File: registry.edit.php

package info (click to toggle)
simplesamlphp 1.16.3-1%2Bdeb10u2
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 21,036 kB
  • sloc: php: 73,175; ansic: 875; sh: 83; perl: 82; xml: 52; makefile: 46
file content (68 lines) | stat: -rw-r--r-- 2,090 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
<?php

// Load SimpleSAMLphp, configuration and metadata
$config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getSessionFromRequest();
$oauthconfig = SimpleSAML_Configuration::getOptionalConfig('module_oauth.php');

$store = new sspmod_core_Storage_SQLPermanentStorage('oauth');

$authsource = "admin";	// force admin to authenticate as registry maintainer
$useridattr = $oauthconfig->getValue('useridattr', 'user');

if ($session->isValid($authsource)) {
	$attributes = $session->getAuthData($authsource, 'Attributes');
	// Check if userid exists
	if (!isset($attributes[$useridattr])) 
		throw new Exception('User ID is missing');
	$userid = $attributes[$useridattr][0];
} else {
	$as = SimpleSAML_Auth_Source::getById($authsource);
	$as->initLogin(\SimpleSAML\Utils\HTTP::getSelfURL());
}

function requireOwnership($entry, $userid) {
	if (!isset($entry['owner']))
		throw new Exception('OAuth Consumer has no owner. Which means no one is granted access, not even you.');
	if ($entry['owner'] !== $userid) 
		throw new Exception('OAuth Consumer has an owner that is not equal to your userid, hence you are not granted access.');
}

if (array_key_exists('editkey', $_REQUEST)) {
	$entryc = $store->get('consumers', $_REQUEST['editkey'], '');
	$entry = $entryc['value'];
	requireOwnership($entry, $userid);
	
} else {
	$entry = array(
		'owner' => $userid,
		'key' => SimpleSAML\Utils\Random::generateID(),
		'secret' => SimpleSAML\Utils\Random::generateID(),
	);
}


$editor = new sspmod_oauth_Registry();


if (isset($_POST['submit'])) {
	$editor->checkForm($_POST);

	$entry = $editor->formToMeta($_POST, array(), array('owner' => $userid));

	requireOwnership($entry, $userid);

	$store->set('consumers', $entry['key'], '', $entry);
	
	$template = new SimpleSAML_XHTML_Template($config, 'oauth:registry.saved.php');
	$template->data['entry'] = $entry;
	$template->show();
	exit;
}

$form = $editor->metaToForm($entry);

$template = new SimpleSAML_XHTML_Template($config, 'oauth:registry.edit.tpl.php');
$template->data['form'] = $form;
$template->show();