forked from catalyst/moodle-auth_saml2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest.php
124 lines (102 loc) · 3.69 KB
/
test.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Test page for SAML
*
* @package auth_saml2
* @copyright Brendan Heywood <[email protected]>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
// @codingStandardsIgnoreStart
require_once(__DIR__ . '/../../config.php');
// @codingStandardsIgnoreEnd
require('setup.php');
$idp = optional_param('idp', '', PARAM_TEXT);
$logout = optional_param('logout', '', PARAM_BOOL);
$idplogout = optional_param('idplogout', '', PARAM_RAW);
if (!empty($idp)) {
$SESSION->saml2idp = $idp;
echo "<p>Setting IdP via param</p>";
}
if (empty($SESSION->saml2idp)) {
$arr = array_reverse($saml2auth->metadataentities);
$metadataentities = array_pop($arr);
$idpentity = array_pop($metadataentities);
$idp = md5($idpentity->entityid);
// Specify the default IdP to use.
$SESSION->saml2idp = $idp;
echo '<p>Setting IdP to default</p>';
}
if (!empty($logout)) {
$SESSION->saml2idp = $idplogout;
}
$passive = optional_param('passive', '', PARAM_BOOL);
$passivefail = optional_param('passivefail', '', PARAM_BOOL);
$trylogin = optional_param('login', '', PARAM_BOOL);
echo '<p>SP name: ' . $saml2auth->spname;
echo '<p>Which IdP will be used? ' . s($SESSION->saml2idp);
$auth = new SimpleSAML\Auth\Simple($saml2auth->spname);
$idps = $saml2auth->metadataentities;
foreach ($idps as $entityid => $info) {
$md5 = key($info);
echo '<hr>';
echo "<h4>IDP: $entityid</h4>";
echo "<p>md5: $md5</p>";
echo "<p>check: " . md5($entityid) . "</p>";
}
if ($logout) {
$urlparams = [
'sesskey' => sesskey(),
'auth' => $saml2auth->authtype,
];
$url = new moodle_url('/auth/saml2/test.php', $urlparams);
$auth->logout(['ReturnTo' => $url->out(false)]);
}
if ($passive) {
/* Prevent it from calling the missing post redirection. /auth/saml2/sp/module.php/core/postredirect.php */
$auth->requireAuth(array(
'KeepPost' => false,
'isPassive' => true,
'ErrorURL' => $CFG->wwwroot . '/auth/saml2/test.php?passivefail=1'
));
echo "<p>Passive auth check:</p>";
if (!$auth->isAuthenticated() ) {
$attributes = $auth->getAttributes();
} else {
echo "You are not logged in";
}
} else if (!$auth->isAuthenticated() && $trylogin) {
$auth->requireAuth(array(
'KeepPost' => false
));
echo "Hello, authenticated user!";
$attributes = $as->getAttributes();
var_dump($attributes);
echo 'IdP: ' . $auth->getAuthData('saml:sp:IdP');
} else if (!$auth->isAuthenticated()) {
echo '<p>You are not logged in: <a href="?login=true">Login</a> | <a href="?passive=true">isPassive test</a></p>';
if ($passivefail) {
echo "Passive test worked, but not logged in";
}
} else {
echo 'Authed!';
$attributes = $auth->getAttributes();
echo '<pre>';
var_dump($attributes);
echo 'IdP: ' . $auth->getAuthData('saml:sp:IdP');
echo '</pre>';
echo '<p>You are logged in: <a href="?logout=true&idplogout=' . md5($auth->getAuthData('saml:sp:IdP')) . '">Logout</a></p>';
}