|
1
|
|
|
<?php |
|
2
|
|
|
/* |
|
3
|
|
|
* ***************************************************************************** |
|
4
|
|
|
* Contributions to this work were made on behalf of the GÉANT project, a |
|
5
|
|
|
* project that has received funding from the European Union’s Framework |
|
6
|
|
|
* Programme 7 under Grant Agreements No. 238875 (GN3) and No. 605243 (GN3plus), |
|
7
|
|
|
* Horizon 2020 research and innovation programme under Grant Agreements No. |
|
8
|
|
|
* 691567 (GN4-1) and No. 731122 (GN4-2). |
|
9
|
|
|
* On behalf of the aforementioned projects, GEANT Association is the sole owner |
|
10
|
|
|
* of the copyright in all material which was developed by a member of the GÉANT |
|
11
|
|
|
* project. GÉANT Vereniging (Association) is registered with the Chamber of |
|
12
|
|
|
* Commerce in Amsterdam with registration number 40535155 and operates in the |
|
13
|
|
|
* UK as a branch of GÉANT VerenrdStuiging. |
|
14
|
|
|
* |
|
15
|
|
|
* Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands. |
|
16
|
|
|
* UK branch address: City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK |
|
17
|
|
|
* |
|
18
|
|
|
* License: see the web/copyright.inc.php file in the file structure or |
|
19
|
|
|
* <base_url>/copyright.php after deploying the software |
|
20
|
|
|
*/ |
|
21
|
|
|
|
|
22
|
|
|
/** |
|
23
|
|
|
* This page is used to edit a RADIUS profile by its administrator. |
|
24
|
|
|
* |
|
25
|
|
|
* @author Stefan Winter <[email protected]> |
|
26
|
|
|
*/ |
|
27
|
|
|
?> |
|
28
|
|
|
<?php |
|
29
|
|
|
require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
30
|
|
|
|
|
31
|
|
|
$deco = new \web\lib\admin\PageDecoration(); |
|
32
|
|
|
$validator = new \web\lib\common\InputValidation(); |
|
33
|
|
|
$uiElements = new web\lib\admin\UIElements(); |
|
34
|
|
|
|
|
35
|
|
|
echo $deco->defaultPagePrelude(sprintf(_("%s: IdP Enrollment Wizard (Step 3)"), \config\Master::APPEARANCE['productname'])); |
|
36
|
|
|
$langInstance = new core\common\Language(); |
|
37
|
|
|
?> |
|
38
|
|
|
<script src="js/XHR.js" type="text/javascript"></script> |
|
39
|
|
|
<script src="js/option_expand.js" type="text/javascript"></script> |
|
40
|
|
|
|
|
41
|
|
|
<!-- JQuery --> |
|
42
|
|
|
<script type="text/javascript" src="../external/jquery/jquery-ui.js"></script> |
|
43
|
|
|
<link rel="stylesheet" type="text/css" href="../external/jquery/jquery-ui.css" /> |
|
44
|
|
|
<!-- EAP sorting code --> |
|
45
|
|
|
<script type="text/javascript" src="js/eapSorter.js"></script> |
|
46
|
|
|
<link rel='stylesheet' type='text/css' href='css/eapSorter.css.php' /> |
|
47
|
|
|
<!-- EAP sorting code end --> |
|
48
|
|
|
<script type="text/javascript" src="js/wizard.js"></script> |
|
49
|
|
|
<link rel='stylesheet' type='text/css' href='css/wizard.css.php' /> |
|
50
|
|
|
|
|
51
|
|
|
<?php |
|
52
|
|
|
// initialize inputs |
|
53
|
|
|
|
|
54
|
|
|
[$my_inst, $editMode] = $validator->existingIdPInt($_GET['inst_id'], $_SESSION['user']); |
|
55
|
|
|
|
|
56
|
|
|
if ($editMode == 'readonly') { |
|
57
|
|
|
print('<style>button.newoption {visibility: hidden}' |
|
58
|
|
|
. '#submitbutton {visibility: hidden} ' |
|
59
|
|
|
. 'button.delete {visibility: hidden} ' |
|
60
|
|
|
. 'input {pointer-events: none} ' |
|
61
|
|
|
. '.ui-sortable-handle {pointer-events: none}</style>'); |
|
62
|
|
|
} |
|
63
|
|
|
$fed = new \core\Federation($my_inst->federation); |
|
64
|
|
|
$anonLocal = "anonymous"; |
|
65
|
|
|
$useAnon = FALSE; |
|
66
|
|
|
$checkuserOuter = FALSE; |
|
67
|
|
|
$checkuserValue = "anonymous"; |
|
68
|
|
|
$verify = TRUE; // default to check the verify-realm box for new profiles |
|
69
|
|
|
$hint = FALSE; |
|
70
|
|
|
$realm = ""; |
|
71
|
|
|
$prefill_name = ""; |
|
72
|
|
|
$blacklisted = FALSE; |
|
73
|
|
|
$loggerInstance = new \core\common\Logging(); |
|
74
|
|
|
|
|
75
|
|
|
if (isset($_GET['profile_id'])) { // oh! We should edit an existing profile, not create a new one! |
|
76
|
|
|
$wizardStyle = FALSE; |
|
77
|
|
|
$my_profile = $validator->existingProfile($_GET['profile_id'], $my_inst->identifier); |
|
78
|
|
|
if (!$my_profile instanceof \core\ProfileRADIUS) { |
|
79
|
|
|
throw new Exception("This page is only for editing RADIUS profiles!"); |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
$useAnon = $my_profile->getAttributes("internal:use_anon_outer"); |
|
83
|
|
|
if (count($useAnon) > 0) { |
|
84
|
|
|
$useAnon = $useAnon[0]['value']; |
|
85
|
|
|
$anonLocal = $my_profile->getAttributes("internal:anon_local_value")[0]['value']; |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
$checkuserOuter = $my_profile->getAttributes("internal:checkuser_outer"); |
|
89
|
|
|
if (count($checkuserOuter) > 0) { |
|
90
|
|
|
$checkuserOuter = $checkuserOuter[0]['value']; |
|
91
|
|
|
$checkuserValue = $my_profile->getAttributes("internal:checkuser_value")[0]['value']; |
|
92
|
|
|
} |
|
93
|
|
|
|
|
94
|
|
|
$verify = $my_profile->getAttributes("internal:verify_userinput_suffix")[0]['value']; |
|
95
|
|
|
$hint = $my_profile->getAttributes("internal:hint_userinput_suffix")[0]['value']; |
|
96
|
|
|
$realm = $my_profile->getAttributes("internal:realm")[0]['value']; |
|
97
|
|
|
|
|
98
|
|
|
$prefill_name = $my_profile->name; |
|
99
|
|
|
$prefill_methods = $my_profile->getEapMethodsinOrderOfPreference(); |
|
100
|
|
|
$profile_options = $my_profile->getAttributes(); |
|
101
|
|
|
|
|
102
|
|
|
// is there a general redirect? it is one which have device = 0 |
|
103
|
|
|
$blacklistEntries = $my_profile->getAttributes("device-specific:redirect"); |
|
104
|
|
|
$blacklisted = FALSE; |
|
105
|
|
|
foreach ($blacklistEntries as $oneEntry) { |
|
106
|
|
|
if (!isset($oneEntry['device']) || $oneEntry['device'] === NULL) { // don't act on device-level redirects |
|
107
|
|
|
$blacklisted = $oneEntry['value']; |
|
108
|
|
|
} |
|
109
|
|
|
} |
|
110
|
|
|
} else { |
|
111
|
|
|
// $loggerInstance = new \core\common\Logging(); |
|
112
|
|
|
$wizardStyle = TRUE; |
|
113
|
|
|
$prefill_methods = []; |
|
114
|
|
|
$minting = $fed->getAttributes("fed:minted_ca_file"); |
|
115
|
|
|
$temp_profile = NULL; |
|
116
|
|
|
$profile_options = []; |
|
117
|
|
|
if (count($minting) > 0) { |
|
118
|
|
|
$temp_profile = $my_inst->newProfile(core\AbstractProfile::PROFILETYPE_RADIUS); |
|
119
|
|
|
foreach ($minting as $oneMint) { |
|
120
|
|
|
$temp_profile->addAttribute("eap:ca_file", $oneMint['lang'], base64_encode($oneMint['value'])); |
|
121
|
|
|
$my_profile = new \core\ProfileRADIUS($temp_profile->identifier); |
|
122
|
|
|
$profile_options = $my_profile->getAttributes(); |
|
123
|
|
|
} |
|
124
|
|
|
} |
|
125
|
|
|
if (isset($_POST['username_to_detect']) && isset($_POST['realm_to_detect'])) { |
|
126
|
|
|
$detectRealm = $validator->string($_POST['realm_to_detect']); |
|
127
|
|
|
$localname = $validator->string($_POST['username_to_detect']); |
|
128
|
|
|
$checker = new \core\diag\RADIUSTests($detectRealm, $localname); |
|
129
|
|
|
$detectionResult = $checker->autodetectCAWithProbe($localname . "@" . $detectRealm); |
|
130
|
|
|
$loggerInstance->debug(2, "CA Auto-Detection yields:"); |
|
131
|
|
|
$loggerInstance->debug(2, $detectionResult); |
|
132
|
|
|
if ($detectionResult['ROOT_CA'] !== NULL) { // we are lucky! |
|
133
|
|
|
$temp_profile = $my_inst->newProfile(core\AbstractProfile::PROFILETYPE_RADIUS); |
|
134
|
|
|
$temp_profile->addAttribute("eap:ca_file", "C", base64_encode($detectionResult['ROOT_CA'])); |
|
135
|
|
|
$temp_profile->addAttribute("eap:server_name", "C", $detectionResult['NAME']); |
|
136
|
|
|
$temp_profile->setRealm($detectRealm); |
|
137
|
|
|
// We have created a RADIUS profile, not SilverBullet, so that function is guaranteed to exist |
|
138
|
|
|
$temp_profile/** @scrutinizer ignore-call */->setRealmCheckUser(TRUE, $localname); |
|
|
|
|
|
|
139
|
|
|
$my_profile = new \core\ProfileRADIUS($temp_profile->identifier); |
|
140
|
|
|
$profile_options = $my_profile->getAttributes(); |
|
141
|
|
|
$realm = $my_profile->getAttributes("internal:realm")[0]['value']; |
|
142
|
|
|
$checkuserOuter = TRUE; |
|
143
|
|
|
$checkuserValue = $my_profile->getAttributes("internal:checkuser_value")[0]['value']; |
|
144
|
|
|
} |
|
145
|
|
|
} |
|
146
|
|
|
if ($temp_profile !== NULL) { |
|
147
|
|
|
} |
|
148
|
|
|
} |
|
149
|
|
|
$wizard = new \web\lib\admin\Wizard($wizardStyle); |
|
150
|
|
|
$wizard->setMessages(); |
|
151
|
|
|
?> |
|
152
|
|
|
</head> |
|
153
|
|
|
<body> |
|
154
|
|
|
<?php |
|
155
|
|
|
echo $deco->productheader("ADMIN-IDP"); |
|
156
|
|
|
?> |
|
157
|
|
|
<div id="wizard_help_window"><img id="wizard_menu_close" src="../resources/images/icons/button_cancel.png" ALT="Close"/><div></div></div> |
|
158
|
|
|
<h1> |
|
159
|
|
|
<?php |
|
160
|
|
|
if ($wizardStyle) { |
|
161
|
|
|
echo _("Step 3: Defining a user group profile"); |
|
162
|
|
|
} else { |
|
163
|
|
|
if ($editMode == 'fullaccess') { |
|
164
|
|
|
printf(_("Edit profile '%s' ..."), $prefill_name); |
|
165
|
|
|
} else { |
|
166
|
|
|
printf(_("View profile '%s' ..."), $prefill_name); |
|
167
|
|
|
} |
|
168
|
|
|
} |
|
169
|
|
|
?> |
|
170
|
|
|
</h1> |
|
171
|
|
|
<?php |
|
172
|
|
|
echo $uiElements->instLevelInfoBoxes($my_inst); |
|
173
|
|
|
|
|
174
|
|
|
echo "<form enctype='multipart/form-data' action='edit_profile_result.php?inst_id=$my_inst->identifier" . ($my_profile !== NULL ? "&profile_id=" . $my_profile->identifier : "") . "' method='post' accept-charset='UTF-8'> |
|
175
|
|
|
<input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE . "'>"; |
|
176
|
|
|
$optionDisplay = new \web\lib\admin\OptionDisplay($profile_options, \core\Options::LEVEL_PROFILE); |
|
177
|
|
|
?> |
|
178
|
|
|
<fieldset class="option_container"> |
|
179
|
|
|
<legend> |
|
180
|
|
|
<strong><?php echo _("General Profile properties"); ?></strong> |
|
181
|
|
|
</legend> |
|
182
|
|
|
<?php |
|
183
|
|
|
if ($wizardStyle) { |
|
184
|
|
|
echo "<p>" . _("We will now define a profile for your user group(s). You can add as many profiles as you like by choosing the appropriate button on the end of the page. After we are done, the wizard is finished and you will be taken to the main IdP administration page.") . "</p>"; |
|
185
|
|
|
} |
|
186
|
|
|
?> |
|
187
|
|
|
<h3><?php echo _("Profile Name and RADIUS realm"); ?> |
|
188
|
|
|
</h3> |
|
189
|
|
|
<?php |
|
190
|
|
|
echo $wizard->displayHelp("profile"); |
|
191
|
|
|
echo $optionDisplay->prefilledOptionTable("profile", $my_inst->federation); |
|
192
|
|
|
?> |
|
193
|
|
|
<button type='button' class='newoption' onclick='getXML("profile", "<?php echo $my_inst->federation ?>")'><?php echo _("Add new option"); ?></button> |
|
194
|
|
|
<table> |
|
195
|
|
|
<caption><?php echo _("Basic Realm Information"); ?></caption> |
|
196
|
|
|
<tr> |
|
197
|
|
|
<th class="wai-invisible" scope="col"><?php echo _("Realm:"); ?></th> |
|
198
|
|
|
<th class="wai-invisible" scope="col"><?php echo _("Realm input field"); ?></th> |
|
199
|
|
|
</tr> |
|
200
|
|
|
<?php |
|
201
|
|
|
?> |
|
202
|
|
|
<tr> |
|
203
|
|
|
<td> |
|
204
|
|
|
<label for="realm"> |
|
205
|
|
|
<?php echo _("Realm:"); ?> |
|
206
|
|
|
</label> |
|
207
|
|
|
</td> |
|
208
|
|
|
<td> |
|
209
|
|
|
<?php echo "<input id='realm' name='realm' value='$realm' onkeyup=' |
|
210
|
|
|
if (this.value.length > 0) |
|
211
|
|
|
{ this.form.elements[\"anon_support\"].removeAttribute(\"disabled\"); |
|
212
|
|
|
document.getElementById(\"anon_support_label\").removeAttribute(\"style\"); |
|
213
|
|
|
this.form.elements[\"checkuser_support\"].removeAttribute(\"disabled\"); |
|
214
|
|
|
|
|
215
|
|
|
this.form.elements[\"verify_support\"].removeAttribute(\"disabled\"); |
|
216
|
|
|
document.getElementById(\"checkuser_label\").removeAttribute(\"style\"); |
|
217
|
|
|
document.getElementById(\"verify_label\").removeAttribute(\"style\"); |
|
218
|
|
|
document.getElementById(\"hint_label\").removeAttribute(\"style\"); |
|
219
|
|
|
document.getElementById(\"verify_label\").removeAttribute(\"style\"); |
|
220
|
|
|
|
|
221
|
|
|
} else |
|
222
|
|
|
{ this.form.elements[\"anon_support\"].checked = false; |
|
223
|
|
|
this.form.elements[\"anon_support\"].setAttribute(\"disabled\", \"disabled\"); |
|
224
|
|
|
this.form.elements[\"anon_local\"].setAttribute(\"disabled\", \"disabled\"); |
|
225
|
|
|
document.getElementById(\"anon_support_label\").setAttribute(\"style\", \"color:#999999\"); |
|
226
|
|
|
this.form.elements[\"verify_support\"].checked = false; |
|
227
|
|
|
this.form.elements[\"verify_support\"].setAttribute(\"disabled\", \"disabled\"); |
|
228
|
|
|
this.form.elements[\"checkuser_support\"].checked = false; |
|
229
|
|
|
this.form.elements[\"checkuser_support\"].setAttribute(\"disabled\", \"disabled\"); |
|
230
|
|
|
this.form.elements[\"checkuser_local\"].setAttribute(\"disabled\", \"disabled\"); |
|
231
|
|
|
document.getElementById(\"checkuser_label\").setAttribute(\"style\", \"color:#999999\"); |
|
232
|
|
|
this.form.elements[\"hint_support\"].checked = false; |
|
233
|
|
|
this.form.elements[\"hint_support\"].setAttribute(\"disabled\", \"disabled\"); |
|
234
|
|
|
document.getElementById(\"verify_label\").setAttribute(\"style\", \"color:#999999\"); |
|
235
|
|
|
document.getElementById(\"hint_label\").setAttribute(\"style\", \"color:#999999\"); |
|
236
|
|
|
};'/>"; ?> |
|
237
|
|
|
</td> |
|
238
|
|
|
</tr> |
|
239
|
|
|
</table> |
|
240
|
|
|
<h3><?php echo _("Realm Options"); ?></h3> |
|
241
|
|
|
|
|
242
|
|
|
<?php |
|
243
|
|
|
echo $wizard->displayHelp("realm"); |
|
244
|
|
|
?> |
|
245
|
|
|
<p> |
|
246
|
|
|
|
|
247
|
|
|
|
|
248
|
|
|
<!-- UI table to align elements--> |
|
249
|
|
|
<table> |
|
250
|
|
|
<caption><?php echo _("Username Handling Options"); ?></caption> |
|
251
|
|
|
<tr> |
|
252
|
|
|
<th class="wai-invisible" scope="col"><?php echo _("Option name"); ?></th> |
|
253
|
|
|
<th class="wai-invisible" scope="col"><?php echo _("Option checkbox"); ?></th> |
|
254
|
|
|
</tr> |
|
255
|
|
|
<tr> |
|
256
|
|
|
<th colspan="2" style="text-align: left;"><?php echo _("Outer Identity Handling"); ?></th> |
|
257
|
|
|
</tr> |
|
258
|
|
|
<tr> |
|
259
|
|
|
<!-- checkbox and input field for anonymity support, available only when realm is known--> |
|
260
|
|
|
<td> |
|
261
|
|
|
<span id='anon_support_label' style='<?php echo ($realm == "" ? "color:#999999" : "" ); ?>'> |
|
262
|
|
|
<?php echo _("Enable Anonymous Outer Identity:"); ?> |
|
263
|
|
|
</span> |
|
264
|
|
|
</td> |
|
265
|
|
|
<td> |
|
266
|
|
|
<input type='checkbox' <?php echo ($useAnon != FALSE ? "checked" : "" ) . ($realm == "" ? " disabled" : "" ); ?> name='anon_support' onclick=' |
|
267
|
|
|
if (this.form.elements["anon_support"].checked !== true) { |
|
268
|
|
|
this.form.elements["anon_local"].setAttribute("disabled", "disabled"); |
|
269
|
|
|
} else { |
|
270
|
|
|
this.form.elements["anon_local"].removeAttribute("disabled"); |
|
271
|
|
|
} |
|
272
|
|
|
;'/> |
|
273
|
|
|
<input type='text' <?php echo ($useAnon == FALSE ? "disabled" : "" ); ?> name='anon_local' value='<?php echo $anonLocal; ?>'/> |
|
274
|
|
|
</td> |
|
275
|
|
|
</tr> |
|
276
|
|
|
<tr> |
|
277
|
|
|
<!-- checkbox and input field for check realm outer id, available only when realm is known--> |
|
278
|
|
|
<td> |
|
279
|
|
|
<span id='checkuser_label' style='<?php echo ($realm == "" ? "color:#999999" : "" ); ?>'> |
|
280
|
|
|
<?php echo _("Use special Outer Identity for realm checks:"); ?> |
|
281
|
|
|
</span> |
|
282
|
|
|
</td> |
|
283
|
|
|
<td> |
|
284
|
|
|
<input type='checkbox' <?php echo ($checkuserOuter != FALSE ? "checked" : "" ) . ($realm == "" ? " disabled" : "" ); ?> name='checkuser_support' onclick=' |
|
285
|
|
|
if (this.form.elements["checkuser_support"].checked !== true) { |
|
286
|
|
|
this.form.elements["checkuser_local"].setAttribute("disabled", "disabled"); |
|
287
|
|
|
} else { |
|
288
|
|
|
this.form.elements["checkuser_local"].removeAttribute("disabled"); |
|
289
|
|
|
} |
|
290
|
|
|
;'/> |
|
291
|
|
|
<input type='text' <?php echo ($checkuserOuter == FALSE ? "disabled" : "" ); ?> name='checkuser_local' value='<?php echo $checkuserValue; ?>'/> |
|
292
|
|
|
</td> |
|
293
|
|
|
</tr> |
|
294
|
|
|
<tr> |
|
295
|
|
|
<th colspan="2" style="border-top: 2px solid; text-align: left;"><?php echo _("Inner Identity (Username) Handling"); ?></th> |
|
296
|
|
|
</tr> |
|
297
|
|
|
<tr> |
|
298
|
|
|
<!-- checkbox for "verify--> |
|
299
|
|
|
<td> |
|
300
|
|
|
<span id='verify_label'> |
|
301
|
|
|
<?php echo _("Enforce realm suffix in username"); ?> |
|
302
|
|
|
</span> |
|
303
|
|
|
</td> |
|
304
|
|
|
<td> |
|
305
|
|
|
<input type='checkbox' <?php |
|
306
|
|
|
echo ($verify != FALSE ? "checked" : "" ); |
|
307
|
|
|
?> name='verify_support' onclick=' |
|
308
|
|
|
if (this.form.elements["verify_support"].checked !== true || this.form.elements["realm"].value.length == 0) { |
|
309
|
|
|
this.form.elements["hint_support"].setAttribute("disabled", "disabled"); |
|
310
|
|
|
} else { |
|
311
|
|
|
this.form.elements["hint_support"].removeAttribute("disabled"); |
|
312
|
|
|
} |
|
313
|
|
|
;'/> |
|
314
|
|
|
</td> |
|
315
|
|
|
</tr> |
|
316
|
|
|
<tr> |
|
317
|
|
|
<td> |
|
318
|
|
|
<span id='hint_label' style='<?php echo ($realm == "" ? "color:#999999" : "" ); ?>'> |
|
319
|
|
|
<?php echo _("Enforce exact realm in username"); ?> |
|
320
|
|
|
</span> |
|
321
|
|
|
</td> |
|
322
|
|
|
<td> |
|
323
|
|
|
<input type='checkbox' <?php echo ($verify == FALSE ? "disabled" : "" ); ?> name='hint_support' <?php echo ( $hint != FALSE ? "checked" : "" ); ?> /> |
|
324
|
|
|
</td> |
|
325
|
|
|
</tr> |
|
326
|
|
|
</table> |
|
327
|
|
|
</p> |
|
328
|
|
|
|
|
329
|
|
|
<h3><?php echo _("Installer Download Location"); ?></h3> |
|
330
|
|
|
|
|
331
|
|
|
<?php |
|
332
|
|
|
echo $wizard->displayHelp("redirect"); |
|
333
|
|
|
?> |
|
334
|
|
|
<p> |
|
335
|
|
|
|
|
336
|
|
|
<?php |
|
337
|
|
|
echo "<span id='redirect_label' style='" . ($realm == "" ? "color:#999999" : "" ) . "'><label for='redirect'>" . _("Redirect end users to own web page:") . "</label></span> |
|
338
|
|
|
<input type='checkbox' name='redirect' id='redirect' " . ($blacklisted === FALSE ? "" : "checked " ) . "onclick=' |
|
339
|
|
|
if (this.form.elements[\"redirect\"].checked != true) { |
|
340
|
|
|
this.form.elements[\"redirect_target\"].setAttribute(\"disabled\", \"disabled\"); |
|
341
|
|
|
} else { |
|
342
|
|
|
this.form.elements[\"redirect_target\"].removeAttribute(\"disabled\"); |
|
343
|
|
|
};'/> |
|
344
|
|
|
<input type='text' name='redirect_target' " . ($blacklisted !== FALSE ? "value='$blacklisted'" : "disabled" ) . "/>"; |
|
345
|
|
|
?> |
|
346
|
|
|
</p> |
|
347
|
|
|
|
|
348
|
|
|
</fieldset> |
|
349
|
|
|
<fieldset class="option_container"> |
|
350
|
|
|
<legend><strong><?php echo _("Supported EAP types"); ?></strong></legend> |
|
351
|
|
|
<?php |
|
352
|
|
|
echo $wizard->displayHelp("eap_support"); |
|
353
|
|
|
?> |
|
354
|
|
|
<?php |
|
355
|
|
|
$methods = \core\common\EAP::listKnownEAPTypes(); |
|
356
|
|
|
?> |
|
357
|
|
|
|
|
358
|
|
|
<?php |
|
359
|
|
|
// new EAP sorting code |
|
360
|
|
|
|
|
361
|
|
|
foreach ($methods as $a) { |
|
362
|
|
|
$display = $a->getPrintableRep(); |
|
363
|
|
|
$enabled = FALSE; |
|
364
|
|
|
foreach ($prefill_methods as $prio => $value) { |
|
365
|
|
|
if ($a->getPrintableRep() == $value->getPrintableRep()) { |
|
366
|
|
|
$enabled = TRUE; |
|
367
|
|
|
$countactive = $prio + 1; |
|
368
|
|
|
} |
|
369
|
|
|
} |
|
370
|
|
|
} |
|
371
|
|
|
?> |
|
372
|
|
|
<div> |
|
373
|
|
|
<table style="border:none"> |
|
374
|
|
|
<caption><?php echo _("EAP type support"); ?></caption> |
|
375
|
|
|
<tr> |
|
376
|
|
|
<th scope="row_id" style="vertical-align:top; padding:1em"> |
|
377
|
|
|
<?php echo _('Supported EAP types for this profile'); ?> |
|
378
|
|
|
</th> |
|
379
|
|
|
<td id="supported_eap"> |
|
380
|
|
|
<ol id="sortable1" class="eapmethods"> |
|
381
|
|
|
<?php |
|
382
|
|
|
$D = []; |
|
383
|
|
|
foreach ($prefill_methods as $prio => $value) { |
|
384
|
|
|
print '<li>' . $value->getPrintableRep() . "</li>\n"; |
|
385
|
|
|
$D[$value->getPrintableRep()] = $prio; |
|
386
|
|
|
} |
|
387
|
|
|
?> |
|
388
|
|
|
</ol> |
|
389
|
|
|
</td> |
|
390
|
|
|
<td rowspan=3 style="text-align:center; width:12em; padding:1em"> |
|
391
|
|
|
<?php echo _('Use "drag & drop" to mark an EAP method and move it to the supported (green) area. Prioritisation is done automatically, depending on where you "drop" the method.'); ?> |
|
392
|
|
|
</td> |
|
393
|
|
|
</tr> |
|
394
|
|
|
<tr id="eap_bottom_row"> |
|
395
|
|
|
<td colspan="2"> </td> |
|
396
|
|
|
</tr> |
|
397
|
|
|
<tr> |
|
398
|
|
|
<th scope="row_id" style="vertical-align:top; padding:1em"> |
|
399
|
|
|
<?php echo _('Unsupported EAP types'); ?> |
|
400
|
|
|
</th> |
|
401
|
|
|
<td style="vertical-align:top" id="unsupported_eap"> |
|
402
|
|
|
<ol id="sortable2" class="eapmethods"> |
|
403
|
|
|
<?php |
|
404
|
|
|
foreach ($methods as $a) { |
|
405
|
|
|
if ($a == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
|
406
|
|
|
continue; |
|
407
|
|
|
} |
|
408
|
|
|
$display = $a->getPrintableRep(); |
|
409
|
|
|
if (!isset($D[$a->getPrintableRep()])) { |
|
410
|
|
|
print '<li class="eap1">' . $a->getPrintableRep() . "</li>\n"; |
|
411
|
|
|
} |
|
412
|
|
|
} |
|
413
|
|
|
?> |
|
414
|
|
|
</ol> |
|
415
|
|
|
</td> |
|
416
|
|
|
</tr> |
|
417
|
|
|
</table> |
|
418
|
|
|
</div> |
|
419
|
|
|
<?php |
|
420
|
|
|
foreach ($methods as $a) { |
|
421
|
|
|
$display = $a->getPrintableRep(); |
|
422
|
|
|
$v = isset($D[$display]) ? $D[$display] : ''; |
|
423
|
|
|
print '<input type="hidden" class="eapm" name="' . $display . '" id="EAP-' . $display . '" value="' . $display . '">'; |
|
424
|
|
|
print '<input type="hidden" class="eapmv" name="' . $display . '-priority" id="EAP-' . $display . '-priority" value="' . $v . '">'; |
|
425
|
|
|
} |
|
426
|
|
|
?> |
|
427
|
|
|
<br style="clear:both;" /> |
|
428
|
|
|
</fieldset> |
|
429
|
|
|
<?php |
|
430
|
|
|
$idp_options = $my_inst->getAttributes(); |
|
431
|
|
|
|
|
432
|
|
|
$optionsAlreadySet = array_column($idp_options, "name"); |
|
433
|
|
|
|
|
434
|
|
|
$has_support_options = []; |
|
435
|
|
|
$has_media_options = []; |
|
436
|
|
|
$has_eap_options = []; |
|
437
|
|
|
$support_text = ""; |
|
438
|
|
|
$media_text = ""; |
|
439
|
|
|
$eap_text = ""; |
|
440
|
|
|
|
|
441
|
|
|
foreach ($optionsAlreadySet as $optionNames) { |
|
442
|
|
|
if (preg_match("/^support:/", $optionNames)) { |
|
443
|
|
|
$has_support_options[$optionNames] = "SET"; |
|
444
|
|
|
$support_text .= "<li><strong>" . $uiElements->displayName($optionNames) . "</strong></li>"; |
|
445
|
|
|
} |
|
446
|
|
|
if (preg_match("/^media:/", $optionNames)) { |
|
447
|
|
|
$has_media_options[$optionNames] = "SET"; |
|
448
|
|
|
$media_text .= "<li><strong>" . $uiElements->displayName($optionNames) . "</strong></li>"; |
|
449
|
|
|
} |
|
450
|
|
|
} |
|
451
|
|
|
$fields = [ |
|
452
|
|
|
"support" => _("Helpdesk Details for this profile"), |
|
453
|
|
|
"eap" => _("EAP Details for this profile"), |
|
454
|
|
|
"media" => _("Media Properties for this profile")]; |
|
455
|
|
|
|
|
456
|
|
|
foreach ($fields as $name => $description) { |
|
457
|
|
|
echo "<fieldset class='option_container' id='" . $name . "_override'> |
|
458
|
|
|
<legend><strong>$description</strong></legend> |
|
459
|
|
|
<p>"; |
|
460
|
|
|
echo $wizard->displayHelp($name); |
|
461
|
|
|
if (count(${"has_" . $name . "_options"}) > 0) { |
|
462
|
|
|
printf(ngettext("The option %s is already defined IdP-wide. If you set it here on profile level, this setting will override the IdP-wide one.", "The options %s are already defined IdP-wide. If you set them here on profile level, these settings will override the IdP-wide ones.", count(${"has_" . $name . "_options"})), "<ul>" . ${$name . "_text"} . "</ul>"); |
|
463
|
|
|
} |
|
464
|
|
|
echo "</p>"; |
|
465
|
|
|
echo $optionDisplay->prefilledOptionTable($name, $my_inst->federation); |
|
466
|
|
|
?> |
|
467
|
|
|
<button type='button' class='newoption' onclick='getXML("<?php echo $name ?>", "<?php echo $my_inst->federation ?>")'><?php echo _("Add new option"); ?></button> |
|
468
|
|
|
<?php |
|
469
|
|
|
echo "</fieldset>"; |
|
470
|
|
|
} |
|
471
|
|
|
if ($wizardStyle) { |
|
472
|
|
|
echo "<p>" . _("When you are sure that everything is correct, please click on 'Save data' and you will be taken to your IdP Dashboard page.") . "</p>"; |
|
473
|
|
|
} |
|
474
|
|
|
if ($editMode == 'readonly') { |
|
475
|
|
|
$discardLabel = _("Return"); |
|
476
|
|
|
} |
|
477
|
|
|
if ($editMode == 'fullaccess') { |
|
478
|
|
|
$discardLabel = _("Discard changes"); |
|
479
|
|
|
} |
|
480
|
|
|
echo "<p><button type='submit' id='submitbutton' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button><button type='button' class='delete' id=='abortbutton' style='visibility: visible' value='abort' onclick='javascript:window.location = \"overview_org.php?inst_id=$my_inst->identifier\"'>".$discardLabel."</button></p></form>"; |
|
481
|
|
|
echo $deco->footer(); |
|
482
|
|
|
|
|
483
|
|
|
|
GEANT /
CAT
Stefan Winter
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.
This is most likely a typographical error or the method has been renamed.