templates.php 12.6 KB
Newer Older
Lukas Haemmerle's avatar
Lukas Haemmerle committed
1
<?php // Copyright (c) 2018, SWITCH
haemmer's avatar
haemmer committed
2

haemmer's avatar
haemmer committed
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
/*
******************************************************************************
This file contains the some functions that render HTML code.
******************************************************************************
*/

if(!isset($_SERVER['REMOTE_ADDR']) || basename($_SERVER['SCRIPT_NAME']) == 'templates.php'){
	exit('No direct script access allowed');
}

/*------------------------------------------------*/
// Functions containing HTML code
/*------------------------------------------------*/

function printHeader(){

haemmer's avatar
haemmer committed
19 20
	global $langStrings, $language, $imageURL, $javascriptURL, $cssURL, $logoURL;
	global $useImprovedDropDownList, $disableRemoteLogos, $organizationLogoURL;
haemmer's avatar
haemmer committed
21
	global $federationURL, $organizationURL, $faqURL, $helpURL, $privacyURL;
22
	global $customStrings;
haemmer's avatar
haemmer committed
23
	
24
	include(get_template('header.php'));
haemmer's avatar
haemmer committed
25 26 27 28 29 30 31
}


/******************************************************************************/
// Presents the user the drop-down list with available IDPs
function printWAYF(){
	
haemmer's avatar
haemmer committed
32
	global $selectedIDP, $language, $IDProviders, $SProviders, $redirectCookieName, $imageURL, $redirectStateCookieName, $showPermanentSetting;
33
	global $customStrings;
haemmer's avatar
haemmer committed
34 35 36 37
	
	if (!isset($showPermanentSetting)){
		$showPermanentSetting = false;
	}
haemmer's avatar
haemmer committed
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
	
	$promptMessage =  getLocalString('make_selection');
	$serviceName = '';
	$entityID = '';
	
	// Check if entityID is available
	if (isset($_GET['entityID'])){
		$entityID = $_GET['entityID'];
	} else if (isset($_GET['providerId'])){
		$entityID = $_GET['providerId'];
	}
	
	// Set service name if entityID has a description
	if (!empty($entityID) && isset($SProviders[$entityID]) ){
		$SP = $SProviders[$entityID];
		$serviceName = $SP['Name'];
		if (isset($SP[$language]['Name'])){
			$serviceName = $SP[$language]['Name'];
		}
	}
	
59 60 61 62 63 64
	// Reset service name if it is the same as the entityID
	if ($serviceName == $entityID){
		$serviceName = '';
	}
	
	// Fallback to hostname of return URL if no service name was available
haemmer's avatar
haemmer committed
65 66 67 68 69 70
	if (empty($serviceName)){
		if (isset($_GET['return'])){
			$serviceName = getHostNameFromURI($_GET['return']);
		} else if (isset($_GET['shire'])){
			$serviceName = getHostNameFromURI($_GET['shire']);
		} else {
71
			$serviceName = $entityID;
haemmer's avatar
haemmer committed
72 73
		}
		$serviceName = '<span class="hostName">'.$serviceName.'</span>';
haemmer's avatar
haemmer committed
74
	} else {
haemmer's avatar
haemmer committed
75
		$serviceName = '<span class="serviceName">'.$serviceName.'</span>';
haemmer's avatar
haemmer committed
76
	}
haemmer's avatar
haemmer committed
77 78 79
	
	// Compose strings
	$promptMessage =  sprintf(getLocalString('access_host'), $serviceName);
haemmer's avatar
haemmer committed
80 81 82 83
	$actionURL = $_SERVER['SCRIPT_NAME'].'?'.htmlentities($_SERVER['QUERY_STRING']);
	$defaultSelected = ($selectedIDP == '-') ? 'selected="selected"' : '';
	$rememberSelectionChecked = (isset($_COOKIE[$redirectStateCookieName])) ? 'checked="checked"' : '' ;
	
84
	include(get_template('body.php'));
haemmer's avatar
haemmer committed
85 86 87 88 89 90 91
}

/******************************************************************************/
// Presents the user a form to set a permanent cookie for their default IDP
function printSettings(){
	
	global $selectedIDP, $language, $IDProviders, $redirectCookieName;
92
	global $customStrings;
haemmer's avatar
haemmer committed
93 94 95 96
	
	$actionURL = $_SERVER['SCRIPT_NAME'].'?'.htmlentities($_SERVER['QUERY_STRING']);
	$defaultSelected = ($selectedIDP == '-') ? 'selected="selected"' : '';
	
97
	include(get_template('settings.php'));
haemmer's avatar
haemmer committed
98 99 100 101 102 103 104
}

/******************************************************************************/
// Prints the HTML drop down list including categories etc
function printDropDownList($IDProviders, $selectedIDP = ''){
	global $language;
	
haemmer's avatar
haemmer committed
105 106 107
	$previouslyUsedIdPsHTML = getPreviouslyUsedIdPsHTML();
	echo $previouslyUsedIdPsHTML;
	
108
	
haemmer's avatar
haemmer committed
109 110
	$counter = 0;
	$optgroup = '';
111
	foreach ($IDProviders as $key => $values){
haemmer's avatar
haemmer committed
112 113
		
		// Get IdP Name
114
		$IdPName = (isset($values[$language]['Name'])) ? $values[$language]['Name'] : $IdPName = $values['Name'];
115
		
haemmer's avatar
haemmer committed
116
		// Figure out if entry is valid or a category
117
		if (!isset($values['SSO'])){
haemmer's avatar
haemmer committed
118 119
			
			// Check if entry is a category
120
			if (isset($values['Type']) && $values['Type'] == 'category'){
haemmer's avatar
haemmer committed
121
				if (!empty($optgroup)){
122
					echo "\n".'</optgroup>';
haemmer's avatar
haemmer committed
123 124
				}
				
haemmer's avatar
haemmer committed
125 126 127 128
				// Skip adding a new category if first category is 'unknown'
				// and it is the (probably) only category
				if ($key == 'unknown' && empty($optgroup) && $previouslyUsedIdPsHTML == ''){
					continue;
haemmer's avatar
haemmer committed
129
				}
haemmer's avatar
haemmer committed
130 131 132 133
				
				echo "\n".'<optgroup label="'.$IdPName.'">';
				$optgroup = $key;
				
haemmer's avatar
haemmer committed
134 135 136 137
			}
			continue;
		}
		
138 139 140 141 142 143 144 145 146 147 148 149 150
		echo "\n\t".printOptionElement($IDProviders, $key, $selectedIDP);
		
		$counter++;
	}
	
	// Add last optgroup if that was used
	if (!empty($optgroup)){
		echo "\n".'</optgroup>';
	}
}

/******************************************************************************/
// Prints option group of previously used organisations
haemmer's avatar
haemmer committed
151
function getPreviouslyUsedIdPsHTML(){
152 153 154
	global $IDProviders, $IDPArray, $selectedIDP, $showNumOfPreviouslyUsedIdPs;
	
	if (!isset($IDPArray) || count($IDPArray) < 1){
haemmer's avatar
haemmer committed
155
		return '';
156 157 158 159
	}
	
	$content = '';
	$counter = (isset($showNumOfPreviouslyUsedIdPs)) ? $showNumOfPreviouslyUsedIdPs : 3;
haemmer's avatar
haemmer committed
160 161
	
	for($n = count($IDPArray) - 1; $n >= 0; $n--){
162 163 164
		
		if ($counter <= 0){
			break;
haemmer's avatar
haemmer committed
165
		}
166
		
haemmer's avatar
haemmer committed
167
		$optionHTML = printOptionElement($IDProviders, $IDPArray[$n], $selectedIDP);
168 169 170
		
		if (empty($optionHTML)){
			continue;
haemmer's avatar
haemmer committed
171 172
		}
		
haemmer's avatar
haemmer committed
173
		$content .= "\t".$optionHTML."\n";
haemmer's avatar
haemmer committed
174
		
175
		$counter--;
haemmer's avatar
haemmer committed
176 177
	}
	
178 179
	// Return if no previously used IdPs exist
	if (empty($content)){
haemmer's avatar
haemmer committed
180
		return '';
haemmer's avatar
haemmer committed
181
	}
182 183 184
	
	// Print previously used IdPs
	$categoryName = getLocalString('last_used');
haemmer's avatar
haemmer committed
185 186
	$content = "\n".'<optgroup label="'.$categoryName.'">'."\n".$content;
	$content .= '</optgroup>';
187
	
haemmer's avatar
haemmer committed
188
	return $content;
189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216
}

/******************************************************************************/
// Print a single option element of the drop down list
function printOptionElement($IDProviders, $key, $selectedIDP){
	global $language;
	
	// Return if IdP does not exit
	if (!isset($IDProviders[$key])){
		return '';
	}
	
	// Get values
	$values = $IDProviders[$key];
	
	// Get IdP Name
	$IdPName = (isset($values[$language]['Name'])) ? $values[$language]['Name'] : $IdPName = $values['Name'];
	
	// Set selected attribute
	$selected = ($selectedIDP == $key) ? ' selected="selected"' : $selected = '';
	
	// Add additional information as data attribute to the entry
	$data = getDomainNameFromURI($key);
	$data .= composeOptionData($values);
	
	// Add logo (which is assumed to be 16x16px) to extension string
	$logo =  (isset($values['Logo'])) ? 'logo="'.$values['Logo']['URL']. '"' : '' ;
	
217
	return '<option value="'.$key.'"'.$selected.' data="'.htmlspecialchars($data).'" '.$logo.'>'.$IdPName.'</option>';
haemmer's avatar
haemmer committed
218 219 220 221 222 223 224 225
}

/******************************************************************************/
// Prints the notice that tells the users their permanent IDP with an option
// to clear the permanent cookie.
function printNotice(){
	
	global $redirectCookieName, $IDProviders;
226
	global $customStrings;
haemmer's avatar
haemmer committed
227 228 229 230
	
	$actionURL = $_SERVER['SCRIPT_NAME'].'?'.htmlentities($_SERVER['QUERY_STRING']);
	
	$hiddenUserIdPInput = '';
haemmer's avatar
haemmer committed
231
	$permanentUserIdP = '';
haemmer's avatar
haemmer committed
232
	$permanentUserIdPName = '';
haemmer's avatar
haemmer committed
233 234 235
	$permanentUserIdPLogo = '';
	
	
haemmer's avatar
haemmer committed
236 237
	if (
			isset($_POST['user_idp']) 
238
			&& checkIDPAndShowErrors($_POST['user_idp'])
haemmer's avatar
haemmer committed
239
		){
haemmer's avatar
haemmer committed
240
		$permanentUserIdP = $_POST['user_idp'];
haemmer's avatar
haemmer committed
241 242
	} elseif (
			isset($_COOKIE[$redirectCookieName]) 
243
			&& checkIDPAndShowErrors($_COOKIE[$redirectCookieName])
haemmer's avatar
haemmer committed
244
		){
haemmer's avatar
haemmer committed
245 246 247 248 249 250
		$permanentUserIdP = $_COOKIE[$redirectCookieName];
	}
	
	if ($permanentUserIdP != ''){
		$hiddenUserIdPInput = '<input type="hidden" name="user_idp" value="'.$permanentUserIdP.'">';
		$permanentUserIdPName = $IDProviders[$permanentUserIdP]['Name'];
251 252 253
		if (isset($IDProviders[$permanentUserIdP]['Logo']['URL'])){
			$permanentUserIdPLogo = $IDProviders[$permanentUserIdP]['Logo']['URL'];
		}
haemmer's avatar
haemmer committed
254 255
	}
	
256
	include(get_template('notice.php'));
haemmer's avatar
haemmer committed
257 258 259
}

/******************************************************************************/
haemmer's avatar
haemmer committed
260
// Prints end of HTML page
haemmer's avatar
haemmer committed
261
function printFooter(){
262
	include(get_template('footer.php'));
haemmer's avatar
haemmer committed
263 264 265 266 267 268
}

/******************************************************************************/
// Prints an error message
function printError($message){
	
269
	global $langStrings, $language, $supportContactEmail;
270
	global $customStrings;
haemmer's avatar
haemmer committed
271 272 273 274
	
	// Show Header
	printHeader();
	
275
	include(get_template('error.php'));
haemmer's avatar
haemmer committed
276 277 278 279 280 281
	
	// Show footer
	printFooter();
}

/******************************************************************************/
haemmer's avatar
haemmer committed
282
// Prints the JavaScript that renders the Embedded WAYF
haemmer's avatar
haemmer committed
283 284
function printEmbeddedWAYFScript(){

haemmer's avatar
haemmer committed
285
	global $langStrings, $language, $imageURL, $javascriptURL, $cssURL, $logoURL, $smallLogoURL, $federationURL;
haemmer's avatar
haemmer committed
286
	global $selectedIDP, $IDProviders, $SAMLDomainCookieName, $redirectCookieName, $redirectStateCookieName, $federationName;
287
	global $customStrings;
haemmer's avatar
haemmer committed
288
	
289
	// Set values that are used in the java script
haemmer's avatar
haemmer committed
290 291 292 293 294
	$loginWithString = getLocalString('login_with');
	$makeSelectionString = getLocalString('make_selection', 'js');
	$loggedInString =  getLocalString('logged_in');
	$configurationScriptUrl = preg_replace('/embedded-wayf.js/', 'embedded-wayf.js/snippet.html', 'https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
	$utcTime = time();
295
	$checkedBool = (isset($_COOKIE[$redirectStateCookieName]) && !empty($_COOKIE[$redirectStateCookieName])) ? 'checked="checked"' : '' ;
haemmer's avatar
haemmer committed
296 297 298 299
	$rememberSelectionText = addslashes(getLocalString('remember_selection'));
	$loginString = addslashes(getLocalString('login'));
	$selectIdPString = addslashes(getLocalString('select_idp'));
	$otherFederationString = addslashes(getLocalString('other_federation'));
300
	$mostUsedIdPsString = addslashes(getLocalString('most_used'));
301 302
	$lastUsedIdPsString = addslashes(getLocalString('last_used'));
	$redirectCookie = (isset($_COOKIE[$redirectCookieName]) && !empty($_COOKIE[$redirectCookieName])) ?  $_COOKIE[$redirectCookieName] : '';
haemmer's avatar
haemmer committed
303
	
304 305
	// Generate list of Identity Providers
	$JSONIdPArray = array();
haemmer's avatar
haemmer committed
306
	$JSONCategoryArray = array();
307
	foreach ($IDProviders as $key => $IDProvider){
308 309
		
		// Get IdP Name
310 311
		if (isset($IDProvider[$language]['Name'])){
			$IdPName = addslashes($IDProvider[$language]['Name']);
312
		} else {
313
			$IdPName = addslashes($IDProvider['Name']);
314 315 316
		}
		
		// Set selected attribute
haemmer's avatar
haemmer committed
317
		$selected = ($selectedIDP == $key) ? ' selected:"true",' : '' ;
318 319
		$IdPType = isset($IDProviders[$key]['Type']) ? $IDProviders[$key]['Type'] : '';
		
320 321 322 323 324 325 326
		// SSO
		if (isset($IDProvider['SSO'])){
			$IdPSSO = $IDProvider['SSO'];
		} else {
			$IdPSSO = '';
		}
		
haemmer's avatar
haemmer committed
327
		// Logo URL
haemmer's avatar
haemmer committed
328 329
		if (isset($IDProvider['Logo']['URL'])){
			$IdPLogoURL = $IDProvider['Logo']['URL'];
haemmer's avatar
haemmer committed
330 331 332 333 334 335 336
		} else {
			$IdPLogoURL = '';
		}
		
		// Add other information to find IdP
		$IdPData = getDomainNameFromURI($key);
		$IdPData .= composeOptionData($IDProvider);
haemmer's avatar
haemmer committed
337
		$IdPData = addslashes( $IdPData);
haemmer's avatar
haemmer committed
338
		
339
		// Skip non-IdP entries
haemmer's avatar
haemmer committed
340
		if ($IdPType == ''){
341 342 343
			continue;
		}
		
haemmer's avatar
haemmer committed
344 345 346
		// Fill category and IdP buckets
		if ($IdPType == 'category'){
			$JSONCategoryArray[] = <<<ENTRY
347

haemmer's avatar
haemmer committed
348 349
"{$key}":{
	type:"{$IdPType}",
haemmer's avatar
haemmer committed
350
	name:"{$IdPName}"
haemmer's avatar
haemmer committed
351 352 353 354 355 356 357 358 359 360 361 362
}

ENTRY;
		} else {
			$JSONIdPArray[] = <<<ENTRY

"{$key}":{ {$selected}
	type:"{$IdPType}",
	name:"{$IdPName}",
	logoURL:"{$IdPLogoURL}",
	data:"{$IdPData}"
}
363
ENTRY;
haemmer's avatar
haemmer committed
364
		}
365 366
	}
	$JSONIdPList = join(',', $JSONIdPArray);
haemmer's avatar
haemmer committed
367
	$JSONCategoryList = join(',', $JSONCategoryArray);
368
	
369
	// Locales for javascript
haemmer's avatar
haemmer committed
370 371 372 373
	$searchText = getLocalString('search_idp', 'js');
	$noIdPFoundText =  getLocalString('no_idp_found', 'js');
	$noIdPAvailableText = getLocalString('no_idp_available', 'js');
	
374 375
	// Process script
	require_once('js/embeddedWAYF.js');
haemmer's avatar
haemmer committed
376 377 378
}

/******************************************************************************/
haemmer's avatar
haemmer committed
379
// Print sample configuration script used for Embedded WAYF
haemmer's avatar
haemmer committed
380 381
function printEmbeddedConfigurationScript(){
	global $IDProviders;
382
	global $customStrings;
haemmer's avatar
haemmer committed
383 384 385 386 387 388 389 390 391 392 393 394 395 396
	
	$types = array();
	foreach ($IDProviders as $IDProvider){
		if (isset($IDProvider['Type']) && $IDProvider['Type'] != 'category'){
			$types[$IDProvider['Type']] = $IDProvider['Type'];
		}
	}
	
	$host = $_SERVER['SERVER_NAME'];
	$path = $_SERVER['SCRIPT_NAME'];
	$types = '"'.implode('","',$types).'"';
	
	header('Content-type: text/plain;charset="utf-8"');
	
397
	include(get_template('embedded-wayf.php'));
haemmer's avatar
haemmer committed
398 399
}

400 401
/******************************************************************************/
// Print sample configuration script used for Embedded WAYF
haemmer's avatar
haemmer committed
402
function printCSS($file){
403 404 405
	
	global $imageURL;
	
haemmer's avatar
haemmer committed
406 407 408 409 410
	if ($file != 'ImprovedDropDown.css'){
		$file= 'styles.css';
	}
	
	$defaultCSSFile =  'css/default-'.$file;
411
	$cssContent = file_get_contents($defaultCSSFile);
412

413
	// Read custom CSS if available
haemmer's avatar
haemmer committed
414 415
	if (file_exists('css/custom-'.$file)){
		$customCSSFile =  'css/custom-'.$file;
416 417 418 419 420 421 422
		$cssContent .= file_get_contents($customCSSFile);
	}
	
	// Read CSS and substitute content
	$cssContent = preg_replace('/{?\$imageURL}?/',$imageURL, $cssContent);
	
	echo $cssContent;
423
}
424 425 426 427 428 429 430 431 432 433 434

function get_template($name) {

	global $topLevelDir;

	$custom_template = $topLevelDir . '/lib/custom-' . $name;
	$default_template = $topLevelDir . '/lib/default-' . $name;

	return (file_exists($custom_template)) ?
	       	$custom_template : $default_template;
}