Commit b094335e authored by Lukas Haemmerle's avatar Lukas Haemmerle

Merge branch 'gip-renater/SWITCHwayf-renater/select2-rebase' into HEAD

parents 687a0487 23af2ffa
......@@ -6,11 +6,12 @@ See LICENSE file for details.
SWITCHwayf Changes
==================
SWITCHwayf version: v2.0
SWITCHwayf version: v2.X
Bundled with:
* JQuery v3.3.1
* ImprovedDropDown v1.0.2 (with modifications)
* Select2 v4.0.6-rc.0 and i18n files for languages supported by SWITCHwayf
Find below the changes for past releases of the SWITCHwayf and in the credits
sections the people who contributed to the SWITCHwayf.
......@@ -24,20 +25,26 @@ sections the people who contributed to the SWITCHwayf.
Version Number Policy
---------------------
* Releases with a version number 'X.Y.Z' are bug fix releases
* Releases with a version number 'X.Y.Z' are bug fix releases
correcting small bugs, typos and graphical issues.
* Releases with a version number 'X.Y' are minor releases that
introduce new functionality of fix non-trivial bugs.
Few adaptions in the configuration might be necessary to
* Releases with a version number 'X.Y' are minor releases that
introduce new functionality of fix non-trivial bugs.
Few adaptions in the configuration might be necessary to
upgrade to minor releases.
* Releases with a version number X are major releases that will
require major changes in the configuration files. Therefore,
* Releases with a version number X are major releases that will
require major changes in the configuration files. Therefore,
a clean installation might be necessary for such releases.
-------------------------------------------------------------------------------
SWITCHwayf Version History
--------------------------
* Version 2.x - Not released
- Added support for a new type of dropdown: select2 (https://select2.org/),
which loads IDP from a new JSON API. All loading of IDP occurs through ajax
calls, including searches. Works with both standard and embedded WAYF.
Code provided by Geoffroy Arnoud and Guillaume Rousse@
* Version 2.0 - Release date: 7. March 2019
This version comes with a new directory structure that
is quite different from previous versions.
......@@ -47,11 +54,11 @@ SWITCHwayf Version History
- Added code to filter IdPs by entity categories.
Code provided by Michael Simon
- Added Turkish translation provided by M. Uğur Yilmaz
- Added improved sorting for accented strings.
- Added improved sorting for accented strings.
Code provided by Geoffroy Arnoud
* Version 1.21 - Release date: 19. January 2018
- Allow loading configuration from a path in a
- Allow loading configuration from a path in a
web server environment variable to allow multi-tenant
deployments. Code provided by Guillaume Rousse.
- Added code to readMetadata.php to ignore comments
......@@ -62,14 +69,14 @@ SWITCHwayf Version History
- Hide IdPs also from category 'Last Used IdP'
- User HTTP post has preference over session cookies
set by 'remember' checkbox
- Various other improvements suggested by Guillaume Rousse.
- Various other improvements suggested by Guillaume Rousse.
- Removed SWITCH-specific strings from languages file
- Made Javascript less prone to conflicts thanks to
contributed code from Christian Glahn
* Version 1.20.2 - Release date: 22. December 2015
- Upgraded JQuery library to 3.1
- Fixed bug #3736 that causes SProvider.metadata.php not to
- Fixed bug #3736 that causes SProvider.metadata.php not to
be written/updated if metadata file only contains IdPs.
- Updated in copyright information
......@@ -106,7 +113,7 @@ SWITCHwayf Version History
- Sorting of Identity Providers is now case-insensitive
- Improved the code to handle large metadata files to prevent memory
limit issues
- Improved drop-down list now does not reload JQuery 1.x unless JQuery
- Improved drop-down list now does not reload JQuery 1.x unless JQuery
version is older than 1.5
- Updated JQuery library to latest version, which is 1.11.1
......@@ -139,8 +146,8 @@ SWITCHwayf Version History
WAYF to show last n used IdPs at top of drop down list. Default is 3.
- Added Embedded WAYF option wayf_overwrite_from_other_federations_text
to overwrite the category name of IdPs from other federations
- Added Embedded WAYF option wayf_auto_redirect_if_logged_in that
automatically sends a user to the wayf_return_url if he already is
- Added Embedded WAYF option wayf_auto_redirect_if_logged_in that
automatically sends a user to the wayf_return_url if he already is
authenticated.
- Various Javascript improvements to offload computation from WAYF to client
and to improve the code quality.
......@@ -149,27 +156,27 @@ SWITCHwayf Version History
- SP names from MDUI metadata elements are now used if available
- Added new version of JQuery library
- Some small styling changes/CSS improvements
Issues: <https://forge.switch.ch/redmine/projects/wayf/versions/56>
Please read the specific update instructions in the README file.
* Version 1.18 - Release date: 5. August 2013
- Changed default SessionInitiator of the Embedded WAYF to
/Login because this has been the default SessionInitiator in
- Changed default SessionInitiator of the Embedded WAYF to
/Login because this has been the default SessionInitiator in
Shibboleth for quite some time now.
- Corrected viewport meta tag separator of default header as suggested
by Andrew Sokolov from Saint Petersburg State University
by Andrew Sokolov from Saint Petersburg State University
- Fixed a bug in the IdP preselection of the embedded wayf when
additional IdPs where added
- Removed as many SWITCH-specific graphics and texts as possible.
- Introduced configuration options to allow easier customization.
- Fixed a few small bugs
- Added some optimizations to the drop-down list search-as-you type
- Added some optimizations to the drop-down list search-as-you type
feature
- The log file now logs - if possible - also the SP entityID/providerId
- Some small styling changes/CSS improvements
- Added Japanese locales from the GakuNin version of the WAYF
Issues: <https://forge.switch.ch/redmine/projects/wayf/versions/62>
Please read the specific update instructions in the README file, as some
new configuration options were introduced that should be revised.
......@@ -179,7 +186,7 @@ SWITCHwayf Version History
Bug reported with a patch by Takeshi Nishimura
- Fixed typo in configuration otpion useImprovedDropDownList
- Added Javascripts required for improved drop down list
Issues: <https://forge.switch.ch/redmine/projects/wayf/versions/55>
* Version 1.17 Release date: 18. May 2012
......@@ -187,7 +194,7 @@ SWITCHwayf Version History
- Embedded WAYF now reads 'entityID' and 'return' GET arguments.
They get precedence over the values configured for the Embedded WAYF.
- Embedded WAYF logged in message now contains a link to target URL
Issues: <https://forge.switch.ch/redmine/projects/wayf/versions/45>
* Version 1.16 - Release date: 19. January 2012
......@@ -201,7 +208,7 @@ SWITCHwayf Version History
decide whether or not to preselect an Identity Provider in the
Embedded WAYF.
Code contributed by Takeshi Nishimura from NII (Japan)
- If the Discovery Feed feature is activated only those IdPs are shown
- If the Discovery Feed feature is activated only those IdPs are shown
that are contained in the feed. Others will be hidden automatically.
- Added Keywords property to format of IDP entries to allow users to
search Identity Providers using a keyword.
......@@ -219,7 +226,7 @@ SWITCHwayf Version History
- Focus on submit button works better with different browsers
- Invalid values for width and height are now defaulted to auto for
Embedded WAYF
- Fixed a URL composing bug that resulted in a wrong return URL to
- Fixed a URL composing bug that resulted in a wrong return URL to
the Service Provider if the return parameter did not contain any GET
arguments. Reported by Tom Scavo
- Made implementation behave according to the Discovery Service protocol
......@@ -228,7 +235,7 @@ SWITCHwayf Version History
Reported by Tom Scavo.
Issues: <https://forge.switch.ch/redmine/projects/wayf/versions/26>
* Version 1.14.3 - Release date: 4. March 2011
- Fixed a race condition.
Thanks go to Robert Basch for reporting the issue and providing a patch.
......@@ -240,7 +247,7 @@ SWITCHwayf Version History
- Logging to syslog now works properly and is more consistent
- Access log now properly locks file
- Unknown category is not shown anymore when there is no other category
- Namespaces are now taken properly into account when parsing SAML2
- Namespaces are now taken properly into account when parsing SAML2
metadata. Thanks go to Olivier Salaün for reporting this issue and
submitting a patch.
- Improved installation instructions
......@@ -250,8 +257,8 @@ SWITCHwayf Version History
* Version 1.14.1 - Release date: 12. November 2010
- Fixed an encoding bug that affected non-ASCII characters in JavaScripts.
Thanks to Prof. Kazutsuna Yamaji for reporting this issue.
- Corrected behaviour of $enableDSReturnParamCheck and
$useACURLsForReturnParamCheck. There won't be an error anymore if an SP
- Corrected behaviour of $enableDSReturnParamCheck and
$useACURLsForReturnParamCheck. There won't be an error anymore if an SP
has no <idpdisc:DiscoveryResponse> extension defined. In such a case
there will only be a check if $useACURLsForReturnParamCheck is enabled.
- Fixed a bug in readMetadata.php that prevented CLI execution
......@@ -274,7 +281,7 @@ Main developer of the SWITCHwayf: Lukas Hämmerle (SWITCH)
The SWITCHwayf uses code from the following libraries:
* jQuery by the jQuery Foundation and other contributors,
* jQuery by the jQuery Foundation and other contributors,
http://jquery.com/
* Improved Dropdown by John Fuex
https://bitbucket.org/Johnfx/improveddropdown-jquery-plugin/src
......@@ -283,9 +290,9 @@ The SWITCHwayf uses code from the following libraries:
Please consult the LICENSE.txt file for the individual licenses of these components.
Find below a list of people who have contributed to the code, either because they
found bugs, suggested improvements or contributed code. Have a look at the
version history in order to see the individual contributions. The list is sorted
Find below a list of people who have contributed to the code, either because they
found bugs, suggested improvements or contributed code. Have a look at the
version history in order to see the individual contributions. The list is sorted
alphabetically.
- Geoffroy Arnoud from RENATER (FR)
......@@ -315,8 +322,8 @@ alphabetically.
- And of course all SWITCH staff members who have contributed suggestions,
bug fixes and translation to this code.
Special thanks also go to RENATER, the French
Research & Education Network. The main developer
(Lukas Hämmerle) has been a guest at RENATER for 6 months in
2013, during which he worked - among other things - also on the
Special thanks also go to RENATER, the French
Research & Education Network. The main developer
(Lukas Hämmerle) has been a guest at RENATER for 6 months in
2013, during which he worked - among other things - also on the
versions 1.18 and 1.19 of the SWITCHwayf.
......@@ -26,7 +26,7 @@ Some of the Features:
- The central Discovery Service also works without Java Script
- Search-as-you type or selection from a list of organisations
- Various customizations options for header, footer, language strings etc.
- I18N support, currently language packs for en, de, it, fr and some other
- I18N support, currently language packs for en, de, it, fr, tr and some other
languages are included
- HTML code generation for embedding the WAYF directly into a web page
- Support for remembering IdP selection accross different services (when
......@@ -82,17 +82,22 @@ In particular, the following customizations can be applied:
both for the stand-alone WAYF as well as the Embedded WAYF. The styles are
loaded in addition to the default-ImprovedDropDown.css.
* CSS Improved Drop Down Style: `css/custom-select2.css`
Customize CSS styles to alter the appearance of the Select2 drop-down list,
both for the stand-alone WAYF as well as the Embedded WAYF. The styles are
loaded in addition to the default-select2.css.
* Languages: `custom-languages.php`
Can be used to change default or add new language strings. The custom
languages strings in addition to the default styles. Therefore, they can be
used to overwrite the default CSS styles.
This file can also be used to white or black list certain languages by
adding to the end of the file:
// Example to black list Japanase and Portuguese
unset($langStrings['ja']);
unset($langStrings['pt']);
// Example to white list English, Italian, French and German
foreach($langStrings as $lang => $strings){
if ($lang != 'en' && $lang != 'it' && $lang != 'fr' && $lang != 'de'){
......@@ -171,6 +176,10 @@ However, if the script is accessed via HTTPS, the overall speed gain by using
an opcode cacher is much less because the TLS hand-shake is what
needs most time.
When having lot's of IDP, using Select2 drop-down can provide great performane
increase from end-user point of view, because the full IDP list is not
downloaded.
-------------------------------------------------------------------------------
SAML2 Metadata support
......@@ -185,10 +194,10 @@ SAML2 Medatadata file that is used by Shibboleth:
- Make sure the files specified in $metadataIDPFile and $metadataSPFile can be
written by the userthat executes the PHP script (the web server user,
e.g. www-data or _www)
- You may want to execute php SWITCHwayf/bin/update-metadata.php
- You may want to execute php SWITCHwayf/bin/update-metadata.php
manually or with a cron job to avoid that delayed requests for users
who happen to trigger automatic processing of new metadata files.
See php bin/update-metadata.php -h for some details and
See php bin/update-metadata.php -h for some details and
suggestions on how to use the script.
The parsed IDP and SP entries will be stored in $metadataIDPFile and
......@@ -290,6 +299,10 @@ Embedded WAYF code limitations:
* If placed on a host where no Service Provider is installed, the Embedded WAYF
might not be able to detect whether a user is logged in or not. Also, the
wayf_use_disco_feed might not be used.
* When using Select2, one must activate settings both in the embedding web page
and as query param of the downloaded JS (this is explained in snippet)
* IDP Api allows '*' as origin for requests, but limiting this can obviously
prevent embedded WAYF to work with Select2
-------------------------------------------------------------------------------
......@@ -546,3 +559,6 @@ Path Info Extensions:
* [/IDProviders.php]
Same as above but as PHP code
* [/api/idps]
JSON API used by Select2 to fetch IDP. Supports pagination and server-side
searches.
......@@ -11,7 +11,7 @@ met:
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of SWITCH nor the names of its contributors may
* Neither the name of SWITCH nor the names of its contributors may
be used to endorse or promote products derived from this software
without specific prior written permission.
......@@ -111,3 +111,30 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-------------------------------------------------------------------------
License note Select2
-------------------------------------------------------
Copyright 2017 - Select2, https://select2.org/
The MIT License (MIT)
Copyright (c) 2012-2017 Kevin Brown, Igor Vaynberg, and Select2 contributors
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
......@@ -74,7 +74,9 @@ Installation
5. If Apache 2 is used, add the following statement to the Apache configuration:
Alias /#SOME_PATH#/api/idps /#YOUR-PATH-TO#/SWITCHwayf/lib/idpApi.php
Alias /#SOME_PATH# /#YOUR-PATH-TO#/SWITCHwayf/www
<Directory /#YOUR-PATH-TO#/SWITCHwayf/www>
Options Indexes MultiViews
AllowOverride None
......
......@@ -75,6 +75,17 @@
// (src="data:image/png;base64...") will however still be displayed
//$disableRemoteLogos = false;
// Whether or not use Select2 drop down
// Attention: setting this to true, overrides $useImprovedDropDownList param
//$useSelect2 = true;
// Config to change the number of IdP fetched when using Select2 dropdown
//$select2PageSize = 100;
// For Select2 to work in embedded WAYF, CORS must be enabled.
// This settings allows to limit origins
// default: *
//$allowedCORSDomain = "*";
// Number of previously used Identity Providers to show at top of drop-down list
// Default is 3, set to 0 to disable
......@@ -143,7 +154,7 @@
// Requires $useEmbeddedWAYF to be true
//$useEmbeddedWAYFPrivacyProtection = false;
// If enabled, the referer hostname of the request must match an assertion
// If enabled, the referer hostname of the request must match an assertion
// consumer URL or a discovery URL of a Service Provider in $metadataSPFile
// in order to let the Embedded WAYF preselect an Identity Provider.
// Therefore, this option is a good compromise between data protection and
......@@ -163,8 +174,8 @@
// Only process IDPs with a particular entity category. All
// others are ignored and not taken into account.
// Multiple entity category identifiers can be provided
// space separated. If the IdP is in none of them,
// Multiple entity category identifiers can be provided
// space separated. If the IdP is in none of them,
// the IdP is ignored.
//$filterEntityCategory = 'http://example.com/category/example-member';
......@@ -233,7 +244,8 @@
// the WAYF script.
//$javascriptURL = 'https://ds.example.org/SWITCHwayf/js';
// Abolute URL to point to APIs
//$apiURL = 'https://ds.example.org/SWITCHwayf/api';
// 5. Appearance Settings
//**************************
......@@ -295,4 +307,4 @@
//**************************
// If the development mode is activated, PHP errors and warnings will be displayed
// on pages the SWITCHwayf generates
$developmentMode = true;
//$developmentMode = true;
<?php // Copyright (c) 2019, SWITCH
/*------------------------------------------------*/
// Common stuff for PHP executable URI (WAYF, idps)
/*------------------------------------------------*/
/*------------------------------------------------*/
// Load general configuration and template file
/*------------------------------------------------*/
$topLevelDir = dirname(__DIR__);
if (isset($_SERVER{'SWITCHWAYF_CONFIG'})) {
require_once($_SERVER{'SWITCHWAYF_CONFIG'});
} else {
require_once($topLevelDir . '/etc/config.php');
}
require_once($topLevelDir . '/lib/languages.php');
require_once($topLevelDir . '/lib/functions.php');
require_once($topLevelDir . '/lib/templates.php');
// Set default config options
initConfigOptions();
// Read custom locales
if (file_exists($topLevelDir . '/lib/custom-languages.php')) {
require_once($topLevelDir . '/lib/custom-languages.php');
}
/*------------------------------------------------*/
// Turn on PHP error reporting
/*------------------------------------------------*/
if ($developmentMode) {
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 'On');
ini_set('log_erros', 'Off');
} else {
error_reporting(0);
}
/*------------------------------------------------*/
// Read IDP configuration file
/*------------------------------------------------*/
// Determine language
$language = determineLanguage();
// Check if IdP files differ
// If not load file
if ($IDPConfigFile == $backupIDPConfigFile) {
require_once($IDPConfigFile);
// If they do, check config file
} elseif (checkConfig($IDPConfigFile, $backupIDPConfigFile)) {
require_once($IDPConfigFile);
// Use backup file if something went wrong
} else {
require_once($backupIDPConfigFile);
}
// Read metadata file if configuration option is set
if ($useSAML2Metadata && function_exists('xml_parser_create')) {
require($topLevelDir . '/lib/readMetadata.php');
updateMetadata();
}
// Set default type
foreach ($IDProviders as $key => $values) {
if (!isset($IDProviders[$key]['Type'])) {
$IDProviders[$key]['Type'] = 'unknown';
}
}
/*------------------------------------------------*/
// Sort Identity Providers
/*------------------------------------------------*/
if ($useSAML2Metadata) {
// Only automatically sort if list of Identity Provider is parsed
// from metadata instead of being manualy managed
sortIdentityProviders($IDProviders);
}
/*------------------------------------------------*/
// Retrieve previously selected IDPs
/*------------------------------------------------*/
// Get previously accessed IdPs
if (isset($_COOKIE[$SAMLDomainCookieName])) {
$IDPArray = getIdPArrayFromValue($_COOKIE[$SAMLDomainCookieName]);
} else {
$IDPArray = array();
}
<?php // Copyright (c) 2019, SWITCH ?>
<?php // Copyright (c) 2019, SWITCH?>
<!-- Identity Provider Selection: Start -->
<h1><?php echo getLocalString('header'); ?></h1>
<form id="IdPList" name="IdPList" method="post" onSubmit="return checkForm()" action="<?php echo $actionURL ?>">
<h1><?php echo getLocalString('header'); ?></h1>
<form id="IdPList" name="IdPList" method="post" onSubmit="<?php echo printSubmitAction() ?>" action="<?php echo $actionURL ?>">
<div id="userInputArea">
<p class="promptMessage"><?php echo $promptMessage ?></p>
<div style="text-align: center">
<select name="user_idp" id="userIdPSelection">
<option value="-" <?php echo $defaultSelected ?>><?php echo getLocalString('select_idp') ?> ...</option>
<?php printDropDownList($IDProviders, $selectedIDP) ?>
<select name="user_idp" id="userIdPSelection" class="userIdPSelection" tabindex="0">
<?php
// If we use select2, we don't want IDP to be in DOM, but to use AJAX instead
if (!isUseSelect2()) {
echo '<option value="-" '.$defaultSelected.'>'.getLocalString('select_idp').' ...</option>';
printDropDownList($IDProviders, $selectedIDP);
}
?>
</select>
<input type="submit" name="Select" accesskey="s" value="<?php echo getLocalString('select_button') ?>">
<input type="submit" name="Select" accesskey="s" value="<?php echo getLocalString('select_button') ?>">
</div>
<div style="text-align: left">
<p class="selectOptions">
......@@ -26,7 +33,9 @@
</div>
</form>
<?php if (getLocalString('additional_info') != '') { ?>
<?php if (getLocalString('additional_info') != '') {
?>
<p><?php echo getLocalString('additional_info') ?></p>
<?php } ?>
<?php
} ?>
<!-- Identity Provider Selection: End -->
<?php // Copyright (c) 2019, SWITCH ?>
<?php // Copyright (c) 2019, SWITCH?>
<!-- EMBEDDED-WAYF-START -->
<script type="text/javascript"><!--
// To use this JavaScript, please access:
// https://<?php echo $host ?><?php echo $path ?>/embedded-wayf.js/snippet.html
// and copy/paste the resulting HTML snippet to an unprotected web page that
// and copy/paste the resulting HTML snippet to an unprotected web page that
// you want the embedded WAYF to be displayed
......@@ -36,18 +36,18 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
//////////////////// RECOMMENDED SETTINGS ////////////////////
// Width of the embedded WAYF in pixels or "auto"
// This is the width of the content only (without padding and border).
// Add 2 x (10px + 1px) = 22px for padding and border to get the actual
// This is the width of the content only (without padding and border).
// Add 2 x (10px + 1px) = 22px for padding and border to get the actual
// width of everything that is drawn.
// [Optional, default: "auto"]
// var wayf_width = 250;
// Height of the embedded WAYF in pixels or "auto"
// This is the height of the content only (without padding and border).
// Add 2 x (10px + 1px) = 22px for padding and border to get the actual
// This is the height of the content only (without padding and border).
// Add 2 x (10px + 1px) = 22px for padding and border to get the actual
// height of everything that is drawn.
// [Optional, default: "auto"]
// Example for fixed size:
// Example for fixed size:
// var wayf_height = 150;
// Whether to show the checkbox to remember settings for this session
......@@ -86,7 +86,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
//var wayf_auto_login = true;
// Whether to hide the WAYF after the user was logged in
// This requires that the _shib_session_* cookie is set when a user
// This requires that the _shib_session_* cookie is set when a user
// could be authenticated, which is the default case when Shibboleth is used.
// For other Service Provider implementations have a look at the setting
// wayf_check_login_state_function that allows you to customize this
......@@ -128,16 +128,16 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// Use the SAML2/Shibboleth 2 Discovery Service protocol where
// the user is sent back to the Service Provider after selection
// of his Home Organisation.
// This feature should only be uncommented and set to false if there
// This feature should only be uncommented and set to false if there
// is a good reason why to use the old and deprecated Shibboleth WAYF
// protocol instead.
// [Optional, default: true]
// var wayf_use_discovery_service = false;
// If enabled, the Embedded WAYF will activate the
// improved drop down list feature, which will transform the list of
// If enabled, the Embedded WAYF will activate the
// improved drop down list feature, which will transform the list of
// organisations into a search-field while keeping its original function as
// a select list. To make this work, the JQuery library will dynamically be
// a select list. To make this work, the JQuery library will dynamically be
// loaded if it is not yet present. Additionally, another Javascript and CSS
// file are loaded to perform the actual transformation.
// Please note that this feature will also display the organisations' logos,
......@@ -147,10 +147,17 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// [Optional, default: false]
// var wayf_use_improved_drop_down_list = false;
// Whether or not use Select2 drop down
// Attention: setting this to true, overrides $useImprovedDropDownList param
// For this to fully work, one must also add useSelect2 query Param to the
// embedded-wayf.js script loading URL.
// Page size is contrrolled by WAYF server directly.
// var wayf_use_select2 = false;
// If true the improved drop-down-list will not display IdP logos that
// have to be loaded from remote URLs. That way the web browser
// does not have to make requests to third party hosts.
// Logos that are embedded using data URIs
// Logos that are embedded using data URIs
// (src="data:image/png;base64...") will however still be displayed
// Don't confuse this with wayf_hide_logo, which shows or hides
// the logo of this WAYF instance
......@@ -159,7 +166,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// If true the improved drop-down-list automatic filtering
// of entries while typing content in the search box will
// allow matching IdPs either by their name or entityID,
// allow matching IdPs either by their name or entityID,
// whereas otherwise only the name is considered
// [Optional, default: true]
// wayf_enable_entityid_matching = true;
......@@ -168,7 +175,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// current browser session. If wayf_show_remember_checkbox is true
// the checkbox will be shown but will be read only.
// WARNING: Only use this feature if you know exactly what you are doing
// This option will cause problems that are difficult to find
// This option will cause problems that are difficult to find
// in case they accidentially select a wrong Home Organisation
// [Optional, default: false]
//var wayf_force_remember_for_session = false;
......@@ -178,7 +185,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// This will implicitely be set to wayf_sp_samlDSURL = wayf_sp_handlerURL + "/Login";
// or will be set automatically if the page where the Embedded WAYF is placed is called
// with a 'return' and an 'entityID' GET Arguments
// [Optional, if wayf_use_discovery_service = true
// [Optional, if wayf_use_discovery_service = true
// or if wayf_additional_idps is not empty, default: wayf_sp_handlerURL + "/Login"]
// var wayf_sp_samlDSURL = wayf_sp_handlerURL + "/Login";
......@@ -188,7 +195,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// var wayf_default_idp = "https://aai-logon.switch.ch/idp/shibboleth";
// Number of last used IdPs to show
// Will not be shown if wayf_show_categories is false
// Will not be shown if wayf_show_categories is false
// Set to 0 to deactivate
// [Optional, default: 3]
// var wayf_num_last_used_idps = 3;
......@@ -227,7 +234,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// var wayf_overwrite_from_other_federations_text = 'Other organisations';
// Whether to hide the WAYF after the user was logged in
// This requires that the _shib_session_* cookie is set when a user
// This requires that the _shib_session_* cookie is set when a user
// could be authenticated
// If you want to hide the embedded WAYF completely, uncomment
// the property and set it to "". This then won't draw anything
......@@ -236,7 +243,7 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"
// If the user is already logged in and this variable is set to true, the WAYF
// will automatically redirect the user to the URL set in wayf_return_url.
// If the WAYF is embedded on a dedicated login page, this value should be set
// If the WAYF is embedded on a dedicated login page, this value should be set
// to true. Else, it should be left at its default value 'false'.
// [Optional, default: false]
// var wayf_auto_redirect_if_logged_in = true;
......@@ -244,19 +251,19 @@ var wayf_return_url = "https://my-app.switch.ch/aai/index.php?page=show_welcome"