3 /** External authentication via WebID for FusionForge
4 * Copyright 2011, Roland Mas
5 * Copyright 2011-2012, Olivier Berger & Institut Mines-Telecom
7 * This program was initially developped in the frame of the COCLICO project
8 * (http://www.coclico-project.org/) with financial support of the Paris
11 * This file is part of FusionForge. FusionForge is free software;
12 * you can redistribute it and/or modify it under the terms of the
13 * GNU General Public License as published by the Free Software
14 * Foundation; either version 2 of the Licence, or (at your option)
17 * FusionForge is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License along
23 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
24 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27 require_once '../../../www/env.inc.php';
28 require_once $gfcommon.'include/pre.php';
30 session_require_login();
32 // get global users vars
33 $u =& user_get_object(user_getid());
34 if (!$u || !is_object($u)) {
35 exit_error(_('Could Not Get User'));
36 } elseif ($u->isError()) {
37 exit_error($u->getErrorMessage(),'my');
40 $plugin = plugin_get_object('authwebid');
42 // we receive this when addition or deletion is confirmed
43 $webid_identity = htmlspecialchars(trim(getStringFromRequest('webid_identity', 'http://')));
45 // When invoked back by the IdP, the request is signed
46 if (getStringFromRequest('sig') != '') {
48 // First, verify that we indeed got invoked back as a callback of the IdP delegated auth
49 if ( $plugin->justBeenAuthenticatedByIdP() ) {
51 // We can then trust the webid set by WebIDDelegatedAuth lib
52 $webid_identity = $plugin->getCurrentWebID();
54 // Now, if we went back to the IdP in order to confirm a pending binding, it's time to bind it
55 if ( $plugin->isStoredPendingWebID($u->getID(), $webid_identity) ) {
57 $error_msg = $plugin->bindStoredWebID($u->getID(), $webid_identity);
59 $webid_identity = 'http://';
61 $feedback = _('The IdP has confirmed that you own this WebID. It is now bound to your account.');
65 // or it's the first time we went to the IdP, and we wait until the confirmation of the binding to really use it
66 $error_msg = $plugin->addStoredPendingWebID($u->getID(), $webid_identity);
68 $webid_identity = 'http://';
70 $feedback = _('The IdP has confirmed that you own a WebID. Please confirm you want to bind it to your account.');
76 // If called to remove an identity
77 if (getStringFromRequest('delete') != '') {
79 $error_msg = $plugin->removeStoredWebID($u->getID(), $webid_identity);
82 $feedback = _('Identity successfully deleted');
83 $webid_identity = 'http://';
87 // In all cases, we display the management screen
89 $title = sprintf(_('Manage WebID identities for user %1$s'), $u->getUnixName());
90 site_user_header(array('title'=>$title));
92 echo $HTML->boxTop(_('My WebID identities'));
95 <h2><?php echo _('Bind a new WebID'); ?></h2>
99 echo _('You can add your own WebID identities in the form below.') . '<br />';
100 echo _('Once you have confirmed their binding to your fusionforge account, you may use them to login.') ?></p>
103 // display a table of WebIDs pending binding
104 $pendingwebids = $plugin->getStoredPendingWebIDs($u->getID());
105 if( count($pendingwebids) ) {
106 echo $HTML->listTableTop(array(_('Already pending WebIDs you could bind to your account'), ''));
109 foreach($pendingwebids as $webid_identity) {
110 echo '<tr '.$HTML->boxGetAltRowStyle($i).'>';
111 echo '<td><i>'. $webid_identity .'</i></td>';
112 echo '<td><b>'. $plugin->displayAuthentifyViaIdPLink( util_make_url('/plugins/authwebid/index.php'), _('Confirm binding')) . '</b></td>';
113 echo '<td><a href="'.util_make_uri ('/plugins/authwebid/').'?webid_identity='. urlencode('pending:'.$webid_identity) .'&delete=1">'. _('remove') . '</a></td>';
117 echo $HTML->listTableBottom();
120 <!-- This form isn't one any more actually, but decorations is nice like this -->
121 <form name="new_identity" action="<?php echo util_make_uri ('/plugins/authwebid/'); ?>" method="post">
123 <legend><?php echo _('Bind a new WebID'); ?></legend>
127 // redirect link to the IdP
128 // This might as well confirm binding just as if using the Confirm link, if user has only one WebID recognized by the IdP
129 echo '<b>'. $plugin->displayAuthentifyViaIdPLink( util_make_url('/plugins/authwebid/index.php'),
130 sprintf( _('Click here to initiate the addition of a new WebID validated via %s'),
131 $plugin->delegate_webid_auth_to)) . '</b>';
137 <h2><?php echo _('My WebIDs'); ?></h2>
141 // now display existing bound identities
144 $boundwebids = $plugin->getStoredBoundWebIDs($u->getID());
146 if(count($boundwebids)) {
147 echo $HTML->listTableTop(array(_('WebIDs already bound to your account, which you can use to login'), ''));
150 foreach($boundwebids as $webid_identity) {
151 echo '<tr '.$HTML->boxGetAltRowStyle($i).'>';
152 echo '<td>'. $webid_identity .'</td>';
153 echo '<td><a href="'.util_make_uri ('/plugins/authwebid/').'?webid_identity='. urlencode($webid_identity) .'&delete=1">'. _('remove') . '</a></td>';
158 echo $HTML->listTableBottom();
161 echo '<p>'. _("You haven't yet bound any WebID to your account") . '</p>';
165 echo $HTML->boxBottom();
167 site_user_footer(array());
171 // c-file-style: "bsd"