1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
<?php
/*
* Service Provider Example -- Simple Sing On
*
* Copyright (C) 2004 Entr'ouvert
* http://lasso.entrouvert.org
*
* Authors: Christophe Nowicki <cnowicki@easter-eggs.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once 'Log.php';
require_once 'DB.php';
require_once 'session.php';
$config = unserialize(file_get_contents('config.inc'));
// connect to the data base
$db = &DB::connect($config['dsn']);
if (DB::isError($db))
die($db->getMessage());
// session handler
session_set_save_handler("open_session", "close_session",
"read_session", "write_session", "destroy_session", "gc_session");
session_start();
lasso_init();
$server_dump = file_get_contents($config['server_dump_filename']);
$server = LassoServer::newFromdump($server_dump);
$login = new LassoLogin($server);
if ($_GET['profile'] == 'post')
$login->initauthnrequest(lassoHttpMethodPost);
elseif ($_GET['profile'] == 'artifact')
$login->initauthnrequest(lassoHttpMethodRedirect);
else
die('Unknown Single Sign ON Profile');
$request = $login->authnRequest;
$request->isPassive = FALSE;
$request->nameIdPolicy = lassoLibNameIDPolicyTypeFederated;
$request->consent = lassoLibConsentObtained;
$login->buildAuthnRequestMsg($config['providerID']);
$url = $login->msgUrl;
$msg = $login->msgBody;
switch ($_GET['profile'])
{
case 'post':
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Authentication Request</title>
</head>
<body onLoad="document.forms[0].submit()">
<form action="<?php echo $url; ?>" method="post">
<p>You should be automaticaly redirected to an authentication server.</p>
<p>If this page is still visible after a few seconds, press the <em>Send</em> button below.</p>
<input type="hidden" name="LAREQ" value="<?php echo $msg; ?>" />
<input type="submit" name="SendButton" value="Send" />
</form>
</body>
</html>
<?
break;
case 'artifact' :
header("Request-URI: $url");
header("Content-Location: $url");
header("Location: $url\r\n\r\n");
break;
}
?>
|
