<?php
// #######################################################
// Author: Martin Haase / DAASI International GmbH / TextGrid
// Creation date: 2010-09-23
// Modification date: 2010-09-03
// Version: 0.1
// #######################################################
mb_internal_encoding("UTF-8");
class WebUtils {
// Global variables
public function __construct() {
}
public function printAuthSuccess($heading,$loginname,$rbachash,$slc) {
$this->printHeader($heading);
echo "<meta name=\"remote_principal\" content=\"".$rbachash["remote_user"]."\"/>\n";
echo "<meta name=\"rbac_session_status\" content=\"".$rbachash["scstatus"]."\"/>\n";
echo "<meta name=\"rbac_sessionid\" content=\"".$rbachash["Sid"]."\"/>\n";
if (!$slc["slcMode"]) {
echo "<meta name=\"ePPNplusSID\" content=\"".$rbachash["remote_user"]."|".$rbachash["Sid"]."\"/>\n";
}
echo "<style type=\"text/css\">";
echo "#d123 {display:none;}";
echo "</style>";
echo "<script type=\"text/javascript\">\n";
echo "<!--\n";
echo "function toggle (target) {\n";
echo "var obj=document.getElementById(target);\n";
echo "obj.style.display=\"block\";\n";
echo "}\n";
echo "-->\n";
echo "</script>\n";
echo "</head>\n<body>\n";
echo "<h2>Authentication Succeeded</h2>\n";
echo "<p>You were successfully authenticated with User ID '<b>" . $rbachash["remote_user"] . "</b>'. You may now access remote resources using the TextGrid Lab. This window can be closed.</p>\n";
// Details -----------------------------------------------
echo "<p>More <a href=\"javascript:toggle('d123')\">Details</a>.</p>\n";
echo "<div id=\"d123\"> <h2>Authentication Details</h2>\n";
echo "<table><tr><td>TgAuth Instance</td><td>". $rbachash["rbacbase"] ."</td></tr>\n";
echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $rbachash["identity_provider"] ."</td></tr>\n";
echo "<tr><td>Login Name</td><td>". (isset($loginname) ? $loginname : "only known at your home organization") ."</td></tr>\n";
echo "<tr><td>User ID Attribute Name</td><td>". $rbachash["identified_user"]['authnmethod'] ."</td></tr>\n";
echo "<tr><td>User ID Value </td><td>".$rbachash["remote_user"]."</td></tr>\n";
// echo "<tr><td>Given Name(s)</td><td>".$givennames."</td></tr>\n";
// echo "<tr><td>Surname(s)</td><td>".$surnames."</td></tr>\n";
// echo "<tr><td>Common Name(s)</td><td>".$cns."</td></tr>\n";
// echo "<tr><td>Mail(s)</td><td>".$mails."</td></tr>\n";
// echo "<tr><td>Organisation(s)</td><td>".$organisations."</td></tr>\n";
echo "<tr><td>TgAuth Session ID</td><td>".$rbachash["Sid"]."</td></tr></table>\n";
echo "</div>";
if ($slc['slcMode']) {
echo "SLCMODE YES";
$isSLCScompatible = $this->scanEntitlements($slc);
if ($isSLCScompatible) {
echo "SLCcompatible YES";
$this->showCertificateButtons($slc,$rbachash);
} else {
$this->showCertificateInfoButton($slc,$rbachash);
}
}
echo "\n</body>\n</html>";
}
function showCertificateButtons ($slc,$rbachash) {
echo "<form method=\"get\" action=\"". $slc['slcPortalDelegationURL'] ."\">\n";
echo "<input type=\"hidden\" name=\"userDetails\" value=\"" . $rbachash['remote_user'] . "|" .$rbachash['Sid'] ."|". $rbachash['authZinstance'] . "\">\n";
echo "<input type=\"submit\" value=\"Request Certificate\">\n";
echo "</form>\n\n";
echo "<form method=\"post\" action=\"". $slc['slcNoDelegationURL'] ."\">\n";
echo "<input type=\"hidden\" name=\"ePPNplusSID\" value=\"" . $rbachash['remote_user'] . "|" .$rbachash['Sid'] . "\">\n";
echo "<input type=\"submit\" value=\"Use Existing Certificate\"/>\n";
echo "</form>\n";
}
function showCertificateInfoButton ($slc,$rbachash) {
echo "<br/><br/>Your account does not include certificate support.";
echo "<form method=\"post\" action=\"". $slc['slcNoDelegationURL'] ."\">\n";
echo "<input type=\"hidden\" name=\"ePPNplusSID\" value=\"" . $rbachash['remote_user'] . "|" .$rbachash['Sid'] . "\">\n";
echo "<input type=\"submit\" value=\"Work without Certificate\"/>\n";
echo "</form>\n";
}
function scanEntitlements ($slc) {
if (isset($_SERVER[$slc['slcEntitlementAttributeName']])) {
$entitlements = $_SERVER[$slc['slcEntitlementAttributeName']];
$arrEntitlements = explode( ";", $entitlements);
foreach ($arrEntitlements as $ent) {
if ($ent === $slc['slcEntitlementAttributeValue']) {
return TRUE;
}
}
}
return FALSE;
}
public function printAuthFailure($heading,$detail,$loginname,$rbachash) {
$this->printHeader("Authentication failed");
if (isset($rbachash)) {
echo "<meta name=\"remote_principal\" content=\"". $rbachash["remote_user"]."\"/>\n";
echo "<meta name=\"rbac_session_status\" content=\"". $rbachash["scstatus"]."\"/>\n";
echo "<meta name=\"rbac_sessionid\" content=\"". $rbachash["Sid"]."\"/>\n";
}
echo "<style type=\"text/css\">";
echo "#d123 {display:none;}";
echo "</style>";
echo "<script type=\"text/javascript\">\n";
echo "<!--\n";
echo "function toggle (target) {\n";
echo " var obj=document.getElementById(target);\n";
echo " obj.style.display=\"block\";\n";
echo "}\n";
echo "-->\n";
echo "</script>\n";
echo "</head>\n\n<body>\n";
echo "<h2>Authentication Failure</h2>\n";
echo "<h3>$heading</h3>\n";
echo "<p>The Authentication system could not authenticate you.</p>\n";
echo "<p>More <a href=\"javascript:toggle('d123')\">Details</a>.</p>\n";
echo "<div id=\"d123\">";
echo "<h2>Error Details</h2>\n";
echo "<p>". $detail ."</p>" ;
echo "<h2>Authentication Details</h2>\n";
echo "<table>\n";
echo "<tr><td>Login Name</td><td>". $loginname ."</td></tr>\n";
if (isset($rbachash["rbacbase"])) {
echo "<tr><td>TgAuth Instance</td><td>". $rbachash["rbacbase"] ."</td></tr>\n";
}
if (isset($rbachash["identity_provider"])) {
echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $rbachash["identity_provider"] ."</td></tr>\n";
}
if (isset($rbachash["identified_user"]['authnmethod'] )) {
echo "<tr><td>User ID Attribute Name</td><td>". $rbachash["identified_user"]['authnmethod'] ."</td></tr>\n";
}
if (isset($rbachash["remote_user"])) {
echo "<tr><td>User ID Value </td><td>".$rbachash["remote_user"]."</td></tr>\n";
}
if (isset($rbachash["Sid"])) {
echo "<tr><td>TgAuth Session ID</td><td>".$rbachash["Sid"]."</td></tr>\n";
}
echo "</table>\n";
echo "</div>";
echo "<p>If not indicated otherwise in the <a href=\"javascript:toggle('d123')\">details</a>, it could be that some service is not responding temporarily. In this case, please <a href=\"javascript:history.back()\">go back</a> or re-open the TextGridLab and try again.</p>";
echo "<p>If the problem persists, please report this bug together with its time of occurence (" . date("Y-m-d H:i:s") . "). In the TextGridLab, choose 'Help->Report Bug'.</p>" ;
echo "\n</body>\n</html>";
}
public function printHeader ($title) {
header('Content-Type: text/html; charset=utf-8');
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n";
echo "<head>\n";
echo "<title>" . $title . "</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />\n";
}
public function printAttributeForm ( $existingAttrs, $providedAttrs, $attrMap, $Sid, $authZinstance, $remote_user) {
if (isset ($providedAttrs)) {
$loginmode = TRUE;
$title = "Please Complete your User Attributes";
} else {
$loginmode = FALSE;
$title = "Your User Attributes for Modification";
}
$this->printHeader ($title);
echo "<meta name=\"remote_principal\" content=\"".$remote_user."\"/>\n";
echo "<meta name=\"rbac_sessionid\" content=\"".$Sid."\"/>\n";
echo "<script type=\"text/javascript\">\n";
echo "function chkFormular () {\n";
foreach ($existingAttrs as $a) {
if ($a->mandatory) {
echo " if (document.Formular.". $a->name . ".value == \"\") {\n";
echo " alert(\"Please specify your ".$a->displayname . "\\n(".$a->description . ").\");\n";
echo " document.Formular.". $a->name . ".focus();\n";
echo " return false;\n";
echo " }\n";
}
}
echo " if (document.Formular.mail.value.indexOf(\"@\") == -1 ){\n";
echo " alert(\"Please specify your valid E-Mail-Address.\");\n";
echo " document.Formular.mail.focus();\n";
echo " return false;\n";
echo " }\n";
echo "}\n"; // end of chkFormular
echo "</script>";
echo "</head>\n<body>\n";
echo "<h2>$title</h2>\n";
echo "<form name=\"Formular\" action=\"PutAttributes.php\" method=\"post\" onsubmit=\"return chkFormular()\">\n";
echo "<table>\n";
foreach ($existingAttrs as $a) {
$oldval = "";
if (isset ($a->value)) {
$oldval = $a->value;
}
$providedreadonly = "";
if (isset($attrMap[$a->name]) && isset($providedAttrs[$attrMap[$a->name]])) {
$oldval = $providedAttrs[$attrMap[$a->name]];
$providedreadonly = " readonly=\"readonly\"";
}
if ($this->isBoolean ($a)) {
if ($oldval === "TRUE") {
$checked = "checked=\"checked\"";
} else {
$checked = "";
}
}
if ($a->mandatory) {
$mandatory = "<span style=\"color:red\">*</span>";
} else {
$mandatory = "";
}
echo "<tr><td>".$a->displayname." ${mandatory}</td>";
if ($this->isBoolean ($a)) {
echo "<td><input type=\"checkbox\" name=\"". $a->name . "\" value=\"yes\" ${checked}/></td>\n";
} else if ($this->isISO3166format ($a)) {
if ($oldval === "") {$oldval = "DE";} // pre-assume German Scholars
echo "<td>";
$this->formatISO3166list( $a->name, $oldval);
echo "</td>\n";
} else { // assume string
echo "<td><input type=\"text\" size=\"50\" name=\"". $a->name . "\" value=\"${oldval}\"${providedreadonly}/></td>\n";
}
echo "<td><div onmouseover=\"this.innerHTML = '". $a->description ."'\"\n";
echo " onmouseout=\"this.innerHTML = '?'\"> ?</div></td></tr>\n";
}
echo "</table>\n";
echo "<input type=\"hidden\" name=\"loginmode\" value=\"" . $loginmode . "\" />\n";
echo "<input type=\"hidden\" name=\"remote_user\" value=\"" . $remote_user . "\" />\n";
echo "<input type=\"hidden\" name=\"Sid\" value=\"" . $Sid . "\" />\n";
echo "<input type=\"hidden\" name=\"authZinstance\" value=\"" . $authZinstance . "\" />\n";
echo "<input type=\"submit\" value=\"Submit\"><input type=\"reset\" value=\"Cancel\">\n";
echo "</form>\n";
echo "\n</body>\n</html>";
}
public function printSetAttributesSuccess ($thedisplayname) {
$this->printHeader("Successfully updated User Attributes");
echo "</head><body>\n";
echo "Thank you, ${thedisplayname}, your user attributes are now up to date.<br/>\n";
echo "You can close this dialogue.\n";
echo "\n</body>\n</html>";
}
public function isBoolean ($attr) {
// TODO this is a hack yet
if ($attr->name === "agreesearch") {
return TRUE;
} else {
return FALSE;
}
}
public function isISO3166format ($attr) {
// TODO this is a hack yet
if ($attr->name === "citizenship" || $attr->name === "country") {
return TRUE;
} else {
return FALSE;
}
}
public function formatISO3166list ( $listname, $preselected ) {
$list = $this->list_iso3166();
echo "<select name=\"${listname}\" size=\"1\">\n";
foreach ($list as $code => $name) {
if ($code === $preselected) {
$selected = "selected=\"selected\"";
} else {
$selected = "";
}
echo "<option ${selected} value=\"${code}\">${name}</option>\n";
}
echo "</select>";
}
// taken from http://code.google.com/p/hm2k/source/browse/trunk/code/php/functions/iso3166.php
function list_iso3166($key=false) { // Returns a list of ISO 3166 alpha 2 country codes and names in an array
// Make a static copy of this file on your server
$url='http://www.iso.org/iso/iso3166_en_code_lists.txt';
// Path/Filename of the local copy (if present)
$file='iso3166_en_code_lists.txt';
// Can we find a local copy?
if (!file_exists($file)) { $file=$url; }
// Put the data into a list...
$list=@file_get_contents($file);
// No list? Return
if (empty($list)) { return; }
// Process list
$lines=explode("\n",$list);
$list=array();
foreach ($lines as $line) {
$line=explode(';',$line);
if (isset($line[1])) {
$list[trim($line[1])]=trim($line[0]);
}
}
// Shift first line (info line) off the array
array_shift($list);
//Return either entire list as array or just a key.
return isset($list[$key])?$list[$key]:$list;
}
}
?>