Loading Dockerfile +8 −3 Original line number Diff line number Diff line Loading @@ -15,10 +15,13 @@ RUN apt-get update && \ make \ wget \ ca-certificates \ ssl-cert \ vim # Copying Shibboleth SP configuration COPY docker/shibboleth2.xml /etc/shibboleth/ COPY docker/shibboleth/shibboleth2.xml /etc/shibboleth/ COPY docker/shibboleth/sp-key.pem /etc/shibboleth/ COPY docker/shibboleth/sp-cert.pem /etc/shibboleth/ # Installing Embedded Discovery Service WORKDIR /usr/local/src Loading @@ -39,6 +42,8 @@ RUN a2enconf rap.conf # Enable mod_rewrite (for Flight framework) RUN a2enmod rewrite RUN a2enmod ssl RUN a2ensite default-ssl # Copying RAP php files WORKDIR /var/www/html Loading @@ -48,5 +53,5 @@ WORKDIR /var/www/html/rap-ia2 RUN mkdir -p logs RUN chown -R www-data logs # Starting Apache CMD apachectl -D FOREGROUND # Starting shibd & Apache CMD service shibd start && apachectl -D FOREGROUND classes/Locator.php +1 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,7 @@ class Locator { } public function getProtocol(): string { return stripos($_SERVER['SERVER_PROTOCOL'], 'https') ? 'https://' : 'http://'; return (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://'; } public function getBasePath(): string { Loading docker/rap.conf +27 −0 Original line number Diff line number Diff line <Directory /var/www/html/rap-ia2/> AllowOverride All </Directory> <Directory /var/www/html/rap-ia2/auth/x509/> Options Indexes FollowSymLinks AllowOverride None Order allow,deny allow from all SSLVerifyClient require SSLVerifyDepth 10 SSLOptions +ExportCertData </Directory> <Location /rap-ia2/auth/eduGAIN> AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user </Location> #<Directory /var/www/html/rap-ia2/auth/eduGAIN/> # AuthType shibboleth # ShibRequestSetting requireSession 1 # Require valid-user #</Directory> <Directory /var/www/html/rap-ia2/logs/> Order deny,allow Deny From All </Directory> include/admin.php +12 −11 Original line number Diff line number Diff line Loading @@ -7,9 +7,10 @@ function checkUser() { startSession(); session_start(); global $locator; global $session; $session = $locator->getSession(); if ($session->getUser() === null) { http_response_code(401); die("You must be registered to perform this action"); Loading @@ -29,9 +30,9 @@ Flight::route('GET /admin', function() { Flight::route('GET /admin/oauth2_clients', function() { checkUser(); global $dao; global $locator; $clients = $dao->getOAuth2Clients(); $clients = $locator->getOAuth2ClientDAO()->getOAuth2Clients(); Flight::json($clients); }); Loading @@ -39,9 +40,9 @@ Flight::route('GET /admin/oauth2_clients', function() { Flight::route('POST /admin/oauth2_clients', function() { checkUser(); global $dao; global $locator; $client = $dao->createOAuth2Client(buildOAuth2ClientFromData()); $client = $locator->getOAuth2ClientDAO()->createOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Loading @@ -49,9 +50,9 @@ Flight::route('POST /admin/oauth2_clients', function() { Flight::route('PUT /admin/oauth2_clients', function() { checkUser(); global $dao; global $locator; $client = $dao->updateOAuth2Client(buildOAuth2ClientFromData()); $client = $locator->getOAuth2ClientDAO()->updateOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Loading @@ -59,9 +60,9 @@ Flight::route('PUT /admin/oauth2_clients', function() { Flight::route('DELETE /admin/oauth2_clients/@id', function($id) { checkUser(); global $dao; global $locator; $dao->deleteOAuth2Client($id); $locator->getOAuth2ClientDAO()->deleteOAuth2Client($id); // Return no content Flight::halt(204); Loading @@ -76,7 +77,7 @@ function buildOAuth2ClientFromData() { if (isset($data['id'])) { $client->id = $data['id']; } $client->name = $data['name']; $client->title = $data['title']; $client->icon = $data['icon']; $client->client = $data['client']; $client->secret = $data['secret']; Loading include/front-controller.php +4 −3 Original line number Diff line number Diff line Loading @@ -133,7 +133,7 @@ Flight::route('GET /logout', function() { }); function sendAuthRedirect($url) { startSession(); session_start(); // reload callback from query to avoid problem with session shared between // multiple browser tabs setCallback(Flight::request()->query['callback']); Loading Loading @@ -218,8 +218,9 @@ Flight::route('/local', function() { */ Flight::route('GET /x509-name-surname', function() { startSession(); global $session, $BASE_PATH, $VERSION; session_start(); global $locator, $BASE_PATH, $VERSION; $session = $locator->getSession(); if ($session->getX509DataToRegister() !== null && $session->getX509DataToRegister()->name === null) { Flight::render('x509-name-surname.php', array('title' => 'Select name and surname', Loading Loading
Dockerfile +8 −3 Original line number Diff line number Diff line Loading @@ -15,10 +15,13 @@ RUN apt-get update && \ make \ wget \ ca-certificates \ ssl-cert \ vim # Copying Shibboleth SP configuration COPY docker/shibboleth2.xml /etc/shibboleth/ COPY docker/shibboleth/shibboleth2.xml /etc/shibboleth/ COPY docker/shibboleth/sp-key.pem /etc/shibboleth/ COPY docker/shibboleth/sp-cert.pem /etc/shibboleth/ # Installing Embedded Discovery Service WORKDIR /usr/local/src Loading @@ -39,6 +42,8 @@ RUN a2enconf rap.conf # Enable mod_rewrite (for Flight framework) RUN a2enmod rewrite RUN a2enmod ssl RUN a2ensite default-ssl # Copying RAP php files WORKDIR /var/www/html Loading @@ -48,5 +53,5 @@ WORKDIR /var/www/html/rap-ia2 RUN mkdir -p logs RUN chown -R www-data logs # Starting Apache CMD apachectl -D FOREGROUND # Starting shibd & Apache CMD service shibd start && apachectl -D FOREGROUND
classes/Locator.php +1 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,7 @@ class Locator { } public function getProtocol(): string { return stripos($_SERVER['SERVER_PROTOCOL'], 'https') ? 'https://' : 'http://'; return (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://'; } public function getBasePath(): string { Loading
docker/rap.conf +27 −0 Original line number Diff line number Diff line <Directory /var/www/html/rap-ia2/> AllowOverride All </Directory> <Directory /var/www/html/rap-ia2/auth/x509/> Options Indexes FollowSymLinks AllowOverride None Order allow,deny allow from all SSLVerifyClient require SSLVerifyDepth 10 SSLOptions +ExportCertData </Directory> <Location /rap-ia2/auth/eduGAIN> AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user </Location> #<Directory /var/www/html/rap-ia2/auth/eduGAIN/> # AuthType shibboleth # ShibRequestSetting requireSession 1 # Require valid-user #</Directory> <Directory /var/www/html/rap-ia2/logs/> Order deny,allow Deny From All </Directory>
include/admin.php +12 −11 Original line number Diff line number Diff line Loading @@ -7,9 +7,10 @@ function checkUser() { startSession(); session_start(); global $locator; global $session; $session = $locator->getSession(); if ($session->getUser() === null) { http_response_code(401); die("You must be registered to perform this action"); Loading @@ -29,9 +30,9 @@ Flight::route('GET /admin', function() { Flight::route('GET /admin/oauth2_clients', function() { checkUser(); global $dao; global $locator; $clients = $dao->getOAuth2Clients(); $clients = $locator->getOAuth2ClientDAO()->getOAuth2Clients(); Flight::json($clients); }); Loading @@ -39,9 +40,9 @@ Flight::route('GET /admin/oauth2_clients', function() { Flight::route('POST /admin/oauth2_clients', function() { checkUser(); global $dao; global $locator; $client = $dao->createOAuth2Client(buildOAuth2ClientFromData()); $client = $locator->getOAuth2ClientDAO()->createOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Loading @@ -49,9 +50,9 @@ Flight::route('POST /admin/oauth2_clients', function() { Flight::route('PUT /admin/oauth2_clients', function() { checkUser(); global $dao; global $locator; $client = $dao->updateOAuth2Client(buildOAuth2ClientFromData()); $client = $locator->getOAuth2ClientDAO()->updateOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Loading @@ -59,9 +60,9 @@ Flight::route('PUT /admin/oauth2_clients', function() { Flight::route('DELETE /admin/oauth2_clients/@id', function($id) { checkUser(); global $dao; global $locator; $dao->deleteOAuth2Client($id); $locator->getOAuth2ClientDAO()->deleteOAuth2Client($id); // Return no content Flight::halt(204); Loading @@ -76,7 +77,7 @@ function buildOAuth2ClientFromData() { if (isset($data['id'])) { $client->id = $data['id']; } $client->name = $data['name']; $client->title = $data['title']; $client->icon = $data['icon']; $client->client = $data['client']; $client->secret = $data['secret']; Loading
include/front-controller.php +4 −3 Original line number Diff line number Diff line Loading @@ -133,7 +133,7 @@ Flight::route('GET /logout', function() { }); function sendAuthRedirect($url) { startSession(); session_start(); // reload callback from query to avoid problem with session shared between // multiple browser tabs setCallback(Flight::request()->query['callback']); Loading Loading @@ -218,8 +218,9 @@ Flight::route('/local', function() { */ Flight::route('GET /x509-name-surname', function() { startSession(); global $session, $BASE_PATH, $VERSION; session_start(); global $locator, $BASE_PATH, $VERSION; $session = $locator->getSession(); if ($session->getX509DataToRegister() !== null && $session->getX509DataToRegister()->name === null) { Flight::render('x509-name-surname.php', array('title' => 'Select name and surname', Loading
