当前位置: 首页>>代码示例>>PHP>>正文


PHP SimpleSAML_Utilities::redirectUntrustedURL方法代码示例

本文整理汇总了PHP中SimpleSAML_Utilities::redirectUntrustedURL方法的典型用法代码示例。如果您正苦于以下问题:PHP SimpleSAML_Utilities::redirectUntrustedURL方法的具体用法?PHP SimpleSAML_Utilities::redirectUntrustedURL怎么用?PHP SimpleSAML_Utilities::redirectUntrustedURL使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在SimpleSAML_Utilities的用法示例。


在下文中一共展示了SimpleSAML_Utilities::redirectUntrustedURL方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: handleUnsolicitedAuth

 /**
  * Handle a unsolicited login operations.
  *
  * This function creates a session from the received information. It
  * will then redirect to the given URL.
  *
  * This is used to handle IdP initiated SSO.
  *
  * @param string $authId The id of the authentication source that received
  * the request.
  * @param array $state A state array.
  * @param string $redirectTo The URL we should redirect the user to after
  * updating the session. The function will check if the URL is allowed, so
  * there is no need to manually check the URL on beforehand. Please refer
  * to the 'trusted.url.domains' configuration directive for more
  * information about allowing (or disallowing) URLs.
  */
 public static function handleUnsolicitedAuth($authId, array $state, $redirectTo)
 {
     assert('is_string($authId)');
     assert('is_string($redirectTo)');
     $session = SimpleSAML_Session::getSessionFromRequest();
     $session->doLogin($authId, self::extractPersistentAuthState($state));
     SimpleSAML_Utilities::redirectUntrustedURL($redirectTo);
 }
开发者ID:shirlei,项目名称:simplesaml,代码行数:25,代码来源:Default.php

示例2: Exception

    $userid = null;
    if (!array_key_exists('SSL_CLIENT_VERIFY', $_SERVER)) {
        throw new Exception('Apache header variable SSL_CLIENT_VERIFY was not available. Recheck your apache configuration.');
    }
    if (strcmp($_SERVER['SSL_CLIENT_VERIFY'], "SUCCESS") != 0) {
        throw new SimpleSAML_Error_Error('NOTVALIDCERT', $e);
    }
    $userid = $_SERVER['SSL_CLIENT_S_DN'];
    $attributes['CertificateDN'] = array($userid);
    $attributes['CertificateDNCN'] = array($_SERVER['SSL_CLIENT_S_DN_CN']);
    $session->doLogin('tlsclient');
    $session->setAttributes($attributes);
    #echo '<pre>';
    #print_r($_SERVER);
    #echo '</pre>'; exit;
    SimpleSAML_Logger::info('AUTH - tlsclient: ' . $userid . ' successfully authenticated');
    $session->setNameID(array('value' => SimpleSAML_Utilities::generateID(), 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
    /**
     * Create a statistics log entry for every successfull login attempt.
     * Also log a specific attribute as set in the config: statistics.authlogattr
     */
    $authlogattr = $config->getValue('statistics.authlogattr', null);
    if ($authlogattr && array_key_exists($authlogattr, $attributes)) {
        SimpleSAML_Logger::stats('AUTH-tlsclient OK ' . $attributes[$authlogattr][0]);
    } else {
        SimpleSAML_Logger::stats('AUTH-tlsclient OK');
    }
    SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['RelayState']);
} catch (Exception $e) {
    throw new SimpleSAML_Error_Error('CONFIG', $e);
}
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:31,代码来源:login-tlsclient.php

示例3: Exception

        $notBefore = $condition->getAttribute('NotBefore');
        $notOnOrAfter = $condition->getAttribute('NotOnOrAfter');
        if (!SimpleSAML_Utilities::checkDateConditions($notBefore, $notOnOrAfter)) {
            throw new Exception('The response has expired.');
        }
    }
    /* Extract the name identifier from the response. */
    $nameid = $xpath->query('./saml:AuthenticationStatement/saml:Subject/saml:NameIdentifier', $assertion);
    if ($nameid->length === 0) {
        throw new Exception('Could not find the name identifier in the response from the WS-Fed IdP \'' . $idpEntityId . '\'.');
    }
    $nameid = array('Format' => $nameid->item(0)->getAttribute('Format'), 'Value' => $nameid->item(0)->textContent);
    /* Extract the attributes from the response. */
    $attributes = array();
    $attributeValues = $xpath->query('./saml:AttributeStatement/saml:Attribute/saml:AttributeValue', $assertion);
    foreach ($attributeValues as $attribute) {
        $name = $attribute->parentNode->getAttribute('AttributeName');
        $value = $attribute->textContent;
        if (!array_key_exists($name, $attributes)) {
            $attributes[$name] = array();
        }
        $attributes[$name][] = $value;
    }
    /* Mark the user as logged in. */
    $authData = array('Attributes' => $attributes, 'saml:sp:NameID' => $nameid, 'saml:sp:IdP' => $idpEntityId);
    $session->doLogin('wsfed', $authData);
    /* Redirect the user back to the page which requested the login. */
    SimpleSAML_Utilities::redirectUntrustedURL($wctx);
} catch (Exception $exception) {
    throw new SimpleSAML_Error_Error('PROCESSASSERTION', $exception);
}
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:31,代码来源:prp.php

示例4: process

 /**
  * Apply SimpleTOTP 2fa filter
  *
  * @param array &$state  The current state
  */
 public function process(&$state)
 {
     assert('is_array($state)');
     assert('array_key_exists("Attributes", $state)');
     $attributes =& $state['Attributes'];
     // check for secret_attr coming from user store and make sure it is not empty
     if (array_key_exists($this->secret_attr, $attributes) && !empty($attributes[$this->secret_attr])) {
         $this->secret_val = $attributes[$this->secret_attr][0];
     }
     if ($this->secret_val === NULL && $this->enforce_2fa === true) {
         #2f is enforced and user does not have it configured..
         SimpleSAML_Logger::debug('User with ID xxx does not have 2f configured when it is
         mandatory for xxxSP');
         //send user to custom error page if configured
         if ($this->not_configured_url !== NULL) {
             SimpleSAML_Utilities::redirectUntrustedURL($this->not_configured_url);
         } else {
             SimpleSAML_Utilities::redirectTrustedURL(SimpleSAML_Module::getModuleURL('simpletotp/not_configured.php'));
         }
     } elseif ($this->secret_val === NULL && $this->enforce_2fa === false) {
         SimpleSAML_Logger::debug('User with ID xxx does not have 2f configured but SP does not
         require it. Continue.');
         return;
     }
     //as the attribute is configurable, we need to store it in a consistent location
     $state['2fa_secret'] = $this->secret_val;
     //this means we have secret_val configured for this session, time to 2fa
     $id = SimpleSAML_Auth_State::saveState($state, 'simpletotp:request');
     $url = SimpleSAML_Module::getModuleURL('simpletotp/authenticate.php');
     SimpleSAML_Utilities::redirectTrustedURL($url, array('StateId' => $id));
     return;
 }
开发者ID:ejyothi,项目名称:SimpleTOTP,代码行数:37,代码来源:2fa.php

示例5: catch

        $attributes = $ldap->getAttributes($dn, $ldapconfig->getValue('auth.ldap.attributes', null));
        SimpleSAML_Logger::info('AUTH - ldap: ' . $ldapusername . ' successfully authenticated');
        $session->doLogin('login');
        $session->setAttributes($attributes);
        $session->setNameID(array('value' => SimpleSAML_Utilities::generateID(), 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
        /**
         * Create a statistics log entry for every successfull login attempt.
         * Also log a specific attribute as set in the config: statistics.authlogattr
         */
        $authlogattr = $config->getValue('statistics.authlogattr', null);
        if ($authlogattr && array_key_exists($authlogattr, $attributes)) {
            SimpleSAML_Logger::stats('AUTH-login OK ' . $attributes[$authlogattr][0]);
        } else {
            SimpleSAML_Logger::stats('AUTH-login OK');
        }
        $returnto = $_REQUEST['RelayState'];
        SimpleSAML_Utilities::redirectUntrustedURL($returnto);
    } catch (Exception $e) {
        SimpleSAML_Logger::error('AUTH - ldap: User: ' . (isset($requestedUser) ? $requestedUser : 'na') . ':' . $e->getMessage());
        SimpleSAML_Logger::stats('AUTH-login Failed');
        $error = $e->getMessage();
    }
}
$t = new SimpleSAML_XHTML_Template($config, 'login.php', 'login');
$t->data['header'] = 'simpleSAMLphp: Enter username and password';
$t->data['relaystate'] = $relaystate;
$t->data['error'] = $error;
if (isset($error)) {
    $t->data['username'] = $username;
}
$t->show();
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:31,代码来源:login.php

示例6: elseif

         */
        if (array_key_exists('idpdisco.url', $spmetadata)) {
            $discservice = $spmetadata['idpdisco.url'];
        } elseif ($config->getString('idpdisco.url.shib13', NULL) !== NULL) {
            $discservice = $config->getString('idpdisco.url.shib13');
        } else {
            $discservice = '/' . $config->getBaseURL() . 'shib13/sp/idpdisco.php';
        }
        SimpleSAML_Utilities::redirectTrustedURL($discservice, array('entityID' => $spentityid, 'return' => SimpleSAML_Utilities::selfURL(), 'returnIDParam' => 'idpentityid'));
    }
    try {
        $ar = new SimpleSAML_XML_Shib13_AuthnRequest();
        $ar->setIssuer($spentityid);
        if (isset($_GET['RelayState'])) {
            $ar->setRelayState(SimpleSAML_Utilities::checkURLAllowed($_GET['RelayState']));
        }
        SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: SP (' . $spentityid . ') is sending AuthNRequest to IdP (' . $idpentityid . ')');
        $url = $ar->createRedirect($idpentityid);
        SimpleSAML_Utilities::redirectTrustedURL($url);
    } catch (Exception $exception) {
        throw new SimpleSAML_Error_Error('CREATEREQUEST', $exception);
    }
} else {
    $relaystate = $_GET['RelayState'];
    if (isset($relaystate) && !empty($relaystate)) {
        SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: Already Authenticated, Go back to RelayState');
        SimpleSAML_Utilities::redirectUntrustedURL($relaystate);
    } else {
        throw new SimpleSAML_Error_Error('NORELAYSTATE');
    }
}
开发者ID:danielkjfrog,项目名称:docker,代码行数:31,代码来源:initSSO.php

示例7: array

        $t->data['urlAgree'] = SimpleSAML_Utilities::addURLparameter(SimpleSAML_Utilities::selfURL(), array("consent" => "yes"));
        $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?logout';
        $t->show();
        exit;
        // and be done.
    }
    $attributes = $session->getAttributes();
    // Assume user consent at this point and proceed with authorizing the token
    list($url, $verifier) = $store->authorize($requestToken, $attributes);
    if ($url) {
        // If authorize() returns a URL, take user there (oauth1.0a)
        SimpleSAML_Utilities::redirectTrustedURL($url);
    } else {
        if (isset($_REQUEST['oauth_callback'])) {
            // If callback was provided in the request (oauth1.0)
            SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['oauth_callback']);
        } else {
            // No callback provided, display standard template
            $t = new SimpleSAML_XHTML_Template($config, 'oauth:authorized.php');
            $t->data['header'] = '{status:header_saml20_sp}';
            $t->data['remaining'] = $session->remainingTime();
            $t->data['sessionsize'] = $session->getSize();
            $t->data['attributes'] = $attributes;
            $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?logout';
            $t->data['oauth_verifier'] = $verifier;
            $t->show();
        }
    }
} catch (Exception $e) {
    header('Content-type: text/plain; utf-8', TRUE, 500);
    header('OAuth-Error: ' . $e->getMessage());
开发者ID:shirlei,项目名称:simplesaml,代码行数:31,代码来源:authorize.php

示例8: SimpleSAML_Error_BadRequest

<?php

/*
 * Helper page for starting a admin login. Can be used as a target for links.
 */
if (!array_key_exists('ReturnTo', $_REQUEST)) {
    throw new SimpleSAML_Error_BadRequest('Missing ReturnTo parameter.');
}
SimpleSAML_Utilities::requireAdmin();
SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['ReturnTo']);
开发者ID:shirlei,项目名称:simplesaml,代码行数:10,代码来源:login-admin.php


注:本文中的SimpleSAML_Utilities::redirectUntrustedURL方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。