Permalink
Browse files

Initial Commit of AAD examples in PHP

  • Loading branch information...
1 parent 34bd4ab commit a0d85f61df6762e1d87c3b37cf2038ea18516da1 Brandon Werner committed Jul 10, 2012
Showing with 1,480 additions and 0 deletions.
  1. +22 −0 .gitattributes
  2. +163 −0 .gitignore
  3. +4 −0 WAAD.WebSSO.PHP/README.md
  4. +44 −0 WAAD.WebSSO.PHP/README.txt
  5. +61 −0 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/GetOrgIdSPN.cs
  6. +28 −0 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/GetOrgIdSPNResult.cs
  7. +67 −0 ...O.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Microsoft.Samples.Waad.PS.csproj
  8. +36 −0 ....WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Properties/AssemblyInfo.cs
  9. +214 −0 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Settings.StyleCop
  10. +2 −0 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
  11. +41 −0 WAAD.WebSSO.PHP/php/code/libraries/federation/Claim.php
  12. +67 −0 WAAD.WebSSO.PHP/php/code/libraries/federation/FederatedConfiguration.php
  13. +142 −0 WAAD.WebSSO.PHP/php/code/libraries/federation/FederatedLoginManager.php
  14. +52 −0 WAAD.WebSSO.PHP/php/code/libraries/federation/FederatedPrincipal.php
  15. +27 −0 WAAD.WebSSO.PHP/php/code/libraries/federation/IFederatedAuthenticationObserver.php
  16. +175 −0 WAAD.WebSSO.PHP/php/code/libraries/federation/Saml2TokenValidator.php
  17. +48 −0 WAAD.WebSSO.PHP/php/code/libraries/waad-federation/ConfigurableFederatedLoginManager.php
  18. +43 −0 WAAD.WebSSO.PHP/php/code/libraries/waad-federation/TrustedIssuer.php
  19. +71 −0 WAAD.WebSSO.PHP/php/code/libraries/waad-federation/TrustedIssuersRepository.php
  20. +1 −0 WAAD.WebSSO.PHP/php/code/samples/.gitignore
  21. +6 −0 WAAD.WebSSO.PHP/php/code/samples/phpSample/federation.ini
  22. +44 −0 WAAD.WebSSO.PHP/php/code/samples/phpSample/index.php
  23. +49 −0 WAAD.WebSSO.PHP/php/code/samples/phpSample/login.php
  24. +50 −0 WAAD.WebSSO.PHP/php/code/samples/phpSample/secureResource.php
  25. +7 −0 WAAD.WebSSO.PHP/php/code/samples/phpSample/trustedIssuers.xml
  26. BIN WAAD.WebSSO.PHP/php/docs/Web SignOn with WAAD - PHP sample.docx
  27. +16 −0 WAAD.WebSSO.PHP/php/scripts/If your dll is missing-read this.txt
  28. BIN WAAD.WebSSO.PHP/php/scripts/Microsoft.Samples.Waad.PS.lnk
View
22 .gitattributes
@@ -0,0 +1,22 @@
+# Auto detect text files and perform LF normalization
+* text=auto
+
+# Custom for Visual Studio
+*.cs diff=csharp
+*.sln merge=union
+*.csproj merge=union
+*.vbproj merge=union
+*.fsproj merge=union
+*.dbproj merge=union
+
+# Standard to msysgit
+*.doc diff=astextplain
+*.DOC diff=astextplain
+*.docx diff=astextplain
+*.DOCX diff=astextplain
+*.dot diff=astextplain
+*.DOT diff=astextplain
+*.pdf diff=astextplain
+*.PDF diff=astextplain
+*.rtf diff=astextplain
+*.RTF diff=astextplain
View
163 .gitignore
@@ -0,0 +1,163 @@
+#################
+## Eclipse
+#################
+
+*.pydevproject
+.project
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.classpath
+.settings/
+.loadpath
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# CDT-specific
+.cproject
+
+# PDT-specific
+.buildpath
+
+
+#################
+## Visual Studio
+#################
+
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+
+# User-specific files
+*.suo
+*.user
+*.sln.docstates
+
+# Build results
+[Dd]ebug/
+[Rr]elease/
+*_i.c
+*_p.c
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.vspscc
+.builds
+*.dotCover
+
+## TODO: If you have NuGet Package Restore enabled, uncomment this
+#packages/
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opensdf
+*.sdf
+
+# Visual Studio profiler
+*.psess
+*.vsp
+
+# ReSharper is a .NET coding add-in
+_ReSharper*
+
+# Installshield output folder
+[Ee]xpress
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish
+
+# Others
+[Bb]in
+[Oo]bj
+sql
+TestResults
+*.Cache
+ClientBin
+stylecop.*
+~$*
+*.dbmdl
+Generated_Code #added for RIA/Silverlight projects
+
+# Backup & report files from converting an old project file to a newer
+# Visual Studio version. Backup files are not needed, because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+
+
+
+############
+## Windows
+############
+
+# Windows image file caches
+Thumbs.db
+
+# Folder config file
+Desktop.ini
+
+
+#############
+## Python
+#############
+
+*.py[co]
+
+# Packages
+*.egg
+*.egg-info
+dist
+build
+eggs
+parts
+bin
+var
+sdist
+develop-eggs
+.installed.cfg
+
+# Installer logs
+pip-log.txt
+
+# Unit test / coverage reports
+.coverage
+.tox
+
+#Translations
+*.mo
+
+#Mr Developer
+.mr.developer.cfg
+
+# Mac crap
+.DS_Store
View
4 WAAD.WebSSO.PHP/README.md
@@ -0,0 +1,4 @@
+azure-sdk-for-php-samples
+=========================
+
+PHP Sample for articles on windowsazure.com
View
44 WAAD.WebSSO.PHP/README.txt
@@ -0,0 +1,44 @@
+
+IMPORTANT STEPS BEFORE USING THIS SAMPLE:
+
+********************************************************************
+
+STEP 1: Compile the Microsft.Samples.Waad.PS.dll from command line
+
+********************************************************************
+
+In order to use this example correctly, you will need to built the PowerShell DLL to provide the correct loading of the Microsoft.Samples.Waad.PS linka as referred to in the documentation.
+
+The source for this DLL is included under %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS
+
+You may either load this in to Visual Studio 2008 / 2010 and build, or you may use the included script as follows:
+
+%ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
+
+It's a simple MSBuild script that will run the default MSBuild with DEBUG configuration and copy the correct .dll in to the \java\
+scripts\ directory
+
+********************************************************************
+
+STEP 2: Download the simpleSAMLphp library
+
+********************************************************************
+
+ SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. The project is led by UNINETT, has a large user base, a helpful user community and a large set of external contributors.
+
+SimpleSAMLphp is having a main focus on providing support for:
+ •SAML 2.0 as a Service Provider.
+ •SAML 2.0 as a Identity Provider.
+
+But also supports some other identity protocols, such as Shibboleth 1.3, A-Select, CAS, OpenID, WS-Federation and OAuth.
+
+You can download this by going to: http://simplesamlphp.org/
+
+and including the base install underneath the root directory such as:
+
+%ROOT/simplesamlphp
+
+
+
+Enjoy!
+
View
61 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/GetOrgIdSPN.cs
@@ -0,0 +1,61 @@
+namespace Microsoft.Samples.Waad.PS
+{
+ using System;
+ using System.Management.Automation;
+ using System.Xml;
+
+ [Cmdlet(VerbsCommon.Get, "OrgIdConfig")]
+ public class GetOrgIdSpn : PSCmdlet
+ {
+ private const string FederationMetadata = "https://accounts.accesscontrol.windows.net/FederationMetadata/2007-06/FederationMetadata.xml?realm={0}";
+ private const string EntityDescriptor = "EntityDescriptor";
+ private const string EntityId = "entityID";
+
+ [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "default", HelpMessage = "The Application Principal Identifier returned when registering a new principal.")]
+ [ValidateNotNullOrEmpty]
+ public string AppPrincipalId { get; set; }
+
+ [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "default", HelpMessage = "The Application Domain used when registering a new principal.")]
+ [ValidateNotNullOrEmpty]
+ public string ApplicationDomain { get; set; }
+
+ protected override void ProcessRecord()
+ {
+ try
+ {
+ base.ProcessRecord();
+
+ var result = this.GetSpn();
+
+ Console.Write("\nAdd the following issuer entry to the XML file");
+ Console.Write("\n==============================================");
+ Console.Write('\n' + result.ToString() + "\n\n");
+ }
+ catch (Exception ex)
+ {
+ WriteError(new ErrorRecord(ex, string.Empty, ErrorCategory.CloseError, null));
+ }
+ }
+
+ private GetOrgIdSpnResult GetSpn()
+ {
+ string entityDescriptor = string.Empty;
+ Guid idpIdentifier = Guid.Empty;
+
+ using (var reader = new XmlTextReader(string.Format(FederationMetadata, this.ApplicationDomain)))
+ {
+ var xml = new XmlDocument();
+ xml.Load(reader);
+ var descriptor = xml.GetElementsByTagName(EntityDescriptor);
+
+ if ((descriptor != null) && (descriptor.Count > 0))
+ {
+ entityDescriptor = descriptor[0].Attributes[EntityId].Value;
+ idpIdentifier = new Guid(entityDescriptor.Split('@')[1]);
+ }
+
+ return new GetOrgIdSpnResult(new Guid(this.AppPrincipalId), this.ApplicationDomain, idpIdentifier, entityDescriptor);
+ }
+ }
+ }
+}
View
28 ...ebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/GetOrgIdSPNResult.cs
@@ -0,0 +1,28 @@
+namespace Microsoft.Samples.Waad.PS
+{
+ using System;
+ using System.Globalization;
+
+ public class GetOrgIdSpnResult
+ {
+ private const string Display = "<issuer name=\"{0}\" displayName=\"{0}\" realm=\"{1}\" />";
+
+ public GetOrgIdSpnResult(Guid appId, string appDomain, Guid idpId, string entityId)
+ {
+ this.ApplicationId = appId;
+ this.ApplicationDomain = appDomain;
+ this.Spn = string.Format("spn:{0}@{1}", appId, idpId);
+ }
+
+ public Guid ApplicationId { get; internal set; }
+
+ public string ApplicationDomain { get; internal set; }
+
+ public string Spn { get; internal set; }
+
+ public override string ToString()
+ {
+ return string.Format(CultureInfo.InvariantCulture, Display, this.ApplicationDomain, this.Spn);
+ }
+ }
+}
View
67 ...harp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Microsoft.Samples.Waad.PS.csproj
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <PropertyGroup>
+ <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+ <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+ <ProductVersion>8.0.30703</ProductVersion>
+ <SchemaVersion>2.0</SchemaVersion>
+ <ProjectGuid>{86F6679C-7D26-4E36-BB85-C42FA25F30CA}</ProjectGuid>
+ <OutputType>Library</OutputType>
+ <AppDesignerFolder>Properties</AppDesignerFolder>
+ <RootNamespace>Microsoft.Samples.Waad.PS</RootNamespace>
+ <AssemblyName>Microsoft.Samples.Waad.PS</AssemblyName>
+ <TargetFrameworkVersion>v2.0</TargetFrameworkVersion>
+ <FileAlignment>512</FileAlignment>
+ <TargetFrameworkProfile />
+ </PropertyGroup>
+ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+ <DebugSymbols>true</DebugSymbols>
+ <DebugType>full</DebugType>
+ <Optimize>false</Optimize>
+ <OutputPath>bin\Debug\</OutputPath>
+ <DefineConstants>DEBUG;TRACE</DefineConstants>
+ <ErrorReport>prompt</ErrorReport>
+ <WarningLevel>4</WarningLevel>
+ <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+ </PropertyGroup>
+ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+ <DebugType>pdbonly</DebugType>
+ <Optimize>true</Optimize>
+ <OutputPath>bin\Release\</OutputPath>
+ <DefineConstants>TRACE</DefineConstants>
+ <ErrorReport>prompt</ErrorReport>
+ <WarningLevel>4</WarningLevel>
+ </PropertyGroup>
+ <ItemGroup>
+ <Reference Include="System" />
+ <Reference Include="System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>C:\Program Files\Reference Assemblies\Microsoft\WindowsPowerShell\v1.0\System.Management.Automation.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Xml" />
+ </ItemGroup>
+ <ItemGroup>
+ <Compile Include="GetOrgIdSpn.cs" />
+ <Compile Include="GetOrgIdSpnResult.cs" />
+ <Compile Include="Properties\AssemblyInfo.cs" />
+ </ItemGroup>
+ <ItemGroup>
+ <None Include="Microsoft.Samples.Waad.PS.lnk" />
+ </ItemGroup>
+ <ItemGroup>
+ <MySourceFiles Include="bin\Debug\Microsoft.Samples.Waad.PS.dll"/>
+ </ItemGroup>
+ <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+ <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
+ Other similar extension points exist, see Microsoft.Common.targets.
+ <Target Name="BeforeBuild">
+ </Target>
+ -->
+ <Target Name="AfterBuild">
+ <Copy
+ SourceFiles="@(MySourceFiles)"
+ DestinationFolder="..\..\..\..\..\php\scripts"
+ />
+ </Target>
+
+</Project>
View
36 ...PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("Microsoft.Samples.Waad.PS")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("Microsoft.Samples.Waad.PS")]
+[assembly: AssemblyCopyright("Copyright © 2012")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible
+// to COM components. If you need to access a type in this assembly from
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("08dbf7c3-adc5-4c47-9124-5321a7b7c999")]
+
+// Version information for an assembly consists of the following four values:
+//
+// Major Version
+// Minor Version
+// Build Number
+// Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
View
214 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Settings.StyleCop
@@ -0,0 +1,214 @@
+<StyleCopSettings Version="105">
+ <Analyzers>
+ <Analyzer AnalyzerId="StyleCop.CSharp.DocumentationRules">
+ <Rules>
+ <Rule Name="ElementsMustBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="PartialElementsMustBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="EnumerationItemsMustBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="DocumentationMustContainValidXml">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementDocumentationMustHaveSummary">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="PartialElementDocumentationMustHaveSummary">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementDocumentationMustHaveSummaryText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="PartialElementDocumentationMustHaveSummaryText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementDocumentationMustNotHaveDefaultSummary">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementParametersMustBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementParameterDocumentationMustMatchElementParameters">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementParameterDocumentationMustDeclareParameterName">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementParameterDocumentationMustHaveText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementReturnValueMustBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementReturnValueDocumentationMustHaveText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="VoidReturnValueMustNotBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="GenericTypeParametersMustBeDocumented">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="GenericTypeParametersMustBeDocumentedPartialClass">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="GenericTypeParameterDocumentationMustMatchTypeParameters">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="GenericTypeParameterDocumentationMustDeclareParameterName">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="GenericTypeParameterDocumentationMustHaveText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="PropertySummaryDocumentationMustMatchAccessors">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="PropertySummaryDocumentationMustOmitSetAccessorWithRestrictedAccess">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ElementDocumentationMustNotBeCopiedAndPasted">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="SingleLineCommentsMustNotUseDocumentationStyleSlashes">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="DocumentationTextMustNotBeEmpty">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="DocumentationTextMustContainWhitespace">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="DocumentationMustMeetCharacterPercentage">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="ConstructorSummaryDocumentationMustBeginWithStandardText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="DestructorSummaryDocumentationMustBeginWithStandardText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="DocumentationHeadersMustNotContainBlankLines">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="IncludedDocumentationXPathDoesNotExist">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="IncludeNodeDoesNotContainValidFileAndPath">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="InheritDocMustBeUsedWithInheritingClass">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileMustHaveHeader">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileHeaderMustShowCopyright">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileHeaderMustHaveCopyrightText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileHeaderMustContainFileName">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileHeaderFileNameDocumentationMustMatchFileName">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileHeaderMustHaveValidCompanyText">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ <Rule Name="FileHeaderFileNameDocumentationMustMatchTypeName">
+ <RuleSettings>
+ <BooleanProperty Name="Enabled">False</BooleanProperty>
+ </RuleSettings>
+ </Rule>
+ </Rules>
+ <AnalyzerSettings />
+ </Analyzer>
+ </Analyzers>
+</StyleCopSettings>
View
2 WAAD.WebSSO.PHP/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
@@ -0,0 +1,2 @@
+@echo off
+MSBuild Microsoft.Samples.Waad.PS.csproj /property:Configuration=Debug
View
41 WAAD.WebSSO.PHP/php/code/libraries/federation/Claim.php
@@ -0,0 +1,41 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+class Claim {
+ public $claimType;
+ public $claimValue;
+
+ public function __construct($type, $value) {
+ $this->claimType = $type;
+ $this->claimValue = $value;
+ }
+
+ public function getClaimValues() {
+ return explode(',', $this->claimValue);
+ }
+
+ public function toString() {
+ return 'Claim [claimType=' . $this->claimType . ', claimValue=' . $this->claimValue . ']';
+ }
+}
+?>
View
67 WAAD.WebSSO.PHP/php/code/libraries/federation/FederatedConfiguration.php
@@ -0,0 +1,67 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+class FederatedConfiguration {
+ private static $instance;
+ private $properties;
+
+ public static function getInstance() {
+ if (!isset (FederatedConfiguration :: $instance)) {
+ FederatedConfiguration :: $instance = new FederatedConfiguration();
+ }
+ return FederatedConfiguration :: $instance;
+ }
+
+ private function __construct() {
+ $this->properties = parse_ini_file('federation.ini');
+ }
+
+ public function getStsUrl() {
+ return $this->properties['federation.trustedissuers.issuer'];
+ }
+
+ public function getStsFriendlyName() {
+ return $this->properties['federation.trustedissuers.friendlyname'];
+ }
+
+ public function getThumbprint() {
+ return $this->properties['federation.trustedissuers.thumbprint'];
+ }
+
+ public function getRealm() {
+ return $this->properties['federation.realm'];
+ }
+
+ public function getReply() {
+ return $this->properties['federation.reply'];
+ }
+
+ public function getTrustedIssuers() {
+ return explode('|', $this->properties['federation.trustedissuers']);
+ }
+
+ public function getAudienceUris() {
+ return explode('|', $this->properties['federation.audienceuris']);
+ }
+}
+?>
View
142 WAAD.WebSSO.PHP/php/code/libraries/federation/FederatedLoginManager.php
@@ -0,0 +1,142 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+require_once (dirname(__FILE__) . '/Saml2TokenValidator.php');
+require_once (dirname(__FILE__) . '/FederatedPrincipal.php');
+require_once (dirname(__FILE__) . '/FederatedConfiguration.php');
+require_once (dirname(__FILE__) . '/IFederatedAuthenticationObserver.php');
+
+class FederatedLoginManager {
+ const PRINCIPAL_SESSION_VARIABLE = '_FederatedPrincipal_';
+
+ public $validateExpiration = true;
+ public $validateIssuer = false;
+ public $validateAudiences = true;
+ public $thumbprint = null;
+ public $audience = null;
+ public $trustedIssuer = null;
+
+ private $authenticationObserver;
+
+ public function __construct($authenticationObserver = null) {
+ $this->authenticationObserver = $authenticationObserver;
+ }
+
+ public static function getFederatedLoginUrl($returnUrl) {
+ return FederatedLoginManager :: getFederatedCustomLoginUrl(null, null, $returnUrl);
+ }
+
+ public static function getFederatedCustomLoginUrl($realm, $replyUrl, $returnUrl) {
+ if ($realm == null) {
+ $realm = FederatedConfiguration :: getInstance()->getRealm();
+ }
+
+ if ($replyUrl == null) {
+ $replyUrl = FederatedConfiguration :: getInstance()->getReply();
+ }
+
+ return FederatedConfiguration :: getInstance()->getStsUrl() . '?wa=wsignin1.0&wtrealm=' . urlencode($realm) . '&wctx=' . urlencode($returnUrl) . '&id=passive&wreply=' . urlencode($replyUrl);
+ }
+
+ public function authenticate($token) {
+ $validator = new Saml2TokenValidator();
+
+ $validator->allowedAudiences = $this->getAudienceUris();
+ $validator->trustedIssuers = $this->getTrustedIssuers();
+ $validator->thumbprints = $this->getThumprints();
+ $validator->validateAudiences = $this->validateAudiences;
+ $validator->validateIssuer = $this->validateIssuer;
+ $validator->validateExpiration = $this->validateExpiration;
+ $claims = $validator->validate($token);
+
+ $principal = new FederatedPrincipal($claims);
+ $_SESSION[self::PRINCIPAL_SESSION_VARIABLE] = $principal;
+
+ if (isset ($this->authenticationObserver))
+ $this->authenticationObserver->onAuthenticationSucceed($principal);
+
+
+ header('Pragma: no-cache');
+ header('Cache-Control: no-cache, must-revalidate');
+ header("Location: " . $_POST['wctx'], true, 302);
+
+ }
+
+ public function getPrincipal() {
+ return $_SESSION[self::PRINCIPAL_SESSION_VARIABLE];
+ }
+
+ public function getClaims() {
+ if ($this->isAuthenticated())
+ return $this->normalizeClaimList($this->getPrincipal()->getClaims());
+ }
+
+ public function isAuthenticated() {
+ return isset ($_SESSION[self::PRINCIPAL_SESSION_VARIABLE]);
+ }
+
+ protected function getAudienceUris() {
+ if ($this->audience !== null)
+ return array (
+ $this->audience
+ );
+ else
+ return FederatedConfiguration :: getInstance()->getAudienceUris();
+ }
+
+ protected function getTrustedIssuers() {
+ if ($this->trustedIssuer !== null)
+ return array (
+ $this->trustedIssuer
+ );
+ else
+ return FederatedConfiguration :: getInstance()->getTrustedIssuers();
+ }
+
+ protected function getThumprints() {
+ if ($this->thumbprint !== null)
+ return array (
+ $this->thumbprint
+ );
+ else
+ return array (
+ FederatedConfiguration :: getInstance()->getThumbprint()
+ );
+ }
+
+ private function normalizeClaimList($originalClaims) {
+ assert('is_array($originalClaims)');
+
+ $claims = array ();
+ if ($originalClaims !== null) {
+ foreach ($originalClaims as $originalClaim) {
+ foreach ($originalClaim->getClaimValues() as $claimValue) {
+ array_push($claims, new Claim($originalClaim->claimType, $claimValue));
+ }
+ }
+ }
+
+ return $claims;
+ }
+}
+?>
View
52 WAAD.WebSSO.PHP/php/code/libraries/federation/FederatedPrincipal.php
@@ -0,0 +1,52 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+class FederatedPrincipal {
+ const NameClaimType = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';
+ const EmailClaimType = 'http://schemas.xmlsoap.org/claims/EmailAddress';
+
+ private $claims = array ();
+
+ public function __construct($claims) {
+ $this->claims = $claims;
+ }
+
+ public function getName() {
+ foreach ($this->claims as $claim) {
+ if (strcmp($claim->claimType, FederatedPrincipal :: NameClaimType) === 0)
+ return $claim->claimValue;
+ }
+
+ foreach ($this->claims as $claim) {
+ if (strcmp($claim->claimType, FederatedPrincipal :: EmailClaimType) === 0)
+ return $claim->claimValue;
+ }
+
+ return '';
+ }
+
+ public function getClaims() {
+ return $this->claims;
+ }
+}
+?>
View
27 WAAD.WebSSO.PHP/php/code/libraries/federation/IFederatedAuthenticationObserver.php
@@ -0,0 +1,27 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+interface IFederatedAuthenticationObserver {
+ function onAuthenticationSucceed($principal);
+}
+?>
View
175 WAAD.WebSSO.PHP/php/code/libraries/federation/Saml2TokenValidator.php
@@ -0,0 +1,175 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/xmlseclibs.php');
+
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SAML2/XML/saml/SubjectConfirmationData.php');
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SAML2/XML/saml/SubjectConfirmation.php');
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SAML2/Utils.php');
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SAML2/Const.php');
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SAML2/SignedElement.php');
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SAML2/Assertion.php');
+
+require_once (dirname(__FILE__) . '/../simplesamlphp/lib/SimpleSAML/Utilities.php');
+
+require_once (dirname(__FILE__) . '/Claim.php');
+
+class Saml2TokenValidator {
+ const NS_WS_TRUST = 'http://schemas.xmlsoap.org/ws/2005/02/trust';
+
+ public $validateExpiration = true;
+ public $validateIssuer = true;
+ public $validateAudiences = true;
+
+ public $thumbprints = array ();
+ public $allowedAudiences = array ();
+ public $trustedIssuers = array ();
+
+ public function __construct() {
+ }
+
+ public function validate($token) {
+ $data = $this->parseToken($token);
+
+ // validate digest and thumbprint
+ $assertion = new SAML2_Assertion($data['Assertion']);
+ $certificates = $assertion->getCertificates();
+ $this->validateCertificateThumbprint($certificates[0]);
+
+ // validate issuer
+ if ($this->validateIssuer) {
+ $this->validateIssuer($assertion->getIssuer());
+ }
+
+ // validate audiences
+ if ($this->validateAudiences) {
+ $this->validateAudiences($assertion->getValidAudiences(), $assertion->getNotBefore(), $assertion->getNotOnOrAfter());
+ }
+
+ return $this->getClaims($data);
+ }
+
+ private function parseToken($token) {
+ $dom = new DOMDocument();
+ $token = str_replace('\"', '"', $token);
+ $dom->loadXML(str_replace("\r", "", $token));
+
+ $xpath = new DOMXpath($dom);
+ $xpath->registerNamespace('wst', self :: NS_WS_TRUST);
+ $xpath->registerNamespace('saml', SAML2_Const :: NS_SAML);
+
+ $assertions = $xpath->query('/wst:RequestSecurityTokenResponse/wst:RequestedSecurityToken/saml:Assertion');
+ if ($assertions->length === 0) {
+ $this->error('Received a response without an assertion on the WS-Fed PRP handler.');
+ }
+ if ($assertions->length > 1) {
+ $this->error('The WS-Fed PRP handler currently only supports a single assertion in a response.');
+ }
+ $assertion = $assertions->item(0);
+
+ return array (
+ 'Assertion' => $assertion,
+ 'XPath' => $xpath
+ );
+ }
+
+ private function validateCertificateThumbprint($certificate) {
+ $certFingerprint = strtolower(sha1(base64_decode($certificate)));
+
+ foreach ($this->thumbprints as $tp) {
+ if ($tp === $certFingerprint) {
+ return;
+ }
+ }
+
+ $this->error('Invalid fingerprint of certificate. Expected one of [' . implode('], [', $this->thumbprints) . '], but got [' . $certFingerprint . ']');
+ }
+
+ private function validateIssuer($tokenIssuer) {
+ $trustedIssuerOk = false;
+
+ foreach ($this->trustedIssuers as $issuer) {
+ $trustedIssuerOk = $trustedIssuerOk || (strcmp($tokenIssuer, $issuer) === 0);
+ }
+
+ if (!$trustedIssuerOk)
+ $this->error('Invalid trusted issuer');
+ }
+
+ private function validateAudiences($tokenAudiences, $notBefore, $notOnOrAfter) {
+
+ if ($this->validateExpiration && !$this->checkDateIfExpired($notBefore, $notOnOrAfter)) {
+
+ $this->error('The response has expired.');
+ }
+
+ $audienceOk = false;
+
+ foreach ($tokenAudiences as $tokenAudience) {
+ foreach ($this->allowedAudiences as $allowedAudience) {
+ $audienceOk = $audienceOk || (strcmp($allowedAudience, $tokenAudience) === 0);
+ if ($audienceOk)
+ break;
+ }
+ if ($audienceOk)
+ break;
+ }
+
+ if (!$audienceOk)
+ $this->error('Invalid audience');
+ }
+
+ private function checkDateIfExpired($start = NULL, $end = NULL) {
+ $currentTime = time();
+ $start -= 300;
+ $end += 300;
+
+ if (isset ($start)) {
+ if (($start < 0) || ($start > $currentTime))
+ return false;
+ }
+
+ if (isset ($end)) {
+ if (($end < 0) || ($end <= $currentTime))
+ return false;
+ }
+
+ return true;
+ }
+
+ private function getClaims($data) {
+ $attributes = $data['XPath']->query('./saml:AttributeStatement/saml:Attribute', $data['Assertion']);
+
+ $claims = array ();
+ foreach ($attributes as $attribute) {
+ array_push($claims, new Claim($attribute->getAttribute('Name'), $attribute->textContent));
+ }
+
+ return $claims;
+ }
+
+ private function error($error) {
+ throw new Exception("Error: " . $error);
+ }
+}
+?>
View
48 WAAD.WebSSO.PHP/php/code/libraries/waad-federation/ConfigurableFederatedLoginManager.php
@@ -0,0 +1,48 @@
+
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+require_once (dirname(__FILE__) . '/../federation/FederatedLoginManager.php');
+require_once (dirname(__FILE__) . '/TrustedIssuersRepository.php');
+
+class ConfigurableFederatedLoginManager extends FederatedLoginManager {
+
+ protected function getAudienceUris() {
+ $repository = new TrustedIssuersRepository();
+ $trustedIssuers = $repository->getTrustedIdentityProviderUrls();
+
+ if ($this->audience === null) {
+ $repository = new TrustedIssuersRepository();
+ $trustedIssuers = $repository->getTrustedIdentityProviderUrls();
+
+ $mapSpn = function($issuer){
+ return($issuer->spn);
+ };
+
+ return array_map($mapSpn, $trustedIssuers);
+ } else {
+ return FederatedConfiguration :: getInstance()->getAudienceUris();
+ }
+ }
+}
+?>
View
43 WAAD.WebSSO.PHP/php/code/libraries/waad-federation/TrustedIssuer.php
@@ -0,0 +1,43 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+require_once (dirname(__FILE__) . '/../federation/FederatedLoginManager.php');
+
+class TrustedIssuer {
+ public $name;
+ public $displayName;
+ public $spn;
+ public $replyUrl;
+
+ public function __construct($name, $displayName, $spn, $replyUrl = null) {
+ $this->name = $name;
+ $this->displayName = $displayName;
+ $this->spn = $spn;
+ $this->replyUrl = $replyUrl;
+ }
+
+ public function getLoginUrl($returnUrl) {
+ return FederatedLoginManager :: getFederatedCustomLoginUrl($this->spn, $this->replyUrl, $returnUrl);
+ }
+}
+?>
View
71 WAAD.WebSSO.PHP/php/code/libraries/waad-federation/TrustedIssuersRepository.php
@@ -0,0 +1,71 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+
+require_once (dirname(__FILE__) . '/TrustedIssuer.php');
+
+class TrustedIssuersRepository {
+ private $repositoryFileName;
+
+ public function __construct($repositoryFileName = null) {
+ if (!isset($repositoryFileName)) {
+ $this->repositoryFileName = $this->getBasePath() . "/trustedIssuers.xml";
+ } else {
+ $this->repositoryFileName = $repositoryFileName;
+ }
+ }
+
+ private function GetBasePath() {
+ return substr($_SERVER['SCRIPT_FILENAME'], 0, strlen($_SERVER['SCRIPT_FILENAME']) - strlen(strrchr($_SERVER['SCRIPT_FILENAME'], "\\")));
+ }
+
+ public function getTrustedIdentityProviderUrls() {
+ $xml = new XMLReader();
+ $xml->open($this->repositoryFileName);
+
+ $trustedIssuers = array ();
+
+ while ($xml->read()) {
+ if ($xml->nodeType == XMLReader::ELEMENT && $xml->name == "issuer") {
+ array_push($trustedIssuers, new TrustedIssuer($xml->getAttribute("name"), $xml->getAttribute("displayName"), $xml->getAttribute("realm")));
+ }
+ }
+
+ return $trustedIssuers;
+ }
+
+ public function getTrustedIdentityProviderUrl($name, $replyUrl) {
+ $xml = new XMLReader();
+ $xml->open($this->repositoryFileName);
+
+ $trustedIssuers = array ();
+
+ while ($xml->read()) {
+ if ($xml->nodeType == XMLReader::ELEMENT && $xml->name == "issuer" && $xml->getAttribute("name") == $name) {
+ return new TrustedIssuer($xml->getAttribute("name"), $xml->getAttribute("displayName"), $xml->getAttribute("realm"), $replyUrl);
+ }
+ }
+
+ return null;
+ }
+}
+?>
View
1 WAAD.WebSSO.PHP/php/code/samples/.gitignore
@@ -0,0 +1 @@
+# placeholder
View
6 WAAD.WebSSO.PHP/php/code/samples/phpSample/federation.ini
@@ -0,0 +1,6 @@
+federation.trustedissuers.issuer=https://accounts.accesscontrol.windows.net/v2/wsfederation
+federation.trustedissuers.thumbprint=3f5dfcdf4b3d0eab9ba49befb3cfd760da9cccf1
+federation.trustedissuers.friendlyname=Awesome Computers
+federation.audienceuris=spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@495c4a5e-38b7-49b9-a90f-4c0050b2d7f7
+federation.realm=spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@495c4a5e-38b7-49b9-a90f-4c0050b2d7f7
+federation.reply=https://localhost/phpSample/index.php
View
44 WAAD.WebSSO.PHP/php/code/samples/phpSample/index.php
@@ -0,0 +1,44 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+require_once (dirname(__FILE__) . '/secureResource.php');
+?>
+<!DOCTYPE html>
+<html>
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+ <title>Index Page</title>
+</head>
+<body>
+ <h2>Index Page</h2>
+ <h3>Welcome <strong><?php print_r($loginManager->getPrincipal()->getName()); ?></strong>!</h3>
+
+ <h4>Claim list:</h4>
+ <ul>
+<?php
+ foreach ($loginManager->getClaims() as $claim) {
+ print_r('<li>' . $claim->toString() . '</li>');
+ }
+?>
+ </ul>
+</body>
+</html>
View
49 WAAD.WebSSO.PHP/php/code/samples/phpSample/login.php
@@ -0,0 +1,49 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+// uncomment this to display internal server errors.
+//error_reporting(E_ALL);
+//ini_set('display_errors', 'On');
+ini_set('include_path', ini_get('include_path').';../../libraries/;');
+require_once ('waad-federation/TrustedIssuersRepository.php');
+?>
+<!DOCTYPE html>
+<html>
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+ <title>Login Page</title>
+</head>
+<body>
+ <h2>Login Page</h2>
+ <ul>
+<?php
+ $repository = new TrustedIssuersRepository();
+ $trustedIssuers = $repository->getTrustedIdentityProviderUrls();
+
+ foreach ($trustedIssuers as $trustedIssuer) {
+ $returnUrl = $_GET['returnUrl'];
+ print_r('<li><a href="' . $trustedIssuer->getLoginUrl($returnUrl) . '">' . $trustedIssuer->displayName . '</a></li>');
+ }
+?>
+ </ul>
+</body>
+</html>
View
50 WAAD.WebSSO.PHP/php/code/samples/phpSample/secureResource.php
@@ -0,0 +1,50 @@
+/*-----------------------------------------------------------------------
+
+ Copyright (c) Microsoft Corporation. All rights reserved.
+
+
+ Copyright 2012 Microsoft Corporation
+ All rights reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ THIS CODE IS PROVIDED *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR
+ CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABLITY OR NON-INFRINGEMENT.
+
+ See the Apache Version 2.0 License for specific language governing
+ permissions and limitations under the License.
+
+--------------------------------------------------------------------------- */
+<?php
+// uncomment this to display internal server errors.
+// error_reporting(E_ALL);
+// ini_set('display_errors', 'On');
+
+ini_set('include_path', ini_get('include_path').';../../libraries/;');
+require_once ('waad-federation/ConfigurableFederatedLoginManager.php');
+
+session_start();
+$token = $_POST['wresult'];
+$loginManager = new ConfigurableFederatedLoginManager();
+
+if (!$loginManager->isAuthenticated()) {
+ if (isset ($token)) {
+ try {
+ $loginManager->authenticate($token);
+ } catch (Exception $e) {
+ print_r($e->getMessage());
+ }
+ } else {
+ $returnUrl = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+
+ header('Pragma: no-cache');
+ header('Cache-Control: no-cache, must-revalidate');
+ header("Location: https://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']) . "/login.php?returnUrl=" . $returnUrl, true, 302);
+ exit();
+ }
+}
+?>
View
7 WAAD.WebSSO.PHP/php/code/samples/phpSample/trustedIssuers.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<issuers>
+ <issuer name="awesomecomputers.onmicrosoft.com" displayName="Awesome Computers"
+ realm="spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@495c4a5e-38b7-49b9-a90f-4c0050b2d7f7" />
+ <issuer name="treyresearchinc.onmicrosoft.com" displayName="Trey Research Inc."
+ realm="spn:d184f6dd-d5d6-44c8-9cfa-e2d630dea392@13292593-4861-4847-8441-6da6751cfb86" />
+</issuers>
View
BIN WAAD.WebSSO.PHP/php/docs/Web SignOn with WAAD - PHP sample.docx
Binary file not shown.
View
16 WAAD.WebSSO.PHP/php/scripts/If your dll is missing-read this.txt
@@ -0,0 +1,16 @@
+IMPORTANT STEPS BEFORE USING THIS SAMPLE:
+
+In order to use this example correctly, you will need to built the PowerShell DLL to provide the correct
+loading of the Microsoft.Samples.Waad.PS link as referred to in the documentation.
+
+The source for this DLL is included under: %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS
+
+You may either load this in to Visual Studio 2008 / 2010 and build, or you may use the included script as follows:
+
+%ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
+
+It's a simple MSBuild script that will run the default MSBuild with DEBUG configuration and copy the correct .dll in to the \php\
+scripts\ directory
+
+Enjoy!
+
View
BIN WAAD.WebSSO.PHP/php/scripts/Microsoft.Samples.Waad.PS.lnk
Binary file not shown.

0 comments on commit a0d85f6

Please sign in to comment.