1<?
2# zxid/zxidhlo.php  -  Hello World SAML SP role in PHP using zxid extension
3#
4# Copyright (c) 2010 Sampo Kellomaki (sampo@iki.fi), All Rights Reserved.
5# Copyright (c) 2007-2009 Symlabs (symlabs@symlabs.com), All Rights Reserved.
6# Author: Sampo Kellomaki (sampo@iki.fi)
7# This is confidential unpublished proprietary source code of the author.
8# NO WARRANTY, not even implied warranties. Contains trade secrets.
9# Distribution prohibited unless authorized in writing.
10# Licensed under Apache License 2.0, see file COPYING.
11# $Id: zxidhlo.php,v 1.11 2009-11-29 12:23:06 sampo Exp $
12# 16.1.2007,  created --Sampo
13# 25.5.2008,  fixed to work against 0.27, fixed port number to 5443 --Sampo
14# 14.11.2009, Added zxid_az() example --Sampo
15# 27.11.2009, Added zxid_call() examples --Sampo
16
17dl("php_zxid.so");  # These three lines can go to initialization: they only need to run once
18# CONFIG: You must have created /var/zxid directory hierarchy. See `make dir'
19# CONFIG: You must edit the URL to match your domain name and port
20#$conf = "URL=https://sp1.zxidsp.org:5443/zxidhlo.php&PATH=/var/zxid/";
21$conf = "PATH=/var/zxid/&URL=http://sp.tas3.pt:8082/zxidhlo.php";
22#error_log("zxidphp: conf($conf)");
23$cf = zxid_new_conf_to_cf($conf);
24?>
25<?
26# For every page that is accessed. Debug: QUERY_STRING=o=E REQUEST_METHOD=GET ./zxidhlo.php
27#print_r(phpinfo());
28#print_r($_SERVER);
29$qs = $_SERVER['REQUEST_METHOD'] == 'GET'
30      ? $_SERVER['QUERY_STRING']
31      : file_get_contents('php://input');
32error_log("zxidphp: qs($qs)");
33$res = zxid_simple_cf($cf, -1, $qs, null, 0x1814);
34error_log("zxidphp: res($res) conf($conf)");
35
36switch (substr($res, 0, 1)) {
37case 'L': header($res); exit;  # Redirect (Location header)
38case '<': header('Content-type: text/xml'); echo $res; exit;  # Metadata or SOAP
39case 'n': exit;   # Already handled
40case 'e':
41?>
42<title>ZXID PHP Demo Please Login Using IdP</title>
43<body bgcolor="#330033" text="#ffaaff" link="#ffddff"
44 vlink="#aa44aa" alink="#ffffff"><font face=sans>
45<h1>ZXID PHP Demo Please Login Using IdP</h1>
46<?=zxid_idp_select_cf($cf, null, 0x1900)?>
47<hr>zxidhlo.php, <a href="http://zxid.org/">zxid.org</a>
48<?
49exit;
50case 'd': break;  # Logged in case -- continue after switch
51default:  die("Unknown zxid_simple() res($res)");
52}
53
54# Parse the LDIF in $res into a hash of attributes $attr
55
56foreach (split("\n", $res) as $line) {
57    $a = split(": ", $line);
58    $attr[$a[0]] = $a[1];
59}
60?>
61<title>ZXID PHP Demo Protected content, logged in</title>
62<body bgcolor="#330033" text="#ffaaff" link="#ffddff"
63 vlink="#aa44aa" alink="#ffffff"><font face=sans>
64<?
65
66# Optional: Perform additional authorization step
67# (n.b. zxid_simple() can be configured to make az automatically)
68
69$ses = zxid_fetch_ses($cf, $attr['sesid']);
70
71if (zxid_az_cf_ses($cf, "Action=Show", $ses)) {
72    echo "Permit.\n";
73} else {
74    echo "<b>Deny.</b> Normally page would not be shown, but we show session attributes for debugging purposes.\n";
75}
76?>
77<h1>ZXID PHP Demo Protected content, logged in as <?=$attr['cn']?>, session(<?=$attr['sesid']?>)</h1>
78<?=zxid_fed_mgmt_cf($cf, null, -1, $attr['sesid'], 0x1900)?>
79
80<p>Output from idhrxml web service call:<br><textarea cols=80 rows=20>
81<?
82$ret = zxid_call($cf, $ses, "urn:id-sis-idhrxml:2007-06:dst-2.1", null, null, null,
83		 "<idhrxml:Query>" .
84		   "<idhrxml:QueryItem>" .
85		     "<idhrxml:Select></idhrxml:Select>" .
86		   "</idhrxml:QueryItem>" .
87		 "</idhrxml:Query>");
88echo $ret;
89?>
90</textarea>
91<p>Output from foobar web service call:<br><textarea cols=80 rows=20>
92<?
93$ret = zxid_call($cf, $ses, "urn:x-foobar", null, null, null, "<foobar>Do it!</foobar>");
94echo $ret;
95?>
96</textarea>
97<p>Output from foobar-php web service call:<br><textarea cols=80 rows=20>
98<?
99$ret = zxid_call($cf, $ses, "urn:x-foobar-php", null, null, null, "<foobar>Do it!</foobar>");
100echo $ret;
101?>
102</textarea>
103<hr>zxidhlo.php, <a href="http://zxid.org/">zxid.org</a>
104