Commit d2e7f0d3 authored by haemmer's avatar haemmer

Added #1760 and #1702

parent bd242862
...@@ -26,8 +26,11 @@ necessary for such releases. ...@@ -26,8 +26,11 @@ necessary for such releases.
SWITCHwayf Changes and Version History: SWITCHwayf Changes and Version History:
1.17 Release date: 2012 1.17 Release date: Mai 2012
- Added CSS styles for mobile view - Added CSS styles for mobile view
- Embedded WAYF now reads 'entityID' and 'return' GET arguments.
They get precedence over the values configured for the Embedded WAYF.
- Embedded WAYF logged in message now contains a link to target URL
1.16 Release date: 19. January 2012 1.16 Release date: 19. January 2012
- Added an improved version of the drop down list to the WAYF - Added an improved version of the drop down list to the WAYF
......
...@@ -16,6 +16,8 @@ ...@@ -16,6 +16,8 @@
var wayf_URL = "https://<?php echo $host ?><?php echo $path ?>"; var wayf_URL = "https://<?php echo $host ?><?php echo $path ?>";
// EntityID of the Service Provider that protects this Resource // EntityID of the Service Provider that protects this Resource
// Value will be overwritten automatically if the page where the Embedded WAYF
// is displayed is called with a GET argument 'entityID' as automatically set by Shibboleth
// Examples: "https://econf.switch.ch/shibboleth", "https://dokeos.unige.ch/shibboleth" // Examples: "https://econf.switch.ch/shibboleth", "https://dokeos.unige.ch/shibboleth"
// [Mandatory] // [Mandatory]
var wayf_sp_entityID = "https://my-app.switch.ch/shibboleth"; var wayf_sp_entityID = "https://my-app.switch.ch/shibboleth";
...@@ -143,6 +145,8 @@ var wayf_show_categories = true; ...@@ -143,6 +145,8 @@ var wayf_show_categories = true;
// Session Initiator URL of the Service Provider // Session Initiator URL of the Service Provider
// Examples: "https://econf.switch.ch/Shibboleth.sso/DS", "https://dokeos.unige.ch/Shibboleth.sso/DS" // Examples: "https://econf.switch.ch/Shibboleth.sso/DS", "https://dokeos.unige.ch/Shibboleth.sso/DS"
// This will implicitely be set to wayf_sp_samlDSURL = wayf_sp_handlerURL + "/DS"; // This will implicitely be set to wayf_sp_samlDSURL = wayf_sp_handlerURL + "/DS";
// or will be set automatically if the page where the Embedded WAYF is placed is called
// with a 'return' and an 'entityID' GET Arguments
// [Optional, if wayf_use_discovery_service = true // [Optional, if wayf_use_discovery_service = true
// or if wayf_additional_idps is not empty, default: commented out] // or if wayf_additional_idps is not empty, default: commented out]
// var wayf_sp_samlDSURL = wayf_sp_handlerURL + "/Login"; // var wayf_sp_samlDSURL = wayf_sp_handlerURL + "/Login";
......
...@@ -42,7 +42,7 @@ $langStrings['en'] = array ( ...@@ -42,7 +42,7 @@ $langStrings['en'] = array (
'login' => 'Login', 'login' => 'Login',
'login_with' => 'Login with:', 'login_with' => 'Login with:',
'other_federation' => 'From other federations', 'other_federation' => 'From other federations',
'logged_in' => 'You are already authenticated.', 'logged_in' => 'You are already authenticated. <a href=\"%s\">Proceed</a>.',
'most_used' => 'Most often used Home Organisations', 'most_used' => 'Most often used Home Organisations',
'invalid_return_url' => 'The return URL <tt>\'%s\'</tt> is not a valid URL.', 'invalid_return_url' => 'The return URL <tt>\'%s\'</tt> is not a valid URL.',
'unverified_return_url' => 'The return URL <tt>\'%s\'</tt> could not be verified for Service Provider <tt>\'%s\'</tt>.', 'unverified_return_url' => 'The return URL <tt>\'%s\'</tt> could not be verified for Service Provider <tt>\'%s\'</tt>.',
...@@ -89,7 +89,7 @@ $langStrings['de'] = array ( ...@@ -89,7 +89,7 @@ $langStrings['de'] = array (
'login' => 'Anmelden', 'login' => 'Anmelden',
'login_with' => 'Anmelden &uuml;ber:', 'login_with' => 'Anmelden &uuml;ber:',
'other_federation' => 'Von anderen F&ouml;derationen', 'other_federation' => 'Von anderen F&ouml;derationen',
'logged_in' => 'Sie sind bereits angemeldet.', 'logged_in' => 'Sie sind bereits angemeldet. <a href=\"%s\">Weiter</a>.',
'most_used' => 'Meist genutzte Home Organisationen', 'most_used' => 'Meist genutzte Home Organisationen',
'invalid_return_url' => 'Die return URL <tt>\'%s\'</tt> ist keine g&uuml;tige URL.', 'invalid_return_url' => 'Die return URL <tt>\'%s\'</tt> ist keine g&uuml;tige URL.',
'unverified_return_url' => 'Die return URL <tt>\'%s\'</tt> ist nicht g&uuml;tige f&uuml;r den Service Provider <tt>\'%s\'</tt>.', 'unverified_return_url' => 'Die return URL <tt>\'%s\'</tt> ist nicht g&uuml;tige f&uuml;r den Service Provider <tt>\'%s\'</tt>.',
...@@ -135,7 +135,7 @@ $langStrings['fr'] = array ( ...@@ -135,7 +135,7 @@ $langStrings['fr'] = array (
'login' => 'Connexion', 'login' => 'Connexion',
'login_with' => 'Se connecter avec:', 'login_with' => 'Se connecter avec:',
'other_federation' => 'D\'autres f&eacute;derations', 'other_federation' => 'D\'autres f&eacute;derations',
'logged_in' => 'Vous &ecirc;tes d&eacute;j&agrave; authentifi&eacute;.', 'logged_in' => 'Vous &ecirc;tes d&eacute;j&agrave; authentifi&eacute;. <a href=\"%s\">Continuez</a>.',
'most_used' => 'Home Organisations les plus utilis&eacute;es', 'most_used' => 'Home Organisations les plus utilis&eacute;es',
); );
...@@ -176,7 +176,7 @@ $langStrings['it'] = array ( ...@@ -176,7 +176,7 @@ $langStrings['it'] = array (
'login' => 'Login', 'login' => 'Login',
'login_with' => 'Login con:', 'login_with' => 'Login con:',
'other_federation' => 'Di altra federaziones', 'other_federation' => 'Di altra federaziones',
'logged_in' => 'Lei &egrave; gi&agrave; autenticato.', 'logged_in' => 'Lei &egrave; gi&agrave; autenticato. <a href=\"%s\">Proseguire</a>.',
'most_used' => 'Home Organisations utilizzate pi&ugrave; spesso', 'most_used' => 'Home Organisations utilizzate pi&ugrave; spesso',
); );
...@@ -216,7 +216,7 @@ $langStrings['pt'] = array ( ...@@ -216,7 +216,7 @@ $langStrings['pt'] = array (
'login' => 'Autenticar', 'login' => 'Autenticar',
'login_with' => 'Autenticar em:', 'login_with' => 'Autenticar em:',
'other_federation' => 'Outra Federa&ccedil;Atilde;o', 'other_federation' => 'Outra Federa&ccedil;Atilde;o',
'logged_in' => 'J&aacute; se encontra autenticado', 'logged_in' => 'J&aacute; se encontra autenticado. <a href=\"%s\">Continue</a>.',
'most_used' => 'Institui&ccedil;&atilde;o de Origem mais utilizada', 'most_used' => 'Institui&ccedil;&atilde;o de Origem mais utilizada',
); );
......
...@@ -313,8 +313,6 @@ function submitForm(){ ...@@ -313,8 +313,6 @@ function submitForm(){
} }
// User chose non-federation IdP // User chose non-federation IdP
// TODO: FIX windows error
// 4 >= (8 - 3/4)
if ( if (
wayf_additional_idps.length > 0 wayf_additional_idps.length > 0
&& document.IdPList.user_idp && document.IdPList.user_idp
...@@ -328,11 +326,20 @@ function submitForm(){ ...@@ -328,11 +326,20 @@ function submitForm(){
// Redirect user to SP handler // Redirect user to SP handler
if (wayf_use_discovery_service){ if (wayf_use_discovery_service){
redirect_url = wayf_sp_samlDSURL + '?entityID='
+ encodeURIComponent(NonFedEntityID)
+ '&target=' + encodeURIComponent(wayf_return_url);
// Make sure the redirect always is being done in parent window var entityIDGETParam = getGETArgument("entityID");
var returnGETParam = getGETArgument("return");
if (entityIDGETParam != "" && returnGETParam != ""){
redirect_url = returnGETParam;
} else {
redirect_url = wayf_sp_samlDSURL ;
redirect_url += '?target=' + encodeURIComponent(wayf_return_url);
}
// Append selected Identity Provider
redirect_url += '&entityID=' + encodeURIComponent(NonFedEntityID);
// Make sure the redirect always is being executed in parent window
if (window.parent){ if (window.parent){
window.parent.location = redirect_url; window.parent.location = redirect_url;
} else { } else {
...@@ -690,10 +697,27 @@ function decodeBase64(input) { ...@@ -690,10 +697,27 @@ function decodeBase64(input) {
return output; return output;
} }
function getGETArgument(name){
name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexString = "[\\?&]"+name+"=([^&#]*)";
var regex = new RegExp(regexString);
var results = regex.exec(window.location.href);
if( results == null ){
return "";
} else {
return decodeURIComponent(results[1]);
}
}
(function() { (function() {
var config_ok = true; var config_ok = true;
// Get GET parameters that maybe are set by Shibboleth
var returnGETParam = getGETArgument("return");
var entityIDGETParam = getGETArgument("entityID");
// First lets make sure properties are available // First lets make sure properties are available
if( if(
typeof(wayf_use_discovery_service) == "undefined" typeof(wayf_use_discovery_service) == "undefined"
...@@ -702,6 +726,12 @@ function decodeBase64(input) { ...@@ -702,6 +726,12 @@ function decodeBase64(input) {
wayf_use_discovery_service = true; wayf_use_discovery_service = true;
} }
// Overwrite entityID with GET argument if present
var entityIDGETParam = getGETArgument("entityID");
if (entityIDGETParam != ""){
wayf_sp_entityID = entityIDGETParam;
}
if( if(
typeof(wayf_sp_entityID) == "undefined" typeof(wayf_sp_entityID) == "undefined"
|| typeof(wayf_sp_entityID) != "string" || typeof(wayf_sp_entityID) != "string"
...@@ -841,7 +871,7 @@ function decodeBase64(input) { ...@@ -841,7 +871,7 @@ function decodeBase64(input) {
typeof(wayf_logged_in_messsage) == "undefined" typeof(wayf_logged_in_messsage) == "undefined"
|| typeof(wayf_logged_in_messsage) != "string" || typeof(wayf_logged_in_messsage) != "string"
){ ){
wayf_logged_in_messsage = "{$loggedInString}"; wayf_logged_in_messsage = "{$loggedInString}".replace(/%s/, wayf_return_url);
} }
if( if(
...@@ -975,24 +1005,30 @@ function decodeBase64(input) { ...@@ -975,24 +1005,30 @@ function decodeBase64(input) {
var form_start = ''; var form_start = '';
if (wayf_use_discovery_service == true){ if (wayf_use_discovery_service == true){
var return_url = wayf_sp_samlDSURL + '?SAMLDS=1&target=' + encodeURIComponent(wayf_return_url); // New SAML Discovery Service protocol
wayf_authReq_URL = wayf_URL wayf_authReq_URL = wayf_URL;
+ '?entityID=' + encodeURIComponent(wayf_sp_entityID)
+ '&amp;return=' + encodeURIComponent(return_url);
form_start = '<form id="IdPList" name="IdPList" method="post" target="_parent" action="' + wayf_authReq_URL + '">'; // Use GET arguments or use configuration parameters
if (entityIDGETParam != "" && returnGETParam != ""){
wayf_authReq_URL += '?entityID=' + encodeURIComponent(entityIDGETParam);
wayf_authReq_URL += '&amp;return=' + encodeURIComponent(returnGETParam);
} else {
var return_url = wayf_sp_samlDSURL + '?SAMLDS=1&target=' + encodeURIComponent(wayf_return_url);
wayf_authReq_URL += '?entityID=' + encodeURIComponent(wayf_sp_entityID);
wayf_authReq_URL += '&amp;return=' + encodeURIComponent(return_url);
}
} else { } else {
// Old Shibboleth WAYF protocol
wayf_authReq_URL = wayf_URL wayf_authReq_URL = wayf_URL;
+ '?providerId=' + encodeURIComponent(wayf_sp_entityID) wayf_authReq_URL += '?providerId=' + encodeURIComponent(wayf_sp_entityID);
+ '&amp;shire=' + encodeURIComponent(wayf_sp_samlACURL) wayf_authReq_URL += '&amp;shire=' + encodeURIComponent(wayf_sp_samlACURL);
+ '&amp;target=' + encodeURIComponent(wayf_return_url); wayf_authReq_URL += '&amp;time={$utcTime}';
form_start = '<form id="IdPList" name="IdPList" method="post" target="_parent" action="' + wayf_authReq_URL + '&amp;time={$utcTime}'
+ '">';
} }
// Add form element
form_start = '<form id="IdPList" name="IdPList" method="post" target="_parent" action="' + wayf_authReq_URL + '">';
SCRIPT; SCRIPT;
// Create redirect links in case the checkbox is checked // Create redirect links in case the checkbox is checked
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment