Newer
Older
<?php
// #######################################################
// Author: Martin Haase / DAASI International GmbH / TextGrid
// Creation date: 2010-09-23
// Modification date: 2010-09-03
// Version: 0.1
// #######################################################
mb_internal_encoding("UTF-8");
class WebUtils {
// Global variables
public function __construct() {
}
public function printAuthSuccess($heading,$loginname,$rbachash,$slc) {
$this->printHeader($heading);
echo "<meta name=\"remote_principal\" content=\"".$rbachash["remote_user"]."\"/>\n";
echo "<meta name=\"rbac_session_status\" content=\"".$rbachash["scstatus"]."\"/>\n";
echo "<meta name=\"rbac_sessionid\" content=\"".$rbachash["Sid"]."\"/>\n";
if (!$slc["slcMode"]) {
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
echo "<meta name=\"ePPNplusSID\" content=\"".$rbachash["remote_user"]."|".$rbachash["Sid"]."\"/>\n";
}
echo "<style type=\"text/css\">";
echo "#d123 {display:none;}";
echo "</style>";
echo "<script type=\"text/javascript\">\n";
echo "<!--\n";
echo "function toggle (target) {\n";
echo "var obj=document.getElementById(target);\n";
echo "obj.style.display=\"block\";\n";
echo "}\n";
echo "-->\n";
echo "</script>\n";
echo "</head>\n<body>\n";
echo "<h2>Authentication Succeeded</h2>\n";
echo "<p>You were successfully authenticated with User ID '<b>" . $rbachash["remote_user"] . "</b>'. You may now access remote resources using the TextGrid Lab. This window can be closed.</p>\n";
// Details -----------------------------------------------
echo "<p>More <a href=\"javascript:toggle('d123')\">Details</a>.</p>\n";
echo "<div id=\"d123\"> <h2>Authentication Details</h2>\n";
echo "<table><tr><td>TgAuth Instance</td><td>". $rbachash["rbacbase"] ."</td></tr>\n";
echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $rbachash["identity_provider"] ."</td></tr>\n";
echo "<tr><td>Login Name</td><td>". (isset($loginname) ? $loginname : "only known at your home organization") ."</td></tr>\n";
echo "<tr><td>User ID Attribute Name</td><td>". $rbachash["identified_user"]['authnmethod'] ."</td></tr>\n";
echo "<tr><td>User ID Value </td><td>".$rbachash["remote_user"]."</td></tr>\n";
// echo "<tr><td>Given Name(s)</td><td>".$givennames."</td></tr>\n";
// echo "<tr><td>Surname(s)</td><td>".$surnames."</td></tr>\n";
// echo "<tr><td>Common Name(s)</td><td>".$cns."</td></tr>\n";
// echo "<tr><td>Mail(s)</td><td>".$mails."</td></tr>\n";
// echo "<tr><td>Organisation(s)</td><td>".$organisations."</td></tr>\n";
echo "<tr><td>TgAuth Session ID</td><td>".$rbachash["Sid"]."</td></tr></table>\n";
echo "</div>";
if ($slc['slcMode']) {
echo "SLCMODE YES";
$isSLCScompatible = $this->scanEntitlements($slc);
if ($isSLCScompatible) {
echo "SLCcompatible YES";
$this->showCertificateButtons($slc,$rbachash);
} else {
$this->showCertificateInfoButton($slc,$rbachash);
}
}
function showCertificateButtons ($slc,$rbachash) {
echo "<form method=\"get\" action=\"". $slc['slcPortalDelegationURL'] ."\">\n";
echo "<input type=\"hidden\" name=\"userDetails\" value=\"" . $rbachash['remote_user'] . "|" .$rbachash['Sid'] ."|". $rbachash['authZinstance'] . "\">\n";
echo "<input type=\"submit\" value=\"Request Certificate\">\n";
echo "</form>\n\n";
echo "<form method=\"post\" action=\"". $slc['slcNoDelegationURL'] ."\">\n";
echo "<input type=\"hidden\" name=\"ePPNplusSID\" value=\"" . $rbachash['remote_user'] . "|" .$rbachash['Sid'] . "\">\n";
echo "<input type=\"submit\" value=\"Use Existing Certificate\"/>\n";
echo "</form>\n";
}
function showCertificateInfoButton ($slc,$rbachash) {
echo "<br/><br/>Your account does not include certificate support.";
echo "<form method=\"post\" action=\"". $slc['slcNoDelegationURL'] ."\">\n";
echo "<input type=\"hidden\" name=\"ePPNplusSID\" value=\"" . $rbachash['remote_user'] . "|" .$rbachash['Sid'] . "\">\n";
echo "<input type=\"submit\" value=\"Work without Certificate\"/>\n";
echo "</form>\n";
}
function scanEntitlements ($slc) {
if (isset($_SERVER[$slc['slcEntitlementAttributeName']])) {
$entitlements = $_SERVER[$slc['slcEntitlementAttributeName']];
$arrEntitlements = explode( ";", $entitlements);
foreach ($arrEntitlements as $ent) {
if ($ent === $slc['slcEntitlementAttributeValue']) {
return TRUE;
}
}
}
return FALSE;
public function printAuthFailure($heading,$detail,$loginname,$rbachash) {
$this->printHeader("Authentication failed");
if (isset($rbachash)) {
echo "<meta name=\"remote_principal\" content=\"". $rbachash["remote_user"]."\"/>\n";
echo "<meta name=\"rbac_session_status\" content=\"". $rbachash["scstatus"]."\"/>\n";
echo "<meta name=\"rbac_sessionid\" content=\"". $rbachash["Sid"]."\"/>\n";
}
echo "<style type=\"text/css\">";
echo "#d123 {display:none;}";
echo "</style>";
echo "<script type=\"text/javascript\">\n";
echo "<!--\n";
echo "function toggle (target) {\n";
echo " var obj=document.getElementById(target);\n";
echo " obj.style.display=\"block\";\n";
echo "}\n";
echo "-->\n";
echo "</script>\n";
echo "</head>\n\n<body>\n";
echo "<h2>Authentication Failure</h2>\n";
echo "<h3>$heading</h3>\n";
echo "<p>The Authentication system could not authenticate you.</p>\n";
echo "<p>More <a href=\"javascript:toggle('d123')\">Details</a>.</p>\n";
echo "<div id=\"d123\">";
echo "<h2>Error Details</h2>\n";
echo "<p>". $detail ."</p>" ;
echo "<h2>Authentication Details</h2>\n";
echo "<table>\n";
echo "<tr><td>Login Name</td><td>". $loginname ."</td></tr>\n";
if (isset($rbachash["rbacbase"])) {
echo "<tr><td>TgAuth Instance</td><td>". $rbachash["rbacbase"] ."</td></tr>\n";
if (isset($rbachash["identity_provider"])) {
echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $rbachash["identity_provider"] ."</td></tr>\n";
if (isset($rbachash["identified_user"]['authnmethod'] )) {
echo "<tr><td>User ID Attribute Name</td><td>". $rbachash["identified_user"]['authnmethod'] ."</td></tr>\n";
if (isset($rbachash["remote_user"])) {
echo "<tr><td>User ID Value </td><td>".$rbachash["remote_user"]."</td></tr>\n";
if (isset($rbachash["Sid"])) {
echo "<tr><td>TgAuth Session ID</td><td>".$rbachash["Sid"]."</td></tr>\n";
}
echo "</table>\n";
echo "</div>";
echo "<p>If not indicated otherwise in the <a href=\"javascript:toggle('d123')\">details</a>, it could be that some service is not responding temporarily. In this case, please <a href=\"javascript:history.back()\">go back</a> or re-open the TextGridLab and try again.</p>";
echo "<p>If the problem persists, please report this bug together with its time of occurence (" . date("Y-m-d H:i:s") . "). In the TextGridLab, choose 'Help->Report Bug'.</p>" ;
echo "\n</body>\n</html>";
}
public function printHeader ($title) {
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n";
echo "<head>\n";
echo "<title>" . $title . "</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />\n";
}
public function printAttributeForm ( $existingAttrs, $providedAttrs, $attrMap, $Sid, $authZinstance, $remote_user) {
if (isset ($providedAttrs)) {
$loginmode = TRUE;
$title = "Please Complete your User Attributes";
} else {
$loginmode = FALSE;
$title = "Your User Attributes for Modification";
}
$this->printHeader ($title);
echo "<meta name=\"remote_principal\" content=\"".$remote_user."\"/>\n";
echo "<meta name=\"rbac_sessionid\" content=\"".$Sid."\"/>\n";
echo "<script type=\"text/javascript\">\n";
echo "function chkFormular () {\n";
foreach ($existingAttrs as $a) {
if ($a->mandatory) {
echo " if (document.Formular.". $a->name . ".value == \"\") {\n";
echo " alert(\"Please specify your ".$a->displayname . "\\n(".$a->description . ").\");\n";
echo " document.Formular.". $a->name . ".focus();\n";
echo " return false;\n";
echo " }\n";
}
}
echo " if (document.Formular.mail.value.indexOf(\"@\") == -1 ){\n";
echo " alert(\"Please specify your valid E-Mail-Address.\");\n";
echo " document.Formular.mail.focus();\n";
echo " return false;\n";
echo " }\n";
echo "}\n"; // end of chkFormular
echo "</script>";
echo "</head>\n<body>\n";
echo "<h2>$title</h2>\n";
echo "<form name=\"Formular\" action=\"PutAttributes.php\" method=\"post\" onsubmit=\"return chkFormular()\">\n";
echo "<table>\n";
foreach ($existingAttrs as $a) {
$oldval = "";
if (isset ($a->value)) {
$oldval = $a->value;
}
if (isset($attrMap[$a->name]) && isset($providedAttrs[$attrMap[$a->name]])) {
$oldval = $providedAttrs[$attrMap[$a->name]];
}
if ($this->isBoolean ($a)) {
if ($oldval === "TRUE") {
$checked = "checked=\"checked\"";
} else {
$checked = "";
}
}
if ($a->mandatory) {
$mandatory = "<span style=\"color:red\">*</span>";
} else {
$mandatory = "";
}
echo "<tr><td>".$a->displayname." ${mandatory}</td>";
if ($this->isBoolean ($a)) {
echo "<td><input type=\"checkbox\" name=\"". $a->name . "\" value=\"yes\" ${checked}/></td>\n";
} else if ($this->isISO3166format ($a)) {
if ($oldval === "") {$oldval = "DE";} // pre-assume German Scholars
echo "<td>";
$this->formatISO3166list( $a->name, $oldval);
echo "</td>\n";
} else { // assume string
echo "<td><input type=\"text\" size=\"50\" name=\"". $a->name . "\" value=\"${oldval}\"${providedreadonly}/></td>\n";
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
}
echo "<td><div onmouseover=\"this.innerHTML = '". $a->description ."'\"\n";
echo " onmouseout=\"this.innerHTML = '?'\"> ?</div></td></tr>\n";
}
echo "</table>\n";
echo "<input type=\"hidden\" name=\"loginmode\" value=\"" . $loginmode . "\" />\n";
echo "<input type=\"hidden\" name=\"remote_user\" value=\"" . $remote_user . "\" />\n";
echo "<input type=\"hidden\" name=\"Sid\" value=\"" . $Sid . "\" />\n";
echo "<input type=\"hidden\" name=\"authZinstance\" value=\"" . $authZinstance . "\" />\n";
echo "<input type=\"submit\" value=\"Submit\"><input type=\"reset\" value=\"Cancel\">\n";
echo "</form>\n";
echo "\n</body>\n</html>";
}
public function printSetAttributesSuccess ($thedisplayname) {
$this->printHeader("Successfully updated User Attributes");
echo "</head><body>\n";
echo "Thank you, ${thedisplayname}, your user attributes are now up to date.<br/>\n";
echo "You can close this dialogue.\n";
echo "\n</body>\n</html>";
}
public function isBoolean ($attr) {
// TODO this is a hack yet
if ($attr->name === "agreesearch") {
return TRUE;
} else {
return FALSE;
}
}
public function isISO3166format ($attr) {
// TODO this is a hack yet
if ($attr->name === "citizenship" || $attr->name === "country") {
return TRUE;
} else {
return FALSE;
}
}
public function formatISO3166list ( $listname, $preselected ) {
$list = $this->list_iso3166();
echo "<select name=\"${listname}\" size=\"1\">\n";
foreach ($list as $code => $name) {
if ($code === $preselected) {
$selected = "selected=\"selected\"";
} else {
$selected = "";
}
echo "<option ${selected} value=\"${code}\">${name}</option>\n";
}
echo "</select>";
}
// taken from http://code.google.com/p/hm2k/source/browse/trunk/code/php/functions/iso3166.php
function list_iso3166($key=false) { // Returns a list of ISO 3166 alpha 2 country codes and names in an array
// Make a static copy of this file on your server
$url='http://www.iso.org/iso/iso3166_en_code_lists.txt';
// Path/Filename of the local copy (if present)
$file='iso3166_en_code_lists.txt';
// Can we find a local copy?
if (!file_exists($file)) { $file=$url; }
// Put the data into a list...
$list=@file_get_contents($file);
// No list? Return
if (empty($list)) { return; }
// Process list
$lines=explode("\n",$list);
$list=array();
foreach ($lines as $line) {
$line=explode(';',$line);
if (isset($line[1])) {
$list[trim($line[1])]=trim($line[0]);
}
}
// Shift first line (info line) off the array
array_shift($list);
//Return either entire list as array or just a key.
return isset($list[$key])?$list[$key]:$list;
}