File: consentAdmin.php

package info (click to toggle)
simplesamlphp 1.14.11-1%2Bdeb9u2
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 15,024 kB
  • sloc: php: 72,337; xml: 1,078; python: 376; sh: 220; perl: 185; makefile: 57
file content (87 lines) | stat: -rw-r--r-- 2,762 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
<?php
/*
 * consentSimpleAdmin - Simple Consent administration module
 *
 * This module is a simplification of the danish consent administration module.
 *
 * @author Andreas Åkre Solberg <andreas.solberg@uninett.no>
 * @author Mads Freek - WAYF
 * @author Jacob Christiansen - WAYF
 * @package SimpleSAMLphp
 */


// Get config object
$config = SimpleSAML_Configuration::getInstance();
$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');

$as = $consentconfig->getValue('auth');
$as = new SimpleSAML_Auth_Simple($as);
$as->requireAuth();

// Get all attributes
$attributes = $as->getAttributes();


// Get user ID
$userid_attributename = $consentconfig->getValue('userid', 'eduPersonPrincipalName');
if (empty($attributes[$userid_attributename])) {
    throw new Exception('Could not generate useridentifier for storing consent. Attribute ['.
        $userid_attributename.'] was not available.');
}

$userid = $attributes[$userid_attributename][0];

// Get metadata storage handler
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();

// Get IdP id and metadata
if ($as->getAuthData('saml:sp:IdP') !== null) {
    // From a remote idp (as bridge)
    $idp_entityid = $as->getAuthData('saml:sp:IdP');
    $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
} else {
    // from the local idp
    $idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
    $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');
}

SimpleSAML_Logger::debug('consentAdmin: IdP is ['.$idp_entityid.']');

$source = $idp_metadata['metadata-set'].'|'.$idp_entityid;


// Parse consent config
$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));

// Calc correct user ID hash
$hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source);


// Check if button with withdraw all consent was clicked
if (array_key_exists('withdraw', $_REQUEST)) {

    SimpleSAML_Logger::info('consentAdmin: UserID ['.$hashed_user_id.'] has requested to withdraw all consents given...');

    $consent_storage->deleteAllConsents($hashed_user_id);
}


// Get all consents for user
$user_consent_list = $consent_storage->getConsents($hashed_user_id);

$consentServices = array();
foreach ($user_consent_list AS $c) {
    $consentServices[$c[1]] = 1;
}

SimpleSAML_Logger::debug('consentAdmin: no of consents ['.count($user_consent_list).'] no of services ['.count($consentServices).']');

// Init template
$t = new SimpleSAML_XHTML_Template($config, 'consentSimpleAdmin:consentadmin.php');

$t->data['consentServices'] = count($consentServices);
$t->data['consents'] = count($user_consent_list);


$t->show();