From 7df7dbbeae6f85d726538ad4ba9b018c7616d96a Mon Sep 17 00:00:00 2001
From: "Hahn Axel (hahn)" <axel.hahn@unibe.ch>
Date: Fri, 13 Sep 2024 14:47:22 +0200
Subject: [PATCH] update headers; add return url
---
Readme.md | 26 +++++++++++++++++++-------
config.php.dist | 4 +++-
functions.js | 9 +++++++++
inc_functions.php | 11 ++++++++++-
inc_mode_boxes.php | 9 +++++++++
inc_mode_wayf.php | 8 ++++++--
index.php | 11 +++--------
7 files changed, 59 insertions(+), 19 deletions(-)
diff --git a/Readme.md b/Readme.md
index 477a9ac..1aff1cd 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,9 +1,8 @@
# AAI Login page
A login page for multiple AAI organisations.
-Its initial focus is on ilias
-* PHP 8.x
+* PHP
* License: GNU GPL 3.0
* Source: https://git-repo.iml.unibe.ch/iml-open-source/login-aai
@@ -20,6 +19,7 @@ This is a standalone login page that offers a list of organisations and can be c
## Requirements
* PHP 8.2
+* PHP web aaplication with mod_shibboleth
## Installation
@@ -34,23 +34,34 @@ First an example configuration:
```php
<?php
return [
+
'title' => 'AAI Login',
- 'mode' => 'wayf',
- 'text-info' => '+++ Hinweis +++ Hinweis +++ Hinweis +++ Hinweis +++',
- 'text-before-wayf' => '<p>Studierende und Dozenten nutzen in der Regel das nachfolgende "Anmelden":</p>',
- 'text-after-logins' => '<br><br><h2>Anmeldung ohne AAI</h2>
+ // -- enable one of it:
+ 'mode' => 'boxes',
+ // 'mode' => 'wayf',
+
+ // -- maintenance hint or other message on top
+ // 'text-info' => '+++ Hinweis +++ Hinweis +++ Hinweis +++ Hinweis +++',
+
+ // -- text before and after
+ 'text-before' => '<p>Studierende und Dozenten nutzen in der Regel das nachfolgende "Anmelden":</p>',
+ 'text-after' => '<br><br><h2>Anmeldung ohne AAI</h2>
<p>
Klicken Sie auf: <br />
<a href="/login.php" onclick="">Gast-Zugang</a>
</p>',
+ // -- positive list of IDPs
'idps' => [
"https://aai-idp.unibe.ch/idp/shibboleth",
"https://aai.insel.ch/idp/shibboleth",
"https://aai-logon.vho-switchaai.ch/idp/shibboleth",
"https://aai-logon.unibas.ch/idp/shibboleth",
- ]
+ ],
+
+ // -- return URL
+ 'return-url' => '/shib_login.php'
];
```
@@ -63,6 +74,7 @@ return [
| text-before-wayf | string | Text to show before wayf select box (for mode = "wayf" only)
| text-after-logins | string | Fisnishing text after
| idps | array | List of enabled idps to whitelist; it will filtered by enabled organisatzions by shibboleth
+| return-url | string | Return url to your application afer logging in on then organization url<br>- '/shib_login.php' is for Ilias LMS
## Devlopment hints
diff --git a/config.php.dist b/config.php.dist
index f21e9be..1c045e9 100644
--- a/config.php.dist
+++ b/config.php.dist
@@ -19,6 +19,8 @@ return [
"https://aai.insel.ch/idp/shibboleth",
"https://aai-logon.vho-switchaai.ch/idp/shibboleth",
"https://aai-logon.unibas.ch/idp/shibboleth",
- ]
+ ],
+
+ 'return-url' => '/shib_login.php'
];
\ No newline at end of file
diff --git a/functions.js b/functions.js
index db42f23..52cb975 100644
--- a/functions.js
+++ b/functions.js
@@ -1,3 +1,12 @@
+// ======================================================================
+//
+// AAI LOGIN WITH SHIBBOLETH HANDLING MULTIPLE ORGANIZATIONS
+//
+// javascript functions for mode = "boxes"
+//
+// License: GNU GPL 3.0
+// Source: https://git-repo.iml.unibe.ch/iml-open-source/login-aai
+// ======================================================================
// ----------------------------------------------------------------------
diff --git a/inc_functions.php b/inc_functions.php
index 8244496..b20540d 100644
--- a/inc_functions.php
+++ b/inc_functions.php
@@ -1,4 +1,13 @@
<?php
+// ======================================================================
+//
+// AAI LOGIN WITH SHIBBOLETH HANDLING MULTIPLE ORGANIZATIONS
+//
+// included functions
+//
+// License: GNU GPL 3.0
+// Source: https://git-repo.iml.unibe.ch/iml-open-source/login-aai
+// ======================================================================
$SELFURL = isset($_SERVER['SERVER_NAME']) ? "https://" . $_SERVER['SERVER_NAME'] : '';
@@ -69,7 +78,7 @@ function getIdps()
$sLabel = $aEntry['DisplayNames'][0]['value'] ?? parse_url($sEntityId, PHP_URL_HOST);
$sImage = $aEntry['Logos'][1]['value'] ?? ($aEntry['Logos'][0]['value'] ?? '');
- $sUrl = "$SELFURL/Shibboleth.sso/Login?entityID=" . urlencode($sEntityId) . "&target=" . urlencode("$SELFURL/shib_login.php");
+ $sUrl = "$SELFURL/Shibboleth.sso/Login?entityID=" . urlencode($sEntityId) . "&target=" . urlencode($SELFURL.$aConfig['return-url']??'');
$aReturn[] = [
'label' => $sLabel,
diff --git a/inc_mode_boxes.php b/inc_mode_boxes.php
index f364624..ce7599a 100644
--- a/inc_mode_boxes.php
+++ b/inc_mode_boxes.php
@@ -1,4 +1,13 @@
<?php
+// ======================================================================
+//
+// AAI LOGIN WITH SHIBBOLETH HANDLING MULTIPLE ORGANIZATIONS
+//
+// Boxes for all organizations with an input field for filter
+//
+// License: GNU GPL 3.0
+// Source: https://git-repo.iml.unibe.ch/iml-open-source/login-aai
+// ======================================================================
$sOut = '';
// $sOut.='<pre>'.print_r($aIdplist, 1).'</pre>';
diff --git a/inc_mode_wayf.php b/inc_mode_wayf.php
index cd5b015..eaf7221 100644
--- a/inc_mode_wayf.php
+++ b/inc_mode_wayf.php
@@ -1,8 +1,12 @@
<?php
// ======================================================================
//
-// AAI LOGIN * WAYF
+// AAI LOGIN WITH SHIBBOLETH HANDLING MULTIPLE ORGANIZATIONS
+//
+// Embedded WAYF Script from switch
//
+// License: GNU GPL 3.0
+// Source: https://git-repo.iml.unibe.ch/iml-open-source/login-aai
// ======================================================================
?>
@@ -34,7 +38,7 @@
// URL on this resource that the user shall be returned to after authentication
// Examples: "https://econf.switch.ch/aai/home", "https://olat.uzh.ch/my/courses"
// [Mandatory]
- var wayf_return_url = "<?php echo $SELFURL; ?>/shib_login.php";
+ var wayf_return_url = "<?php echo $SELFURL.$aConfig['return-url']??''; ?>";
//////////////////// RECOMMENDED SETTINGS ////////////////////
diff --git a/index.php b/index.php
index 2329601..de7d8dc 100644
--- a/index.php
+++ b/index.php
@@ -2,18 +2,13 @@
/*
======================================================================
- AAI LOGIN FOR ILIAS 9
+ AAI LOGIN WITH SHIBBOLETH HANDLING MULTIPLE ORGANIZATIONS
----------------------------------------------------------------------
- When editing login pages javascript is filtering while saving.
- The WAYF script of Switch didn't work anymore.
- This script is a workaround and acts as an additional logon page
- next to the login.php file.
-
Institute for Medical Education; University of Bern
- GNU GPL 3.0
-
+ License: GNU GPL 3.0
+ Source: https://git-repo.iml.unibe.ch/iml-open-source/login-aai
----------------------------------------------------------------------
2024-09-13 Initial version
======================================================================
--
GitLab