE; - - print "<b>Lasso Service Provider Setup</b><br>"; - - unset($_POST['action']); - - $diff = array_diff($_POST, $config); - - foreach($diff as $key => $value) { - $config[$key] = $value; - } - - print "Check Data base : "; - - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) { - die("Failed (" . $db->getMessage() . ")"); - } - else - print "OK"; - - print "<br>Create sequence 'user_id_seq' : "; - - $query = "DROP SEQUENCE user_id_seq"; - $res =& $db->query($query); - - $query = "CREATE SEQUENCE user_id_seq"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'users' : "; - $query = "DROP TABLE users CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE users ( - user_id varchar(100) primary key, - identity_dump text, - first_name varchar(50), - last_name varchar(50), - last_login timestamp, - created timestamp)"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'nameidentifiers' : "; - - $query = "DROP TABLE nameidentifiers CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE nameidentifiers ( - name_identifier varchar(100) primary key, - user_id varchar(100), - FOREIGN KEY (user_id) REFERENCES users (user_id))"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'log' : "; - $query = "DROP TABLE log CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE log ( - id integer primary key, - logtime timestamp, - ident varchar(16), - priority integer, - message text)"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - - print "<br>Create table 'sessions' : "; - $query = "DROP TABLE sessions CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE sessions ( - id varchar(32) primary key, - lastupdate timestamp, - data text)"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - print "<br>Create table 'sso_sessions' : "; - $query = "DROP TABLE sso_sessions CASCADE"; - $res =& $db->query($query); - - $query = "CREATE TABLE sso_sessions ( - name_identifier character varying(100), - session_id character varying(32) - )"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - print "OK"; - - - $db->disconnect(); - - $keys = array_keys($config); - $files = preg_grep("/(sp|idp)/", $keys); - - - foreach($files as $file) - { - print "<br>Check file " . $config[$file] . " : "; - if (!file_exists($config[$file])) - if ($file == 'sp-secret_key') - print "not found (optional)"; - else - die("Failed (file does not exist)"); - else - print "OK"; - } - - lasso_init(); - - print "<br>Create Server : "; - - /* - $server = new LassoServer( - $config['sp-metadata'], - $config['sp-public_key'], - $config['sp-private_key'], - $config['sp-ca']); */ - - $server = new LassoServer( - $config['sp-metadata'], - $config['sp-private_key'], - $config['sp-secret_key'], - $config['sp-ca']); - - if (empty($server)) - { - die("Failed"); - } - else - print "OK"; - - print "<br>Add provider : "; - - $ret = $server->addProvider( - LASSO_PROVIDER_ROLE_IDP, - $config['idp-metadata'], - $config['idp-public_key'], - $config['idp-ca']); - - /* FIXME : check addProvider return value - if ($ret != TRUE) - { - print "Failed"; - break; - } - else */ - print "OK"; - - print "<br>Write XML Server Dump : "; - - $dump = $server->dump(); - - if (($fd = fopen($config['server_dump_filename'], "w"))) - { - fwrite($fd, $dump); - fclose($fd); - print "OK"; - } - else - die("Failed"); - - lasso_shutdown(); - - print "<br>Save configuration file : "; - - # Save configuration file - $config_ser = serialize($config); - if (($fd = fopen("config.inc", "w"))) - { - fwrite($fd, $config_ser); - fclose($fd); - print "OK"; - } - else - { - print("Failed"); - break; - } - $setup = TRUE; - } - ob_start(); -?> -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Setup script for Lasso (Liberty Alliance Single Sign On)</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -<?php - if ($setup == TRUE) { -?> -<meta http-equiv="Refresh" CONTENT="3; URL=index.php"> -<?php } ?> -</head> -<body> -<?php - ob_end_flush(); - ob_end_flush(); - ?> -</body> -</html> -<?php - if (empty($setup)) - { -?> - -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Setup script for Lasso (Liberty Alliance Single Sign On)</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -</head> -<body> -<form name='frm' action='<?php echo $PHP_SELF ?>' method='POST'> -<table> -<caption>Lasso Service Provider Setup</caption> -<tr> - <td colspan='3' align='center'>Database Configuration</td> -</tr> -<tr> - <td>DSN (Data Source Name) :</td><td><input type='text' name='dsn' size='50' value='<?php echo $config['dsn']; ?>' maxlength='100'></td><td><a href='http://pear.php.net/manual/en/package.database.db.intro-dsn.php' target='_new'>Help</a></td> -</tr> -<tr> - <td>Server XML Dump :</td><td><input type='text' name='server_dump_filename' size='50' value='<?php echo $config['server_dump_filename']; ?>' maxlength='100'></td><td> </td> - -</tr> -<tr> - <td colspan='3' align='center'>Logging</td> -</tr> -<tr> - <td>Handler :</td> - <td> - <select name='log_handler'> - <option value="null" <?php if ($config['log_handler'] == 'null') echo 'selected="selected"'; ?>>NULL (disabled)</option> - <option value="sql" <?php if ($config['log_handler'] == 'sql') echo 'selected="selected"'; ?>>Database</option> - <option value="syslog" <?php if ($config['log_handler'] == 'syslog') echo 'selected="selected"'; ?>>Syslog</option> - </select> - </td><td> </td> -</tr> - -<tr> - <td colspan='3' align='center'>Service Provider</td> -</tr> - -<tr> - <td>Metadata :</td> - <td><input type='text' name='sp-metadata' size='50' value='<?php echo $config['sp-metadata']; ?>'></td> - <td> </td> - -</tr> - - -<tr> - <td>Private Key :</td> - <td><input type='text' name='sp-private_key' size='50' value='<?php echo $config['sp-private_key']; ?>'></td> - <td> </td> -</tr> - -<tr> - <td>Secret Key (optional) :</td> - <td><input type='text' name='sp-secret_key' size='50' value='<?php echo $config['sp-secret_key']; ?>'></td> - <td> </td> -</tr> - -<tr> - <td>Certificate :</td> - <td><input type='text' name='sp-ca' size='50' value='<?php echo $config['sp-ca']; ?>'></td> - <td> </td> -</tr> - -<tr> - <td colspan='3' align='center'>Identity Provider</td> -</tr> - -<tr> - <td>ProviderID :</td> - <td><input type='text' name='providerID' size='50' value='<?php echo $config['providerID']; ?>'></td> - <td> </td> -</tr> - -<tr> - <td>Metadata :</td> - <td><input type='text' name='idp-metadata' size='50' value='<?php echo $config['idp-metadata']; ?>'></td> - <td> </td> -</tr> - -<tr> - <td>Public Key :</td> - <td><input type='text' name='idp-public_key' size='50' value='<?php echo $config['idp-public_key']; ?>'> - </td><td> </td> -</tr> -<tr> - <td>Certificate :</td> - <td><input type='text' name='idp-ca' size='50' value='<?php echo $config['idp-ca']; ?>'></td> - <td> </td> -</tr> - -<tr> - <td colspan='3'> </td> -</tr> - -<tr> - <td align='center' colspan='3'><input type='submit' value='setup'></td> -</tr> -</table> -<input type='hidden' name='action' value='setup'> -</form> -<p align='center'><a href='index.php'>Index</a> -</p> -<p>Copyright © 2004, 2005 Entr'ouvert</p> -</body> -</html> -<?php - } -?> diff --git a/php/Attic/examples/sample-sp/soapEndpoint.php b/php/Attic/examples/sample-sp/soapEndpoint.php deleted file mode 100644 index 068dae18..00000000 --- a/php/Attic/examples/sample-sp/soapEndpoint.php +++ /dev/null @@ -1,143 +0,0 @@ -<?php -/* - * Identity Provider Example -- SOAP Endpoint - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - require_once 'Log.php'; - require_once 'DB.php'; - require_once 'session.php'; - - - $config = unserialize(file_get_contents('config.inc')); - - $server_dump = file_get_contents($config['server_dump_filename']); - - header("Content-Type: text/xml\r\n"); - - // connect to the data base - $db = &DB::connect($config['dsn']); - if (DB::isError($db)) - { - header("HTTP/1.0 500 Internal Server Error"); - exit; - } - - // create logger - $conf['db'] = $db; - $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); - - // session handler - session_set_save_handler("open_session", "close_session", - "read_session", "write_session", "destroy_session", "gc_session"); - - session_start(); - - if (empty($HTTP_RAW_POST_DATA)) - { - $logger->log("HTTP_RAW_POST_DATA is empty", PEAR_LOG_WARNING); - die("HTTP_RAW_POST_DATA is empty!"); - } - - lasso_init(); - - $requestype = lasso_getRequestTypeFromSoapMsg($HTTP_RAW_POST_DATA); - $server = LassoServer::newFromDump($server_dump); - - switch ($requestype) - { - case lassoRequestTypeLogout: - $logger->info("SOAP Logout Request from " . $_SERVER['REMOTE_ADDR']); - - break; - case lassoRequestTypeDefederation: - $logger->info("SOAP Defederation Request from " . $_SERVER['REMOTE_ADDR']); - - $defederation = new LassoDefederation($server, lassoProviderTypeSp); - $defederation->processNotificationMsg($HTTP_RAW_POST_DATA, lassoHttpMethodSoap); - - $nameIdentifier = $defederation->nameIdentifier; - if (empty($nameIdentifier)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("Name Identifier is empty"); - exit; - } - - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameIdentifier'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - exit; - } - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("Name identifier '$nameIdentifier' doesn't correspond to any user"); - exit; - } - - $row = $res->fetchRow(); - $user_id = $row[0]; - $logger->debug("UserID is '$user_id"); - - $query = "SELECT identity_dump FROM users WHERE user_id='$user_id'"; - $res =& $db->query($query); - - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->crit("DB Error :" . $res->getMessage()); - $logger->debug("DB Error :" . $res->getDebugInfo()); - exit; - } - - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->err("User is not federated."); - exit; - } - $row = $res->fetchRow(); - $identity_dump = $row[0]; - - $defederation->setIdentityFromDump($identity_dump); - - // TODO : Get Session - - $defederation->validateNotification(); - - $identity = $defederation->identity; - - if (!isset($identity->dump)) - { - $identity_dump = $identity->dump; - } - - break; - default: - header("HTTP/1.0 500 Internal Server Error"); - $logger->crit("Unknown or unsupported SOAP request"); - } - -?> diff --git a/php/Attic/examples/sample-sp/sp_openssl.cnf b/php/Attic/examples/sample-sp/sp_openssl.cnf deleted file mode 100644 index f0b622d7..00000000 --- a/php/Attic/examples/sample-sp/sp_openssl.cnf +++ /dev/null @@ -1,19 +0,0 @@ -[ req ] -default_bits = 2048 -encrypt_key = yes -distinguished_name = req_dn -x509_extensions = cert_type -prompt = no - -[ req_dn ] -C=FR -ST=Ile de France -L=Paris -O=Entrouvert -OU=Automatically-generated SSL key -CN=sp1 -emailAddress=webmaster@domain.com - -[ cert_type ] -nsCertType = server - diff --git a/php/Attic/examples/sample-sp/view_session.php b/php/Attic/examples/sample-sp/view_session.php deleted file mode 100644 index 056e5bb1..00000000 --- a/php/Attic/examples/sample-sp/view_session.php +++ /dev/null @@ -1,88 +0,0 @@ -<?php -/* - * Service Provider Example -- Online User Viewer - * - * Copyright (C) 2004, 2005 Entr'ouvert - * http://lasso.entrouvert.org - * - * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - - require_once 'DB.php'; - - if (!file_exists('config.inc')) - { -?> -<p align='center'><b>Service Provider Configuration file is not available</b><br> -Please run the setup script :<br> -<a href='setup.php'>Lasso Service Provider Setup</a><br> -You can get more informations about <b>Lasso</b> at <br> -<a href='http://lasso.entrouvert.org/'>http://lasso.entrouvert.org/</a></p> -<?php - exit(); - } - $config = unserialize(file_get_contents('config.inc')); - - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) - die($db->getMessage()); - - $query = "SELECT * FROM sessions"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - $numRows = $res->numRows(); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> -<head> -<title>Lasso Service Provider Example : View Online Users</title> -<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> -</head> -<body> - -<p align='center'> -<table align='center' width='95%'> -<caption>Online Users</caption> -<thead> -<tr> - <td> </td> -</tr> -</thead> -<tbody> - -</tbody> -<tfoot> -<tr> - <td> </td> -</tr> -</tfoot> -</table> -</p> - -<br> -<p align='center'><a href='index.php'>Index</a> -</p> -<br> -<p align='center'>Copyright © 2004, 2005 Entr'ouvert</p> - -</body> -</html> |