GEANT /
CAT
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | * @author Stefan Winter <[email protected]> |
| 26 | 26 | */ |
| 27 | 27 | |
| 28 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 28 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 29 | 29 | |
| 30 | 30 | $auth = new \web\lib\admin\Authentication(); |
| 31 | 31 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -46,18 +46,18 @@ discard block |
||
| 46 | 46 | |
| 47 | 47 | if ($submitGiven == web\lib\common\FormElements::BUTTON_SAVE) { // here we go |
| 48 | 48 | $fed_name = $my_fed->name; |
| 49 | - echo "<h1>" . sprintf(_("Submitted attributes for %s '%s'"), $uiElements->nomenclatureFed, $fed_name) . "</h1>"; |
|
| 49 | + echo "<h1>".sprintf(_("Submitted attributes for %s '%s'"), $uiElements->nomenclatureFed, $fed_name)."</h1>"; |
|
| 50 | 50 | echo "<table>"; |
| 51 | 51 | echo $optionParser->processSubmittedFields($my_fed, $_POST, $_FILES); |
| 52 | 52 | echo "</table>"; |
| 53 | 53 | |
| 54 | 54 | $loggerInstance = new \core\common\Logging(); |
| 55 | - $loggerInstance->writeAudit($_SESSION['user'], "MOD", "FED " . $my_fed->name . " - attributes changed"); |
|
| 55 | + $loggerInstance->writeAudit($_SESSION['user'], "MOD", "FED ".$my_fed->name." - attributes changed"); |
|
| 56 | 56 | |
| 57 | 57 | // re-instantiate ourselves... profiles need fresh data |
| 58 | 58 | |
| 59 | 59 | $my_fed = $validator->existingFederation($_GET['fed_id'], $_SESSION['user']); |
| 60 | 60 | |
| 61 | - echo "<br/><form method='post' action='overview_federation.php' accept-charset='UTF-8'><button type='submit'>" . _("Continue to dashboard") . "</button></form>"; |
|
| 61 | + echo "<br/><form method='post' action='overview_federation.php' accept-charset='UTF-8'><button type='submit'>"._("Continue to dashboard")."</button></form>"; |
|
| 62 | 62 | } |
| 63 | 63 | echo $deco->footer(); |
@@ -8,7 +8,7 @@ |
||
| 8 | 8 | * License: see the web/copyright.php file in the file structure |
| 9 | 9 | * ****************************************************************************** |
| 10 | 10 | */ |
| 11 | -require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
|
| 11 | +require_once dirname(dirname(__FILE__))."/config/_config.php"; |
|
| 12 | 12 | |
| 13 | 13 | const AREAS = ["web_admin", "web_user", "devices", "core", "diagnostics"]; |
| 14 | 14 | foreach (\config\Master::LANGUAGES as $lang => $details) { |
@@ -607,8 +607,7 @@ |
||
| 607 | 607 | $output = json_encode(["result" => "SUCCESS", "details" => $details], JSON_PRETTY_PRINT); |
| 608 | 608 | if ($output === FALSE) { |
| 609 | 609 | $this->returnError(API::ERROR_INTERNAL_ERROR, "Unable to JSON encode return data: ". json_last_error(). " - ". json_last_error_msg()); |
| 610 | - } |
|
| 611 | - else { |
|
| 610 | + } else { |
|
| 612 | 611 | echo $output; |
| 613 | 612 | } |
| 614 | 613 | } |
@@ -254,7 +254,7 @@ discard block |
||
| 254 | 254 | const ACTIONS = [ |
| 255 | 255 | // Inst-level actions. |
| 256 | 256 | API::ACTION_NEWINST_BY_REF => [ |
| 257 | - "REQ" => [API::AUXATTRIB_EXTERNALID,], |
|
| 257 | + "REQ" => [API::AUXATTRIB_EXTERNALID, ], |
|
| 258 | 258 | "OPT" => [ |
| 259 | 259 | 'general:geo_coordinates', |
| 260 | 260 | 'general:logo_file', |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | "FLAG" => [], |
| 272 | 272 | ], |
| 273 | 273 | API::ACTION_NEWINST => [ |
| 274 | - "REQ" => [API::AUXATTRIB_INSTTYPE,], // "IdP", "SP" or "IdPSP" |
|
| 274 | + "REQ" => [API::AUXATTRIB_INSTTYPE, ], // "IdP", "SP" or "IdPSP" |
|
| 275 | 275 | "OPT" => [ |
| 276 | 276 | 'general:instname', |
| 277 | 277 | 'general:geo_coordinates', |
@@ -490,7 +490,7 @@ discard block |
||
| 490 | 490 | public function scrub($inputJson, $fedObject) { |
| 491 | 491 | $optionInstance = \core\Options::instance(); |
| 492 | 492 | $parameters = []; |
| 493 | - $allPossibleAttribs = array_merge(API::ACTIONS[$inputJson['ACTION']]['REQ'], API::ACTIONS[$inputJson['ACTION']]['OPT'], API::ACTIONS[$inputJson['ACTION']]['FLAG']); |
|
| 493 | + $allPossibleAttribs = array_merge(API::ACTIONS[$inputJson['ACTION']]['REQ'], API::ACTIONS[$inputJson['ACTION']]['OPT'], API::ACTIONS[$inputJson['ACTION']]['FLAG']); |
|
| 494 | 494 | // some actions don't need parameters. Don't get excited when there aren't any. |
| 495 | 495 | if (!isset($inputJson['PARAMETERS'])) { |
| 496 | 496 | return []; |
@@ -533,7 +533,7 @@ discard block |
||
| 533 | 533 | break; |
| 534 | 534 | } |
| 535 | 535 | } elseif (preg_match("/^FLAG-/", $oneIncomingParam['NAME'])) { |
| 536 | - if ($oneIncomingParam['VALUE'] != "TRUE" && $oneIncomingParam['VALUE'] != "FALSE" ) { |
|
| 536 | + if ($oneIncomingParam['VALUE'] != "TRUE" && $oneIncomingParam['VALUE'] != "FALSE") { |
|
| 537 | 537 | continue; |
| 538 | 538 | } |
| 539 | 539 | } else { |
@@ -591,8 +591,8 @@ discard block |
||
| 591 | 591 | |
| 592 | 592 | case \core\Options::TYPECODE_COORDINATES: |
| 593 | 593 | $extension = \core\Options::TYPECODE_TEXT; |
| 594 | - $coercedInline["option"][$basename] = $oneAttrib['NAME'] . "#"; |
|
| 595 | - $coercedInline["value"][$basename . "-" . $extension] = $oneAttrib['VALUE']; |
|
| 594 | + $coercedInline["option"][$basename] = $oneAttrib['NAME']."#"; |
|
| 595 | + $coercedInline["value"][$basename."-".$extension] = $oneAttrib['VALUE']; |
|
| 596 | 596 | break; |
| 597 | 597 | case \core\Options::TYPECODE_TEXT: |
| 598 | 598 | // Fall-through: they all get the same treatment. |
@@ -602,18 +602,18 @@ discard block |
||
| 602 | 602 | // Fall-through: they all get the same treatment. |
| 603 | 603 | case \core\Options::TYPECODE_INTEGER: |
| 604 | 604 | $extension = $optionInfo['type']; |
| 605 | - $coercedInline["option"][$basename] = $oneAttrib['NAME'] . "#"; |
|
| 606 | - $coercedInline["value"][$basename . "-" . $extension] = $oneAttrib['VALUE']; |
|
| 605 | + $coercedInline["option"][$basename] = $oneAttrib['NAME']."#"; |
|
| 606 | + $coercedInline["value"][$basename."-".$extension] = $oneAttrib['VALUE']; |
|
| 607 | 607 | if ($optionInfo['flag'] == "ML") { |
| 608 | - $coercedInline["value"][$basename . "-lang"] = $oneAttrib['LANG']; |
|
| 608 | + $coercedInline["value"][$basename."-lang"] = $oneAttrib['LANG']; |
|
| 609 | 609 | } |
| 610 | 610 | break; |
| 611 | 611 | case \core\Options::TYPECODE_FILE: |
| 612 | 612 | // Binary data is expected in base64 encoding. This is true also for PEM files! |
| 613 | 613 | $extension = $optionInfo['type']; |
| 614 | - $coercedInline["option"][$basename] = $oneAttrib['NAME'] . "#"; |
|
| 615 | - file_put_contents($dir['dir'] . "/" . $basename . "-" . $extension, base64_decode($oneAttrib['VALUE'])); |
|
| 616 | - $coercedFile["value"]['tmp_name'][$basename . "-" . $extension] = $dir['dir'] . "/" . $basename . "-" . $extension; |
|
| 614 | + $coercedInline["option"][$basename] = $oneAttrib['NAME']."#"; |
|
| 615 | + file_put_contents($dir['dir']."/".$basename."-".$extension, base64_decode($oneAttrib['VALUE'])); |
|
| 616 | + $coercedFile["value"]['tmp_name'][$basename."-".$extension] = $dir['dir']."/".$basename."-".$extension; |
|
| 617 | 617 | break; |
| 618 | 618 | default: |
| 619 | 619 | throw new Exception("We don't seem to know this type code!"); |
@@ -642,7 +642,7 @@ discard block |
||
| 642 | 642 | public function returnSuccess($details) { |
| 643 | 643 | $output = json_encode(["result" => "SUCCESS", "details" => $details], JSON_PRETTY_PRINT); |
| 644 | 644 | if ($output === FALSE) { |
| 645 | - $this->returnError(API::ERROR_INTERNAL_ERROR, "Unable to JSON encode return data: ". json_last_error(). " - ". json_last_error_msg()); |
|
| 645 | + $this->returnError(API::ERROR_INTERNAL_ERROR, "Unable to JSON encode return data: ".json_last_error()." - ".json_last_error_msg()); |
|
| 646 | 646 | } |
| 647 | 647 | else { |
| 648 | 648 | echo $output; |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(__DIR__)) . '/config/_config.php'; |
|
| 22 | +require_once dirname(dirname(__DIR__)).'/config/_config.php'; |
|
| 23 | 23 | |
| 24 | 24 | $uiElements = new web\lib\admin\UIElements(); |
| 25 | 25 | |
@@ -75,7 +75,7 @@ discard block |
||
| 75 | 75 | // filesystem cleanup |
| 76 | 76 | case web\lib\common\FormElements::BUTTON_DELETE: |
| 77 | 77 | $i = web\lib\admin\Maintenance::deleteObsoleteTempDirs(); |
| 78 | - echo "<div class='ca-summary'><table>" . $uiElements->boxRemark(sprintf("Deleted %d cache directories.", $i), "Cache deleted") . "</table></div>"; |
|
| 78 | + echo "<div class='ca-summary'><table>".$uiElements->boxRemark(sprintf("Deleted %d cache directories.", $i), "Cache deleted")."</table></div>"; |
|
| 79 | 79 | break; |
| 80 | 80 | default: |
| 81 | 81 | break; |
@@ -141,7 +141,7 @@ discard block |
||
| 141 | 141 | $admin_query = $dbHandle->exec("SELECT SUM(downloads_admin) AS admin, SUM(downloads_user) AS user, SUM(downloads_silverbullet) as silverbullet FROM downloads WHERE device_id = '$index'"); |
| 142 | 142 | // SELECT -> mysqli_result, not boolean |
| 143 | 143 | while ($a = mysqli_fetch_object(/** @scrutinizer ignore-type */ $admin_query)) { |
| 144 | - echo "<td>" . $device_array['display'] . "</td><td>" . $a->admin . "</td><td>" . $a->user . "</td><td>" . $a->silverbullet . "</td><td>" . sprintf("%s", $a->user + $a->silverbullet) . "</td>"; |
|
| 144 | + echo "<td>".$device_array['display']."</td><td>".$a->admin."</td><td>".$a->user."</td><td>".$a->silverbullet."</td><td>".sprintf("%s", $a->user + $a->silverbullet)."</td>"; |
|
| 145 | 145 | $gross_admin = $gross_admin + $a->admin; |
| 146 | 146 | $gross_user = $gross_user + $a->user; |
| 147 | 147 | $gross_silverbullet = $gross_silverbullet + $a->silverbullet; |
@@ -150,8 +150,8 @@ discard block |
||
| 150 | 150 | <td> |
| 151 | 151 | <?php |
| 152 | 152 | echo "<img src='" . $radiusMessages[$deploymentObject->radius_status_1]['icon'] . |
| 153 | - "' alt='" . $radiusMessages[$deploymentObject->radius_status_1]['text'] . |
|
| 154 | - "' title='" . $radiusMessages[$deploymentObject->radius_status_1]['text'] . "'>"; |
|
| 153 | + "' alt='" . $radiusMessages[$deploymentObject->radius_status_1]['text'] . |
|
| 154 | + "' title='" . $radiusMessages[$deploymentObject->radius_status_1]['text'] . "'>"; |
|
| 155 | 155 | ?> |
| 156 | 156 | </td> |
| 157 | 157 | </tr> |
@@ -173,8 +173,8 @@ discard block |
||
| 173 | 173 | <td> |
| 174 | 174 | <?php |
| 175 | 175 | echo "<img src='" . $radiusMessages[$deploymentObject->radius_status_2]['icon'] . |
| 176 | - "' alt='" . $radiusMessages[$deploymentObject->radius_status_2]['text'] . |
|
| 177 | - "' title='" . $radiusMessages[$deploymentObject->radius_status_2]['text'] . "'>"; |
|
| 176 | + "' alt='" . $radiusMessages[$deploymentObject->radius_status_2]['text'] . |
|
| 177 | + "' title='" . $radiusMessages[$deploymentObject->radius_status_2]['text'] . "'>"; |
|
| 178 | 178 | ?> |
| 179 | 179 | </td> |
| 180 | 180 | </tr> |
@@ -26,7 +26,7 @@ discard block |
||
| 26 | 26 | */ |
| 27 | 27 | ?> |
| 28 | 28 | <?php |
| 29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 30 | 30 | |
| 31 | 31 | $deco = new \web\lib\admin\PageDecoration(); |
| 32 | 32 | $validator = new \web\lib\common\InputValidation(); |
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | } else { |
| 39 | 39 | $link = 'http://'; |
| 40 | 40 | } |
| 41 | -$link .= $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME']; |
|
| 41 | +$link .= $_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME']; |
|
| 42 | 42 | $link = htmlspecialchars($link); |
| 43 | 43 | |
| 44 | 44 | echo $deco->defaultPagePrelude(sprintf(_("%s: %s Dashboard"), \config\Master::APPEARANCE['productname'], $uiElements->nomenclatureHotspot)); |
@@ -102,21 +102,21 @@ discard block |
||
| 102 | 102 | <?php |
| 103 | 103 | if (\config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS'] !== NULL) { |
| 104 | 104 | echo "<tr> |
| 105 | - <td>" . sprintf(_("Diagnose reachability and connection parameters of %ss"),$uiElements->nomenclatureInst) . "</td> |
|
| 105 | + <td>" . sprintf(_("Diagnose reachability and connection parameters of %ss"), $uiElements->nomenclatureInst)."</td> |
|
| 106 | 106 | <td><form method='post' action='../diag/action_realmcheck.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'> |
| 107 | 107 | <!--<input type='text' name='realm' id='realm'>--> |
| 108 | 108 | <input type='hidden' name='comefrom' id='comefrom' value='$link'/> |
| 109 | - <button id='realmcheck' style='cursor:pointer;' type='submit'>" . _("Go!") . "</button> |
|
| 109 | + <button id='realmcheck' style='cursor:pointer;' type='submit'>"._("Go!")."</button> |
|
| 110 | 110 | </form> |
| 111 | 111 | </td> |
| 112 | 112 | </tr>"; |
| 113 | 113 | } |
| 114 | 114 | if (\config\ConfAssistant::CONSORTIUM['name'] == "eduroam") { // SW: APPROVED |
| 115 | 115 | echo "<tr> |
| 116 | - <td>" . sprintf(_("Check %s server status"), $uiElements->nomenclatureFed) . "</td> |
|
| 116 | + <td>" . sprintf(_("Check %s server status"), $uiElements->nomenclatureFed)."</td> |
|
| 117 | 117 | <td> |
| 118 | 118 | <form action='https://monitor.eduroam.org/mon_direct.php' accept-charset='UTF-8'> |
| 119 | - <button style='cursor:pointer;' type='submit'>" . _("Go!") . "</button> |
|
| 119 | + <button style='cursor:pointer;' type='submit'>" . _("Go!")."</button> |
|
| 120 | 120 | </form> |
| 121 | 121 | </td> |
| 122 | 122 | </tr>"; |
@@ -127,10 +127,10 @@ discard block |
||
| 127 | 127 | <?php |
| 128 | 128 | $hotspotProfiles = $my_inst->listDeployments(); |
| 129 | 129 | if (count($hotspotProfiles) == 0) { // no profiles yet. |
| 130 | - echo "<h2>" . sprintf(_("There are not yet any known deployments for your %s."), $uiElements->nomenclatureHotspot) . "</h2>"; |
|
| 130 | + echo "<h2>".sprintf(_("There are not yet any known deployments for your %s."), $uiElements->nomenclatureHotspot)."</h2>"; |
|
| 131 | 131 | } |
| 132 | 132 | if (count($hotspotProfiles) > 0) { // no profiles yet. |
| 133 | - echo "<h2>" . sprintf(_("Deployments for this %s"), $uiElements->nomenclatureHotspot) . "</h2>"; |
|
| 133 | + echo "<h2>".sprintf(_("Deployments for this %s"), $uiElements->nomenclatureHotspot)."</h2>"; |
|
| 134 | 134 | // display an info box with the connection data |
| 135 | 135 | } |
| 136 | 136 | |
@@ -149,19 +149,19 @@ discard block |
||
| 149 | 149 | ?> |
| 150 | 150 | <div style='display: table-row_id; margin-bottom: 20px;'> |
| 151 | 151 | <div class='profilebox' style='display: table-cell;'> |
| 152 | - <h2><?php echo core\DeploymentManaged::PRODUCTNAME . " (<span style='color:" . ( $deploymentObject->status == \core\AbstractDeployment::INACTIVE ? "red;'>" . _("inactive") : "green;'>" . _("active") ) . "</span>)"; ?></h2> |
|
| 152 | + <h2><?php echo core\DeploymentManaged::PRODUCTNAME." (<span style='color:".($deploymentObject->status == \core\AbstractDeployment::INACTIVE ? "red;'>"._("inactive") : "green;'>"._("active"))."</span>)"; ?></h2> |
|
| 153 | 153 | <table> |
| 154 | 154 | <tr> |
| 155 | 155 | <td><strong><?php echo _("Your primary RADIUS server") ?></strong><br/> |
| 156 | 156 | <?php |
| 157 | 157 | if ($deploymentObject->host1_v4 !== NULL) { |
| 158 | - echo _("IPv4") . ": " . $deploymentObject->host1_v4; |
|
| 158 | + echo _("IPv4").": ".$deploymentObject->host1_v4; |
|
| 159 | 159 | } |
| 160 | 160 | if ($deploymentObject->host1_v4 !== NULL && $deploymentObject->host1_v6 !== NULL) { |
| 161 | 161 | echo "<br/>"; |
| 162 | 162 | } |
| 163 | 163 | if ($deploymentObject->host1_v6 !== NULL) { |
| 164 | - echo _("IPv6") . ": " . $deploymentObject->host1_v6; |
|
| 164 | + echo _("IPv6").": ".$deploymentObject->host1_v6; |
|
| 165 | 165 | } |
| 166 | 166 | ?> |
| 167 | 167 | </td> |
@@ -169,9 +169,9 @@ discard block |
||
| 169 | 169 | <td><?php echo $deploymentObject->port1; ?></td> |
| 170 | 170 | <td> |
| 171 | 171 | <?php |
| 172 | - echo "<img src='" . $radiusMessages[$deploymentObject->radius_status_1]['icon'] . |
|
| 173 | - "' alt='" . $radiusMessages[$deploymentObject->radius_status_1]['text'] . |
|
| 174 | - "' title='" . $radiusMessages[$deploymentObject->radius_status_1]['text'] . "'>"; |
|
| 172 | + echo "<img src='".$radiusMessages[$deploymentObject->radius_status_1]['icon']. |
|
| 173 | + "' alt='".$radiusMessages[$deploymentObject->radius_status_1]['text']. |
|
| 174 | + "' title='".$radiusMessages[$deploymentObject->radius_status_1]['text']."'>"; |
|
| 175 | 175 | ?> |
| 176 | 176 | </td> |
| 177 | 177 | </tr> |
@@ -179,22 +179,22 @@ discard block |
||
| 179 | 179 | <td><strong><?php echo _("Your backup RADIUS server") ?><br/></strong> |
| 180 | 180 | <?php |
| 181 | 181 | if ($deploymentObject->host2_v4 !== NULL) { |
| 182 | - echo _("IPv4") . ": " . $deploymentObject->host2_v4; |
|
| 182 | + echo _("IPv4").": ".$deploymentObject->host2_v4; |
|
| 183 | 183 | } |
| 184 | 184 | if ($deploymentObject->host2_v4 !== NULL && $deploymentObject->host2_v6 !== NULL) { |
| 185 | 185 | echo "<br/>"; |
| 186 | 186 | } |
| 187 | 187 | if ($deploymentObject->host2_v6 !== NULL) { |
| 188 | - echo _("IPv6") . ": " . $deploymentObject->host2_v6; |
|
| 188 | + echo _("IPv6").": ".$deploymentObject->host2_v6; |
|
| 189 | 189 | } |
| 190 | 190 | ?></td> |
| 191 | 191 | <td><?php echo _("RADIUS port number: ") ?></td> |
| 192 | 192 | <td><?php echo $deploymentObject->port2; ?></td> |
| 193 | 193 | <td> |
| 194 | 194 | <?php |
| 195 | - echo "<img src='" . $radiusMessages[$deploymentObject->radius_status_2]['icon'] . |
|
| 196 | - "' alt='" . $radiusMessages[$deploymentObject->radius_status_2]['text'] . |
|
| 197 | - "' title='" . $radiusMessages[$deploymentObject->radius_status_2]['text'] . "'>"; |
|
| 195 | + echo "<img src='".$radiusMessages[$deploymentObject->radius_status_2]['icon']. |
|
| 196 | + "' alt='".$radiusMessages[$deploymentObject->radius_status_2]['text']. |
|
| 197 | + "' title='".$radiusMessages[$deploymentObject->radius_status_2]['text']."'>"; |
|
| 198 | 198 | ?> |
| 199 | 199 | </td> |
| 200 | 200 | </tr> |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | if (array_key_exists('FAILURE', $res) && $res['FAILURE'] > 0) { |
| 246 | 246 | echo '<br>'; |
| 247 | 247 | if ($res['FAILURE'] == 2) { |
| 248 | - echo ' <span style="color: red;">' . _("Activation failure.") . '</span>'; |
|
| 248 | + echo ' <span style="color: red;">'._("Activation failure.").'</span>'; |
|
| 249 | 249 | } else { |
| 250 | 250 | if (isset($_GET['res'][1]) && $_GET['res']['1'] == 'FAILURE') { |
| 251 | - echo ' <span style="color: red;">' . _("Activation failure for your primary RADIUS server.") . '</span>'; |
|
| 251 | + echo ' <span style="color: red;">'._("Activation failure for your primary RADIUS server.").'</span>'; |
|
| 252 | 252 | } else { |
| 253 | - echo ' <span style="color: red;">' . _("Activation failure for your backup RADIUS server.") . '</span>'; |
|
| 253 | + echo ' <span style="color: red;">'._("Activation failure for your backup RADIUS server.").'</span>'; |
|
| 254 | 254 | } |
| 255 | 255 | } |
| 256 | 256 | } |
@@ -270,12 +270,12 @@ discard block |
||
| 270 | 270 | if ($res['FAILURE'] > 0) { |
| 271 | 271 | echo '<br>'; |
| 272 | 272 | if ($res['FAILURE'] == 2) { |
| 273 | - echo ' <span style="color: red;">' . _("Failure during deactivation, your request is queued for handling") . '</span>'; |
|
| 273 | + echo ' <span style="color: red;">'._("Failure during deactivation, your request is queued for handling").'</span>'; |
|
| 274 | 274 | } else { |
| 275 | 275 | if (isset($_GET['res'][1]) && $_GET['res']['1'] == 'FAILURE') { |
| 276 | - echo ' <span style="color: red;">' . _("Deactivation failure for your primary RADIUS server, your request is queued.") . '</span>'; |
|
| 276 | + echo ' <span style="color: red;">'._("Deactivation failure for your primary RADIUS server, your request is queued.").'</span>'; |
|
| 277 | 277 | } else { |
| 278 | - echo ' <span style="color: red;">' . _("Deactivation failure for your backup RADIUS server, your request is queued.") . '</span>'; |
|
| 278 | + echo ' <span style="color: red;">'._("Deactivation failure for your backup RADIUS server, your request is queued.").'</span>'; |
|
| 279 | 279 | } |
| 280 | 280 | } |
| 281 | 281 | } |
@@ -1,10 +1,10 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
| 3 | 3 | /** |
| 4 | - * check if URL responds with 200 |
|
| 5 | - * |
|
| 6 | - * @param string $srv server name |
|
| 7 | - * @return integer or NULL |
|
| 4 | + * check if URL responds with 200 |
|
| 5 | + * |
|
| 6 | + * @param string $srv server name |
|
| 7 | + * @return integer or NULL |
|
| 8 | 8 | */ |
| 9 | 9 | function checkConfigRADIUSDaemon ($srv) { |
| 10 | 10 | $ch = curl_init(); |
@@ -1,22 +1,22 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | -require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
|
| 2 | +require_once dirname(dirname(__FILE__))."/config/_config.php"; |
|
| 3 | 3 | /** |
| 4 | 4 | * check if URL responds with 200 |
| 5 | 5 | * |
| 6 | 6 | * @param string $srv server name |
| 7 | 7 | * @return integer or NULL |
| 8 | 8 | */ |
| 9 | -function checkConfigRADIUSDaemon ($srv) { |
|
| 9 | +function checkConfigRADIUSDaemon($srv) { |
|
| 10 | 10 | $ch = curl_init(); |
| 11 | 11 | if ($ch === FALSE) { |
| 12 | 12 | return NULL; |
| 13 | 13 | } |
| 14 | 14 | $timeout = 10; |
| 15 | - curl_setopt ( $ch, CURLOPT_URL, $srv ); |
|
| 16 | - curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 ); |
|
| 17 | - curl_setopt ( $ch, CURLOPT_TIMEOUT, $timeout ); |
|
| 15 | + curl_setopt($ch, CURLOPT_URL, $srv); |
|
| 16 | + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
|
| 17 | + curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
|
| 18 | 18 | curl_exec($ch); |
| 19 | - $http_code = curl_getinfo( $ch, CURLINFO_HTTP_CODE ); |
|
| 19 | + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); |
|
| 20 | 20 | curl_close($ch); |
| 21 | 21 | if ($http_code == 200) { |
| 22 | 22 | return 1; |
@@ -53,8 +53,8 @@ discard block |
||
| 53 | 53 | } |
| 54 | 54 | $siteStatus = array(); |
| 55 | 55 | foreach (array_keys($brokenDeployments) as $server_id) { |
| 56 | - print "check $server_id " . $radiusSite[$server_id] . "\n"; |
|
| 57 | - $siteStatus[$server_id] = checkConfigRADIUSDaemon('http://' . $radiusSite[$server_id]); |
|
| 56 | + print "check $server_id ".$radiusSite[$server_id]."\n"; |
|
| 57 | + $siteStatus[$server_id] = checkConfigRADIUSDaemon('http://'.$radiusSite[$server_id]); |
|
| 58 | 58 | if ($siteStatus[$server_id]) { |
| 59 | 59 | echo "\ncheck radius\n"; |
| 60 | 60 | echo \config\Diagnostics::RADIUSSPTEST['port']."\n"; |
@@ -417,7 +417,7 @@ |
||
| 417 | 417 | $userId = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID); |
| 418 | 418 | $userName = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERNAME); |
| 419 | 419 | $certSerial = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
| 420 | - $certCN = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTCN); |
|
| 420 | + $certCN = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTCN); |
|
| 421 | 421 | if ($userId === FALSE && $userName === FALSE && $certSerial === FALSE && $certCN === FALSE) { |
| 422 | 422 | // we need at least one of those |
| 423 | 423 | $adminApi->returnError(\web\lib\admin\API::ERROR_MISSING_PARAMETER, "At least one of User ID, Username, certificate serial, or certificate CN is required."); |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | * <base_url>/copyright.php after deploying the software |
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | // no SAML auth on this page. The API key authenticates the entity |
| 26 | 26 | |
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | |
| 39 | 39 | $inputDecoded = json_decode($inputRaw, TRUE); |
| 40 | 40 | if (!is_array($inputDecoded)) { |
| 41 | - $adminApi->returnError(web\lib\admin\API::ERROR_MALFORMED_REQUEST, "Unable to decode JSON POST data." . json_last_error_msg() . $inputRaw); |
|
| 41 | + $adminApi->returnError(web\lib\admin\API::ERROR_MALFORMED_REQUEST, "Unable to decode JSON POST data.".json_last_error_msg().$inputRaw); |
|
| 42 | 42 | exit(1); |
| 43 | 43 | } |
| 44 | 44 | |
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
| 133 | 133 | } |
| 134 | 134 | $newtokens = $mgmt->createTokens(true, [$admin], $idp); |
| 135 | - $URL = "https://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']) . "/action_enrollment.php?token=" . array_keys($newtokens)[0]; |
|
| 135 | + $URL = "https://".$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/action_enrollment.php?token=".array_keys($newtokens)[0]; |
|
| 136 | 136 | $success = ["TOKEN URL" => $URL, "TOKEN" => array_keys($newtokens)[0]]; |
| 137 | 137 | // done with the essentials - display in response. But if we also have an email address, send it there |
| 138 | 138 | $email = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_TARGETMAIL); |
@@ -169,7 +169,7 @@ discard block |
||
| 169 | 169 | if ($found) { |
| 170 | 170 | $adminApi->returnSuccess([]); |
| 171 | 171 | } |
| 172 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "The admin with ID $toBeDeleted is not associated to IdP " . $idp->identifier); |
|
| 172 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "The admin with ID $toBeDeleted is not associated to IdP ".$idp->identifier); |
|
| 173 | 173 | break; |
| 174 | 174 | case web\lib\admin\API::ACTION_STATISTICS_FED: |
| 175 | 175 | $detail = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_DETAIL); |
@@ -281,10 +281,10 @@ discard block |
||
| 281 | 281 | $outer = ""; |
| 282 | 282 | $profile->setAnonymousIDSupport(FALSE); |
| 283 | 283 | } else { |
| 284 | - $outer = $outer . "@"; |
|
| 284 | + $outer = $outer."@"; |
|
| 285 | 285 | $profile->setAnonymousIDSupport(TRUE); |
| 286 | 286 | } |
| 287 | - $profile->setRealm($outer . $realm); |
|
| 287 | + $profile->setRealm($outer.$realm); |
|
| 288 | 288 | } |
| 289 | 289 | /* const AUXATTRIB_PROFILE_TESTUSER = 'ATTRIB-PROFILE-TESTUSER'; */ |
| 290 | 290 | $testuser = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_TESTUSER); |
@@ -531,7 +531,7 @@ discard block |
||
| 531 | 531 | // extract relevant subset of information from cert objects |
| 532 | 532 | $certDetails = []; |
| 533 | 533 | foreach ($certs as $cert) { |
| 534 | - $certDetails[$cert->ca_type . ":" . $cert->serial] = ["ISSUED" => $cert->issued, "EXPIRY" => $cert->expiry, "STATUS" => $cert->status, "DEVICE" => $cert->device, "CN" => $cert->username, "ANNOTATION" => $cert->annotation]; |
|
| 534 | + $certDetails[$cert->ca_type.":".$cert->serial] = ["ISSUED" => $cert->issued, "EXPIRY" => $cert->expiry, "STATUS" => $cert->status, "DEVICE" => $cert->device, "CN" => $cert->username, "ANNOTATION" => $cert->annotation]; |
|
| 535 | 535 | } |
| 536 | 536 | $adminApi->returnSuccess($certDetails); |
| 537 | 537 | break; |
@@ -84,142 +84,142 @@ discard block |
||
| 84 | 84 | } |
| 85 | 85 | |
| 86 | 86 | switch ($inputDecoded['ACTION']) { |
| 87 | - case web\lib\admin\API::ACTION_NEWINST: |
|
| 88 | - // create the inst, no admin, no attributes |
|
| 89 | - $typeRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_INSTTYPE); |
|
| 90 | - if ($typeRaw === FALSE) { |
|
| 91 | - throw new Exception("We did not receive a valid participant type!"); |
|
| 92 | - } |
|
| 93 | - $type = $validator->partType($typeRaw); |
|
| 94 | - $idp = new \core\IdP($fed->newIdP($type, "PENDING", "API")); |
|
| 95 | - // now add all submitted attributes |
|
| 96 | - $inputs = $adminApi->uglify($scrubbedParameters); |
|
| 97 | - $optionParser->processSubmittedFields($idp, $inputs["POST"], $inputs["FILES"]); |
|
| 98 | - $adminApi->returnSuccess([web\lib\admin\API::AUXATTRIB_CAT_INST_ID => $idp->identifier]); |
|
| 99 | - break; |
|
| 100 | - case web\lib\admin\API::ACTION_DELINST: |
|
| 101 | - try { |
|
| 102 | - $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 103 | - } catch (Exception $e) { |
|
| 104 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 105 | - exit(1); |
|
| 106 | - } |
|
| 107 | - $idp->destroy(); |
|
| 108 | - $adminApi->returnSuccess([]); |
|
| 109 | - break; |
|
| 110 | - case web\lib\admin\API::ACTION_ADMIN_LIST: |
|
| 111 | - try { |
|
| 112 | - $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 113 | - } catch (Exception $e) { |
|
| 114 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 115 | - exit(1); |
|
| 116 | - } |
|
| 117 | - $adminApi->returnSuccess($idp->listOwners()); |
|
| 118 | - break; |
|
| 119 | - case web\lib\admin\API::ACTION_ADMIN_ADD: |
|
| 120 | - // IdP in question |
|
| 121 | - try { |
|
| 122 | - $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 123 | - } catch (Exception $e) { |
|
| 124 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 125 | - exit(1); |
|
| 126 | - } |
|
| 127 | - // here is the token |
|
| 128 | - $mgmt = new core\UserManagement(); |
|
| 129 | - // we know we have an admin ID but scrutinizer wants this checked more explicitly |
|
| 130 | - $admin = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_ADMINID); |
|
| 131 | - if ($admin === FALSE) { |
|
| 132 | - throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
|
| 133 | - } |
|
| 134 | - $newtokens = $mgmt->createTokens(true, [$admin], $idp); |
|
| 135 | - $URL = "https://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']) . "/action_enrollment.php?token=" . array_keys($newtokens)[0]; |
|
| 136 | - $success = ["TOKEN URL" => $URL, "TOKEN" => array_keys($newtokens)[0]]; |
|
| 137 | - // done with the essentials - display in response. But if we also have an email address, send it there |
|
| 138 | - $email = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_TARGETMAIL); |
|
| 139 | - if ($email !== FALSE) { |
|
| 140 | - $sent = \core\common\OutsideComm::adminInvitationMail($email, "EXISTING-FED", array_keys($newtokens)[0], $idp->name, $fed, $idp->type); |
|
| 141 | - $success["EMAIL SENT"] = $sent["SENT"]; |
|
| 142 | - if ($sent["SENT"] === TRUE) { |
|
| 143 | - $success["EMAIL TRANSPORT SECURE"] = $sent["TRANSPORT"]; |
|
| 87 | + case web\lib\admin\API::ACTION_NEWINST: |
|
| 88 | + // create the inst, no admin, no attributes |
|
| 89 | + $typeRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_INSTTYPE); |
|
| 90 | + if ($typeRaw === FALSE) { |
|
| 91 | + throw new Exception("We did not receive a valid participant type!"); |
|
| 144 | 92 | } |
| 145 | - } |
|
| 146 | - $adminApi->returnSuccess($success); |
|
| 147 | - break; |
|
| 148 | - case web\lib\admin\API::ACTION_ADMIN_DEL: |
|
| 149 | - // IdP in question |
|
| 150 | - try { |
|
| 151 | - $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 152 | - } catch (Exception $e) { |
|
| 153 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 154 | - exit(1); |
|
| 155 | - } |
|
| 156 | - $currentAdmins = $idp->listOwners(); |
|
| 157 | - $toBeDeleted = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_ADMINID); |
|
| 158 | - if ($toBeDeleted === FALSE) { |
|
| 159 | - throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
|
| 160 | - } |
|
| 161 | - $found = FALSE; |
|
| 162 | - foreach ($currentAdmins as $oneAdmin) { |
|
| 163 | - if ($oneAdmin['MAIL'] == $toBeDeleted) { |
|
| 164 | - $found = TRUE; |
|
| 165 | - $mgmt = new core\UserManagement(); |
|
| 166 | - $mgmt->removeAdminFromIdP($idp, $oneAdmin['ID']); |
|
| 93 | + $type = $validator->partType($typeRaw); |
|
| 94 | + $idp = new \core\IdP($fed->newIdP($type, "PENDING", "API")); |
|
| 95 | + // now add all submitted attributes |
|
| 96 | + $inputs = $adminApi->uglify($scrubbedParameters); |
|
| 97 | + $optionParser->processSubmittedFields($idp, $inputs["POST"], $inputs["FILES"]); |
|
| 98 | + $adminApi->returnSuccess([web\lib\admin\API::AUXATTRIB_CAT_INST_ID => $idp->identifier]); |
|
| 99 | + break; |
|
| 100 | + case web\lib\admin\API::ACTION_DELINST: |
|
| 101 | + try { |
|
| 102 | + $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 103 | + } catch (Exception $e) { |
|
| 104 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 105 | + exit(1); |
|
| 167 | 106 | } |
| 168 | - } |
|
| 169 | - if ($found) { |
|
| 107 | + $idp->destroy(); |
|
| 170 | 108 | $adminApi->returnSuccess([]); |
| 171 | - } |
|
| 172 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "The admin with ID $toBeDeleted is not associated to IdP " . $idp->identifier); |
|
| 173 | - break; |
|
| 174 | - case web\lib\admin\API::ACTION_STATISTICS_FED: |
|
| 175 | - $detail = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_DETAIL); |
|
| 176 | - $adminApi->returnSuccess($fed->downloadStats("array", $detail)); |
|
| 177 | - break; |
|
| 178 | - case \web\lib\admin\API::ACTION_FEDERATION_LISTIDP: |
|
| 179 | - $retArray = []; |
|
| 180 | - $noLogo = null; |
|
| 181 | - $idpIdentifier = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID); |
|
| 182 | - $logoFlag = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::FLAG_NOLOGO); |
|
| 183 | - $detail = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_DETAIL); |
|
| 184 | - if ($logoFlag === "TRUE") { |
|
| 185 | - $noLogo = 'general:logo_file'; |
|
| 186 | - } |
|
| 187 | - if ($idpIdentifier === FALSE) { |
|
| 188 | - $allIdPs = $fed->listIdentityProviders(0); |
|
| 189 | - foreach ($allIdPs as $instanceId => $oneIdP) { |
|
| 190 | - $theIdP = $oneIdP["instance"]; |
|
| 191 | - $retArray[$instanceId] = $theIdP->getAttributes(null, $noLogo); |
|
| 109 | + break; |
|
| 110 | + case web\lib\admin\API::ACTION_ADMIN_LIST: |
|
| 111 | + try { |
|
| 112 | + $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 113 | + } catch (Exception $e) { |
|
| 114 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 115 | + exit(1); |
|
| 192 | 116 | } |
| 193 | - } else { |
|
| 117 | + $adminApi->returnSuccess($idp->listOwners()); |
|
| 118 | + break; |
|
| 119 | + case web\lib\admin\API::ACTION_ADMIN_ADD: |
|
| 120 | + // IdP in question |
|
| 194 | 121 | try { |
| 195 | - $thisIdP = $validator->existingIdP($idpIdentifier, NULL, $fed); |
|
| 122 | + $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 196 | 123 | } catch (Exception $e) { |
| 197 | 124 | $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
| 198 | 125 | exit(1); |
| 199 | 126 | } |
| 200 | - $retArray[$idpIdentifier] = $thisIdP->getAttributes(null, $noLogo); |
|
| 201 | - foreach ($thisIdP->listProfiles() as $oneProfile) { |
|
| 202 | - $retArray[$idpIdentifier]["PROFILES"][$oneProfile->identifier] = $oneProfile->getAttributes(null, $noLogo); |
|
| 127 | + // here is the token |
|
| 128 | + $mgmt = new core\UserManagement(); |
|
| 129 | + // we know we have an admin ID but scrutinizer wants this checked more explicitly |
|
| 130 | + $admin = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_ADMINID); |
|
| 131 | + if ($admin === FALSE) { |
|
| 132 | + throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
|
| 203 | 133 | } |
| 204 | - } |
|
| 205 | - foreach ($retArray as $instNumber => $oneInstData) { |
|
| 206 | - foreach ($oneInstData as $attribNumber => $oneAttrib) { |
|
| 207 | - if ($oneAttrib['name'] == "general:logo_file") { |
|
| 208 | - // JSON doesn't cope well with raw binary data, so b64 it |
|
| 209 | - $retArray[$instNumber][$attribNumber]['value'] = base64_encode($oneAttrib['value']); |
|
| 134 | + $newtokens = $mgmt->createTokens(true, [$admin], $idp); |
|
| 135 | + $URL = "https://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']) . "/action_enrollment.php?token=" . array_keys($newtokens)[0]; |
|
| 136 | + $success = ["TOKEN URL" => $URL, "TOKEN" => array_keys($newtokens)[0]]; |
|
| 137 | + // done with the essentials - display in response. But if we also have an email address, send it there |
|
| 138 | + $email = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_TARGETMAIL); |
|
| 139 | + if ($email !== FALSE) { |
|
| 140 | + $sent = \core\common\OutsideComm::adminInvitationMail($email, "EXISTING-FED", array_keys($newtokens)[0], $idp->name, $fed, $idp->type); |
|
| 141 | + $success["EMAIL SENT"] = $sent["SENT"]; |
|
| 142 | + if ($sent["SENT"] === TRUE) { |
|
| 143 | + $success["EMAIL TRANSPORT SECURE"] = $sent["TRANSPORT"]; |
|
| 144 | + } |
|
| 145 | + } |
|
| 146 | + $adminApi->returnSuccess($success); |
|
| 147 | + break; |
|
| 148 | + case web\lib\admin\API::ACTION_ADMIN_DEL: |
|
| 149 | + // IdP in question |
|
| 150 | + try { |
|
| 151 | + $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 152 | + } catch (Exception $e) { |
|
| 153 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 154 | + exit(1); |
|
| 155 | + } |
|
| 156 | + $currentAdmins = $idp->listOwners(); |
|
| 157 | + $toBeDeleted = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_ADMINID); |
|
| 158 | + if ($toBeDeleted === FALSE) { |
|
| 159 | + throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
|
| 160 | + } |
|
| 161 | + $found = FALSE; |
|
| 162 | + foreach ($currentAdmins as $oneAdmin) { |
|
| 163 | + if ($oneAdmin['MAIL'] == $toBeDeleted) { |
|
| 164 | + $found = TRUE; |
|
| 165 | + $mgmt = new core\UserManagement(); |
|
| 166 | + $mgmt->removeAdminFromIdP($idp, $oneAdmin['ID']); |
|
| 167 | + } |
|
| 168 | + } |
|
| 169 | + if ($found) { |
|
| 170 | + $adminApi->returnSuccess([]); |
|
| 171 | + } |
|
| 172 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "The admin with ID $toBeDeleted is not associated to IdP " . $idp->identifier); |
|
| 173 | + break; |
|
| 174 | + case web\lib\admin\API::ACTION_STATISTICS_FED: |
|
| 175 | + $detail = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_DETAIL); |
|
| 176 | + $adminApi->returnSuccess($fed->downloadStats("array", $detail)); |
|
| 177 | + break; |
|
| 178 | + case \web\lib\admin\API::ACTION_FEDERATION_LISTIDP: |
|
| 179 | + $retArray = []; |
|
| 180 | + $noLogo = null; |
|
| 181 | + $idpIdentifier = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID); |
|
| 182 | + $logoFlag = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::FLAG_NOLOGO); |
|
| 183 | + $detail = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_DETAIL); |
|
| 184 | + if ($logoFlag === "TRUE") { |
|
| 185 | + $noLogo = 'general:logo_file'; |
|
| 186 | + } |
|
| 187 | + if ($idpIdentifier === FALSE) { |
|
| 188 | + $allIdPs = $fed->listIdentityProviders(0); |
|
| 189 | + foreach ($allIdPs as $instanceId => $oneIdP) { |
|
| 190 | + $theIdP = $oneIdP["instance"]; |
|
| 191 | + $retArray[$instanceId] = $theIdP->getAttributes(null, $noLogo); |
|
| 210 | 192 | } |
| 211 | - if ($attribNumber == "PROFILES") { |
|
| 212 | - // scan for included fed:logo_file and b64 escape it, t2oo |
|
| 213 | - foreach ($oneAttrib as $profileNumber => $profileContent) { |
|
| 214 | - foreach ($profileContent as $oneProfileIterator => $oneProfileContent) { |
|
| 215 | - if ($oneProfileContent['name'] == "fed:logo_file" || $oneProfileContent['name'] == "general:logo_file" || $oneProfileContent['name'] == "eap:ca_file") { |
|
| 216 | - $retArray[$instNumber]["PROFILES"][$profileNumber][$oneProfileIterator]['value'] = base64_encode($oneProfileContent['value']); |
|
| 217 | - } |
|
| 218 | - } |
|
| 193 | + } else { |
|
| 194 | + try { |
|
| 195 | + $thisIdP = $validator->existingIdP($idpIdentifier, NULL, $fed); |
|
| 196 | + } catch (Exception $e) { |
|
| 197 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 198 | + exit(1); |
|
| 199 | + } |
|
| 200 | + $retArray[$idpIdentifier] = $thisIdP->getAttributes(null, $noLogo); |
|
| 201 | + foreach ($thisIdP->listProfiles() as $oneProfile) { |
|
| 202 | + $retArray[$idpIdentifier]["PROFILES"][$oneProfile->identifier] = $oneProfile->getAttributes(null, $noLogo); |
|
| 203 | + } |
|
| 204 | + } |
|
| 205 | + foreach ($retArray as $instNumber => $oneInstData) { |
|
| 206 | + foreach ($oneInstData as $attribNumber => $oneAttrib) { |
|
| 207 | + if ($oneAttrib['name'] == "general:logo_file") { |
|
| 208 | + // JSON doesn't cope well with raw binary data, so b64 it |
|
| 209 | + $retArray[$instNumber][$attribNumber]['value'] = base64_encode($oneAttrib['value']); |
|
| 210 | + } |
|
| 211 | + if ($attribNumber == "PROFILES") { |
|
| 212 | + // scan for included fed:logo_file and b64 escape it, t2oo |
|
| 213 | + foreach ($oneAttrib as $profileNumber => $profileContent) { |
|
| 214 | + foreach ($profileContent as $oneProfileIterator => $oneProfileContent) { |
|
| 215 | + if ($oneProfileContent['name'] == "fed:logo_file" || $oneProfileContent['name'] == "general:logo_file" || $oneProfileContent['name'] == "eap:ca_file") { |
|
| 216 | + $retArray[$instNumber]["PROFILES"][$profileNumber][$oneProfileIterator]['value'] = base64_encode($oneProfileContent['value']); |
|
| 217 | + } |
|
| 218 | + } |
|
| 219 | + } |
|
| 219 | 220 | } |
| 220 | 221 | } |
| 221 | 222 | } |
| 222 | - } |
|
| 223 | 223 | |
| 224 | 224 | /* |
| 225 | 225 | $retArray[$idpIdentifier] = []; |
@@ -230,102 +230,102 @@ discard block |
||
| 230 | 230 | * |
| 231 | 231 | */ |
| 232 | 232 | |
| 233 | - $adminApi->returnSuccess($retArray); |
|
| 234 | - break; |
|
| 235 | - case \web\lib\admin\API::ACTION_NEWPROF_RADIUS: |
|
| 236 | - // fall-through intended: both get mostly identical treatment |
|
| 237 | - case web\lib\admin\API::ACTION_NEWPROF_SB: |
|
| 238 | - try { |
|
| 239 | - $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 240 | - } catch (Exception $e) { |
|
| 241 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 242 | - exit(1); |
|
| 243 | - } |
|
| 244 | - if ($inputDecoded['ACTION'] == web\lib\admin\API::ACTION_NEWPROF_RADIUS) { |
|
| 245 | - $type = "RADIUS"; |
|
| 246 | - } else { |
|
| 247 | - $type = "SILVERBULLET"; |
|
| 248 | - } |
|
| 249 | - $profile = $idp->newProfile($type); |
|
| 250 | - if ($profile === NULL) { |
|
| 251 | - $adminApi->returnError(\web\lib\admin\API::ERROR_INTERNAL_ERROR, "Unable to create a new Profile, for no apparent reason. Please contact support."); |
|
| 252 | - exit(1); |
|
| 253 | - } |
|
| 254 | - $inputs = $adminApi->uglify($scrubbedParameters); |
|
| 255 | - $optionParser->processSubmittedFields($profile, $inputs["POST"], $inputs["FILES"]); |
|
| 256 | - if ($inputDecoded['ACTION'] == web\lib\admin\API::ACTION_NEWPROF_SB) { |
|
| 257 | - // auto-accept ToU? |
|
| 258 | - if ($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_TOU) !== FALSE) { |
|
| 259 | - $profile->addAttribute("hiddenprofile:tou_accepted", NULL, 1); |
|
| 260 | - } |
|
| 261 | - // we're done at this point |
|
| 262 | - $adminApi->returnSuccess([\web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID => $profile->identifier]); |
|
| 233 | + $adminApi->returnSuccess($retArray); |
|
| 263 | 234 | break; |
| 264 | - } |
|
| 265 | - if (!$profile instanceof core\ProfileRADIUS) { |
|
| 266 | - throw new Exception("Can't be. This is only here to convince Scrutinizer that we're really talking RADIUS."); |
|
| 267 | - } |
|
| 268 | - /* const AUXATTRIB_PROFILE_REALM = 'ATTRIB-PROFILE-REALM'; |
|
| 269 | - const AUXATTRIB_PROFILE_OUTERVALUE = 'ATTRIB-PROFILE-OUTERVALUE'; */ |
|
| 270 | - $realm = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_REALM); |
|
| 271 | - $outer = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_OUTERVALUE); |
|
| 272 | - if ($realm !== FALSE) { |
|
| 273 | - if ($outer === FALSE) { |
|
| 274 | - $outer = ""; |
|
| 275 | - $profile->setAnonymousIDSupport(FALSE); |
|
| 235 | + case \web\lib\admin\API::ACTION_NEWPROF_RADIUS: |
|
| 236 | + // fall-through intended: both get mostly identical treatment |
|
| 237 | + case web\lib\admin\API::ACTION_NEWPROF_SB: |
|
| 238 | + try { |
|
| 239 | + $idp = $validator->existingIdP($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID), NULL, $fed); |
|
| 240 | + } catch (Exception $e) { |
|
| 241 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 242 | + exit(1); |
|
| 243 | + } |
|
| 244 | + if ($inputDecoded['ACTION'] == web\lib\admin\API::ACTION_NEWPROF_RADIUS) { |
|
| 245 | + $type = "RADIUS"; |
|
| 276 | 246 | } else { |
| 277 | - $outer = $outer . "@"; |
|
| 278 | - $profile->setAnonymousIDSupport(TRUE); |
|
| 247 | + $type = "SILVERBULLET"; |
|
| 279 | 248 | } |
| 280 | - $profile->setRealm($outer . $realm); |
|
| 281 | - } |
|
| 282 | - /* const AUXATTRIB_PROFILE_TESTUSER = 'ATTRIB-PROFILE-TESTUSER'; */ |
|
| 283 | - $testuser = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_TESTUSER); |
|
| 284 | - if ($testuser !== FALSE) { |
|
| 285 | - $profile->setRealmCheckUser(TRUE, $testuser); |
|
| 286 | - } |
|
| 287 | - /* const AUXATTRIB_PROFILE_INPUT_HINT = 'ATTRIB-PROFILE-HINTREALM'; |
|
| 249 | + $profile = $idp->newProfile($type); |
|
| 250 | + if ($profile === NULL) { |
|
| 251 | + $adminApi->returnError(\web\lib\admin\API::ERROR_INTERNAL_ERROR, "Unable to create a new Profile, for no apparent reason. Please contact support."); |
|
| 252 | + exit(1); |
|
| 253 | + } |
|
| 254 | + $inputs = $adminApi->uglify($scrubbedParameters); |
|
| 255 | + $optionParser->processSubmittedFields($profile, $inputs["POST"], $inputs["FILES"]); |
|
| 256 | + if ($inputDecoded['ACTION'] == web\lib\admin\API::ACTION_NEWPROF_SB) { |
|
| 257 | + // auto-accept ToU? |
|
| 258 | + if ($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_TOU) !== FALSE) { |
|
| 259 | + $profile->addAttribute("hiddenprofile:tou_accepted", NULL, 1); |
|
| 260 | + } |
|
| 261 | + // we're done at this point |
|
| 262 | + $adminApi->returnSuccess([\web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID => $profile->identifier]); |
|
| 263 | + break; |
|
| 264 | + } |
|
| 265 | + if (!$profile instanceof core\ProfileRADIUS) { |
|
| 266 | + throw new Exception("Can't be. This is only here to convince Scrutinizer that we're really talking RADIUS."); |
|
| 267 | + } |
|
| 268 | + /* const AUXATTRIB_PROFILE_REALM = 'ATTRIB-PROFILE-REALM'; |
|
| 269 | + const AUXATTRIB_PROFILE_OUTERVALUE = 'ATTRIB-PROFILE-OUTERVALUE'; */ |
|
| 270 | + $realm = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_REALM); |
|
| 271 | + $outer = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_OUTERVALUE); |
|
| 272 | + if ($realm !== FALSE) { |
|
| 273 | + if ($outer === FALSE) { |
|
| 274 | + $outer = ""; |
|
| 275 | + $profile->setAnonymousIDSupport(FALSE); |
|
| 276 | + } else { |
|
| 277 | + $outer = $outer . "@"; |
|
| 278 | + $profile->setAnonymousIDSupport(TRUE); |
|
| 279 | + } |
|
| 280 | + $profile->setRealm($outer . $realm); |
|
| 281 | + } |
|
| 282 | + /* const AUXATTRIB_PROFILE_TESTUSER = 'ATTRIB-PROFILE-TESTUSER'; */ |
|
| 283 | + $testuser = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_TESTUSER); |
|
| 284 | + if ($testuser !== FALSE) { |
|
| 285 | + $profile->setRealmCheckUser(TRUE, $testuser); |
|
| 286 | + } |
|
| 287 | + /* const AUXATTRIB_PROFILE_INPUT_HINT = 'ATTRIB-PROFILE-HINTREALM'; |
|
| 288 | 288 | const AUXATTRIB_PROFILE_INPUT_VERIFY = 'ATTRIB-PROFILE-VERIFYREALM'; */ |
| 289 | - $hint = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_INPUT_HINT); |
|
| 290 | - $enforce = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_INPUT_VERIFY); |
|
| 291 | - if ($enforce !== FALSE) { |
|
| 292 | - $profile->setInputVerificationPreference($enforce, $hint); |
|
| 293 | - } |
|
| 294 | - /* const AUXATTRIB_PROFILE_EAPTYPE */ |
|
| 295 | - $iterator = 1; |
|
| 296 | - foreach ($scrubbedParameters as $oneParam) { |
|
| 297 | - if ($oneParam['NAME'] == web\lib\admin\API::AUXATTRIB_PROFILE_EAPTYPE && is_int($oneParam["VALUE"])) { |
|
| 298 | - $type = new \core\common\EAP($oneParam["VALUE"]); |
|
| 299 | - $profile->addSupportedEapMethod($type, $iterator); |
|
| 300 | - $iterator = $iterator + 1; |
|
| 289 | + $hint = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_INPUT_HINT); |
|
| 290 | + $enforce = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_PROFILE_INPUT_VERIFY); |
|
| 291 | + if ($enforce !== FALSE) { |
|
| 292 | + $profile->setInputVerificationPreference($enforce, $hint); |
|
| 301 | 293 | } |
| 302 | - } |
|
| 303 | - // reinstantiate $profile freshly from DB - it was updated in the process |
|
| 304 | - $profileFresh = new core\ProfileRADIUS($profile->identifier); |
|
| 305 | - $profileFresh->prepShowtime(); |
|
| 306 | - $adminApi->returnSuccess([\web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID => $profileFresh->identifier]); |
|
| 307 | - break; |
|
| 308 | - case web\lib\admin\API::ACTION_ENDUSER_NEW: |
|
| 309 | - // fall-through intentional, those two actions are doing nearly identical things |
|
| 310 | - case web\lib\admin\API::ACTION_ENDUSER_CHANGEEXPIRY: |
|
| 311 | - $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 312 | - if ($prof_id === FALSE) { |
|
| 313 | - exit(1); |
|
| 314 | - } |
|
| 315 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 316 | - if ($evaluation === FALSE) { |
|
| 317 | - exit(1); |
|
| 318 | - } |
|
| 319 | - list($idp, $profile) = $evaluation; |
|
| 320 | - $user = $validator->string($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERNAME)); |
|
| 321 | - $expiryRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_EXPIRY); |
|
| 322 | - if ($expiryRaw === FALSE) { |
|
| 323 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "The expiry date wasn't found in the request."); |
|
| 294 | + /* const AUXATTRIB_PROFILE_EAPTYPE */ |
|
| 295 | + $iterator = 1; |
|
| 296 | + foreach ($scrubbedParameters as $oneParam) { |
|
| 297 | + if ($oneParam['NAME'] == web\lib\admin\API::AUXATTRIB_PROFILE_EAPTYPE && is_int($oneParam["VALUE"])) { |
|
| 298 | + $type = new \core\common\EAP($oneParam["VALUE"]); |
|
| 299 | + $profile->addSupportedEapMethod($type, $iterator); |
|
| 300 | + $iterator = $iterator + 1; |
|
| 301 | + } |
|
| 302 | + } |
|
| 303 | + // reinstantiate $profile freshly from DB - it was updated in the process |
|
| 304 | + $profileFresh = new core\ProfileRADIUS($profile->identifier); |
|
| 305 | + $profileFresh->prepShowtime(); |
|
| 306 | + $adminApi->returnSuccess([\web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID => $profileFresh->identifier]); |
|
| 324 | 307 | break; |
| 325 | - } |
|
| 326 | - $expiry = new DateTime($expiryRaw); |
|
| 327 | - try { |
|
| 328 | - switch ($inputDecoded['ACTION']) { |
|
| 308 | + case web\lib\admin\API::ACTION_ENDUSER_NEW: |
|
| 309 | + // fall-through intentional, those two actions are doing nearly identical things |
|
| 310 | + case web\lib\admin\API::ACTION_ENDUSER_CHANGEEXPIRY: |
|
| 311 | + $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 312 | + if ($prof_id === FALSE) { |
|
| 313 | + exit(1); |
|
| 314 | + } |
|
| 315 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 316 | + if ($evaluation === FALSE) { |
|
| 317 | + exit(1); |
|
| 318 | + } |
|
| 319 | + list($idp, $profile) = $evaluation; |
|
| 320 | + $user = $validator->string($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERNAME)); |
|
| 321 | + $expiryRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_EXPIRY); |
|
| 322 | + if ($expiryRaw === FALSE) { |
|
| 323 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "The expiry date wasn't found in the request."); |
|
| 324 | + break; |
|
| 325 | + } |
|
| 326 | + $expiry = new DateTime($expiryRaw); |
|
| 327 | + try { |
|
| 328 | + switch ($inputDecoded['ACTION']) { |
|
| 329 | 329 | case web\lib\admin\API::ACTION_ENDUSER_NEW: |
| 330 | 330 | $retval = $profile->addUser($user, $expiry); |
| 331 | 331 | break; |
@@ -338,7 +338,7 @@ discard block |
||
| 338 | 338 | $retval = 1; // function doesn't have any failure vectors not raising an Exception and doesn't return a value |
| 339 | 339 | } |
| 340 | 340 | break; |
| 341 | - } |
|
| 341 | + } |
|
| 342 | 342 | } catch (Exception $e) { |
| 343 | 343 | $adminApi->returnError(web\lib\admin\API::ERROR_INTERNAL_ERROR, "The operation failed. Maybe a duplicate username, or malformed expiry date?"); |
| 344 | 344 | exit(1); |
@@ -349,25 +349,25 @@ discard block |
||
| 349 | 349 | } |
| 350 | 350 | $adminApi->returnSuccess([web\lib\admin\API::AUXATTRIB_SB_USERNAME => $user, \web\lib\admin\API::AUXATTRIB_SB_USERID => $retval]); |
| 351 | 351 | break; |
| 352 | - case \web\lib\admin\API::ACTION_ENDUSER_DEACTIVATE: |
|
| 353 | - // fall-through intended: both actions are very similar |
|
| 354 | - case \web\lib\admin\API::ACTION_TOKEN_NEW: |
|
| 355 | - $profile_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 356 | - if ($profile_id === FALSE) { |
|
| 357 | - exit(1); |
|
| 358 | - } |
|
| 359 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $profile_id); |
|
| 360 | - if ($evaluation === FALSE) { |
|
| 361 | - exit(1); |
|
| 362 | - } |
|
| 363 | - list($idp, $profile) = $evaluation; |
|
| 364 | - $userId = $validator->integer($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID)); |
|
| 365 | - if ($userId === FALSE) { |
|
| 366 | - $adminApi->returnError(\web\lib\admin\API::ERROR_INVALID_PARAMETER, "User ID is not an integer."); |
|
| 367 | - exit(1); |
|
| 368 | - } |
|
| 369 | - $additionalInfo = []; |
|
| 370 | - switch ($inputDecoded['ACTION']) { // this is where the two differ |
|
| 352 | + case \web\lib\admin\API::ACTION_ENDUSER_DEACTIVATE: |
|
| 353 | + // fall-through intended: both actions are very similar |
|
| 354 | + case \web\lib\admin\API::ACTION_TOKEN_NEW: |
|
| 355 | + $profile_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 356 | + if ($profile_id === FALSE) { |
|
| 357 | + exit(1); |
|
| 358 | + } |
|
| 359 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $profile_id); |
|
| 360 | + if ($evaluation === FALSE) { |
|
| 361 | + exit(1); |
|
| 362 | + } |
|
| 363 | + list($idp, $profile) = $evaluation; |
|
| 364 | + $userId = $validator->integer($adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID)); |
|
| 365 | + if ($userId === FALSE) { |
|
| 366 | + $adminApi->returnError(\web\lib\admin\API::ERROR_INVALID_PARAMETER, "User ID is not an integer."); |
|
| 367 | + exit(1); |
|
| 368 | + } |
|
| 369 | + $additionalInfo = []; |
|
| 370 | + switch ($inputDecoded['ACTION']) { // this is where the two differ |
|
| 371 | 371 | case \web\lib\admin\API::ACTION_ENDUSER_DEACTIVATE: |
| 372 | 372 | $result = $profile->deactivateUser($userId); |
| 373 | 373 | break; |
@@ -400,7 +400,7 @@ discard block |
||
| 400 | 400 | } |
| 401 | 401 | } |
| 402 | 402 | break; |
| 403 | - } |
|
| 403 | + } |
|
| 404 | 404 | |
| 405 | 405 | if ($result !== TRUE) { |
| 406 | 406 | $adminApi->returnError(\web\lib\admin\API::ERROR_INVALID_PARAMETER, "These parameters did not lead to an existing, active user."); |
@@ -408,69 +408,69 @@ discard block |
||
| 408 | 408 | } |
| 409 | 409 | $adminApi->returnSuccess($additionalInfo); |
| 410 | 410 | break; |
| 411 | - case \web\lib\admin\API::ACTION_ENDUSER_IDENTIFY: |
|
| 412 | - $profile_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 413 | - if ($profile_id === FALSE) { |
|
| 414 | - exit(1); |
|
| 415 | - } |
|
| 416 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $profile_id); |
|
| 417 | - if ($evaluation === FALSE) { |
|
| 418 | - exit(1); |
|
| 419 | - } |
|
| 420 | - list($idp, $profile) = $evaluation; |
|
| 421 | - $userId = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID); |
|
| 422 | - $userName = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERNAME); |
|
| 423 | - $certSerial = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
|
| 424 | - $certCN = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTCN); |
|
| 425 | - if ($userId === FALSE && $userName === FALSE && $certSerial === FALSE && $certCN === FALSE) { |
|
| 426 | - // we need at least one of those |
|
| 427 | - $adminApi->returnError(\web\lib\admin\API::ERROR_MISSING_PARAMETER, "At least one of User ID, Username, certificate serial, or certificate CN is required."); |
|
| 428 | - break; |
|
| 429 | - } |
|
| 430 | - if ($certSerial !== FALSE) { // we got a cert serial |
|
| 431 | - $serial = explode(":", $certSerial); |
|
| 432 | - $cert = new \core\SilverbulletCertificate($serial[1], $serial[0]); |
|
| 411 | + case \web\lib\admin\API::ACTION_ENDUSER_IDENTIFY: |
|
| 412 | + $profile_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 413 | + if ($profile_id === FALSE) { |
|
| 414 | + exit(1); |
|
| 433 | 415 | } |
| 434 | - if ($certCN !== FALSE) { // we got a cert CN |
|
| 435 | - $cert = new \core\SilverbulletCertificate($certCN); |
|
| 436 | - } |
|
| 437 | - if ($cert !== NULL) { // we found a cert; verify it and extract userId |
|
| 438 | - if ($cert->status == \core\SilverbulletCertificate::CERTSTATUS_INVALID) { |
|
| 439 | - return $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Certificate not found."); |
|
| 416 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $profile_id); |
|
| 417 | + if ($evaluation === FALSE) { |
|
| 418 | + exit(1); |
|
| 440 | 419 | } |
| 441 | - if ($cert->profileId != $profile->identifier) { |
|
| 442 | - return $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Certificate does not belong to this profile."); |
|
| 420 | + list($idp, $profile) = $evaluation; |
|
| 421 | + $userId = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID); |
|
| 422 | + $userName = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERNAME); |
|
| 423 | + $certSerial = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
|
| 424 | + $certCN = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTCN); |
|
| 425 | + if ($userId === FALSE && $userName === FALSE && $certSerial === FALSE && $certCN === FALSE) { |
|
| 426 | + // we need at least one of those |
|
| 427 | + $adminApi->returnError(\web\lib\admin\API::ERROR_MISSING_PARAMETER, "At least one of User ID, Username, certificate serial, or certificate CN is required."); |
|
| 428 | + break; |
|
| 443 | 429 | } |
| 444 | - $userId = $cert->userId; |
|
| 445 | - } |
|
| 446 | - if ($userId !== FALSE) { |
|
| 447 | - $userList = $profile->getUserById($userId); |
|
| 448 | - } |
|
| 449 | - if ($userName !== FALSE) { |
|
| 450 | - $userList = $profile->getUserByName($userName); |
|
| 451 | - } |
|
| 452 | - if (count($userList) === 1) { |
|
| 453 | - foreach ($userList as $oneUserId => $oneUserName) { |
|
| 454 | - return $adminApi->returnSuccess([web\lib\admin\API::AUXATTRIB_SB_USERNAME => $oneUserName, \web\lib\admin\API::AUXATTRIB_SB_USERID => $oneUserId]); |
|
| 430 | + if ($certSerial !== FALSE) { // we got a cert serial |
|
| 431 | + $serial = explode(":", $certSerial); |
|
| 432 | + $cert = new \core\SilverbulletCertificate($serial[1], $serial[0]); |
|
| 433 | + } |
|
| 434 | + if ($certCN !== FALSE) { // we got a cert CN |
|
| 435 | + $cert = new \core\SilverbulletCertificate($certCN); |
|
| 455 | 436 | } |
| 456 | - } |
|
| 457 | - $adminApi->returnError(\web\lib\admin\API::ERROR_INVALID_PARAMETER, "No matching user found in this profile."); |
|
| 458 | - break; |
|
| 459 | - case \web\lib\admin\API::ACTION_ENDUSER_LIST: |
|
| 460 | - // fall-through: those two are similar |
|
| 461 | - case \web\lib\admin\API::ACTION_TOKEN_LIST: |
|
| 462 | - $profile_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 463 | - if ($profile_id === FALSE) { |
|
| 464 | - exit(1); |
|
| 465 | - } |
|
| 466 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $profile_id); |
|
| 467 | - if ($evaluation === FALSE) { |
|
| 468 | - exit(1); |
|
| 469 | - } |
|
| 470 | - list($idp, $profile) = $evaluation; |
|
| 471 | - $allUsers = $profile->listAllUsers(); |
|
| 472 | - // this is where they differ |
|
| 473 | - switch ($inputDecoded['ACTION']) { |
|
| 437 | + if ($cert !== NULL) { // we found a cert; verify it and extract userId |
|
| 438 | + if ($cert->status == \core\SilverbulletCertificate::CERTSTATUS_INVALID) { |
|
| 439 | + return $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Certificate not found."); |
|
| 440 | + } |
|
| 441 | + if ($cert->profileId != $profile->identifier) { |
|
| 442 | + return $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Certificate does not belong to this profile."); |
|
| 443 | + } |
|
| 444 | + $userId = $cert->userId; |
|
| 445 | + } |
|
| 446 | + if ($userId !== FALSE) { |
|
| 447 | + $userList = $profile->getUserById($userId); |
|
| 448 | + } |
|
| 449 | + if ($userName !== FALSE) { |
|
| 450 | + $userList = $profile->getUserByName($userName); |
|
| 451 | + } |
|
| 452 | + if (count($userList) === 1) { |
|
| 453 | + foreach ($userList as $oneUserId => $oneUserName) { |
|
| 454 | + return $adminApi->returnSuccess([web\lib\admin\API::AUXATTRIB_SB_USERNAME => $oneUserName, \web\lib\admin\API::AUXATTRIB_SB_USERID => $oneUserId]); |
|
| 455 | + } |
|
| 456 | + } |
|
| 457 | + $adminApi->returnError(\web\lib\admin\API::ERROR_INVALID_PARAMETER, "No matching user found in this profile."); |
|
| 458 | + break; |
|
| 459 | + case \web\lib\admin\API::ACTION_ENDUSER_LIST: |
|
| 460 | + // fall-through: those two are similar |
|
| 461 | + case \web\lib\admin\API::ACTION_TOKEN_LIST: |
|
| 462 | + $profile_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 463 | + if ($profile_id === FALSE) { |
|
| 464 | + exit(1); |
|
| 465 | + } |
|
| 466 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $profile_id); |
|
| 467 | + if ($evaluation === FALSE) { |
|
| 468 | + exit(1); |
|
| 469 | + } |
|
| 470 | + list($idp, $profile) = $evaluation; |
|
| 471 | + $allUsers = $profile->listAllUsers(); |
|
| 472 | + // this is where they differ |
|
| 473 | + switch ($inputDecoded['ACTION']) { |
|
| 474 | 474 | case \web\lib\admin\API::ACTION_ENDUSER_LIST: |
| 475 | 475 | $adminApi->returnSuccess($allUsers); |
| 476 | 476 | break; |
@@ -489,123 +489,123 @@ discard block |
||
| 489 | 489 | $infoSet[$oneTokenObject->userId] = [\web\lib\admin\API::AUXATTRIB_TOKEN => $oneTokenObject->invitationTokenString, "STATUS" => $oneTokenObject->invitationTokenStatus]; |
| 490 | 490 | } |
| 491 | 491 | $adminApi->returnSuccess($infoSet); |
| 492 | - } |
|
| 493 | - break; |
|
| 494 | - case \web\lib\admin\API::ACTION_TOKEN_REVOKE: |
|
| 495 | - $tokenRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_TOKEN); |
|
| 496 | - if ($tokenRaw === FALSE) { |
|
| 497 | - exit(1); |
|
| 498 | - } |
|
| 499 | - $token = new core\SilverbulletInvitation($tokenRaw); |
|
| 500 | - if ($token->invitationTokenStatus !== core\SilverbulletInvitation::SB_TOKENSTATUS_VALID && $token->invitationTokenStatus !== core\SilverbulletInvitation::SB_TOKENSTATUS_PARTIALLY_REDEEMED) { |
|
| 501 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "This is not a currently valid token."); |
|
| 502 | - exit(1); |
|
| 503 | - } |
|
| 504 | - $token->revokeInvitation(); |
|
| 505 | - $adminApi->returnSuccess([]); |
|
| 506 | - break; |
|
| 507 | - case \web\lib\admin\API::ACTION_CERT_LIST: |
|
| 508 | - $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 509 | - $user_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID); |
|
| 510 | - if ($prof_id === FALSE || !is_int($user_id)) { |
|
| 511 | - exit(1); |
|
| 512 | - } |
|
| 513 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 514 | - if ($evaluation === FALSE) { |
|
| 515 | - exit(1); |
|
| 516 | - } |
|
| 517 | - list($idp, $profile) = $evaluation; |
|
| 518 | - $invitations = $profile->userStatus($user_id); |
|
| 519 | - // now pull out cert information from the object |
|
| 520 | - $certs = []; |
|
| 521 | - foreach ($invitations as $oneInvitation) { |
|
| 522 | - $certs = array_merge($certs, $oneInvitation->associatedCertificates); |
|
| 523 | - } |
|
| 524 | - // extract relevant subset of information from cert objects |
|
| 525 | - $certDetails = []; |
|
| 526 | - foreach ($certs as $cert) { |
|
| 527 | - $certDetails[$cert->ca_type . ":" . $cert->serial] = ["ISSUED" => $cert->issued, "EXPIRY" => $cert->expiry, "STATUS" => $cert->status, "DEVICE" => $cert->device, "CN" => $cert->username, "ANNOTATION" => $cert->annotation]; |
|
| 528 | - } |
|
| 529 | - $adminApi->returnSuccess($certDetails); |
|
| 530 | - break; |
|
| 531 | - case \web\lib\admin\API::ACTION_CERT_REVOKE: |
|
| 532 | - $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 533 | - if ($prof_id === FALSE) { |
|
| 534 | - exit(1); |
|
| 535 | - } |
|
| 536 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 537 | - if ($evaluation === FALSE) { |
|
| 538 | - exit(1); |
|
| 539 | - } |
|
| 540 | - list($idp, $profile) = $evaluation; |
|
| 541 | - // tear apart the serial |
|
| 542 | - $serialRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
|
| 543 | - if ($serialRaw === FALSE) { |
|
| 544 | - exit(1); |
|
| 545 | - } |
|
| 546 | - $serial = explode(":", $serialRaw); |
|
| 547 | - $cert = new \core\SilverbulletCertificate($serial[1], $serial[0]); |
|
| 548 | - if ($cert->status == \core\SilverbulletCertificate::CERTSTATUS_INVALID) { |
|
| 549 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial not found."); |
|
| 550 | - } |
|
| 551 | - if ($cert->profileId != $profile->identifier) { |
|
| 552 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial does not belong to this profile."); |
|
| 553 | - } |
|
| 554 | - $cert->revokeCertificate(); |
|
| 555 | - $adminApi->returnSuccess([]); |
|
| 492 | + } |
|
| 556 | 493 | break; |
| 557 | - case \web\lib\admin\API::ACTION_CERT_ANNOTATE: |
|
| 558 | - $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 559 | - if ($prof_id === FALSE) { |
|
| 560 | - exit(1); |
|
| 561 | - } |
|
| 562 | - $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 563 | - if ($evaluation === FALSE) { |
|
| 564 | - exit(1); |
|
| 565 | - } |
|
| 566 | - list($idp, $profile) = $evaluation; |
|
| 567 | - // tear apart the serial |
|
| 568 | - $serialRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
|
| 569 | - if ($serialRaw === FALSE) { |
|
| 570 | - exit(1); |
|
| 571 | - } |
|
| 572 | - $serial = explode(":", $serialRaw); |
|
| 573 | - $cert = new \core\SilverbulletCertificate($serial[1], $serial[0]); |
|
| 574 | - if ($cert->status == \core\SilverbulletCertificate::CERTSTATUS_INVALID) { |
|
| 575 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial not found."); |
|
| 576 | - } |
|
| 577 | - if ($cert->profileId != $profile->identifier) { |
|
| 578 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial does not belong to this profile."); |
|
| 579 | - } |
|
| 580 | - $annotationRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTANNOTATION); |
|
| 581 | - if ($annotationRaw === FALSE) { |
|
| 582 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Unable to extract annotation."); |
|
| 494 | + case \web\lib\admin\API::ACTION_TOKEN_REVOKE: |
|
| 495 | + $tokenRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_TOKEN); |
|
| 496 | + if ($tokenRaw === FALSE) { |
|
| 497 | + exit(1); |
|
| 498 | + } |
|
| 499 | + $token = new core\SilverbulletInvitation($tokenRaw); |
|
| 500 | + if ($token->invitationTokenStatus !== core\SilverbulletInvitation::SB_TOKENSTATUS_VALID && $token->invitationTokenStatus !== core\SilverbulletInvitation::SB_TOKENSTATUS_PARTIALLY_REDEEMED) { |
|
| 501 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "This is not a currently valid token."); |
|
| 502 | + exit(1); |
|
| 503 | + } |
|
| 504 | + $token->revokeInvitation(); |
|
| 505 | + $adminApi->returnSuccess([]); |
|
| 583 | 506 | break; |
| 584 | - } |
|
| 585 | - $annotation = json_decode($annotationRaw, TRUE); |
|
| 586 | - $cert->annotate($annotation); |
|
| 587 | - $adminApi->returnSuccess([]); |
|
| 588 | - |
|
| 589 | - break; |
|
| 590 | - case web\lib\admin\API::ACTION_STATISTICS_INST: |
|
| 591 | - $retArray = []; |
|
| 592 | - $idpIdentifier = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID); |
|
| 593 | - if ($idpIdentifier === FALSE) { |
|
| 594 | - throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
|
| 595 | - } else { |
|
| 596 | - try { |
|
| 597 | - $thisIdP = $validator->existingIdP($idpIdentifier, NULL, $fed); |
|
| 598 | - } catch (Exception $e) { |
|
| 599 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 507 | + case \web\lib\admin\API::ACTION_CERT_LIST: |
|
| 508 | + $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 509 | + $user_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_USERID); |
|
| 510 | + if ($prof_id === FALSE || !is_int($user_id)) { |
|
| 600 | 511 | exit(1); |
| 601 | 512 | } |
| 602 | - $retArray[$idpIdentifier] = []; |
|
| 603 | - foreach ($thisIdP->listProfiles() as $oneProfile) { |
|
| 604 | - $retArray[$idpIdentifier][$oneProfile->identifier] = $oneProfile->getUserDownloadStats(); |
|
| 513 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 514 | + if ($evaluation === FALSE) { |
|
| 515 | + exit(1); |
|
| 605 | 516 | } |
| 606 | - } |
|
| 607 | - $adminApi->returnSuccess($retArray); |
|
| 608 | - break; |
|
| 609 | - default: |
|
| 610 | - $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_ACTION, "Not implemented yet."); |
|
| 517 | + list($idp, $profile) = $evaluation; |
|
| 518 | + $invitations = $profile->userStatus($user_id); |
|
| 519 | + // now pull out cert information from the object |
|
| 520 | + $certs = []; |
|
| 521 | + foreach ($invitations as $oneInvitation) { |
|
| 522 | + $certs = array_merge($certs, $oneInvitation->associatedCertificates); |
|
| 523 | + } |
|
| 524 | + // extract relevant subset of information from cert objects |
|
| 525 | + $certDetails = []; |
|
| 526 | + foreach ($certs as $cert) { |
|
| 527 | + $certDetails[$cert->ca_type . ":" . $cert->serial] = ["ISSUED" => $cert->issued, "EXPIRY" => $cert->expiry, "STATUS" => $cert->status, "DEVICE" => $cert->device, "CN" => $cert->username, "ANNOTATION" => $cert->annotation]; |
|
| 528 | + } |
|
| 529 | + $adminApi->returnSuccess($certDetails); |
|
| 530 | + break; |
|
| 531 | + case \web\lib\admin\API::ACTION_CERT_REVOKE: |
|
| 532 | + $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 533 | + if ($prof_id === FALSE) { |
|
| 534 | + exit(1); |
|
| 535 | + } |
|
| 536 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 537 | + if ($evaluation === FALSE) { |
|
| 538 | + exit(1); |
|
| 539 | + } |
|
| 540 | + list($idp, $profile) = $evaluation; |
|
| 541 | + // tear apart the serial |
|
| 542 | + $serialRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
|
| 543 | + if ($serialRaw === FALSE) { |
|
| 544 | + exit(1); |
|
| 545 | + } |
|
| 546 | + $serial = explode(":", $serialRaw); |
|
| 547 | + $cert = new \core\SilverbulletCertificate($serial[1], $serial[0]); |
|
| 548 | + if ($cert->status == \core\SilverbulletCertificate::CERTSTATUS_INVALID) { |
|
| 549 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial not found."); |
|
| 550 | + } |
|
| 551 | + if ($cert->profileId != $profile->identifier) { |
|
| 552 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial does not belong to this profile."); |
|
| 553 | + } |
|
| 554 | + $cert->revokeCertificate(); |
|
| 555 | + $adminApi->returnSuccess([]); |
|
| 556 | + break; |
|
| 557 | + case \web\lib\admin\API::ACTION_CERT_ANNOTATE: |
|
| 558 | + $prof_id = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_PROFILE_ID); |
|
| 559 | + if ($prof_id === FALSE) { |
|
| 560 | + exit(1); |
|
| 561 | + } |
|
| 562 | + $evaluation = $adminApi->commonSbProfileChecks($fed, $prof_id); |
|
| 563 | + if ($evaluation === FALSE) { |
|
| 564 | + exit(1); |
|
| 565 | + } |
|
| 566 | + list($idp, $profile) = $evaluation; |
|
| 567 | + // tear apart the serial |
|
| 568 | + $serialRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTSERIAL); |
|
| 569 | + if ($serialRaw === FALSE) { |
|
| 570 | + exit(1); |
|
| 571 | + } |
|
| 572 | + $serial = explode(":", $serialRaw); |
|
| 573 | + $cert = new \core\SilverbulletCertificate($serial[1], $serial[0]); |
|
| 574 | + if ($cert->status == \core\SilverbulletCertificate::CERTSTATUS_INVALID) { |
|
| 575 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial not found."); |
|
| 576 | + } |
|
| 577 | + if ($cert->profileId != $profile->identifier) { |
|
| 578 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Serial does not belong to this profile."); |
|
| 579 | + } |
|
| 580 | + $annotationRaw = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_SB_CERTANNOTATION); |
|
| 581 | + if ($annotationRaw === FALSE) { |
|
| 582 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "Unable to extract annotation."); |
|
| 583 | + break; |
|
| 584 | + } |
|
| 585 | + $annotation = json_decode($annotationRaw, TRUE); |
|
| 586 | + $cert->annotate($annotation); |
|
| 587 | + $adminApi->returnSuccess([]); |
|
| 588 | + |
|
| 589 | + break; |
|
| 590 | + case web\lib\admin\API::ACTION_STATISTICS_INST: |
|
| 591 | + $retArray = []; |
|
| 592 | + $idpIdentifier = $adminApi->firstParameterInstance($scrubbedParameters, web\lib\admin\API::AUXATTRIB_CAT_INST_ID); |
|
| 593 | + if ($idpIdentifier === FALSE) { |
|
| 594 | + throw new Exception("A required parameter is missing, and this wasn't caught earlier?!"); |
|
| 595 | + } else { |
|
| 596 | + try { |
|
| 597 | + $thisIdP = $validator->existingIdP($idpIdentifier, NULL, $fed); |
|
| 598 | + } catch (Exception $e) { |
|
| 599 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_PARAMETER, "IdP identifier does not exist!"); |
|
| 600 | + exit(1); |
|
| 601 | + } |
|
| 602 | + $retArray[$idpIdentifier] = []; |
|
| 603 | + foreach ($thisIdP->listProfiles() as $oneProfile) { |
|
| 604 | + $retArray[$idpIdentifier][$oneProfile->identifier] = $oneProfile->getUserDownloadStats(); |
|
| 605 | + } |
|
| 606 | + } |
|
| 607 | + $adminApi->returnSuccess($retArray); |
|
| 608 | + break; |
|
| 609 | + default: |
|
| 610 | + $adminApi->returnError(web\lib\admin\API::ERROR_INVALID_ACTION, "Not implemented yet."); |
|
| 611 | 611 | } |
| 612 | 612 | \ No newline at end of file |
@@ -92,10 +92,10 @@ discard block |
||
| 92 | 92 | <NodeName>AAAServerTrustRoot</NodeName>'; |
| 93 | 93 | foreach ($this->attributes['internal:CAs'][0] as $oneCert) { |
| 94 | 94 | $retval .= '<Node> |
| 95 | - <NodeName>' . $oneCert['uuid'] . '</NodeName> |
|
| 95 | + <NodeName>' . $oneCert['uuid'].'</NodeName> |
|
| 96 | 96 | <Node> |
| 97 | 97 | <NodeName>CertSHA256Fingerprint</NodeName> |
| 98 | - <Value>' . $oneCert['sha256'] . '</Value> |
|
| 98 | + <Value>' . $oneCert['sha256'].'</Value> |
|
| 99 | 99 | </Node> |
| 100 | 100 | </Node> |
| 101 | 101 | '; |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | $now = new \DateTime(); |
| 115 | 115 | return '<Node> |
| 116 | 116 | <NodeName>CreationDate</NodeName> |
| 117 | - <Value>' . $now->format("Y-m-d") . "T" . $now->format("H:i:s") . "Z" . '</Value> |
|
| 117 | + <Value>' . $now->format("Y-m-d")."T".$now->format("H:i:s")."Z".'</Value> |
|
| 118 | 118 | </Node>'; |
| 119 | 119 | } |
| 120 | 120 | |
@@ -128,11 +128,11 @@ discard block |
||
| 128 | 128 | <NodeName>HomeSP</NodeName> |
| 129 | 129 | <Node> |
| 130 | 130 | <NodeName>FriendlyName</NodeName> |
| 131 | - <Value>' . sprintf(_("%s via Passpoint"), \config\ConfAssistant::CONSORTIUM['display_name']) . '</Value> |
|
| 131 | + <Value>' . sprintf(_("%s via Passpoint"), \config\ConfAssistant::CONSORTIUM['display_name']).'</Value> |
|
| 132 | 132 | </Node> |
| 133 | 133 | <Node> |
| 134 | 134 | <NodeName>FQDN</NodeName> |
| 135 | - <Value>' . $this->attributes['eap:server_name'][0] /* what, only one FQDN allowed? */ . '</Value> |
|
| 135 | + <Value>' . $this->attributes['eap:server_name'][0] /* what, only one FQDN allowed? */.'</Value> |
|
| 136 | 136 | </Node> |
| 137 | 137 | <Node> |
| 138 | 138 | <NodeName>RoamingConsortiumOI</NodeName> |
@@ -148,7 +148,7 @@ discard block |
||
| 148 | 148 | $oiList .= ","; |
| 149 | 149 | } |
| 150 | 150 | } |
| 151 | - $retval .= $oiList . '</Value> |
|
| 151 | + $retval .= $oiList.'</Value> |
|
| 152 | 152 | </Node> |
| 153 | 153 | </Node> |
| 154 | 154 | '; |
@@ -165,7 +165,7 @@ discard block |
||
| 165 | 165 | <NodeName>Credential</NodeName> |
| 166 | 166 | <Node> |
| 167 | 167 | <NodeName>Realm</NodeName> |
| 168 | - <Value>' . $this->attributes['internal:realm'][0] . '</Value> |
|
| 168 | + <Value>' . $this->attributes['internal:realm'][0].'</Value> |
|
| 169 | 169 | </Node>'; |
| 170 | 170 | /* the example file I got did not include CreationDate, so omit it |
| 171 | 171 | * |
@@ -180,7 +180,7 @@ discard block |
||
| 180 | 180 | </Node> |
| 181 | 181 | <Node> |
| 182 | 182 | <NodeName>CertSHA256Fingerprint</NodeName> |
| 183 | - <Value>' . strtoupper($this->clientCert["sha256"]) /* the actual cert has to go... where? */ . '</Value> |
|
| 183 | + <Value>' . strtoupper($this->clientCert["sha256"]) /* the actual cert has to go... where? */.'</Value> |
|
| 184 | 184 | </Node> |
| 185 | 185 | </Node> |
| 186 | 186 | </Node> |
@@ -298,7 +298,7 @@ discard block |
||
| 298 | 298 | // foresee signing. |
| 299 | 299 | // but if they ever change their mind, we are prepared |
| 300 | 300 | |
| 301 | - $outputFromSigning = system($this->sign . " installer_profile '$fileName' > /dev/null"); |
|
| 301 | + $outputFromSigning = system($this->sign." installer_profile '$fileName' > /dev/null"); |
|
| 302 | 302 | if ($outputFromSigning === FALSE) { |
| 303 | 303 | $this->loggerInstance->debug(2, "Signing the ONC installer $fileName FAILED!\n"); |
| 304 | 304 | } |
@@ -201,7 +201,7 @@ |
||
| 201 | 201 | } |
| 202 | 202 | |
| 203 | 203 | if (!empty($this->attributes['internal:realm'][0])) { |
| 204 | - $config['USER_REALM'] = $this->attributes['internal:realm'][0]; |
|
| 204 | + $config['USER_REALM'] = $this->attributes['internal:realm'][0]; |
|
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | if(!empty($this->attributes['internal:hint_userinput_suffix'][0]) && $this->attributes['internal:hint_userinput_suffix'][0] == 1) { |
@@ -203,8 +203,7 @@ |
||
| 203 | 203 | |
| 204 | 204 | if ($this->selectedEap == \core\common\EAP::EAPTYPE_TLS && isset($this->attributes['eap-specific:tls_use_other_id']) && $this->attributes['eap-specific:tls_use_other_id'][0] == 'on') { |
| 205 | 205 | $configRaw['USE_OTHER_TLS_ID'] = true; |
| 206 | - } |
|
| 207 | - else { |
|
| 206 | + } else { |
|
| 208 | 207 | $configRaw['USE_OTHER_TLS_ID'] = false; |
| 209 | 208 | } |
| 210 | 209 | |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | $installerPath = $this->installerBasename.".sh"; |
| 52 | 52 | $this->copyFile("eduroam_linux_main.sh", $installerPath); |
| 53 | 53 | |
| 54 | - if ( !file_exists($installerPath) ) { |
|
| 54 | + if (!file_exists($installerPath)) { |
|
| 55 | 55 | throw new Exception('File not found.'); |
| 56 | 56 | } |
| 57 | 57 | |
@@ -68,7 +68,7 @@ discard block |
||
| 68 | 68 | fwrite($installer, 'printf -v INIT_CONFIRMATION "$INIT_CONFIRMATION_TMP" "$ORGANISATION"'."\n\n"); |
| 69 | 69 | fwrite($installer, 'main "$@"; exit'."\n"); |
| 70 | 70 | } catch (Exception $e) { |
| 71 | - echo 'Error message: ' .$e->getMessage(); |
|
| 71 | + echo 'Error message: '.$e->getMessage(); |
|
| 72 | 72 | } finally { |
| 73 | 73 | fclose($installer); |
| 74 | 74 | return($installerPath); |
@@ -204,11 +204,11 @@ discard block |
||
| 204 | 204 | $config['USER_REALM'] = $this->attributes['internal:realm'][0]; |
| 205 | 205 | } |
| 206 | 206 | |
| 207 | - if(!empty($this->attributes['internal:hint_userinput_suffix'][0]) && $this->attributes['internal:hint_userinput_suffix'][0] == 1) { |
|
| 207 | + if (!empty($this->attributes['internal:hint_userinput_suffix'][0]) && $this->attributes['internal:hint_userinput_suffix'][0] == 1) { |
|
| 208 | 208 | $configRaw['HINT_USER_INPUT'] = true; |
| 209 | 209 | } |
| 210 | 210 | |
| 211 | - if(!empty($this->attributes['internal:verify_userinput_suffix'][0]) && $this->attributes['internal:verify_userinput_suffix'][0] == 1) { |
|
| 211 | + if (!empty($this->attributes['internal:verify_userinput_suffix'][0]) && $this->attributes['internal:verify_userinput_suffix'][0] == 1) { |
|
| 212 | 212 | $configRaw['VERIFY_USER_REALM_INPUT'] = true; |
| 213 | 213 | } else { |
| 214 | 214 | $configRaw['VERIFY_USER_REALM_INPUT'] = false; |
@@ -219,7 +219,7 @@ discard block |
||
| 219 | 219 | } |
| 220 | 220 | |
| 221 | 221 | foreach ($configRaw as $name => $value) { |
| 222 | - fwrite($file, $name ."=". $value."\n"); |
|
| 222 | + fwrite($file, $name."=".$value."\n"); |
|
| 223 | 223 | } |
| 224 | 224 | |
| 225 | 225 | if ($tou === '') { |
@@ -283,7 +283,7 @@ discard block |
||
| 283 | 283 | } |
| 284 | 284 | $out .= "'DNS:$oneServer'"; |
| 285 | 285 | } |
| 286 | - return "(".$out. ")"; |
|
| 286 | + return "(".$out.")"; |
|
| 287 | 287 | } |
| 288 | 288 | |
| 289 | 289 | /** |
@@ -323,7 +323,7 @@ discard block |
||
| 323 | 323 | * |
| 324 | 324 | * @return string |
| 325 | 325 | */ |
| 326 | - private function mkCAfile(){ |
|
| 326 | + private function mkCAfile() { |
|
| 327 | 327 | $out = ''; |
| 328 | 328 | $cAlist = $this->attributes['internal:CAs'][0]; |
| 329 | 329 | foreach ($cAlist as $oneCa) { |
@@ -339,7 +339,7 @@ discard block |
||
| 339 | 339 | */ |
| 340 | 340 | private function mkIntro() { |
| 341 | 341 | \core\common\Entity::intoThePotatoes(); |
| 342 | - $out = _("This installer has been prepared for %s").'\n\n'._("More information and comments:").'\n\nE-Mail: %s\nWWW: %s\n\n' . |
|
| 342 | + $out = _("This installer has been prepared for %s").'\n\n'._("More information and comments:").'\n\nE-Mail: %s\nWWW: %s\n\n'. |
|
| 343 | 343 | _("Installer created with software from the GEANT project."); |
| 344 | 344 | \core\common\Entity::outOfThePotatoes(); |
| 345 | 345 | return $out; |
