Skip to content

Commit

Permalink
v.3.18.0
Browse files Browse the repository at this point in the history
  • Loading branch information
damikael authored Oct 7, 2023
2 parents 3bcb759 + 7f89f62 commit 8c25dd8
Show file tree
Hide file tree
Showing 12 changed files with 449 additions and 7 deletions.
2 changes: 1 addition & 1 deletion composer.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"config": {
"version": "3.17.3",
"version": "3.18.0",
"allow-plugins": {
"simplesamlphp/composer-module-installer": true
}
Expand Down
18 changes: 14 additions & 4 deletions setup/Setup.php
Original file line number Diff line number Diff line change
Expand Up @@ -655,6 +655,7 @@ public static function setup(Event $event) {
'clients'=> array(
$proxyClientID => array(
"name"=> "Default client",
"logo"=> "/assets/img/logo.png",
"client_id"=> $proxyClientID,
"client_secret"=> $proxyClientSecret,
"redirect_uri"=> [$proxyRedirectURI]
Expand Down Expand Up @@ -1230,7 +1231,7 @@ public static function setup(Event $event) {

// write proxy example files
if ($config['addProxyExample']) {
echo $colors->getColoredString("\nWrite proxy example files to www (proxy-spid.php, proxy-sample.php, proxy-login.php, error.php)... ", "white");
echo $colors->getColoredString("\nWrite proxy example files to www (proxy.php, proxy-home.php, proxy-sample.php, proxy-login.php, error.php)... ", "white");

// configuration for proxy
$vars = self::proxyVariables($config);
Expand All @@ -1239,6 +1240,10 @@ public static function setup(Event $event) {
$customized = str_replace(array_keys($vars), $vars, $template);
file_put_contents($config['wwwDir'] . "/proxy.php", $customized);

$template = file_get_contents($config['installDir'] . '/setup/sdk/proxy-home.tpl', true);
$customized = str_replace(array_keys($vars), $vars, $template);
file_put_contents($config['wwwDir'] . "/proxy-home.php", $customized);

$template = file_get_contents($config['installDir'] . '/setup/sdk/proxy-sample.tpl', true);
$customized = str_replace(array_keys($vars), $vars, $template);
file_put_contents($config['wwwDir'] . "/proxy-sample.php", $customized);
Expand All @@ -1248,11 +1253,16 @@ public static function setup(Event $event) {
file_put_contents($config['wwwDir'] . "/proxy-login.php", $customized);
if (!file_exists($config['wwwDir'] . "/error.php")) {
// add error.tpl only if not exists
$template = file_get_contents($config['installDir'] . '/setup/sdk/error.tpl', true);
$customized = str_replace(array_keys($vars), $vars, $template);
file_put_contents($config['wwwDir'] . "/error.php", $customized);
$template = file_get_contents($config['installDir'] . '/setup/sdk/error.tpl', true);
$customized = str_replace(array_keys($vars), $vars, $template);
file_put_contents($config['wwwDir'] . "/error.php", $customized);
}

$filesystem->mirror(
$config['installDir'] . "/setup/www/assets",
$config['wwwDir'] . "/assets"
);

echo $colors->getColoredString("OK", "green");
}

Expand Down
256 changes: 256 additions & 0 deletions setup/sdk/proxy-home.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,256 @@
<?php

require_once("{{SDKHOME}}/proxy-spid-php.php");

const PROXY_CONFIG_FILE = "{{SDKHOME}}/spid-php-proxy.json";
const DEBUG = false;
const ERR_REDIRECT = "/metadata.xml";

if(DEBUG) {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
}

$proxy_config = file_exists(PROXY_CONFIG_FILE)? json_decode(file_get_contents(PROXY_CONFIG_FILE), true) : array();
// always set to production to avoid test/validator button to be active while testing
$production = $proxy_config['production'];
$clients = $proxy_config['clients'];

$client_id = isset($_GET['client_id'])? $_GET['client_id'] : null;
$level = (isset($_GET['level']) && $_GET['level'])? $_GET['level'] : 2;
$redirect_uri = isset($_GET['redirect_uri'])? urldecode($_GET['redirect_uri']) : null;
$state = (isset($_GET['state']) && $_GET['state'])? $_GET['state'] : '';
$idp = isset($_GET['idp'])? $_GET['idp'] : null;

if($client_id==null || $client_id=='') {
http_response_code(404);
if(DEBUG) {
echo "client_id not provided";
} else {
header("Location: " . ERR_REDIRECT);
}
die();
}

if($level==null || $level=='') {
http_response_code(404);
if(DEBUG) {
echo "level not provided";
} else {
header("Location: " . ERR_REDIRECT);
}
die();
}

if($redirect_uri==null || $redirect_uri=='') {
http_response_code(404);
if(DEBUG) {
echo "redirect_uri not provided";
} else {
header("Location: " . ERR_REDIRECT);
}
die();
}

if(!in_array($client_id, array_keys($clients))) {
http_response_code(404);
if(DEBUG) {
echo "client_id not found";
} else {
header("Location: " . ERR_REDIRECT);
}
die();
}

if(!in_array($redirect_uri, $clients[$client_id]['redirect_uri'])) {
http_response_code(404);
if(DEBUG) {
echo "redirect_uri not found";
} else {
header("Location: " . ERR_REDIRECT);
}
die();
}


$service = "service";
if($idp=="CIE" || $idp=="CIE TEST") $service = "cie";
$spidsdk = new PROXY_SPID_PHP($client_id, $redirect_uri, $state, $production, $service);

//$spidsdk->setPurpose("P");

$organization_name = isset($clients[$client_id]['description'])? $clients[$client_id]['description'] : '';

if(!$spidsdk->isAuthenticated()) {
if($idp==null || $idp=='') {
?>
<!DOCTYPE html>
<html lang="it">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no" />
<link href="/assets/css/style.css" rel="stylesheet" />
<link href="/assets/css/custom.css?v=2.1" rel="stylesheet" />
<link href="/assets/css/eidas-sp-access-button.min.css" rel="stylesheet" />
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Titillium+Web:wght@200;300;400;600;700;900&display=swap" rel="stylesheet">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css" crossorigin="anonymous" referrerpolicy="no-referrer" />
<?php $spidsdk->insertSPIDButtonCSS(); ?>
</head>
<body>
<div id="root">
<header aria-label="Intestazione">
<div class="bg-transparent my-header" id="page-header">
<div class="row align-items-sm-center">
<div class="col-auto pr-0 pr-md-2">
<img src="<?php echo $proxy_config['clients'][$client_id]['logo']; ?>" alt="Logo" class="logo my-2">
</div>
<div class="col">
<h1>
<?php echo $proxy_config['clients'][$client_id]['name']; ?>
</h1>
</div>
</div>
</div>
</header>
<div id="login" class="container-fluid d-flex flex-column justify-content-between py-3 py-md-4">
<div id="loginPage" class="d-flex flex-column justify-content-between">
<main id="main" class="mb-5">
<h1 class="align-center"><?php echo $organization_name; ?></h1>
<div id="login-form" class="login-form-lg shadow mx-auto mt-3">
<h2 class="h3">Accedi con identità digitale</h2>
<ul class="nav nav-tabs flex-sm-row flex-sm-nowrap" role="tablist">
<li class="nav-item text-sm-center" role="presentation">
<a href="#tab-spid" class="nav-link h-100 px-4 active" data-bs-toggle="tab" aria-controls="tab-spid" role="tab">
<i class="fas fa-user-circle mr-2"></i>SPID
</a>
</li>
<li class="nav-item text-sm-center" role="presentation">
<a href="#tab-cie" class="nav-link h-100 px-4" data-bs-toggle="tab" aria-controls="tab-cie" role="tab">
<i class="fas fa-address-card mr-2"></i>CIE
</a>
</li>
</ul>
<div class="tab-content">
<div id="tab-spid" class="tab-pane fade active show" role="tabpanel" aria-labelledby="tab-spid">
<h3 class="sr-only">Accedi con identità digitale credenziali SPID</h3>
<p>SPID, il&nbsp;<strong>Sistema Pubblico di Identità Digitale</strong>&nbsp;è il sistema di accesso che consente di utilizzare, con un'identità digitale unica, i servizi online della Pubblica Amministrazione e dei privati accreditati. Se sei già in possesso di un'identità digitale, accedi con le credenziali del tuo gestore. Se non hai ancora un'identità digitale, richiedila ad uno dei gestori.</p>
<div class="row align-items-center mt-3">
<div class="col-12 col-md-6">
<ul class="list-link px-1">
<li class="mb-1">
<a href="https://www.spid.gov.it/" target="_blank" rel="noopener noreferrer">
<span class="sr-only">Apre una nuova finestra</span>Maggiori informazioni su SPID</a>
</li>
<li class="mb-1">
<a href="https://www.spid.gov.it/richiedi-spid" target="_blank" rel="noopener noreferrer">
<span class="sr-only">Apre una nuova finestra</span>Non hai SPID?</a>
</li>
<li class="mb-1">
<a href="https://www.spid.gov.it/serve-aiuto" target="_blank" rel="noopener noreferrer">
<span class="sr-only">Apre una nuova finestra</span>Serve aiuto?</a>
</li>
</ul>
</div>
<div class="col-12 col-md-6 text-center">
<?php $spidsdk->insertSPIDButton("M"); ?>
</div>
</div>
<div class="row align-items-center mt-3">
<img id="spid-agid" class="img-fluid mx-auto" src="/assets/img/spid-agid-logo-lb.png" alt="Logo SPID - AGID - Agenzia per l'Italia Digitale">
</div>
</div>
<div id="tab-cie" class="tab-pane fade" role="tabpanel" aria-labelledby="tab-cie">
<h3 class="sr-only">Accedi con identità digitale CIE</h3>
<p>
La&nbsp;<strong>Carta di Identità Elettronica (CIE)</strong>&nbsp;è il documento personale che attesta l'identità del cittadino.&nbsp;Dotata di microprocessore, oltre a comprovare l'identità personale, permette l'accesso ai servizi digitali della Pubblica Amministrazione.
</p>
<!--p>
<strong>L'autenticazione con CIE è attualmente in manutenzione.</strong>
</p-->
<div class="row align-items-center">
<div class="col-12 col-md-6">
<a class="my-3" href="https://www.cartaidentita.interno.gov.it/" target="_blank" rel="noopener noreferrer">
<span class="sr-only">Apre una nuova finestra</span>Maggiori informazioni
</a>
</div>
<div class="col-12 col-md-6 text-center">
<a id="btn-accedi" type="submit" class="btn p-0 border-0 my-3"
href="/proxy-spid.php?action=login&client_id=<?php echo $client_id; ?>&redirect_uri=<?php echo $redirect_uri; ?>&idp=CIE&state=<?php echo $state; ?>">
<img class="img-fluid" src="/assets/img/button_cie.png" alt="">
<span class="sr-only">Accedi con identità digitale CIE</span>
</a>
</div>
</div>
<img id="ministero-interno" class="img-fluid mx-auto" src="/assets/img/logo_mi.png" alt="Logo del Ministero dell’Interno">
</div>
</div>
</div>
</main>
</div>
</div>
<footer id="page-footer">
<div class="container-fluid pb-3">
<hr aria-hidden="true" />
<ul class="list-inline mb-0 w-100">
<li class="list-inline-item">
<a href="#">Privacy</a>
</li>
<li class="list-inline-item">
<a href="#">Note legali</a>
</li>
</ul>
</div>
</footer>
</div>
<?php $spidsdk->insertSPIDButtonJS(); ?>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js"></script>
</body>
</html>
<?php
} else {
/***
* questo branch non viene raggiunto perchè utilizzando
* $spidsdk->insertSPIDButton per simplicità
* il login viene effettuato da proxy-spid.php
* con i valori di spid_level e atcs_index predefiniti
* in spid-php-proxy.json
* Quindi ogni applicativo (compreso OIDC Plugin)
* non può gestirli a runtime
**/
if($spidsdk->isIdPAvailable($idp)) {
$spidsdk->login($idp, $level, "", 0);
} else {
if(DEBUG) {
echo "idp not valid";
} else {
header("Location: " . ERR_REDIRECT);
}
}
// set AttributeConsumingServiceIndex 2
//$spidsdk->login($idp, 2, "", 2);
}
} else {
$idp = $spidsdk->getIdPKey();
$proxy_url = "/proxy-spid.php?action=login&client_id=".$client_id.
"&redirect_uri=".$redirect_uri.
"&state=".$state.
"&idp=".$idp;
header("Location: " . $proxy_url);
}
?>
Loading

0 comments on commit 8c25dd8

Please sign in to comment.