-
Notifications
You must be signed in to change notification settings - Fork 0
/
env3.php
188 lines (162 loc) · 4.82 KB
/
env3.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
<?php
/*
ini_set('session.cookie_secure',true);
if (session_id() == "") session_start();
*/
if (isset($_SERVER['HTTP_SHIB_IDENTITY_PROVIDER'])) {
$providerId = $_SERVER['HTTP_SHIB_IDENTITY_PROVIDER'];
setcookie('providerId', $providerId, time() + 60 * 60 * 24 * 365, '/', '', true);
}
?>
<html>
<head>
<title>Shibboleth Attributes - <?php echo $_SERVER["SERVER_NAME"]; ?></title>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<link rel="SHORTCUT ICON" href="https://cilogon.org/favicon.ico"/>
<script language"JavaScript" type="text/JavaScript">
<!--
function decodeAttributeResponse() {
var textarea = document.getElementById("attributeResponseArea");
var base64str = textarea.value;
var decodedMessage = decode64(base64str);
textarea.value = tidyXml(decodedMessage);
textarea.rows = 15;
document.getElementById("decodeButtonBlock").style.display='none';
}
function tidyXml(xmlMessage) {
//put newline before closing tags of values inside xml blocks
xmlMessage = xmlMessage.replace(/([^>])</g,"$1\n<");
//put newline after every tag
xmlMessage = xmlMessage.replace(/>/g,">\n");
var xmlMessageArray = xmlMessage.split("\n");
xmlMessage="";
var nestedLevel=0;
for (var n=0; n < xmlMessageArray.length; n++) {
if ( xmlMessageArray[n].search(/<\//) > -1 ) {
nestedLevel--;
}
for (i=0; i<nestedLevel; i++) {
xmlMessage+=" ";
}
xmlMessage+=xmlMessageArray[n]+"\n";
if ( xmlMessageArray[n].search(/\/>/) > -1 ) {
//level status the same
}
else if ( ( xmlMessageArray[n].search(/<\//) < 0 ) && (xmlMessageArray[n].search(/</) > -1) ) {
//only increment if this was a tag, not if it is a value
nestedLevel++;
}
}
return xmlMessage;
}
var base64Key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
function decode64(encodedString) {
var decodedMessage = "";
var char1, char2, char3;
var enc1, enc2, enc3, enc4;
var i = 0;
//remove all characters that are not A-Z, a-z, 0-9, +, /, or =
encodedString = encodedString.replace(/[^A-Za-z0-9\+\/\=]/g, "");
do {
enc1 = base64Key.indexOf(encodedString.charAt(i++));
enc2 = base64Key.indexOf(encodedString.charAt(i++));
enc3 = base64Key.indexOf(encodedString.charAt(i++));
enc4 = base64Key.indexOf(encodedString.charAt(i++));
char1 = (enc1 << 2) | (enc2 >> 4);
char2 = ((enc2 & 15) << 4) | (enc3 >> 2);
char3 = ((enc3 & 3) << 6) | enc4;
decodedMessage = decodedMessage + String.fromCharCode(char1);
if (enc3 != 64) {
decodedMessage = decodedMessage + String.fromCharCode(char2);
}
if (enc4 != 64) {
decodedMessage = decodedMessage + String.fromCharCode(char3);
}
} while (i < encodedString.length);
return decodedMessage;
}
// -->
</script>
</head>
<body>
<b>-all SHIB headers-</b> (<code>HTTP_SHIB_ATTRIBUTES</code> is not shown in this list)
<?php
echo '<table>';
foreach ($_SERVER as $key => $value) {
$fkey = '_' . $key;
if (strpos($fkey, 'SHIB') > 1 && $key != "HTTP_SHIB_ATTRIBUTES") {
# if ( strpos($fkey,'SHIB')>1 )
echo '<tr>';
echo '<td>' . $key . '</td><td>' . $value . '</td>';
echo '</tr>';
}
}
echo '<tr><td>(REMOTE_USER)</td><td>' . $_SERVER['REMOTE_USER'] . '</td></tr>';
echo '<tr><td>(HTTP_REMOTE_USER)</td><td>' . $_SERVER['HTTP_REMOTE_USER'] . '</td></tr>';
echo '</table>';
?>
<br/>
attribute response from the IdP (<code>HTTP_SHIB_ATTRIBUTES</code>):<br/>
<textarea id="attributeResponseArea" onclick="select()" rows="1"
cols="130"><?php echo $_SERVER["HTTP_SHIB_ATTRIBUTES"]; ?></textarea><br/>
<span id="decodeButtonBlock"><input type="button" id="decodeButton"
value="decode base64 encoded attribute response using JavaScript"
onClick="decodeAttributeResponse();"><br/></span>
<br/>
<small>
notes:<br/>
The AAP throws away invalid values (eg an unscopedAffiliation of value
"myBoss@<yourdomain>" or a value with an invalid scope which scope is
checked)<br/>
The raw attribute response (<code>HTTP_SHIB_ATTRIBUTES</code>) is NOT
filtered by the AAP and should therefore be disabled for most applications
(<code>exportAssertion=false</code>).<br/>
</small>
<br/>
<hr/>
<br/>
<b>$_REQUEST</b>
<?php
echo '<table>';
foreach ($_REQUEST as $key => $value) {
echo '<tr>';
echo '<td>' . $key . '</td><td>' . $value . '</td>';
echo '</tr>';
}
echo '</table>'
?>
<br/>
<hr/>
<br/>
<b>$_SERVER</b>
<?php
echo '<table>';
foreach ($_SERVER as $key => $value) {
echo '<tr>';
echo '<td>' . $key . '</td><td>' . $value . '</td>';
echo '</tr>';
}
echo '</table>'
?>
<br/>
<hr/>
<br/>
<b>$_SESSION</b>
<?php
echo '<table>';
foreach ($_SESSION as $key => $value) {
echo '<tr>';
echo '<td>' . $key . '</td><td>' . $value . '</td>';
echo '</tr>';
}
echo '</table>'
?>
<br/>
<hr/>
<br/>
<?php
// phpinfo();
?>
</body>
</html>