[consentAdmin] The userid is now taken from the userid.attribute.

If 'ServiceURL' is set for a service in metadata, a link to that URL are
created in consentAdmin, to let users easy access the given service.


git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2673 44740490-163a-0410-bde0-09ae8108e29a

3 files changed, 38 insertions, 29 deletions

diff --git a/modules/consentAdmin/docs/consentAdmin.txt b/modules/consentAdmin/docs/consentAdmin.txt
index e346637..749da82 100644
--- a/modules/consentAdmin/docs/consentAdmin.txt
+++ b/modules/consentAdmin/docs/consentAdmin.txt
@@ -1,8 +1,8 @@
 Installing and configuring the consentAdmin module
 ==================================================
 
-the consentAdmin module is an addon to the consent module. This emans that
-you can not use the consentAdmin without the consent module. If you have not
+The consentAdmin module is an addon to the consent module. This means that
+you can not use consentAdmin without the consent module. If you have not
 installed and configured the consent module, please do.
 
   * [How to install and configure the consent module](consent:consent)
@@ -23,7 +23,7 @@ Next you need to copy the module config file to the config directory:
 
 Then you will need to set up the database. The consentAdmin uses the same
 table as the consent module, but you still need the set the correct
-credentials in the cinfig file. Example:
+credentials in the config file. Example:
 
 	'consentadmin'  => array(
 		'consent:Database',
@@ -36,7 +36,7 @@ Notice that credentials usualy is the same as for the consent module, but
 can be different.
 
 Go to the frontpage of your SimpleSAMLphp installation. A link to the
-consentAdmin has been added to the frontpage.
+consentAdmin module has been added to the frontpage.
 
 Setting optional parameters
 ---------------------------
diff --git a/modules/consentAdmin/templates/consentadmin.php b/modules/consentAdmin/templates/consentadmin.php
index 446b94e..07e6d31 100755
--- a/modules/consentAdmin/templates/consentadmin.php
+++ b/modules/consentAdmin/templates/consentadmin.php
@@ -75,9 +75,13 @@ span.showhide {
 			foreach ($spList AS $spName => $spValues) {
 				$this->includeInlineTranslation('spname', $spValues['name']);
 				$this->includeInlineTranslation('spdescription', $spValues['description']);
-				$htmlSpName = htmlspecialchars($this->t('spname', array(), false, true));
+                if (!is_null($spValues['serviceurl'])) {
+                    $htmlSpName = '<a href="' . $spValues['serviceurl'] . '" style="color: black; font-weight: bold;">' . htmlspecialchars($this->t('spname', array(), false, true)) . '</a>';
+                } else {
+                    $htmlSpName = htmlspecialchars($this->t('spname', array(), false, true));
+                }
 				$spDescription = htmlspecialchars($this->t('spdescription',array(), false, true));
-				$checkedAttr = $spValues['consentStatus'] == 'ok' ? "checked='yes'" : "";
+				$checkedAttr = $spValues['consentStatus'] == 'ok' ? 'checked="checked"' : '';
 				$consentValue = $spValues['consentValue'];
 				$consentText = $spValues['consentStatus'] == 'changed' ? "attributes has changed" : "";
 				$row_class = ($show_spid % 2) ? "row0" : "row1";
@@ -86,7 +90,6 @@ span.showhide {
 <td>
 	<table>
 	  <tr class="$row_class"><td><span class='caSPName'><span title='$spDescription'>$htmlSpName</span>&emsp;<span style="font-size: 80%;"onclick="javascript:toggleShowAttributes('$show_spid');"><span id=showing_$show_spid >$show_text</span><span id=hiding_$show_spid style='display:none;'>$hide_text</span> $attributes_text</span></span></td>
-	  <!-- <tr><td><a class="orange" href="javascript:toggleShowAttributes('$show_spid');">$show_hide_attributes</a></td></tr> -->
 	  <tr><td colspan="2" class="caAttributes"><div id="attributes_$show_spid" style="display: none;">
 TRSTART;
 				$attributes = $spValues['attributes_by_sp'];
diff --git a/modules/consentAdmin/www/consentAdmin.php b/modules/consentAdmin/www/consentAdmin.php
index d567c1b..01dd165 100644
--- a/modules/consentAdmin/www/consentAdmin.php
+++ b/modules/consentAdmin/www/consentAdmin.php
@@ -49,7 +49,7 @@ function driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid
 	$targeted_id    = sspmod_consent_Auth_Process_Consent::getTargetedID($userid, $source, $destination);

 	$attribute_hash = sspmod_consent_Auth_Process_Consent::getAttributeHash($attributes, $hashAttributes);

 

-	SimpleSAML_Logger::info('consentAdmin: user: ' . $hashed_user_id);

+	SimpleSAML_Logger::info('consentAdmin: user: ' . $userid);

 	SimpleSAML_Logger::info('consentAdmin: target: ' . $targeted_id);

 	SimpleSAML_Logger::info('consentAdmin: attribute: ' . $attribute_hash);

 

@@ -78,8 +78,28 @@ $as->requireAuth();
 // Get released attributes

 $attributes = $as->getAttributes();

 

+// Get metadata storage handler

+$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();

+

+/*

+ * Get IdP id and metadata

+ */

+if($as->getAuthData('saml:sp:IdP') !== NULL) {

+	/*

+	 * From a remote idp (as bridge)

+ 	 */

+	$idp_entityid = $as->getAuthData('saml:sp:IdP');

+	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');

+} else {

+	/*

+	 * from the local idp

+	 */

+	$idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');

+	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');

+}

+

 // Get user ID

-$userid_attributename = $config->getValue('consent_userid', 'eduPersonPrincipalName');

+$userid_attributename = (isset($idp_metadata['userid.attribute']) && is_string($idp_metadata['userid.attribute'])) ? $idp_metadata['userid.attribute'] : 'eduPersonPrincipalName';

 $userids = $attributes[$userid_attributename];

 		

 if (empty($userids)) {

@@ -89,9 +109,6 @@ if (empty($userids)) {
 

 $userid = $userids[0];

 

-// Get metadata storage handler

-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();

-

 // Get all SP metadata

 $all_sp_metadata = $metadata->getList('saml20-sp-remote');

 

@@ -107,23 +124,6 @@ if (!empty($_GET['action'])) {
 

 SimpleSAML_Logger::critical('consentAdmin: sp: ' .$sp_entityid.' action: '.$action);

 

-/*

- * Get IdP id and metadata

- */

-if($as->getAuthData('saml:sp:IdP') !== NULL) {

-	/*

-	 * From a remote idp (as bridge)

- 	 */

-	$idp_entityid = $as->getAuthData('saml:sp:IdP');

-	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');

-} else {

-	/*

-	 * from the local idp

-	 */

-	$idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');

-	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');

-}

-

 // Remove services, whitch have consent disabled

 if(isset($idp_metadata['consent.disable'])) {

     foreach($idp_metadata['consent.disable'] AS $disable) {

@@ -223,6 +223,8 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 	// Set name of SP

 	if(isset($sp_values['name']) && is_array($sp_values['name'])) {

 		$sp_name = $sp_metadata['name'];

+    } else if(isset($sp_values['name']) && is_string($sp_values['name'])) {

+		$sp_name = $sp_metadata['name'];

 	} elseif(isset($sp_values['OrganizationDisplayName']) && is_array($sp_values['OrganizationDisplayName'])) {

 		$sp_name = $sp_metadata['OrganizationDisplayName'];

 	} else {

@@ -236,6 +238,9 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 		$sp_description = $sp_metadata['description'];

 	}

 

+    // Add an URL to the service if present in metadata

+    $sp_service_url = isset($sp_metadata['ServiceURL']) ? $sp_metadata['ServiceURL'] : null;

+

 	// Fill out array for the template

 	$sp_list[$sp_entityid] = array(

 		'spentityid' => $sp_entityid,

@@ -244,6 +249,7 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 		'consentStatus' => $sp_status,

 		'consentValue' => $sp_entityid,

 		'attributes_by_sp' => $attributes_new,

+        'serviceurl' => $sp_service_url,

 	);

 }