From de5fbedffb6b811045ad857a6050f8c61314c907 Mon Sep 17 00:00:00 2001
From: Martin Haase <martin.haase@daasi.de>
Date: Mon, 10 May 2010 07:10:19 +0000
Subject: [PATCH] move to tmp
git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@6158 7c539038-3410-0410-b1ec-0f2a7bf1c452
---
.../WebAuthN/WebAuthN.php | 80 ---
.../WebAuthN/authenticate.php | 74 ---
.../config_tgwebauth-dist.xml | 28 -
.../secure/TextGrid-WebAuth.php | 446 ---------------
.../secure/index.php | 5 -
.../secure/soapTypes.inc.php | 528 ------------------
6 files changed, 1161 deletions(-)
delete mode 100644 info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/WebAuthN.php
delete mode 100644 info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/authenticate.php
delete mode 100644 info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/config_tgwebauth-dist.xml
delete mode 100644 info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/TextGrid-WebAuth.php
delete mode 100644 info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/index.php
delete mode 100644 info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/soapTypes.inc.php
diff --git a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/WebAuthN.php b/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/WebAuthN.php
deleted file mode 100644
index 499e4ea..0000000
--- a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/WebAuthN.php
+++ /dev/null
@@ -1,80 +0,0 @@
-<?php
-// #######################################################
-// Author: Martin Haase / DAASI International GmbH
-// Creation date: 02.12.2008
-// Modification date: 07/05/2010
-// Version: 2.0
-// #######################################################
-
-header("Content-Type: text/html; charset=UTF-8");
-
-$authZinstance = $_REQUEST["authZinstance"];
-if ($authZinstance == null) {
- echo "Error: no authZinstance provided!";
- exit;
-}
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
- "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8">
-<title>TextGrid WebAuth</title>
-</head>
-<body>
-
-<h2>TextGridLab Login</h2>
-<table border="1" rules="cols" cellpadding="4">
-<tr>
-<td align="center" valign="top">
-<h3>textgrid.de account</h3>
-</td>
-
-<td align="center" valign="top">
-<h3>Home account</h3>
-</td>
-</tr>
-
-<tr>
-<td rowspan="2">
-<form action="authenticate.php" method="POST" name="textgriddeform">
- <p>Login:<br><input name="loginname" type="text" size="30" maxlength="30" value="Login ID" onclick="MachLeer()"></p>
- <p>Password:<br><input name="password" type="password" size="30"
- maxlength="30"></p>
-<?php
- echo "<input name=\"authZinstance\" type=\"hidden\" value=\"". $authZinstance . "\"/>";
-?>
- <input type="submit" value="log in">
-</form>
-<script type="text/javascript">
-document.textgriddeform.loginname.focus();
-document.textgriddeform.loginname.select();
-function MachLeer () {
- if (document.textgriddeform.loginname.value == "Login ID")
- document.textgriddeform.loginname.value = "";
-}
-</script>
-</td>
-
-
-<td align="center" valign="top">
-<form action="../secure/TextGrid-WebAuth.php">
-<?php
- echo "<input name=\"authZinstance\" type=\"hidden\" value=\"". $authZinstance . "\"/>";
-?>
- <input type="submit" value="log in via DFN-AAI">
-</form>
-</td>
-</tr>
-
-<tr>
-<td>If your school is not listed among the organizations on the
-DFN-AAI page, or if you encounter problems during log-in, you are
-welcome to <b>request a textgrid.de account</b> using the form
-on <a href="http://www.textgrid.de/beta/installation.html">http://www.textgrid.de/beta/installation.html</a>.
-</td>
-</tr>
-</table>
-
-</body>
-</html>
diff --git a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/authenticate.php b/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/authenticate.php
deleted file mode 100644
index 76cf728..0000000
--- a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/WebAuthN/authenticate.php
+++ /dev/null
@@ -1,74 +0,0 @@
-<?php
-// #######################################################
-// Author: Martin Haase / DAASI International GmbH
-// Creation date: 02.12.2008
-// Modification date: 07.05.2010
-// Version: 1.0
-// #######################################################
-
-mb_internal_encoding("UTF-8");
-
-$config = new DOMDocument();
-$config->load('../../../config_tgwebauth.xml');
-$xpath = new DOMXPath($config);
-$xpath->registerNamespace("c", "http://textgrid.info/namespaces/middleware/tgwebauth");
-
-$ldaphost = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='host']")->item(0)->nodeValue;
-$ldapport = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='port']")->item(0)->nodeValue;
-$binddn = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='binddn']")->item(0)->nodeValue;
-$basedn = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='basedn']")->item(0)->nodeValue;
-$filter = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='filter']")->item(0)->nodeValue;
-$IDattribute = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='IDattribute']")->item(0)->nodeValue;
-$LDAPname = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='name']")->item(0)->nodeValue;
-
-
-$authZinstance = $_REQUEST["authZinstance"];
-$login = $_REQUEST["loginname"];
-$password = $_REQUEST["password"];
-
-
-// LDAP
-$ldapconn = ldap_connect( $ldaphost, $ldapport )
- or die( "Cannot connect to {$ldaphost}!" );
-ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
-ldap_start_tls( $ldapconn );
-
-$binddn = preg_replace ('/\${login}/', $login, $binddn);
-$bound = ldap_bind($ldapconn, $binddn , $password);
-if (!$bound) {
- ?>
- <html><head><title>Test</title>
- </head><body>
- Authentication failed, wrong login and/or password. Go <a href="javascript:history.back()">back</a> to login page.
- </body></html>
- <?php
- exit;
-} else {
- //echo "Could bind as user ${login}!";
- $filter = preg_replace ('/\${login}/', $login, $filter);
- $result = ldap_search( $ldapconn, $basedn, $filter);
- $entry = ldap_first_entry( $ldapconn , $result );
-
- $attrs = ldap_get_attributes ($ldapconn , $entry);
-
- $TGID = $attrs[$IDattribute][0];
-
- $_SERVER["REMOTE_USER"] = $TGID;
-
- foreach (array("o", "sn", "givenName", "cn", "mail") as $a) {
- if ( isset($attrs[$a])) {
- $vals = array();
- for ($i=0; $i<$attrs[$a]['count']; $i++) {
- $vals[] = $attrs[$a][$i];
- }
- $_SERVER[$a] = implode (';', $vals);
- }
- }
-
-}
-
-$_SERVER["Shib-Identity-Provider"] = $LDAPname;
-
-include("../secure/TextGrid-WebAuth.php"); //assuming the request context remains
-
-?>
diff --git a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/config_tgwebauth-dist.xml b/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/config_tgwebauth-dist.xml
deleted file mode 100644
index 20f0a4e..0000000
--- a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/config_tgwebauth-dist.xml
+++ /dev/null
@@ -1,28 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<conf xmlns="http://textgrid.info/namespaces/middleware/tgwebauth">
- <authn type="community">
- <key name="host">ldap.example.org</key>
- <key name="port">389</key>
- <key name="binddn">uid=${login},ou=users,dc=example,dc=org</key>
- <key name="basedn">ou=users,dc=example,dc=org</key>
- <key name="filter">(uid=${login})</key>
- <key name="IDattribute">eduPersonPrincipalName</key>
- <key name="name">TextGrid Community Authentication Server</key>
- </authn>
- <authz instance="rbac1">
- <rbacbase>http://www.example.org/rbac1/</rbacbase>
- <sessioncreator>
- <user>user1</user>
- <password>password1</password>
- </sessioncreator>
- <setnamessecret>secret1</setnamessecret>
- </authz>
- <authz instance="rbac2">
- <rbacbase>http://www.example.org/rbac2/</rbacbase>
- <sessioncreator>
- <user>user2</user>
- <password>password2</password>
- </sessioncreator>
- <setnamessecret>secret2</setnamessecret>
- </authz>
-</conf>
diff --git a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/TextGrid-WebAuth.php b/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/TextGrid-WebAuth.php
deleted file mode 100644
index b9dcb5a..0000000
--- a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/TextGrid-WebAuth.php
+++ /dev/null
@@ -1,446 +0,0 @@
-<?php
-// #######################################################
-// Authors: Markus Widmer & Martin Haase
-// Creation date: 08.07.2007
-// Modification date: 07/05/010
-// Version: 2.0
-// #######################################################
-
-header('Content-Type: text/html; charset=utf-8');
-
-//phpinfo();
-require_once( "soapTypes.inc.php" );
-
-$config = new DOMDocument();
-$config->load('../../../config_tgwebauth.xml');
-$xpath = new DOMXPath($config);
-$xpath->registerNamespace("c", "http://textgrid.info/namespaces/middleware/tgwebauth");
-
-
-$authZinstance = $_REQUEST["authZinstance"];
-$rbacInstance = $xpath->query("/c:conf/c:authz[@instance='${authZinstance}']");
-if ($rbacInstance->length == 0)
- {
- echo "Error: '${authZinstance}' has no RBAC base configured!<br>\n";
- exit;
- }
-
-$rbacbase = $xpath->query("/c:conf/c:authz[@instance='${authZinstance}']/c:rbacbase")->item(0)->nodeValue;
-$sessionCreatorUid = $xpath->query("/c:conf/c:authz[@instance='${authZinstance}']/c:sessioncreator/c:user")->item(0)->nodeValue;
-$sessionCreatorPw = $xpath->query("/c:conf/c:authz[@instance='${authZinstance}']/c:sessioncreator/c:password")->item(0)->nodeValue;
-$setnamessecret = $xpath->query("/c:conf/c:authz[@instance='${authZinstance}']/c:setnamessecret")->item(0)->nodeValue;
-
-// the session creation status will collect all messages
-// during the course of authentication
-$scstatus = "";
-
-$remote_user = $_SERVER["REMOTE_USER"];
-$identity_provider = $_SERVER["Shib-Identity-Provider"];
-if (isset($_SERVER["givenName"])) { $givennames = $_SERVER["givenName"];} else { $givennames = "";}
-if (isset($_SERVER["sn"])) { $surnames = $_SERVER["sn"];} else { $surnames = "";}
-if (isset($_SERVER["cn"])) { $cns = $_SERVER["cn"];} else { $cns = "";}
-if (isset($_SERVER["mail"])) { $mails = $_SERVER["mail"];} else { $mails = "";}
-if (isset($_SERVER["o"])) { $organisations = $_SERVER["o"];} else { $organisations = "";}
-
-
-$identified_user = identify($remote_user, $identity_provider);
-
-if ($identified_user['authnmethod'] == 'none') {
- format_error("User ID not given by home institution",
- "Your school (its Identity Provider) did not provide a useable User ID to TextGrid.<br/>\n"
- ."Please contact your school's computing centre and ask them to release to TextGrid's Service Provider "
- ."at least one of the following attributes: eduPersonPrincipalName, PersistentID or TargetedID. Thank you.");
- exit;
-} else {
- $scstatus .= "Authentication Method: ". $identified_user['authnmethod'] . "; ";
- $remote_user = $identified_user['user'] . "@" . $identified_user['scope'];
-}
-
-
-// -----------------------------------------------------
-// You'll need these services
-// -----------------------------------------------------
-$soapExtra = new SoapClient( $rbacbase . "wsdl/tgextra.wsdl" );
-$soapPolicy = new SoapClient( $rbacbase . "wsdl/tgsystem.wsdl" );
-$soapReview = new SoapClient( $rbacbase . "wsdl/tgreview.wsdl" );
-$soapAdministration = new SoapClient( $rbacbase . "wsdl/tgadministration.wsdl" );
-
-
-// -----------------------------------------------------
-// Before you can create a session you have to
-// authenticate. If this was successful you get a
-// session-ID that you should keep
-// -----------------------------------------------------
-$authReq = new authenticateRequest();
-$authReq->username = $sessionCreatorUid;
-$authReq->password = $sessionCreatorPw;
-
-
-//echo "<HR/>";
-//echo "Doing authentication...<BR/>";
-
-try {
- $authResponse = $soapExtra->authenticate( $authReq );
-
- if( preg_match( "/[0-9a-z]{2,}/i", $authResponse->auth ) ) {
- $scstatus .= "WebAuth authenticated at RBAC, received an internal SessionId. ";
- }
-
-} catch( SoapFault $f ) {
- format_error("Internal Error",
- "SOAP FAULT (authenticate)!: " . $f->faultcode . " / " . $f->faultstring . " / " . $f->detail );
- exit;
-}
-
-
-
-// -----------------------------------------------------
-// Now you can try to add an active role to your session creator session
-// -----------------------------------------------------
-$addRoleReq = new addActiveRoleRequest();
-$addRoleReq->username = $sessionCreatorUid;
-$addRoleReq->role = "sessionCreator,Anwendung";
-$addRoleReq->auth = $authResponse->auth;
-
-//echo "<HR/>";
-//echo "Adding active role...<BR/>";
-
-try {
-
- $addRoleResponse = $soapExtra->tgAddActiveRole( $addRoleReq );
-
- if( $addRoleResponse->result ) {
-
- //echo "DONE.<BR/>";
- $scstatus .= "Added active role of application; ";
-
- } else {
- format_error("Internal Error",
- "Could not add Role for application.");
- exit;
- }
-}
-catch( SoapFault $f ) {
- format_error("Internal Error",
- "SOAP FAULT (tgAddActiveRole)!: " . $f->faultcode . " / " . $f->faultstring . " / " . $f->detail );
- exit;
-}
-
-
-$userexistreq = new userExistsRequest();
-$userexistreq->auth = $authResponse->auth;
-$userexistreq->username = $remote_user;
-
-try {
- $existresult = $soapExtra->userExists($userexistreq);
- if (! $existresult->result) {
- try {
- $adduserrequest = new addUserRequest();
- $adduserrequest->intSid = $authResponse->auth;
- $adduserrequest->username = $remote_user;
- $adduserrequest->password = "gnuelpfix"; // this is not relevant and will never be checked
-
- $addedUser = $soapAdministration->addUser($adduserrequest);
- if ($addedUser) {
- $scstatus .= "Added user information to authorization database; ";
- } else {
- format_error("Internal Error",
- "Could not add your user ID to authorization database." );
- exit;
- }
-
- } catch(SoapFault $f) {
- format_error("Internal Error",
- "SOAP FAULT (AddUser)!: " . $f->faultcode . " / " . $f->faultstring . " / " . $f->detail );
- exit;
- }
- } else {
- $scstatus .= "user exists in authentication database; ";
- }
-} catch (SoapFault $f) {
- format_error("Internal Error",
- "SOAP FAULT (UserExists)!: " . $f->faultcode . " / " . $f->faultstring . " / " . $f->detail );
- exit;
-}
-
-
-// -----------------------------------------------------
-// If this was successful you have to add an appropriate
-// role to your active session that allows you to create
-// a session for someone else.
-// -----------------------------------------------------
-$creReq = new createSessionRequest();
-$creReq->intSid = $authResponse->auth;
-//$creReq->username = "mhaase@uni-tuebingen.de";
-$creReq->username = $remote_user;
-
-//$creReq->roleset = Array( "Projektleiter,Projekt-1,Projekt-Teilnehmer" );
-//$creReq->roleset = Array( "Bearbeiter,Projekt-1,Projekt-Teilnehmer" );
-
-// get ALL available roles...
-$rolesobject = new authorizedRolesRequest();
-$rolesobject->intSid = $authResponse->auth;
-$rolesobject->username = $remote_user;
-
-try {
- $roleResponse = $soapReview->authorizedRoles($rolesobject);
-
-// cannot list roles here as they contain "s, which interfere with the
-// attribute eclosing quotes of the meta tag
-// $scstatus = $scstatus . "Received all available roles for user: ".serialize($roleResponse->role) . "; ";
- $scstatus .= "Received all available roles for user; ";
-} catch (Soapfault $f) {
- format_error("Internal Error",
- "SOAP FAULT (authorizedRoles)!: " . $f->faultcode . " / " . $f->faultstring . " / " . $f->detail );
- exit;
-}
-
-
-if (is_Array($roleResponse->role)) {
- $creReq->roleset = $roleResponse->role;
-} elseif (is_string($roleResponse->role)) {
- $creReq->roleset = Array($roleResponse->role);
-} else {
- $creReq->roleset = Array();
-}
-
-
-// Get an newly generated sid from the RBAC system
-try {
- $newSid = $soapExtra->getSid();
- $newSid = $newSid->sid;
-} catch (Soapfault $f) {
- format_error("Internal Error",
- "RBAC down? Could not generate a new SessionID!" );
- exit;
-}
-
-
-$creReq->sid = $newSid;
-//echo "Creating the session...<BR/>";
-try {
- $creResponse = $soapPolicy->createSession( $creReq );
-
- if( $creResponse->result ) {
- //echo "DONE.<BR/>";
- $scstatus .= "Created active role; ";
- } else {
- $scstatus .= "Could not create active role, proceeding without any role(s) in the session; ";
- }
-
-} catch (SoapFault $f) {
- format_error("Internal Error",
- "SOAP FAULT (CreateSession)!: " . $f->faultcode . " / " . $f->faultstring . " / " . $f->detail );
- exit;
-}
-
-// We will arrive here only if all went well.
-// Otherwise, format_error() will be called which prints its own header and footer
-echo "<HTML><HEAD>\n"; // Header -----------------------------
-
-echo "<meta name=\"remote_principal\" content=\"$remote_user\"/>\n";
-echo "<meta name=\"rbac_session_status\" content=\"$scstatus\"/>\n";
-echo "<meta name=\"rbac_sessionid\" content=\"$newSid\"/>\n";
-echo "<meta name=\"ePPNplusSID\" content=\"$remote_user|$newSid\"/>\n";
-echo "<style type=\"text/css\">";
-echo "#d123 {display:none;}";
-echo "</style>";
-echo "<script type=\"text/javascript\">\n";
-echo "<!--\n";
-echo "function toggle (target) {\n";
-echo " var obj=document.getElementById(target);\n";
-echo " obj.style.display=\"block\";\n";
-echo "}\n";
-echo "-->\n";
-echo "</script>\n";
-
-echo "</HEAD>\n\n<BODY>\n";
- echo "<H2>Authentication Succeeded</H2>\n";
-
- echo "You were successfully authenticated with User ID '<b>" . $remote_user . "</b>'. You may now access remote resources using the TextGrid Lab. This window can be closed.<br>\n";
-
- // experimental: Logout
- //echo "<br/><br/>";
-
- // das hier beendet nur die SP-Session, IdP bleibt...
- //echo "Click <A HREF=\"https://auth.textgrid.daasi.de/Shibboleth.sso/Logout\">here</A> if you want to log out.";
-
- // das hier sollte den Browser schließen, tuts aber nicht...
- //echo "<form action=\"\"><input type=\"button\" value=\"Log Out\" onclick=\"window.close()\"></form>";
-
- // also cookies loeschen:
- //s. http://de.selfhtml.org/javascript/objekte/document.htm#cookie...
-
-// Details -----------------------------------------------
-echo "More <A HREF=\"javascript:toggle('d123')\">Details</A>.\n";
-echo "<div id=\"d123\"> <H2>Authentication Details</H2>\n";
-echo "<table><tr><td>TgAuth Instance</td><td>". $rbacbase ."</td></tr>\n";
-echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $identity_provider ."</td></tr>\n";
-echo "<tr><td>User ID Attribute Name</td><td>". $identified_user['authnmethod'] ."</td></tr>\n";
-echo "<tr><td>User ID Value </td><td>".$remote_user."</td></tr>\n";
-echo "<tr><td>Given Name(s)</td><td>".$givennames."</td></tr>\n";
-echo "<tr><td>Surname(s)</td><td>".$surnames."</td></tr>\n";
-echo "<tr><td>Common Name(s)</td><td>".$cns."</td></tr>\n";
-echo "<tr><td>Mail(s)</td><td>".$mails."</td></tr>\n";
-echo "<tr><td>Organisation(s)</td><td>".$organisations."</td></tr>\n";
-echo "<tr><td>TgAuth Session ID</td><td>".$newSid."</td></tr></table>\n";
-echo "</div>";
-
-setNameInRBAC();
-
-echo "\n</BODY>\n</HTML>";
-
-exit;
-
-/////////////////////// Functions ///////////////////////////////////////
-
-function format_error ($heading, $detail) {
-
-global $remote_user, $scstatus, $newSid, $rbacbase, $identity_provider, $identified_user;
-
-echo "<HTML><HEAD>\n";
-echo "<meta name=\"remote_principal\" content=\"$remote_user\"/>\n";
-echo "<meta name=\"rbac_session_status\" content=\"$scstatus\"/>\n";
-echo "<meta name=\"rbac_sessionid\" content=\"$newSid\"/>\n";
-echo "<style type=\"text/css\">";
-echo "#d123 {display:none;}";
-echo "</style>";
-echo "<script type=\"text/javascript\">\n";
-echo "<!--\n";
-echo "function toggle (target) {\n";
-echo " var obj=document.getElementById(target);\n";
-echo " obj.style.display=\"block\";\n";
-echo "}\n";
-echo "-->\n";
-echo "</script>\n";
-echo "</HEAD>\n\n<BODY>\n";
-
-echo "<H2>Authentication Failure, $heading</H2>\n";
-echo "The Authentication system could not authenticate you.<br/>\n";
-
-echo "More <A HREF=\"javascript:toggle('d123')\">Details</A>.\n";
-echo "<div id=\"d123\">";
-echo "<H2>Error Details</H2>\n";
-echo $detail;
-echo "<H2>Authentication Details</H2>\n";
-echo "<table><tr><td>TgAuth Instance</td><td>". $rbacbase ."</td></tr>\n";
-echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $identity_provider ."</td></tr>\n";
-echo "<tr><td>User ID Attribute Name</td><td>". $identified_user['authnmethod'] ."</td></tr>\n";
-echo "<tr><td>User ID Value </td><td>".$remote_user."</td></tr>\n";
-echo "<tr><td>TgAuth Session ID</td><td>".$newSid."</td></tr></table>\n";
-echo "</div>";
-
-echo "<br/>If not indicated otherwise in the <A HREF=\"javascript:toggle('d123')\">details</A>, it could be that some service is not responding temporarily. In this case, please <a href=\"javascript:history.back()\">go back</a> or re-open the TextGridLab and try again.";
-echo "<br/>If the problem persists, please report this bug together with its time of occurence (" . date("Y-m-d H:i:s") . "). In the TextGridLab, choose 'Help->Report Bug'." ;
-
-echo "\n</BODY>\n</HTML>";
-}
-
-
-function identify ( $remote_user, $idp )
-{
- $authnmethod = "undefined";
- $user = "dummy";
- $scope = "no-scope.xxx";
- if (preg_match('/([^@]+)@([^@]+)/', $remote_user, $matches) == 1)
- {
- $authnmethod = "ePPN";
- $user = $matches[1];
- $scope = $matches[2];
- }
- else if (preg_match('/([^!]+)!([^!]+)!([^!]+)/', $remote_user, $matches) == 1)
- {
- $authnmethod = "persistentId";
- $user = $matches[3];
- $scope = $idp;
- }
- else if (strlen($remote_user) > 0)
- {
- $authnmethod = "targetedId";
- $user = $remote_user;
- $scope = $idp;
- }
- else
- {
- $authnmethod = "none";
- }
-
- $user = escapeForDN($user);
- $scope = escapeForDN($scope);
-
- return array("authnmethod" => $authnmethod,
- "user" => $user,
- "scope" => $scope );
-}
-
-
-function escapeForDN ($string)
-{
- return preg_replace('/[";+<>,\\\]/', "X", $string);
-}
-
-function setNameInRBAC ()
-{
-
- global $givennames, $surnames, $cns, $mails, $organisations, $soapExtra, $newSid, $identity_provider, $remote_user;
- $setNameReq = new setNameRequest();
- $setNameReq->auth = $newSid;
- $setNameReq->log = "";
- $setNameReq->webAuthSecret = $setnamessecret;
-
- // name will be first cn with a space (s.t. no uid), or "gn1 gn2 gn3 sn1 sn2", or last resort ePPN
- $cnarr = preg_split ("/;/", $cns );
- if ( sizeof ($cnarr) > 0 && preg_match("/ /", $cns) > 0 )
- {
- for ($i = 0; $i < sizeof ($cnarr); $i++)
- {
- if (preg_match("/ /", $cnarr[$i]) > 0 )
- {
- $setNameReq->name = $cnarr[$i];
- break;
- }
- }
- }
- elseif ( strlen ($givennames) > 0 && strlen ($surnames) > 0)
- {
- $givennameswithspaces = preg_replace ( "/;/", " ", $givennames );
- $surnameswithspaces = preg_replace ( "/;/", " ", $surnames );
- $setNameReq->name = $givennameswithspaces . " " . $surnameswithspaces;
- }
- else
- {
- $setNameReq->name = $remote_user;
- }
-
- $setNameReq->mail = $mails;
-
- if ( strlen ($organisations) > 0)
- {
- $setNameReq->organisation = $organisations;
- }
- else
- {
- $setNameReq->organisation = $identity_provider;
- }
-
- $setNameReq->agreeSearch = TRUE;
-
- try
- {
- $setNameResult = $soapExtra->setName( $setNameReq );
-
- if (! $setNameResult->result ) {
- // do NOT exit as setName is not vital
- echo "setName: result=false";
- }
- }
- catch (Soapfault $f)
- {
- // do NOT exit as setName is not vital
- echo "SoapFault";
- }
-
-}
-
-
-?>
diff --git a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/index.php b/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/index.php
deleted file mode 100644
index 554a22c..0000000
--- a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/index.php
+++ /dev/null
@@ -1,5 +0,0 @@
-<?php
-
-phpinfo();
-
-?>
diff --git a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/soapTypes.inc.php b/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/soapTypes.inc.php
deleted file mode 100644
index 09f2371..0000000
--- a/info.textgrid.middleware.tgauth.webauth/info.textgrid.middleware.tgauth.webauth/secure/soapTypes.inc.php
+++ /dev/null
@@ -1,528 +0,0 @@
-<?php
-class authenticateRequest {
-
- public $username;
- public $password;
- public $log;
-
-}
-
-class setNameRequest {
-
- public $auth;
- public $log;
- public $webAuthSecret;
- public $name;
- public $mail;
- public $organisation;
- public $agreeSearch;
-
-}
-
-class authenticateResponse {
-
- public $sid;
-
-}
-
-class getSidResponse {
-
- public $sid;
-
-}
-
-class checkAccessRequest {
-
- public $intSid;
- public $operation;
- public $resource;
- public $sid;
-
-}
-
-class tgCheckAccessRequest {
-
- public $auth;
- public $log;
- public $operation;
- public $resource;
- public $sid;
-
-}
-
-class tgGrantPermissionRequest {
-
- public $auth;
- public $log;
- public $role;
- public $resource;
- public $operation;
-
-}
-
-class tgRevokePermissionRequest {
-
- public $auth;
- public $log;
- public $role;
- public $resource;
- public $operation;
-
-}
-
-class getOwnerRequest {
-
- public $auth;
- public $log;
- public $resource;
-
-}
-
-class getOwnerResponse {
-
- public $owner;
-
-}
-
-class getMembersRequest {
-
- public $auth;
- public $log;
- public $project;
-
-}
-
-class deactivateProjectRequest {
-
- public $auth;
- public $log;
- public $project;
-
-}
-
-class getRightsRequest {
-
- public $auth;
- public $log;
- public $resource;
- public $username;
-
-}
-
-class publishRequest {
-
- public $auth;
- public $log;
- public $resource;
-
-}
-
-class getProjectDescriptionRequest {
-
- public $auth;
- public $log;
- public $project;
-
-}
-
-class getProjectDescriptionResponse {
-
- public $description;
-
-}
-
-class createSessionRequest {
-
- public $intSid;
- public $username;
- public $roleset;
- public $sid;
-
-}
-
-class tgAddActiveRoleRequest {
-
- public $auth;
- public $log;
- public $role;
-
-}
-
-class tgAssignedRolesRequest {
-
- public $auth;
- public $log;
- public $username;
-
-}
-
-class tgAssignedProjectsRequest {
-
- public $auth;
- public $log;
-
-}
-
-class deleteSessionRequest {
-
- public $intSid;
- public $username;
- public $sid;
-
-}
-
-class addActiveRoleRequest {
-
- public $intSid;
- public $username;
- public $role;
- public $sid;
-
-}
-
-class addUserRequest {
-
- public $intSid;
- public $username;
- public $password;
-
-}
-
-class deleteUserRequest {
-
- public $intSid;
- public $username;
-
-}
-
-class addInheritanceRequest {
-
- public $intSid;
- public $ascendant;
- public $descendant;
-
-}
-
-class deleteInheritanceRequest {
-
- public $intSid;
- public $ascendant;
- public $descendant;
-
-}
-
-class addAscendantRequest {
-
- public $intSid;
- public $ascendant;
- public $descendant;
-
-}
-
-class addDescendantRequest {
-
- public $intSid;
- public $ascendant;
- public $descendant;
-
-}
-
-class addRoleRequest {
-
- public $intSid;
- public $role;
-
-}
-
-class deleteRoleRequest {
-
- public $intSid;
- public $role;
-
-}
-
-class grantPermissionRequest {
-
- public $intSid;
- public $resource;
- public $operation;
- public $role;
-
-}
-
-class revokePermissionRequest {
-
- public $intSid;
- public $resource;
- public $operation;
- public $role;
-
-}
-
-class assignUserRequest {
-
- public $intSid;
- public $username;
- public $role;
-
-}
-
-class deassignUserRequest {
-
- public $intSid;
- public $username;
- public $role;
-
-}
-
-class sessionRolesRequest {
-
- public $intSid;
- public $sid;
-
-}
-
-class assignedRolesRequest {
-
- public $intSid;
- public $username;
-
-}
-
-class authorizedRolesRequest {
-
- public $intSid;
- public $username;
-
-}
-
-class roleOperationsOnObjectRequest {
-
- public $intSid;
- public $role;
- public $resource;
-
-}
-
-class userOperationsOnObjectRequest {
-
- public $intSid;
- public $user;
- public $resource;
-
-}
-
-class operationsetResponse {
-
- public $operationset;
-
-}
-
-class assignedUsersRequest {
-
- public $intSid;
- public $role;
-
-}
-
-class authorizedUsersRequest {
-
- public $intSid;
- public $role;
-
-}
-
-class usersetResponse {
-
- public $username;
-
-}
-
-class rolePermissionsRequest {
-
- public $intSid;
- public $role;
-
-}
-
-class userPermissionsRequest {
-
- public $intSid;
- public $username;
-
-}
-
-class getLeaderRequest {
-
- public $auth;
- public $log;
- public $project;
-
-}
-
-class getObjectsRequest {
-
- public $auth;
- public $log;
- public $project;
-
-}
-
-class sessionPermissionsRequest {
-
- public $intSid;
- public $sid;
-
-}
-
-class rolesetResponse {
-
- public $role;
-
-}
-
-class permissionsetResponse {
-
- public $permissionset;
-
-}
-
-class resourcesetResponse {
-
- public $resource;
-
-}
-
-class createProjectRequest {
-
- public $auth;
- public $log;
- public $name;
- public $description;
-
-}
-
-class registerResourceRequest {
-
- public $auth;
- public $log;
- public $project;
- public $uri;
-
-}
-
-class unregisterResourceRequest {
-
- public $auth;
- public $log;
- public $uri;
-
-}
-
-class addMemberRequest {
-
- public $auth;
- public $log;
- public $role;
- public $username;
-
-}
-
-class deleteMemberRequest {
-
- public $auth;
- public $log;
- public $role;
- public $username;
-
-}
-
-class createProjectResponse {
-
- public $projectId;
-
-}
-
-class getAllProjectsResponse {
-
- public $project;
-
-}
-
-class getAllProjectsRequest {
-
- public $log;
-
-}
-
-class userExistsRequest {
-
- public $auth;
- public $log;
- public $username;
-
-}
-
-
-class booleanResponse {
-
- public $result;
- public $errorCode;
- public $errorDescription;
-
-}
-
-class filterBySidRequest {
-
- public $auth;
- public $log;
- public $resource;
- public $operation;
-
-}
-
-class filterResponse {
-
- public $resource;
-
-}
-
-
-class permission {
-
- public $resource;
- public $operation;
-
-
- public function __construct( $inOperation, $inResource ) {
-
- $this->operation = $inOperation;
- $this->resource = $inResource;
-
- }
-
-}
-
-class projectInfo {
-
- public $id;
- public $description;
- public $name;
-
-
- public function __construct( $inId, $inName, $inDescription ) {
-
- $this->id = $inId;
- $this->description = $inDescription;
- $this->name = $inName;
-
- }
-
-}
-
-class checkXACMLaccessRequest {
-
- public $request;
-
-}
-?>
--
GitLab