Commit d2e7f0d3 authored by haemmer's avatar haemmer

Added #1760 and #1702

parent bd242862
......@@ -26,8 +26,11 @@ necessary for such releases.
SWITCHwayf Changes and Version History:
1.17 Release date: 2012
1.17 Release date: Mai 2012
- Added CSS styles for mobile view
- Embedded WAYF now reads 'entityID' and 'return' GET arguments.
They get precedence over the values configured for the Embedded WAYF.
- Embedded WAYF logged in message now contains a link to target URL
1.16 Release date: 19. January 2012
- Added an improved version of the drop down list to the WAYF
......
......@@ -16,6 +16,8 @@
var wayf_URL = "https://<?php echo $host ?><?php echo $path ?>";
// EntityID of the Service Provider that protects this Resource
// Value will be overwritten automatically if the page where the Embedded WAYF
// is displayed is called with a GET argument 'entityID' as automatically set by Shibboleth
// Examples: "https://econf.switch.ch/shibboleth", "https://dokeos.unige.ch/shibboleth"
// [Mandatory]
var wayf_sp_entityID = "https://my-app.switch.ch/shibboleth";
......@@ -143,6 +145,8 @@ var wayf_show_categories = true;
// Session Initiator URL of the Service Provider
// Examples: "https://econf.switch.ch/Shibboleth.sso/DS", "https://dokeos.unige.ch/Shibboleth.sso/DS"
// This will implicitely be set to wayf_sp_samlDSURL = wayf_sp_handlerURL + "/DS";
// or will be set automatically if the page where the Embedded WAYF is placed is called
// with a 'return' and an 'entityID' GET Arguments
// [Optional, if wayf_use_discovery_service = true
// or if wayf_additional_idps is not empty, default: commented out]
// var wayf_sp_samlDSURL = wayf_sp_handlerURL + "/Login";
......
......@@ -42,7 +42,7 @@ $langStrings['en'] = array (
'login' => 'Login',
'login_with' => 'Login with:',
'other_federation' => 'From other federations',
'logged_in' => 'You are already authenticated.',
'logged_in' => 'You are already authenticated. <a href=\"%s\">Proceed</a>.',
'most_used' => 'Most often used Home Organisations',
'invalid_return_url' => 'The return URL <tt>\'%s\'</tt> is not a valid URL.',
'unverified_return_url' => 'The return URL <tt>\'%s\'</tt> could not be verified for Service Provider <tt>\'%s\'</tt>.',
......@@ -89,7 +89,7 @@ $langStrings['de'] = array (
'login' => 'Anmelden',
'login_with' => 'Anmelden &uuml;ber:',
'other_federation' => 'Von anderen F&ouml;derationen',
'logged_in' => 'Sie sind bereits angemeldet.',
'logged_in' => 'Sie sind bereits angemeldet. <a href=\"%s\">Weiter</a>.',
'most_used' => 'Meist genutzte Home Organisationen',
'invalid_return_url' => 'Die return URL <tt>\'%s\'</tt> ist keine g&uuml;tige URL.',
'unverified_return_url' => 'Die return URL <tt>\'%s\'</tt> ist nicht g&uuml;tige f&uuml;r den Service Provider <tt>\'%s\'</tt>.',
......@@ -135,7 +135,7 @@ $langStrings['fr'] = array (
'login' => 'Connexion',
'login_with' => 'Se connecter avec:',
'other_federation' => 'D\'autres f&eacute;derations',
'logged_in' => 'Vous &ecirc;tes d&eacute;j&agrave; authentifi&eacute;.',
'logged_in' => 'Vous &ecirc;tes d&eacute;j&agrave; authentifi&eacute;. <a href=\"%s\">Continuez</a>.',
'most_used' => 'Home Organisations les plus utilis&eacute;es',
);
......@@ -176,7 +176,7 @@ $langStrings['it'] = array (
'login' => 'Login',
'login_with' => 'Login con:',
'other_federation' => 'Di altra federaziones',
'logged_in' => 'Lei &egrave; gi&agrave; autenticato.',
'logged_in' => 'Lei &egrave; gi&agrave; autenticato. <a href=\"%s\">Proseguire</a>.',
'most_used' => 'Home Organisations utilizzate pi&ugrave; spesso',
);
......@@ -216,7 +216,7 @@ $langStrings['pt'] = array (
'login' => 'Autenticar',
'login_with' => 'Autenticar em:',
'other_federation' => 'Outra Federa&ccedil;Atilde;o',
'logged_in' => 'J&aacute; se encontra autenticado',
'logged_in' => 'J&aacute; se encontra autenticado. <a href=\"%s\">Continue</a>.',
'most_used' => 'Institui&ccedil;&atilde;o de Origem mais utilizada',
);
......
......@@ -313,8 +313,6 @@ function submitForm(){
}
// User chose non-federation IdP
// TODO: FIX windows error
// 4 >= (8 - 3/4)
if (
wayf_additional_idps.length > 0
&& document.IdPList.user_idp
......@@ -328,11 +326,20 @@ function submitForm(){
// Redirect user to SP handler
if (wayf_use_discovery_service){
redirect_url = wayf_sp_samlDSURL + '?entityID='
+ encodeURIComponent(NonFedEntityID)
+ '&target=' + encodeURIComponent(wayf_return_url);
// Make sure the redirect always is being done in parent window
var entityIDGETParam = getGETArgument("entityID");
var returnGETParam = getGETArgument("return");
if (entityIDGETParam != "" && returnGETParam != ""){
redirect_url = returnGETParam;
} else {
redirect_url = wayf_sp_samlDSURL ;
redirect_url += '?target=' + encodeURIComponent(wayf_return_url);
}
// Append selected Identity Provider
redirect_url += '&entityID=' + encodeURIComponent(NonFedEntityID);
// Make sure the redirect always is being executed in parent window
if (window.parent){
window.parent.location = redirect_url;
} else {
......@@ -690,10 +697,27 @@ function decodeBase64(input) {
return output;
}
function getGETArgument(name){
name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexString = "[\\?&]"+name+"=([^&#]*)";
var regex = new RegExp(regexString);
var results = regex.exec(window.location.href);
if( results == null ){
return "";
} else {
return decodeURIComponent(results[1]);
}
}
(function() {
var config_ok = true;
// Get GET parameters that maybe are set by Shibboleth
var returnGETParam = getGETArgument("return");
var entityIDGETParam = getGETArgument("entityID");
// First lets make sure properties are available
if(
typeof(wayf_use_discovery_service) == "undefined"
......@@ -702,6 +726,12 @@ function decodeBase64(input) {
wayf_use_discovery_service = true;
}
// Overwrite entityID with GET argument if present
var entityIDGETParam = getGETArgument("entityID");
if (entityIDGETParam != ""){
wayf_sp_entityID = entityIDGETParam;
}
if(
typeof(wayf_sp_entityID) == "undefined"
|| typeof(wayf_sp_entityID) != "string"
......@@ -841,7 +871,7 @@ function decodeBase64(input) {
typeof(wayf_logged_in_messsage) == "undefined"
|| typeof(wayf_logged_in_messsage) != "string"
){
wayf_logged_in_messsage = "{$loggedInString}";
wayf_logged_in_messsage = "{$loggedInString}".replace(/%s/, wayf_return_url);
}
if(
......@@ -975,24 +1005,30 @@ function decodeBase64(input) {
var form_start = '';
if (wayf_use_discovery_service == true){
var return_url = wayf_sp_samlDSURL + '?SAMLDS=1&target=' + encodeURIComponent(wayf_return_url);
// New SAML Discovery Service protocol
wayf_authReq_URL = wayf_URL
+ '?entityID=' + encodeURIComponent(wayf_sp_entityID)
+ '&amp;return=' + encodeURIComponent(return_url);
wayf_authReq_URL = wayf_URL;
form_start = '<form id="IdPList" name="IdPList" method="post" target="_parent" action="' + wayf_authReq_URL + '">';
// Use GET arguments or use configuration parameters
if (entityIDGETParam != "" && returnGETParam != ""){
wayf_authReq_URL += '?entityID=' + encodeURIComponent(entityIDGETParam);
wayf_authReq_URL += '&amp;return=' + encodeURIComponent(returnGETParam);
} else {
var return_url = wayf_sp_samlDSURL + '?SAMLDS=1&target=' + encodeURIComponent(wayf_return_url);
wayf_authReq_URL += '?entityID=' + encodeURIComponent(wayf_sp_entityID);
wayf_authReq_URL += '&amp;return=' + encodeURIComponent(return_url);
}
} else {
wayf_authReq_URL = wayf_URL
+ '?providerId=' + encodeURIComponent(wayf_sp_entityID)
+ '&amp;shire=' + encodeURIComponent(wayf_sp_samlACURL)
+ '&amp;target=' + encodeURIComponent(wayf_return_url);
form_start = '<form id="IdPList" name="IdPList" method="post" target="_parent" action="' + wayf_authReq_URL + '&amp;time={$utcTime}'
+ '">';
// Old Shibboleth WAYF protocol
wayf_authReq_URL = wayf_URL;
wayf_authReq_URL += '?providerId=' + encodeURIComponent(wayf_sp_entityID);
wayf_authReq_URL += '&amp;shire=' + encodeURIComponent(wayf_sp_samlACURL);
wayf_authReq_URL += '&amp;time={$utcTime}';
}
// Add form element
form_start = '<form id="IdPList" name="IdPList" method="post" target="_parent" action="' + wayf_authReq_URL + '">';
SCRIPT;
// Create redirect links in case the checkbox is checked
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment