/
loginuserpass.php
107 lines (91 loc) · 3.86 KB
/
loginuserpass.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<?php
/**
* This page shows a username/password login form, and passes information from it
* to the sspmod_core_Auth_UserPassBase class, which is a generic class for
* username/password authentication.
*
* @author Olav Morken, UNINETT AS.
* @package SimpleSAMLphp
*/
// Retrieve the authentication state
if (!array_key_exists('AuthState', $_REQUEST)) {
throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.');
}
$authStateId = $_REQUEST['AuthState'];
$state = SimpleSAML_Auth_State::loadState($authStateId, sspmod_core_Auth_UserPassBase::STAGEID);
$source = SimpleSAML_Auth_Source::getById($state[sspmod_core_Auth_UserPassBase::AUTHID]);
if ($source === NULL) {
throw new Exception('Could not find authentication source with id ' . $state[sspmod_core_Auth_UserPassBase::AUTHID]);
}
if (array_key_exists('username', $_REQUEST)) {
$username = $_REQUEST['username'];
} elseif ($source->getRememberUsernameEnabled() && array_key_exists($source->getAuthId() . '-username', $_COOKIE)) {
$username = $_COOKIE[$source->getAuthId() . '-username'];
} elseif (isset($state['core:username'])) {
$username = (string)$state['core:username'];
} else {
$username = '';
}
if (array_key_exists('password', $_REQUEST)) {
$password = $_REQUEST['password'];
} else {
$password = '';
}
$errorCode = NULL;
$errorParams = NULL;
if (!empty($_REQUEST['username']) || !empty($password)) {
// Either username or password set - attempt to log in
if (array_key_exists('forcedUsername', $state)) {
$username = $state['forcedUsername'];
}
if ($source->getRememberUsernameEnabled()) {
$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
$params = $sessionHandler->getCookieParams();
$params['expire'] = time();
$params['expire'] += (isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300);
\SimpleSAML\Utils\HTTP::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
}
if ($source->isRememberMeEnabled()) {
if (array_key_exists('remember_me', $_REQUEST) && $_REQUEST['remember_me'] === 'Yes') {
$state['RememberMe'] = TRUE;
$authStateId = SimpleSAML_Auth_State::saveState($state, sspmod_core_Auth_UserPassBase::STAGEID);
}
}
try {
sspmod_core_Auth_UserPassBase::handleLogin($authStateId, $username, $password);
} catch (SimpleSAML_Error_Error $e) {
/* Login failed. Extract error code and parameters, to display the error. */
$errorCode = $e->getErrorCode();
$errorParams = $e->getParameters();
}
}
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:loginuserpass.php');
$t->data['stateparams'] = array('AuthState' => $authStateId);
if (array_key_exists('forcedUsername', $state)) {
$t->data['username'] = $state['forcedUsername'];
$t->data['forceUsername'] = TRUE;
$t->data['rememberUsernameEnabled'] = FALSE;
$t->data['rememberUsernameChecked'] = FALSE;
$t->data['rememberMeEnabled'] = $source->isRememberMeEnabled();
$t->data['rememberMeChecked'] = $source->isRememberMeChecked();
} else {
$t->data['username'] = $username;
$t->data['forceUsername'] = FALSE;
$t->data['rememberUsernameEnabled'] = $source->getRememberUsernameEnabled();
$t->data['rememberUsernameChecked'] = $source->getRememberUsernameChecked();
$t->data['rememberMeEnabled'] = $source->isRememberMeEnabled();
$t->data['rememberMeChecked'] = $source->isRememberMeChecked();
if (isset($_COOKIE[$source->getAuthId() . '-username'])) $t->data['rememberUsernameChecked'] = TRUE;
}
$t->data['links'] = $source->getLoginLinks();
$t->data['errorcode'] = $errorCode;
$t->data['errorcodes'] = SimpleSAML\Error\Errorcodes::getAllErrorCodeMessages();
$t->data['errorparams'] = $errorParams;
if (isset($state['SPMetadata'])) {
$t->data['SPMetadata'] = $state['SPMetadata'];
} else {
$t->data['SPMetadata'] = NULL;
}
$t->show();
exit();