From 0abfa7d0c8bac90e291cf7664a0302aa286f716d Mon Sep 17 00:00:00 2001 From: Christophe Nowicki Date: Fri, 10 Sep 2004 15:17:36 +0000 Subject: Use header("Location: $url\n\n") instead of header("Location: $url") Secure every SQL query with the quoteSmart methode. Completely rewrite singleSignOn.php, now the code is more easy to understand and more clean. --- php/Attic/examples/sample-idp/admin_user.php | 16 +- php/Attic/examples/sample-idp/login.php | 2 +- php/Attic/examples/sample-idp/logout.php | 3 +- php/Attic/examples/sample-idp/setup.php | 2 +- php/Attic/examples/sample-idp/singleSignOn.php | 273 ++++++++++++--------- php/Attic/examples/sample-sp/admin_user.php | 17 +- php/Attic/examples/sample-sp/assertionConsumer.php | 3 +- php/Attic/examples/sample-sp/index.php | 2 +- php/Attic/examples/sample-sp/login.php | 2 +- php/Attic/examples/sample-sp/logout.php | 3 +- php/Attic/examples/sample-sp/register.php | 10 +- 11 files changed, 186 insertions(+), 147 deletions(-) (limited to 'php') diff --git a/php/Attic/examples/sample-idp/admin_user.php b/php/Attic/examples/sample-idp/admin_user.php index b797580d..56b1f7e4 100644 --- a/php/Attic/examples/sample-idp/admin_user.php +++ b/php/Attic/examples/sample-idp/admin_user.php @@ -36,8 +36,8 @@ // Show XML dump if (!empty($_GET['dump']) && !empty($_GET['type'])) { - $query = "SELECT " . ($_GET['type'] == 'user' ? 'user' : 'session') . - $query .= "_dump FROM users WHERE user_id='" . $_GET['dump'] . "'"; + $query = "SELECT " . ($_GET['type'] == 'identity' ? 'identity' : 'session') . + $query .= "_dump FROM users WHERE user_id=".$db->quoteSmart($_GET['dump']); $res =& $db->query($query); if (DB::isError($res)) die($res->getMessage()); @@ -67,15 +67,15 @@ if (!empty($_GET['del'])) { - $query = "DELETE FROM nameidentifiers WHERE user_id='" . $_GET['del'] . "'" ; + $query = "DELETE FROM nameidentifiers WHERE user_id=".$db->quoteSmart($_GET['del']); $res =& $db->query($query); if (DB::isError($res)) - print $res->getMessage(). "\n"; + die($res->getMessage()); - $query = "DELETE FROM users WHERE user_id='" . $_GET['del'] . "'" ; + $query = "DELETE FROM users WHERE user_id=".$db->quoteSmart($_GET['del']); $res =& $db->query($query); if (DB::isError($res)) - print $res->getMessage(). "\n"; + die($res->getMessage()); } @@ -193,8 +193,8 @@ view"; + case "identity_dump": + echo "view"; break; case "session_dump": echo "view"; diff --git a/php/Attic/examples/sample-idp/login.php b/php/Attic/examples/sample-idp/login.php index b61a933b..4c4e4979 100644 --- a/php/Attic/examples/sample-idp/login.php +++ b/php/Attic/examples/sample-idp/login.php @@ -66,7 +66,7 @@ $url = 'index.php'; header("Request-URI: $url"); header("Content-Location: $url"); - header("Location: $url"); + header("Location: $url\n\n"); exit; } } diff --git a/php/Attic/examples/sample-idp/logout.php b/php/Attic/examples/sample-idp/logout.php index 7f187cab..83c23a33 100644 --- a/php/Attic/examples/sample-idp/logout.php +++ b/php/Attic/examples/sample-idp/logout.php @@ -32,5 +32,6 @@ $url = "index.php"; header("Request-URI: $url"); header("Content-Location: $url"); - header("Location: $url"); + header("Location: $url\n\n"); + exit; ?> diff --git a/php/Attic/examples/sample-idp/setup.php b/php/Attic/examples/sample-idp/setup.php index 631b753c..b1cc113f 100644 --- a/php/Attic/examples/sample-idp/setup.php +++ b/php/Attic/examples/sample-idp/setup.php @@ -210,7 +210,7 @@ user_id varchar(100) primary key, username varchar(255) unique, password varchar(255), - user_dump text, + identity_dump text, session_dump text)"; $res =& $db->query($query); if (DB::isError($res)) diff --git a/php/Attic/examples/sample-idp/singleSignOn.php b/php/Attic/examples/sample-idp/singleSignOn.php index 93d040f7..f137e73f 100644 --- a/php/Attic/examples/sample-idp/singleSignOn.php +++ b/php/Attic/examples/sample-idp/singleSignOn.php @@ -28,6 +28,12 @@ $config = unserialize(file_get_contents('config.inc')); session_start(); + + lasso_init(); + + // Create Lasso Server + $server_dump = file_get_contents($config['server_dump_filename']); + $server = LassoServer::newFromDump($server_dump); // Create the form $form = new HTML_QuickForm('frm'); @@ -41,87 +47,92 @@ $form->addRule('username', 'Please enter the Username', 'required', null, 'client'); $form->addRule('password', 'Please enter the Password', 'required', null, 'client'); - function singleSignOn_done($config, $db, $user_id = 0) + /* + * This function authentificate the user against the Postgres Database + */ + function authentificateUser($db, $username, $password) { - $server_dump = file_get_contents($config['server_dump_filename']); - - lasso_init(); - - $server = LassoServer::newFromDump($server_dump); - $login = LassoLogin::newFromDump($server, $_SESSION['login_dump']); + $query = "SELECT user_id FROM users WHERE username=".$db->quoteSmart($username); + $query .= " AND password=".$db->quoteSmart($password); + + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + if ($res->numRows()) + { + $row = $res->fetchRow(); + return ($row[0]); + } + return (0); + } + + /* + * + */ + function doneSingleSignOn($db, $login, $user_id, $is_first_sso) + { $authenticationMethod = (($_SERVER["HTTPS"] == 'on') ? lassoSamlAuthenticationMethodSecureRemotePassword : lassoSamlAuthenticationMethodPassword); - // reauth in session_cache_expire default is 180 minutes + // reauth in session_cache_expire, default is 180 minutes $reauthenticateOnOrAfter = strftime("%Y-%m-%dT%H:%M:%SZ", time() + session_cache_expire() * 60); - - if ($login->protocolProfile == lassoLoginProtocolProfileBrwsArt) + + /* FIXME : there is a segfault when I use a switch statement + switch($login->protocolProfile) { - $login->buildArtifactMsg( - TRUE, // User is authenticated - $authenticationMethod, - $reauthenticateOnOrAfter, - lassoHttpMethodRedirect); - } + case lassoLoginProtocolProfileBrwsArt: + $login->buildArtifactMsg(TRUE, // User is authenticated + $authenticationMethod, $reauthenticateOnOrAfter, lassoHttpMethodRedirect); + break; + case lassoLoginProtocolProfileBrwsPost: + die("TODO : Post\n"); + default: + die("Unknown protocol profile\n"); + } */ + + if ($login->protocolProfile == lassoLoginProtocolProfileBrwsArt) + $login->buildArtifactMsg(TRUE, // User is authenticated + $authenticationMethod, $reauthenticateOnOrAfter, lassoHttpMethodRedirect); else if ($login->protocolProfile == lassoLoginProtocolProfileBrwsPost) - { - // TODO - print "TODO : Post\n"; - exit(); - } + die("TODO : Post\n"); // TODO else - die("Unknown protocol profile for login:" . $login->protocolProfile); - - if (empty($user_id)) - { - // Get user_id - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='"; - $query .= $login->nameIdentifier . "'"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); + die("Unknown protocol profile\n"); - $row = $res->fetchRow(); - $user_id = $row[0]; - } - else + if ($is_first_sso) { + // name_identifier $query = "INSERT INTO nameidentifiers (name_identifier, user_id) "; $query .= "VALUES ('" . $login->nameIdentifier . "','$user_id')"; - $res =& $db->query($query); + + $res =& $db->query($query); if (DB::isError($res)) - die($res->getMessage()); - $name_identifier = $login->nameIdentifier; + die($res->getMessage()); } + $identity = $login->identity; + // do we need to update identity dump? if ($login->isIdentityDirty) { - $identity = $login->identity; - $query = "UPDATE users SET user_dump=".$db->quoteSmart($identity->dump()); + $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity->dump()); $query .= " WHERE user_id='$user_id'"; $res =& $db->query($query); if (DB::isError($res)) die($res->getMessage()); - } + } - // Update identity dump - $identity = $login->identity; - $query = "UPDATE users SET user_dump=".$db->quoteSmart($identity->dump())." WHERE user_id='$user_id'"; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - // Update session dump $session = $login->session; - $query = "UPDATE users SET session_dump=".$db->quoteSmart($session->dump())." WHERE user_id='$user_id'"; + // do we need to update session dump? + if ($login->isSessionDirty) + { + $query = "UPDATE users SET session_dump=".$db->quoteSmart($identity->dump()); + $query .= " WHERE user_id='$user_id'"; - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + } if (empty($login->assertionArtifact)) die("assertion Artifact is empty"); @@ -131,7 +142,7 @@ if (empty($assertion_dump)) die("assertion dump is empty"); - + // Save assertion $query = "INSERT INTO assertions (assertion, response_dump, created) VALUES "; $query .= "('".$login->assertionArtifact."',".$db->quoteSmart($assertion_dump).", NOW())"; @@ -140,98 +151,122 @@ if (DB::isError($res)) die($res->getMessage()); - $_SESSION['login_dump'] = $login->dump(); + $_SESSION['login_dump'] = ''; // delete login_dump + $_SESSION['identity_dump'] = $session->dump(); $_SESSION['session_dump'] = $session->dump(); - if ($login->protocolProfile == lassoLoginProtocolProfileBrwsArt) - { - $url = $login->msgUrl; - - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url"); - } - else if ($login->protocolProfile == lassoLoginProtocolProfileBrwsPost) + switch($login->protocolProfile) { + case lassoLoginProtocolProfileBrwsArt: + $url = $login->msgUrl; + + header("Request-URI: $url"); + header("Content-Location: $url"); + header("Location: $url\n\n"); + lasso_shutdown(); + exit; + case lassoLoginProtocolProfileBrwsPost: + die("TODO : lassoLoginProtocolProfileBrwsPost"); + break; + default: + die("Unknown Login Protocol Profile"); } - - lasso_shutdown(); } - if (!$form->validate()) + // validate login + if ($form->validate()) { - // Check for AuthnRequest - if (empty($_POST) && empty($_GET)) + if (empty($_SESSION['login_dump'])) + die("Login dump is not registred"); + + // conect to the data base + $db = &DB::connect($config['dsn']); + if (DB::isError($db)) + die($db->getMessage()); + + $login = LassoLogin::newfromdump($server, $_SESSION['login_dump']); + + if (($user_id = authentificateUser($db, $form->exportValue('username'), + $form->exportValue('password')))) { - die("Unknow login methode!"); - } + // User is authentificated + $query = "SELECT identity_dump,session_dump FROM users WHERE identity_dump"; + $query .= " IS NOT NULL AND session_dump IS NOT NULL AND user_id='$user_id'"; - lasso_init(); - - $server_dump = file_get_contents($config['server_dump_filename']); + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); - $server = LassoServer::newfromdump($server_dump); + $is_first_sso = FALSE; + if ($res->numRows()) + { + $row =& $res->fetchRow(); + $login->setIdentityFromDump($row[0]); + $login->setSessionFromDump($row[1]); + } + else + $is_first_sso = TRUE; - if (!empty($_SESSION['login_dump'])) - $login = LassoLogin::newFromDump($server, $_SESSION['login_dump']); - else - $login = new LassoLogin($server); + doneSingleSignOn($db, $login, $user_id, $is_first_sso); + $db->disconnect(); + exit; + } + } + else + { + $login = new LassoLogin($server); + // Get session and identity dump if there are available if (!empty($_SESSION['session_dump'])) $login->setSessionFromDump($_SESSION['session_dump']); + + if (!empty($_SESSION['identity_dump'])) + $login->setIdentityFromDump($_SESSION['identity_dump']); - if ($_SERVER['REQUEST_METHOD'] = 'GET') - $login->initFromAuthnRequestMsg($_SERVER['QUERY_STRING'], lassoHttpMethodRedirect); - else + switch ($_SERVER['REQUEST_METHOD']) { - // TODO - exit; + case 'GET': + $login->initFromAuthnRequestMsg($_SERVER['QUERY_STRING'], lassoHttpMethodRedirect); + break; + case 'POST': + die("methode POST not implemented"); // TODO + break; + default: + die("Unknown request method"); } - + // User must NOT Authenticate with the IdP if (!$login->mustAuthenticate()) { + // conect to the data base $db = &DB::connect($config['dsn']); if (DB::isError($db)) die($db->getMessage()); - singleSignOn_done($config, $db); + $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='"; + $query .= $login->nameIdentifier . "'"; + + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + + if (!$res->numRows()) + die("Unknown User"); + + $row = $res->fetchRow(); + $user_id = $row[0]; + + doneSingleSignOn($db, $user_id); $db->disconnect(); exit; } - - $login_dump = $login->dump(); - $session = $login->session; - $_SESSION['login_dump'] = $login->dump(); - $_SESSION['session_dump'] = $session->dump(); - - lasso_shutdown(); - } - - - if (isset($_SESSION['login_dump']) && $form->validate()) - { - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) - die($db->getMessage()); - - $query = "SELECT user_id FROM users WHERE username=" . $db->quoteSmart($form->exportValue('username')); - $query .= " AND password=" . $db->quoteSmart($form->exportValue('password'));; - - $res =& $db->query($query); - if (DB::isError($res)) - die($res->getMessage()); - - if ($res->numRows()) + else { - $row = $res->fetchRow(); - $user_id = $row[0]; - singleSignOn_done($config, $db, $user_id); - $db->disconnect(); - exit(); + // register login dump in this session, + // we can not transfert xml dump with hidden input + $_SESSION['login_dump'] = $login->dump(); } - } + } ?> diff --git a/php/Attic/examples/sample-sp/admin_user.php b/php/Attic/examples/sample-sp/admin_user.php index 6893ad72..4c219432 100644 --- a/php/Attic/examples/sample-sp/admin_user.php +++ b/php/Attic/examples/sample-sp/admin_user.php @@ -33,7 +33,7 @@ die($db->getMessage()); if (!empty($_GET['dump'])) { - $query = "SELECT identity_dump FROM users WHERE user_id='" . $_GET['dump'] . "'"; + $query = "SELECT identity_dump FROM users WHERE user_id='".$db->quoteSmart($_GET['dump']); $res =& $db->query($query); if (DB::isError($res)) print $res->getMessage(). "\n"; @@ -64,21 +64,20 @@ exit; } - if (!empty($_GET['del'])) { + if (!empty($_GET['del'])) + { - $query = "DELETE FROM nameidentifiers WHERE user_id='" . $_GET['del'] . "'" ; + $query = "DELETE FROM nameidentifiers WHERE user_id=".$db->quoteSmart($_GET['del']); $res =& $db->query($query); if (DB::isError($res)) - print $res->getMessage(). "\n"; + die($res->getMessage()); - $query = "DELETE FROM users WHERE user_id='" . $_GET['del'] . "'" ; + $query = "DELETE FROM users WHERE user_id='".$db->quoteSmart($_GET['del']); $res =& $db->query($query); if (DB::isError($res)) - print $res->getMessage(). "\n"; - - } + die($res->getMessage()); + } - $query = "SELECT * FROM users"; $res =& $db->query($query); if (DB::isError($res)) diff --git a/php/Attic/examples/sample-sp/assertionConsumer.php b/php/Attic/examples/sample-sp/assertionConsumer.php index 575356e0..fd0c9fe9 100644 --- a/php/Attic/examples/sample-sp/assertionConsumer.php +++ b/php/Attic/examples/sample-sp/assertionConsumer.php @@ -25,7 +25,6 @@ $config = unserialize(file_get_contents('config.inc')); require_once 'DB.php'; - if (!$_GET['SAMLart']) { exit(1); @@ -182,6 +181,6 @@ header("Request-URI: $url"); header("Content-Location: $url"); - header("Location: $url"); + header("Location: $url\n\n"); exit(); ?> diff --git a/php/Attic/examples/sample-sp/index.php b/php/Attic/examples/sample-sp/index.php index 99c39bb9..c7b2d39b 100644 --- a/php/Attic/examples/sample-sp/index.php +++ b/php/Attic/examples/sample-sp/index.php @@ -127,7 +127,7 @@ You can get more informations about Lasso at
if (DB::isError($res)) print $res->getMessage(). "\n"; - list($user_id, $identity_dump, $first_name, $last_name, $created, $last_login) = $res->fetchRow(); + list($user_id, $identity_dump, $first_name, $last_name, $last_login, $created) = $res->fetchRow(); ?> diff --git a/php/Attic/examples/sample-sp/login.php b/php/Attic/examples/sample-sp/login.php index 199c52da..a78589af 100644 --- a/php/Attic/examples/sample-sp/login.php +++ b/php/Attic/examples/sample-sp/login.php @@ -48,6 +48,6 @@ header("Request-URI: $url"); header("Content-Location: $url"); - header("Location: $url"); + header("Location: $url\n\n"); exit(); ?> diff --git a/php/Attic/examples/sample-sp/logout.php b/php/Attic/examples/sample-sp/logout.php index 10a9ca81..fedae253 100644 --- a/php/Attic/examples/sample-sp/logout.php +++ b/php/Attic/examples/sample-sp/logout.php @@ -124,5 +124,6 @@ header("Request-URI: $url"); header("Content-Location: $url"); - header("Location: $url"); + header("Location: $url\n\n"); + exit; ?> diff --git a/php/Attic/examples/sample-sp/register.php b/php/Attic/examples/sample-sp/register.php index 7e61d4f7..317c3460 100644 --- a/php/Attic/examples/sample-sp/register.php +++ b/php/Attic/examples/sample-sp/register.php @@ -43,7 +43,11 @@ if (DB::isError($db)) die($db->getMessage()); - $query = "UPDATE users SET first_name='" . $_POST['first_name'] . "',last_name='". $_POST['last_name'] ."' WHERE user_id='".$_SESSION["user_id"]."'"; + // Update User info + $query = "UPDATE users SET first_name=" . $db->quoteSmart($_POST['first_name']); + $query .= ",last_name=" . $db->quoteSmart($_POST['last_name']); + $query .= " WHERE user_id='".$_SESSION["user_id"]."'"; + $res =& $db->query($query); if (DB::isError($res)) print $res->getMessage(). "\n"; @@ -51,8 +55,8 @@ $url = "index.php"; header("Request-URI: $url"); header("Content-Location: $url"); - header("Location: $url"); - break; + header("Location: $url\n\n"); + exit(); default: ?>