gluu
公開メンバ関数 | 限定公開変数類 | 非公開メンバ関数 | 全メンバ一覧
ControllerModuleGluuSSO クラス
ControllerModuleGluuSSO の継承関係図
Inheritance graph
ControllerModuleGluuSSO 連携図
Collaboration graph

公開メンバ関数

 install ()
 
 uninstall ()
 
 index ()
 
 edit ()
 
 openidconfig ()
 
 gluupostdata ()
 
 gluu_is_oxd_registered ()
 
 gluu_is_port_working ()
 
 index ()
 
 logout ()
 
 login_by_sso ()
 
 add_customer ($data)
 
 login ($customer_id)
 
 get_by_email ($email)
 
 generate_hash ($length)
 
 gluu_is_oxd_registered ()
 
 login_url ()
 
 prompt_login_url ($prompt)
 
 gluu_is_port_working ()
 
 gluu_sso_doing_logout ($user_oxd_id_token, $session_states, $state)
 
 admin_login ($username)
 

限定公開変数類

 $error
 

非公開メンバ関数

 show_template ($data)
 
 get_template ($template)
 

詳解

関数詳解

◆ add_customer()

ControllerModuleGluuSSO::add_customer (   $data)
464  {
465  $this->load->model('module/gluu_sso');
466  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
467 
468  if(!empty($gluu_other_config['gluu_user_role'])){
469  $gluu_user_role = $gluu_other_config['gluu_user_role'];
470  }else{
471  $gluu_user_role = $this->config->get('config_customer_group_id');
472  }
473  $this->load->model('account/customer');
474  $this->load->model('account/customer_group');
475  $country_id = $this->model_module_gluu_sso->getCountry_by_iso($data ['customer_country'])['country_id'] ? $this->model_module_gluu_sso->getCountry_by_iso($data ['customer_country'])['country_id'] : 0;
476  $zone_id = $this->model_module_gluu_sso->getZone($data ['customer_zone'],$country_id)['zone_id'] ? $this->model_module_gluu_sso->getZone($data ['customer_zone'],$country_id)['zone_id'] : 0;
477 
478  $customer_data = array(
479  'customer_group_id' => $gluu_user_role,
480  'firstname' => $data ['customer_first_name'],
481  'lastname' => $data ['customer_last_name'],
482  'email' => $data ['customer_email'],
483  'telephone' => $data ['customer_telephone'],
484  'fax' => $data ['customer_fax'],
485  'password' => $this->generate_hash (8),
486  'company' => '',
487  'address_1' => $data ['customer_address_1'],
488  'address_2' => $data ['customer_address_2'],
489  'city' => $data ['customer_city'],
490  'postcode' => $data ['customer_postcode'],
491  'country_id' => $country_id,
492  'zone_id' => $zone_id
493  );
494 
495  $customer_id = $this->model_account_customer->addCustomer($customer_data);
496 
497  if (is_numeric ($customer_id))
498  {
499  return $customer_id;
500  }
501 
502  // Error
503  return false;
504  }
ControllerModuleGluuSSO\generate_hash
generate_hash($length)
Definition: gluu_sso.php:553

◆ admin_login()

ControllerModuleGluuSSO::admin_login (   $username)
759  {
760  $user_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "user WHERE email = '" . $username . "' AND status = '1'");
761 
762  if ($user_query->num_rows) {
763  $this->session->data['user_id'] = $user_query->row['user_id'];
764 
765 
766  return true;
767  } else {
768  return false;
769  }
770  }

◆ edit()

ControllerModuleGluuSSO::edit ( )
166  {
167  $this->load->model('module/gluu_sso');
168  if(!empty($_SESSION['message_error'])){
169  $data['message_error'] = $_SESSION['message_error'];
170  $_SESSION['message_error'] = '';
171  }else{
172  $data['message_error'] = '';
173  }
174  if(!empty($_SESSION['message_success'])){
175  $data['message_success'] = $_SESSION['message_success'];
176  $_SESSION['message_success'] = '';
177  }else{
178  $data['message_success'] = '';
179  }
180  if(!empty($_SESSION['openid_error'])){
181  $data['openid_error'] = $_SESSION['openid_error'];
182  }else{
183  $data['openid_error'] = '';
184  }
185  if(!empty($_SESSION['openid_error_edit'])){
186  $data['openid_error_edit'] = $_SESSION['openid_error_edit'];
187  }else{
188  $data['openid_error_edit'] = '';
189  }
190  $this->model_module_gluu_sso->adding_gluu_data();
191  $this->load->language('module/gluu_sso');
192  $this->document->setTitle($this->language->get('heading_title'));
193  $this->document->addStyle('view/stylesheet/gluu_sso/gluu_sso.css');
194  $this->load->model('setting/setting');
195  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
196  $data['heading_title'] = $this->language->get('heading_title');
197  $data['get_scopes'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
198  $data['gluu_config'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
199  $data['gluu_acr'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
200  $data['gluu_auth_type'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_auth_type');
201  $data['gluu_send_user_check'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_send_user_check');
202  $data['gluu_new_roles'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
203  $data['gluu_users_can_register'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
204  if($this->gluu_is_oxd_registered()){
205  $data['gluu_is_oxd_registered'] = $this->gluu_is_oxd_registered();
206  }else{
207  $data['gluu_is_oxd_registered'] = false;
208  }
209  $data['text_edit'] = $this->language->get('text_edit');
210  $data['base_url'] = HTTPS_CATALOG;
211  $customer_groups = $this->model_module_gluu_sso->getCustomerGroup();
212  $user_types = array();
213  foreach ($customer_groups as $customer_group){
214  $user_types [] = array('name'=>$customer_group['name'], 'status'=>$customer_group['customer_group_id']);
215  }
216  $data['user_types'] = $user_types;
217  if(!empty($gluu_other_config['gluu_oxd_id'])){
218  $data['gluu_oxd_id'] = $gluu_other_config['gluu_oxd_id'];
219  }else{
220  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
221  return;
222  }
223  if(!empty($gluu_other_config['gluu_custom_logout'])){
224  $data['gluu_custom_logout'] = $gluu_other_config['gluu_custom_logout'];
225  }else{
226  $data['gluu_custom_logout'] = HTTPS_CATALOG;
227  }
228  if(!empty($gluu_other_config['gluu_user_role'])){
229  $data['gluu_user_role'] = $gluu_other_config['gluu_user_role'];
230  }else{
231  $data['gluu_user_role'] = $this->config->get('config_customer_group_id');;
232  }
233  if(!empty($gluu_other_config['gluu_provider'])){
234  $data['gluu_provider'] = $gluu_other_config['gluu_provider'];
235  }else{
236  $data['gluu_provider'] = '';
237  }
238 
239  $data['action'] = $this->url->link('module/gluu_sso/gluupostdata', 'token=' . $this->session->data['token'], 'SSL');
240  $data['action_edit'] = $this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL');
241  $data['action_openidconfig'] = $this->url->link('module/gluu_sso/openidconfig', 'token=' . $this->session->data['token'], 'SSL');
242  $data['cancel'] = $this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL');
243  $data['action_general'] = $this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL');
244  $data['header'] = $this->load->controller('common/header');
245  $data['column_left'] = $this->load->controller('common/column_left');
246  $data['footer'] = $this->load->controller('common/footer');
247 
248  $this->response->setOutput($this->load->view('module/gluu_sso/gluu_sso_edit.tpl', $data));
249  }
ControllerModuleGluuSSO\gluu_is_oxd_registered
gluu_is_oxd_registered()
Definition: gluu_sso.php:1332
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ generate_hash()

ControllerModuleGluuSSO::generate_hash (   $length)
554  {
555  $hash = '';
556 
557  for($i = 0; $i < $length; $i ++)
558  {
559  do
560  {
561  $char = chr (mt_rand (48, 122));
562  }
563  while ( !preg_match ('/[a-zA-Z0-9]/', $char) );
564 
565  $hash .= $char;
566  }
567 
568  return $hash;
569  }

◆ get_by_email()

ControllerModuleGluuSSO::get_by_email (   $email)
542  {
543  $sql = "SELECT customer_id FROM `" . DB_PREFIX . "customer` WHERE email = '" . $this->db->escape ($email) . "'";
544  $result = $this->db->query ($sql)->row;
545 
546  if (is_array ($result) && !empty ($result ['customer_id']))
547  {
548  return $result ['customer_id'];
549  }
550 
551  return false;
552  }

◆ get_template()

ControllerModuleGluuSSO::get_template (   $template)
private
446  {
447  if (defined ('VERSION') && version_compare (VERSION, '2.2.0', '>='))
448  {
449  $template_file = '/template/'. $template .'.tpl';
450  $template_folder = $this->config->get ('config_template');
451  $template_folder = (file_exists (DIR_TEMPLATE . $template_folder . $template_file) ? $template_folder : '');
452  $template_v = $template;
453  }
454  else
455  {
456  $template_file = '/template/'. $template .'.tpl';
457  $template_folder = $this->config->get ('config_template');
458  $template_folder = (file_exists (DIR_TEMPLATE . $template_folder . $template_file) ? $template_folder : 'default');
459  $template_v = $template_file;
460  }
461  return ($template_folder . $template_v);
462  }

◆ gluu_is_oxd_registered() [1/2]

ControllerModuleGluuSSO::gluu_is_oxd_registered ( )
570  {
571  $this->load->model('module/gluu_sso');
572  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
573  if(!empty($gluu_other_config['gluu_oxd_id'])){
574  return $gluu_other_config['gluu_oxd_id'];
575  }else{
576  return 0;
577  }
578  }

◆ gluu_is_oxd_registered() [2/2]

ControllerModuleGluuSSO::gluu_is_oxd_registered ( )
1332  {
1333  $this->load->model('module/gluu_sso');
1334  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
1335  if(!empty($gluu_other_config['gluu_oxd_id'])){
1336  return $gluu_other_config['gluu_oxd_id'];
1337  }else{
1338  return 0;
1339  }
1340  }

◆ gluu_is_port_working() [1/2]

ControllerModuleGluuSSO::gluu_is_port_working ( )
674  {
675  $this->load->model('module/gluu_sso');
676  $config_option = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
677  $connection = @fsockopen('127.0.0.1', $config_option['gluu_oxd_port']);
678  if (is_resource($connection))
679  {
680  fclose($connection);
681  return true;
682  }
683  else
684  {
685  return false;
686  }
687  }

◆ gluu_is_port_working() [2/2]

ControllerModuleGluuSSO::gluu_is_port_working ( )
1341  {
1342  $this->load->model('module/gluu_sso');
1343  $config_option = json_decode($this->model_module_gluu_sso->gluu_db_query_select( 'gluu_config'),true);
1344  $connection = @fsockopen('127.0.0.1', $config_option['gluu_oxd_port']);
1345  if (is_resource($connection))
1346  {
1347  fclose($connection);
1348  return true;
1349  }
1350  else
1351  {
1352  return false;
1353  }
1354  }

◆ gluu_sso_doing_logout()

ControllerModuleGluuSSO::gluu_sso_doing_logout (   $user_oxd_id_token,
  $session_states,
  $state 
)
689  {
690  $this->load->model('module/gluu_sso');
691  @session_start();
692  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
693  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
694 
695  if(!empty($gluu_other_config['gluu_oxd_id'])){
696  $gluu_oxd_id = $gluu_other_config['gluu_oxd_id'];
697  }else{
698  $gluu_oxd_id = '';
699  }
700  if(!empty($gluu_other_config['gluu_custom_logout'])){
701  $gluu_custom_logout = $gluu_other_config['gluu_custom_logout'];
702  }else{
703  $gluu_custom_logout = '';
704  }
705  if(!empty($gluu_other_config['gluu_user_role'])){
706  $gluu_user_role = $gluu_other_config['gluu_user_role'];
707  }else{
708  $gluu_user_role = 0;
709  }
710  if(!empty($gluu_other_config['gluu_provider'])){
711  $gluu_provider = $gluu_other_config['gluu_provider'];
712  }else{
713  $gluu_provider = '';
714  }
715  if(isset($_SESSION['session_in_op'])){
716  if(time()<(int)$_SESSION['session_in_op']) {
717  require_once(DIR_SYSTEM . 'library/oxd-rp/Logout.php');
718  $arrContextOptions=array(
719  "ssl"=>array(
720  "verify_peer"=>false,
721  "verify_peer_name"=>false,
722  ),
723  );
724  $json = file_get_contents($gluu_provider.'/.well-known/openid-configuration', false, stream_context_create($arrContextOptions));
725  $obj = json_decode($json);
726 
727  if (!empty($obj->end_session_endpoint ) or $gluu_provider == 'https://accounts.google.com') {
728  if (!empty($_SESSION['user_oxd_id_token'])) {
729  if ($gluu_oxd_id && $_SESSION['user_oxd_id_token'] && $_SESSION['session_in_op']) {
730  $logout = new Logout();
731  $logout->setRequestOxdId($gluu_oxd_id);
732  $logout->setRequestIdToken($_SESSION['user_oxd_id_token']);
733  $logout->setRequestPostLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
734  $logout->setRequestSessionState($_SESSION['session_state']);
735  $logout->setRequestState($_SESSION['state']);
736  $logout->request();
737  unset($_SESSION['user_oxd_access_token']);
738  unset($_SESSION['user_oxd_id_token']);
739  unset($_SESSION['session_state']);
740  unset($_SESSION['state']);
741  unset($_SESSION['session_in_op']);
742  header("Location: " . $logout->getResponseObject()->data->uri);
743  exit;
744  }
745  }
746  } else {
747  session_destroy();
748  unset($_SESSION['user_oxd_access_token']);
749  unset($_SESSION['user_oxd_id_token']);
750  unset($_SESSION['session_state']);
751  unset($_SESSION['state']);
752  unset($_SESSION['session_in_op']);
753  }
754  }
755  }
756 
757  return $this->url->link('account/login', '', 'SSL');
758  }
oxdrp\$logout
$logout
Definition: Logout_test.php:6
Logout
Definition: Logout.php:62
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ gluupostdata()

ControllerModuleGluuSSO::gluupostdata ( )
387  {
388  $this->load->model('module/gluu_sso');
389  require_once(DIR_SYSTEM . 'library/oxd-rp/Register_site.php');
390  require_once(DIR_SYSTEM . 'library/oxd-rp/Update_site_registration.php');
391  $base_url = HTTPS_CATALOG;
392  if( isset( $_REQUEST['submit'] ) and strpos( $_REQUEST['submit'], 'delete' ) !== false and !empty($_REQUEST['submit'])) {
393  $this->model_module_gluu_sso->drop_table();
394  unset($_SESSION['openid_error']);
395  unset($_SESSION['openid_error_edit']);
396  $_SESSION['openid_error'] = '';
397  $_SESSION['openid_error_edit'] = '';
398  $_SESSION['message_success'] = 'Configurations deleted Successfully.';
399  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
400  return;
401  }
402  if( isset( $_REQUEST['form_key'] ) and strpos( $_REQUEST['form_key'], 'general_register_page' ) !== false ) {
403  if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != "on") {
404  $_SESSION['message_error'] = 'OpenID Connect requires https. This extension will not work if your website uses http only.';
405  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
406  return;
407  }
408  if($_POST['gluu_user_role']){
409  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
410  $gluu_other_config['gluu_user_role'] = $_POST['gluu_user_role'];
411  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
412  }else{
413  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
414  $gluu_other_config['gluu_user_role'] = 0;
415  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
416  }
417  if($_POST['gluu_users_can_register']==1){
418  $this->model_module_gluu_sso->gluu_db_query_update('gluu_users_can_register', $_POST['gluu_users_can_register']);
419  if(!empty(array_values(array_filter($_POST['gluu_new_role'])))){
420  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array_unique(array_values(array_filter($_POST['gluu_new_role'])))));
421  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
422  array_push($config['config_scopes'],'permission');
423  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
424  }else{
425  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array()));
426  }
427  }
428  if($_POST['gluu_users_can_register']==2){
429  $this->model_module_gluu_sso->gluu_db_query_update('gluu_users_can_register', 2);
430  if(!empty(array_values(array_filter($_POST['gluu_new_role'])))){
431  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array_unique(array_values(array_filter($_POST['gluu_new_role'])))));
432  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
433  array_push($config['config_scopes'],'permission');
434  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
435  }else{
436  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array()));
437  }
438  }
439  if($_POST['gluu_users_can_register']==3){
440  $this->model_module_gluu_sso->gluu_db_query_update('gluu_users_can_register', 3);
441  if(!empty(array_values(array_filter($_POST['gluu_new_role'])))){
442  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array_unique(array_values(array_filter($_POST['gluu_new_role'])))));
443  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
444  array_push($config['config_scopes'],'permission');
445  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
446  }else{
447  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array()));
448  }
449  }
450  if (empty($_POST['gluu_oxd_port'])) {
451  $_SESSION['message_error'] = 'All the fields are required. Please enter valid entries.';
452  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
453  return;
454  }
455  else if (intval($_POST['gluu_oxd_port']) > 65535 && intval($_POST['gluu_oxd_port']) < 0) {
456  $_SESSION['message_error'] = 'Enter your oxd host port (Min. number 1, Max. number 65535)';
457  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
458  return;
459  }
460  else if (!empty($_POST['gluu_provider'])) {
461  if (filter_var($_POST['gluu_provider'], FILTER_VALIDATE_URL) === false) {
462  $_SESSION['message_error'] = 'Please enter valid OpenID Provider URI.';
463  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
464  return;
465  }
466  }
467  if(!empty($_POST['gluu_custom_logout'])){
468  if (filter_var($_POST['gluu_custom_logout'], FILTER_VALIDATE_URL) === false) {
469  $_SESSION['message_error'] = 'Please enter valid Custom URI.';
470  }else{
471  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
472  $gluu_other_config['gluu_custom_logout'] = $_POST['gluu_custom_logout'];
473  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
474  }
475  }
476  else{
477  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_custom_logout'),true);
478  $gluu_other_config['gluu_custom_logout'] = '';
479  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
480  }
481  if (isset($_POST['gluu_provider']) and !empty($_POST['gluu_provider'])) {
482  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
483  $gluu_other_config['gluu_provider'] = $_POST['gluu_provider'];
484  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
485  $arrContextOptions=array(
486  "ssl"=>array(
487  "verify_peer"=>false,
488  "verify_peer_name"=>false,
489  ),
490  );
491  $gluu_provider = $gluu_other_config['gluu_provider'];
492  $json = file_get_contents($gluu_provider.'/.well-known/openid-configuration', false, stream_context_create($arrContextOptions));
493  $obj = json_decode($json);
494  if(!empty($obj->userinfo_endpoint)){
495 
496  if(empty($obj->registration_endpoint)){
497  $_SESSION['message_success'] = "Please enter your client_id and client_secret.";
498  $gluu_config = json_encode(array(
499  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
500  "admin_email" => $this->config->get('config_email'),
501  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
502  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
503  "config_scopes" => ["openid","profile","email"],
504  "gluu_client_id" => "",
505  "gluu_client_secret" => "",
506  "config_acr" => []
507  ));
508  if($_POST['gluu_users_can_register']==2){
509  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
510  array_push($config['config_scopes'],'permission');
511  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
512  }
513  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
514  if(isset($_POST['gluu_client_id']) and !empty($_POST['gluu_client_id']) and
515  isset($_POST['gluu_client_secret']) and !empty($_POST['gluu_client_secret'])){
516  $gluu_config = json_encode(array(
517  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
518  "admin_email" => $this->config->get('config_email'),
519  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
520  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
521  "config_scopes" => ["openid","profile","email"],
522  "gluu_client_id" => $_POST['gluu_client_id'],
523  "gluu_client_secret" => $_POST['gluu_client_secret'],
524  "config_acr" => []
525  ));
526  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
527  if($_POST['gluu_users_can_register']==2){
528  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
529  array_push($config['config_scopes'],'permission');
530  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
531  }
532  if(!$this->gluu_is_port_working()){
533  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
534  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
535  return;
536  }
537  $register_site = new Register_site();
538  $register_site->setRequestOpHost($gluu_provider);
539  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
540  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
541  $register_site->setRequestContacts([$gluu_config['admin_email']]);
542  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
543  $get_scopes = json_encode($obj->scopes_supported);
544  if(!empty($obj->acr_values_supported)){
545  $get_acr = json_encode($obj->acr_values_supported);
546  $get_acr = $this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $get_acr);
547  $register_site->setRequestAcrValues($gluu_config['config_acr']);
548  }
549  else{
550  $register_site->setRequestAcrValues($gluu_config['config_acr']);
551  }
552  if(!empty($obj->scopes_supported)){
553  $get_scopes = json_encode($obj->scopes_supported);
554  $get_scopes = $this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes);
555  $register_site->setRequestScope($obj->scopes_supported);
556  }
557  else{
558  $register_site->setRequestScope($gluu_config['config_scopes']);
559  }
560  $register_site->setRequestClientId($gluu_config['gluu_client_id']);
561  $register_site->setRequestClientSecret($gluu_config['gluu_client_secret']);
562  $status = $register_site->request();
563  if(!$status['status']){
564  if ($status['message'] == 'invalid_op_host') {
565  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
566  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
567  return;
568  }
569  if (!$status['status']) {
570  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
571  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
572  return;
573  }
574  if ($status['message'] == 'internal_error') {
575  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
576  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
577  return;
578  }
579  }
580  $gluu_oxd_id = $register_site->getResponseOxdId();
581  if ($gluu_oxd_id) {
582  $gluu_provider = $register_site->getResponseOpHost();
583  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
584  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
585  $gluu_other_config['gluu_provider'] = $gluu_provider;
586  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
587  $_SESSION['message_success'] = 'Your settings are saved successfully.';
588  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
589  return;
590  } else {
591  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
592  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
593  return;
594  }
595  }
596  else{
597  $_SESSION['openid_error'] = 'Error505.';
598  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
599  return;
600  }
601  }
602  else{
603 
604  $gluu_config = json_encode(array(
605  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
606  "admin_email" => $this->config->get('config_email'),
607  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
608  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
609  "config_scopes" => ["openid","profile","email"],
610  "gluu_client_id" => "",
611  "gluu_client_secret" => "",
612  "config_acr" => []
613  ));
614  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
615  if($_POST['gluu_users_can_register']==2){
616  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
617  array_push($config['config_scopes'],'permission');
618  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
619  }
620  if(!$this->gluu_is_port_working()){
621  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
622  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
623  return;
624  }
625  if(!$this->gluu_is_port_working()){
626  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
627  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
628  return;
629  }
630  if(!$this->gluu_is_port_working()){
631  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
632  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
633  return;
634  }
635  $register_site = new Register_site();
636  $register_site->setRequestOpHost($gluu_provider);
637  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
638  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
639  $register_site->setRequestContacts([$gluu_config['admin_email']]);
640  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
641  $get_scopes = json_encode($obj->scopes_supported);
642  if(!empty($obj->acr_values_supported)){
643  $get_acr = json_encode($obj->acr_values_supported);
644  $get_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $get_acr));
645  $register_site->setRequestAcrValues($gluu_config['config_acr']);
646  }
647  else{
648  $register_site->setRequestAcrValues($gluu_config['config_acr']);
649  }
650  if(!empty($obj->scopes_supported)){
651  $get_scopes = json_encode($obj->scopes_supported);
652  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes));
653  $register_site->setRequestScope($obj->scopes_supported);
654  }
655  else{
656  $register_site->setRequestScope($gluu_config['config_scopes']);
657  }
658  $status = $register_site->request();
659  if(!$status['status']){
660  if ($status['message'] == 'invalid_op_host') {
661  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
662  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
663  return;
664  }
665  if (!$status['status']) {
666  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
667  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
668  return;
669  }
670  if ($status['message'] == 'internal_error') {
671  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
672  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
673  return;
674  }
675  }
676  $gluu_oxd_id = $register_site->getResponseOxdId();
677  if ($gluu_oxd_id) {
678  $gluu_provider = $register_site->getResponseOpHost();
679  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
680  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
681  $gluu_other_config['gluu_provider'] = $gluu_provider;
682  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
683  $_SESSION['message_success'] = 'Your settings are saved successfully.';
684  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
685  return;
686  }
687  else {
688  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
689  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
690  return;
691  }
692  }
693  }
694  else{
695  $_SESSION['message_error'] = 'Please enter correct URI of the OpenID Provider';
696  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
697  return;
698  }
699 
700  }
701  else{
702  $gluu_config = json_encode(array(
703  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
704  "admin_email" => $this->config->get('config_email'),
705  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
706  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
707  "config_scopes" => ["openid","profile","email"],
708  "gluu_client_id" => "",
709  "gluu_client_secret" => "",
710  "config_acr" => []
711  ));
712  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
713  if($_POST['gluu_users_can_register']==2){
714  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
715  array_push($config['config_scopes'],'permission');
716  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
717  }
718  if(!$this->gluu_is_port_working()){
719  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
720  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
721  return;
722  }
723  $register_site = new Register_site();
724  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
725  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
726  $register_site->setRequestContacts([$gluu_config['admin_email']]);
727  $register_site->setRequestAcrValues($gluu_config['config_acr']);
728  $register_site->setRequestScope($gluu_config['config_scopes']);
729  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
730  $status = $register_site->request();
731 
732  if(!$status['status']){
733  if ($status['message'] == 'invalid_op_host') {
734  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
735  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
736  return;
737  }
738  if (!$status['status']) {
739  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
740  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
741  return;
742  }
743  if ($status['message'] == 'internal_error') {
744  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
745  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
746  return;
747  }
748  }
749  $gluu_oxd_id = $register_site->getResponseOxdId();
750  if ($gluu_oxd_id) {
751  $gluu_provider = $register_site->getResponseOpHost();
752  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
753  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
754  $gluu_other_config['gluu_provider'] = $gluu_provider;
755  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
756  $arrContextOptions=array(
757  "ssl"=>array(
758  "verify_peer"=>false,
759  "verify_peer_name"=>false,
760  ),
761  );
762  $json = file_get_contents($gluu_provider.'/.well-known/openid-configuration', false, stream_context_create($arrContextOptions));
763  $obj = json_decode($json);
764  if(!$this->gluu_is_port_working()){
765  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
766  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
767  return;
768  }
769  $register_site = new Register_site();
770  $register_site->setRequestOpHost($gluu_provider);
771  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
772  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
773  $register_site->setRequestContacts([$gluu_config['admin_email']]);
774  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
775 
776  $get_scopes = json_encode($obj->scopes_supported);
777  if(!empty($obj->acr_values_supported)){
778  $get_acr = json_encode($obj->acr_values_supported);
779  $get_acr = $this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $get_acr);
780  $register_site->setRequestAcrValues($gluu_config['config_acr']);
781  }
782  else{
783  $register_site->setRequestAcrValues($gluu_config['config_acr']);
784  }
785  if(!empty($obj->scopes_supported)){
786  $get_scopes = json_encode($obj->scopes_supported);
787  $get_scopes = $this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes);
788  $register_site->setRequestScope($obj->scopes_supported);
789  }
790  else{
791  $register_site->setRequestScope($gluu_config['config_scopes']);
792  }
793  $status = $register_site->request();
794  if(!$status['status']){
795  if ($status['message'] == 'invalid_op_host') {
796  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
797  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
798  return;
799  }
800  if (!$status['status']) {
801  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
802  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
803  return;
804  }
805  if ($status['message'] == 'internal_error') {
806  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
807  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
808  return;
809  }
810  }
811  $gluu_oxd_id = $register_site->getResponseOxdId();
812  if ($gluu_oxd_id) {
813  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
814  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
815  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
816  $_SESSION['message_success'] = 'Your settings are saved successfully.';
817  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
818  return;
819  }
820  else {
821  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
822  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
823  return;
824  }
825  }
826  else {
827  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
828  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
829  return;
830  }
831  }
832  }
833  else if (isset( $_REQUEST['form_key'] ) and strpos( $_REQUEST['form_key'], 'general_oxd_edit' ) !== false) {
834 
835  if($_POST['gluu_user_role']){
836  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
837  $gluu_other_config['gluu_user_role'] = $_POST['gluu_user_role'];
838  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
839  }else{
840  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
841  $gluu_other_config['gluu_user_role'] = 0;
842  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
843  }
844  if($_POST['gluu_users_can_register']==1){
845  $this->model_module_gluu_sso->gluu_db_query_update('gluu_users_can_register', $_POST['gluu_users_can_register']);
846  if(!empty(array_values(array_filter($_POST['gluu_new_role'])))){
847  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array_unique(array_values(array_filter($_POST['gluu_new_role'])))));
848  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
849  array_push($config['config_scopes'],'permission');
850  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
851  }else{
852  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(null));
853  }
854  }
855  if($_POST['gluu_users_can_register']==2){
856  $this->model_module_gluu_sso->gluu_db_query_update('gluu_users_can_register', 2);
857 
858  if(!empty(array_values(array_filter($_POST['gluu_new_role'])))){
859  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array_unique(array_values(array_filter($_POST['gluu_new_role'])))));
860  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
861  array_push($config['config_scopes'],'permission');
862  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
863  }else{
864  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(null));
865  }
866  }
867  if($_POST['gluu_users_can_register']==3){
868  $this->model_module_gluu_sso->gluu_db_query_update('gluu_users_can_register', 3);
869  if(!empty(array_values(array_filter($_POST['gluu_new_role'])))){
870  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(array_unique(array_values(array_filter($_POST['gluu_new_role'])))));
871  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
872  array_push($config['config_scopes'],'permission');
873  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
874  }else{
875  $this->model_module_gluu_sso->gluu_db_query_update('gluu_new_role', json_encode(null));
876  }
877  }
878  $get_scopes = json_encode(array("openid", "profile","email"));
879  $get_scopes = $this->model_module_gluu_sso->gluu_db_query_update('get_scopes', $get_scopes);
880 
881  $gluu_acr = json_encode(array("none"));
882  $gluu_acr = $this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $gluu_acr);
883 
884  if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != "on") {
885  $_SESSION['message_error'] = 'OpenID Connect requires https. This extension will not work if your website uses http only.';
886  $this->response->redirect($this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL'));
887  return;
888  }
889  if (empty($_POST['gluu_oxd_port'])) {
890  $_SESSION['message_error'] = 'All the fields are required. Please enter valid entries.';
891  $this->response->redirect($this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL'));
892  return;
893  }
894  else if (intval($_POST['gluu_oxd_port']) > 65535 && intval($_POST['gluu_oxd_port']) < 0) {
895  $_SESSION['message_error'] = 'Enter your oxd host port (Min. number 0, Max. number 65535).';
896  $this->response->redirect($this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL'));
897  return;
898  }
899  if (!empty($_POST['gluu_custom_logout'])) {
900  if (filter_var($_POST['gluu_custom_logout'], FILTER_VALIDATE_URL) === false) {
901  $_SESSION['message_error'] = 'Please enter valid Custom URI.';
902  }else{
903  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
904  $gluu_other_config['gluu_custom_logout'] = $_POST['gluu_custom_logout'];
905  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
906  }
907  }else{
908  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
909  $gluu_other_config['gluu_custom_logout'] = '';
910  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
911  }
912  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
913  $gluu_other_config['gluu_oxd_id'] = '';
914  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
915  $gluu_config = array(
916  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
917  "admin_email" => $this->config->get('config_email'),
918  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
919  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
920  "config_scopes" => ["openid","profile","email"],
921  "gluu_client_id" => "",
922  "gluu_client_secret" => "",
923  "config_acr" => []
924  );
925 
926  $gluu_config = $this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($gluu_config));
927  if($_POST['gluu_users_can_register']==2){
928  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
929  array_push($config['config_scopes'],'permission');
930  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
931  }
932  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
933  $gluu_provider = $gluu_other_config['gluu_provider'];
934  if (!empty($gluu_provider)) {
935  $arrContextOptions=array(
936  "ssl"=>array(
937  "verify_peer"=>false,
938  "verify_peer_name"=>false,
939  ),
940  );
941  $json = file_get_contents($gluu_provider.'/.well-known/openid-configuration', false, stream_context_create($arrContextOptions));
942  $obj = json_decode($json);
943  if(!empty($obj->userinfo_endpoint)){
944  if(empty($obj->registration_endpoint)){
945  if(isset($_POST['gluu_client_id']) and !empty($_POST['gluu_client_id']) and
946  isset($_POST['gluu_client_secret']) and !empty($_POST['gluu_client_secret']) and !$obj->registration_endpoint){
947  $gluu_config = array(
948  "gluu_oxd_port" => $_POST['gluu_oxd_port'],
949  "admin_email" => $this->config->get('config_email'),
950  "gluu_client_id" => $_POST['gluu_client_id'],
951  "gluu_client_secret" => $_POST['gluu_client_secret'],
952  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
953  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
954  "config_scopes" => ["openid", "profile","email"],
955  "config_acr" => []
956  );
957  $gluu_config1 = $this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($gluu_config));
958  if($_POST['gluu_users_can_register']==2){
959  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
960  array_push($config['config_scopes'],'permission');
961  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
962  }
963  if(!$this->gluu_is_port_working()){
964  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
965  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
966  return;
967  }
968  $register_site = new Register_site();
969  $register_site->setRequestOpHost($gluu_provider);
970  $register_site->setRequestAcrValues($gluu_config['config_acr']);
971  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
972  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
973  $register_site->setRequestContacts([$this->config->get('config_email')]);
974  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
975  if(!empty($obj->acr_values_supported)){
976  $get_acr = json_encode($obj->acr_values_supported);
977  $gluu_config = $this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $gluu_acr);
978  }
979  if(!empty($obj->scopes_supported)){
980  $get_scopes = json_encode($obj->scopes_supported);
981  $gluu_config = $this->model_module_gluu_sso->gluu_db_query_update('get_scopes', $get_scopes);
982  $register_site->setRequestScope($obj->scopes_supported);
983  }else{
984  $register_site->setRequestScope($gluu_config['config_scopes']);
985  }
986  $register_site->setRequestClientId($_POST['gluu_client_id']);
987  $register_site->setRequestClientSecret($_POST['gluu_client_secret']);
988  $status = $register_site->request();
989  if(!$status['status']){
990  if ($status['message'] == 'invalid_op_host') {
991  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
992  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
993  return;
994  }
995  if (!$status['status']) {
996  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
997  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
998  return;
999  }
1000  if ($status['message'] == 'internal_error') {
1001  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
1002  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1003  return;
1004  }
1005  }
1006  $gluu_oxd_id = $register_site->getResponseOxdId();
1007  if ($gluu_oxd_id) {
1008  $gluu_provider = $register_site->getResponseOpHost();
1009  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
1010  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
1011  $gluu_other_config['gluu_provider'] = $gluu_provider;
1012  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
1013  $_SESSION['message_success'] = 'Your settings are saved successfully.';
1014  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1015  return;
1016  } else {
1017  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1018  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1019  return;
1020  }
1021  }
1022  else{
1023  $_SESSION['openid_error_edit'] = 'Error506';
1024  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1025  return;
1026  }
1027  }
1028  else{
1029  $gluu_config = array(
1030  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
1031  "admin_email" => $this->config->get('config_email'),
1032  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
1033  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
1034  "config_scopes" => ["openid","profile","email"],
1035  "gluu_client_id" => "",
1036  "gluu_client_secret" => "",
1037  "config_acr" => []
1038  );
1039  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($gluu_config)),true);
1040  if($_POST['gluu_users_can_register']==2){
1041  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
1042  array_push($config['config_scopes'],'permission');
1043  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
1044  }
1045  if(!$this->gluu_is_port_working()){
1046  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1047  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1048  return;
1049  }
1050  $register_site = new Register_site();
1051  $register_site->setRequestOpHost($gluu_provider);
1052  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
1053  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
1054  $register_site->setRequestContacts([$gluu_config['admin_email']]);
1055  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
1056  $get_scopes = json_encode($obj->scopes_supported);
1057  if(!empty($obj->acr_values_supported)){
1058  $get_acr = json_encode($obj->acr_values_supported);
1059  $get_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $get_acr));
1060  $register_site->setRequestAcrValues($gluu_config['config_acr']);
1061  }
1062  else{
1063  $register_site->setRequestAcrValues($gluu_config['config_acr']);
1064  }
1065  if(!empty($obj->scopes_supported)){
1066  $get_scopes = json_encode($obj->scopes_supported);
1067  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes));
1068  $register_site->setRequestScope($obj->scopes_supported);
1069  }
1070  else{
1071  $register_site->setRequestScope($gluu_config['config_scopes']);
1072  }
1073  $status = $register_site->request();
1074  if(!$status['status']){
1075  if ($status['message'] == 'invalid_op_host') {
1076  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1077  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1078  return;
1079  }
1080  if (!$status['status']) {
1081  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1082  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1083  return;
1084  }
1085  if ($status['message'] == 'internal_error') {
1086  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
1087  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1088  return;
1089  }
1090  }
1091  $gluu_oxd_id = $register_site->getResponseOxdId();
1092  if ($gluu_oxd_id) {
1093  $gluu_provider = $register_site->getResponseOpHost();
1094  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
1095  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
1096  $gluu_other_config['gluu_provider'] = $gluu_provider;
1097  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
1098  $_SESSION['message_success'] = 'Your settings are saved successfully.';
1099  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1100  return;
1101  }
1102  else {
1103  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1104  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1105  return;
1106  }
1107  }
1108  }
1109  else{
1110  $_SESSION['message_error'] = 'Please enter correct URI of the OpenID Provider';
1111  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1112  return;
1113  }
1114  }
1115  else{
1116  $gluu_config = array(
1117  "gluu_oxd_port" =>$_POST['gluu_oxd_port'],
1118  "admin_email" => $this->config->get('config_email'),
1119  "authorization_redirect_uri" => HTTPS_CATALOG.'index.php?route=module/gluu_sso/login_by_sso',
1120  "post_logout_redirect_uri" => HTTPS_CATALOG.'index.php?route=account/logout',
1121  "config_scopes" => ["openid","profile","email"],
1122  "gluu_client_id" => "",
1123  "gluu_client_secret" => "",
1124  "config_acr" => []
1125  );
1126  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($gluu_config)),true);
1127  if($_POST['gluu_users_can_register']==2){
1128  $config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
1129  array_push($config['config_scopes'],'permission');
1130  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', json_encode($config)),true);
1131  }
1132  if(!$this->gluu_is_port_working()){
1133  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1134  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1135  return;
1136  }
1137  $register_site = new Register_site();
1138  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
1139  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
1140  $register_site->setRequestContacts([$gluu_config['admin_email']]);
1141  $register_site->setRequestAcrValues($gluu_config['config_acr']);
1142  $register_site->setRequestScope($gluu_config['config_scopes']);
1143  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
1144  $status = $register_site->request();
1145 
1146  if(!$status['status']){
1147  if ($status['message'] == 'invalid_op_host') {
1148  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1149  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1150  return;
1151  }
1152  if (!$status['status']) {
1153  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1154  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1155  return;
1156  }
1157  if ($status['message'] == 'internal_error') {
1158  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
1159  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1160  return;
1161  }
1162  }
1163  $gluu_oxd_id = $register_site->getResponseOxdId();
1164  if ($gluu_oxd_id) {
1165  $gluu_provider = $register_site->getResponseOpHost();
1166  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
1167  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
1168  $gluu_other_config['gluu_provider'] = $gluu_provider;
1169  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
1170  $arrContextOptions=array(
1171  "ssl"=>array(
1172  "verify_peer"=>false,
1173  "verify_peer_name"=>false,
1174  ),
1175  );
1176  $json = file_get_contents($gluu_provider.'/.well-known/openid-configuration', false, stream_context_create($arrContextOptions));
1177  $obj = json_decode($json);
1178  if(!$this->gluu_is_port_working()){
1179  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1180  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1181  return;
1182  }
1183  $register_site = new Register_site();
1184  $register_site->setRequestOpHost($gluu_provider);
1185  $register_site->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
1186  $register_site->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
1187  $register_site->setRequestContacts([$gluu_config['admin_email']]);
1188  $register_site->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
1189 
1190  $get_scopes = json_encode($obj->scopes_supported);
1191  if(!empty($obj->acr_values_supported)){
1192  $get_acr = json_encode($obj->acr_values_supported);
1193  $get_acr = $this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $get_acr);
1194  $register_site->setRequestAcrValues($gluu_config['config_acr']);
1195  }
1196  else{
1197  $register_site->setRequestAcrValues($gluu_config['config_acr']);
1198  }
1199  if(!empty($obj->scopes_supported)){
1200  $get_scopes = json_encode($obj->scopes_supported);
1201  $get_scopes = $this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes);
1202  $register_site->setRequestScope($obj->scopes_supported);
1203  }
1204  else{
1205  $register_site->setRequestScope($gluu_config['config_scopes']);
1206  }
1207  $status = $register_site->request();
1208  if(!$status['status']){
1209  if ($status['message'] == 'invalid_op_host') {
1210  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1211  $this->response->redirect($this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL'));
1212  return;
1213  }
1214  if (!$status['status']) {
1215  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1216  $this->response->redirect($this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL'));
1217  return;
1218  }
1219  if ($status['message'] == 'internal_error') {
1220  $_SESSION['message_error'] = 'ERROR: '.$status['error_message'];
1221  $this->response->redirect($this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL'));
1222  return;
1223  }
1224  }
1225  $gluu_oxd_id = $register_site->getResponseOxdId();
1226  if ($gluu_oxd_id) {
1227  $gluu_provider = $register_site->getResponseOpHost();
1228  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
1229  $gluu_other_config['gluu_oxd_id'] = $gluu_oxd_id;
1230  $gluu_other_config['gluu_provider'] = $gluu_provider;
1231  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_other_config', json_encode($gluu_other_config)),true);
1232  $_SESSION['message_success'] = 'Your settings are saved successfully.';
1233  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1234  return;
1235  }
1236  else {
1237  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1238  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1239  return;
1240  }
1241  }
1242  else {
1243  $_SESSION['message_error'] = 'ERROR: OpenID Provider host is required if you don\'t provide it in oxd-default-site-config.json';
1244  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1245  return;
1246  }
1247  }
1248  }
1249  else if( isset( $_REQUEST['form_key'] ) and strpos( $_REQUEST['form_key'], 'general_oxd_id_reset' ) !== false and !empty($_REQUEST['resetButton'])) {
1250  $this->model_module_gluu_sso->drop_table();
1251  unset($_SESSION['openid_error']);
1252  unset($_SESSION['openid_error_edit']);
1253  $_SESSION['openid_error'] = '';
1254  $_SESSION['openid_error_edit'] = '';
1255  $_SESSION['message_success'] = 'Configurations deleted Successfully.';
1256  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1257  }
1258  else if( isset( $_REQUEST['form_key'] ) and strpos( $_REQUEST['form_key'], 'openid_config_page' ) !== false ) {
1259  $params = $_REQUEST;
1260  $message_success = '';
1261  $message_error = '';
1262 
1263  if($_POST['send_user_type']){
1264  $gluu_auth_type = $_POST['send_user_type'];
1265  $gluu_auth_type = $this->model_module_gluu_sso->gluu_db_query_update('gluu_auth_type', $gluu_auth_type);
1266  }else{
1267  $gluu_auth_type = $this->model_module_gluu_sso->gluu_db_query_update('gluu_auth_type', 'default');
1268  }
1269  if($_POST['send_user_check']){
1270  $gluu_send_user_check = $this->model_module_gluu_sso->gluu_db_query_update('gluu_send_user_check', 'yes');
1271  }else{
1272  $gluu_send_user_check = $this->model_module_gluu_sso->gluu_db_query_update('gluu_send_user_check', 'no');
1273  }
1274 
1275 
1276  if(!empty($params['scope']) && isset($params['scope'])){
1277  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select("gluu_config"),true);
1278  $gluu_config['config_scopes'] = $params['scope'];
1279  $gluu_config = json_encode($gluu_config);
1280  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
1281  }
1282  if(!empty($params['scope_name']) && isset($params['scope_name'])){
1283  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_select("gluu_scopes"),true);
1284  foreach($params['scope_name'] as $scope){
1285  if($scope && !in_array($scope,$get_scopes)){
1286  array_push($get_scopes, $scope);
1287  }
1288  }
1289  $get_scopes = json_encode($get_scopes);
1290  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes),true);
1291  }
1292  $gluu_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
1293 
1294  if(!empty($params['acr_name']) && isset($params['acr_name'])){
1295  $get_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_select("gluu_acr"),true);
1296  foreach($params['acr_name'] as $scope){
1297  if($scope && !in_array($scope,$get_acr)){
1298  array_push($get_acr, $scope);
1299  }
1300  }
1301  $get_acr = json_encode($get_acr);
1302  $get_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_acr', $get_acr),true);
1303  }
1304  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select("gluu_config"),true);
1305  $gluu_oxd_id = $this->model_module_gluu_sso->gluu_db_query_select("gluu_oxd_id");
1306  if(!$this->gluu_is_port_working()){
1307  $_SESSION['message_error'] = 'Can not connect to the oxd server. Please check the oxd-config.json file to make sure you have entered the correct port and the oxd server is operational.';
1308  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
1309  return;
1310  }
1311  $update_site_registration = new Update_site_registration();
1312  $update_site_registration->setRequestOxdId($gluu_oxd_id);
1313  $update_site_registration->setRequestAcrValues($gluu_config['acr_values']);
1314  $update_site_registration->setRequestAuthorizationRedirectUri($gluu_config['authorization_redirect_uri']);
1315  $update_site_registration->setRequestLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
1316  $update_site_registration->setRequestContacts([$gluu_config['admin_email']]);
1317  $update_site_registration->setRequestClientLogoutUri($gluu_config['post_logout_redirect_uri']);
1318  $update_site_registration->setRequestScope($gluu_config['config_scopes']);
1319  $status = $update_site_registration->request();
1320  $new_oxd_id = $update_site_registration->getResponseOxdId();
1321  if($new_oxd_id){
1322  $get_scopes = $this->model_module_gluu_sso->gluu_db_query_update('gluu_oxd_id', $new_oxd_id);
1323  }
1324 
1325 
1326  $_SESSION['message_success'] = 'Your OpenID connect configuration has been saved.';
1327  $_SESSION['message_error'] = $message_error;
1328  $this->response->redirect($this->url->link('module/gluu_sso/openidconfig', 'token=' . $this->session->data['token'], 'SSL'));
1329  exit;
1330  }
1331  }
oxdrp\$update_site_registration
$update_site_registration
Definition: Update_site_registration_test.php:7
oxdrp\$register_site
$register_site
Definition: Register_site_test.php:7
Update_site_registration
Definition: Update_site_registration.php:62
ControllerModuleGluuSSO\gluu_is_port_working
gluu_is_port_working()
Definition: gluu_sso.php:1341
Register_site
Definition: Register_site.php:62
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ index() [1/2]

ControllerModuleGluuSSO::index ( )
47  {
48  $this->load->model('module/gluu_sso');
49  if(!$this->customer->isLogged () and $this->gluu_is_port_working() and !empty($this->request->get['route']) and $this->request->get['route'] == 'account/login'){
50  $this->load->language ('module/gluu_sso');
51  if(!empty($_SESSION['openid_error_message'])){
52  $data['openid_error_message'] = $_SESSION['openid_error_message'];
53  $_SESSION['openid_error_message'] = '';
54  }
55  else{
56  $data['openid_error_message'] = '';
57  }
58  $data['script_logged'] = '';
59  $data['user_is_logged'] = $this->customer->isLogged ();
60  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
61  $data['heading_title'] = $this->language->get('heading_title');
62  $data['get_scopes'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
63  $data['gluu_config'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
64  $data['gluu_acr'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
65  $data['gluu_auth_type'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_auth_type');
66  $data['gluu_send_user_check'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_send_user_check');
67  $data['gluu_new_roles'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
68  $data['gluu_users_can_register'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
69  if($this->gluu_is_oxd_registered()){
70  $data['gluu_is_oxd_registered'] = $this->gluu_is_oxd_registered();
71  }
72  else{
73  $data['gluu_is_oxd_registered'] = false;
74  }
75  //$data['text_edit'] = $this->language->get('text_edit');
76  $data['base_url'] = HTTPS_SERVER;
77  if(!empty($gluu_other_config['gluu_oxd_id'])){
78  $data['gluu_oxd_id'] = $gluu_other_config['gluu_oxd_id'];
79  }
80  else{
81  $data['gluu_oxd_id'] = false;
82  }
83  if(!empty($gluu_other_config['gluu_custom_logout'])){
84  $data['gluu_custom_logout'] = $gluu_other_config['gluu_custom_logout'];
85  }
86  else{
87  $data['gluu_custom_logout'] = '';
88  }
89  if(!empty($gluu_other_config['gluu_user_role'])){
90  $data['gluu_user_role'] = $gluu_other_config['gluu_user_role'];
91  }
92  else{
93  $data['gluu_user_role'] = 0;
94  }
95  if(!empty($gluu_other_config['gluu_provider'])){
96  $data['gluu_provider'] = $gluu_other_config['gluu_provider'];
97  }else{
98  $data['gluu_provider'] = '';
99  }
100  $data['login_url'] = $this->login_url();
101  return $this->show_template ($data);
102  }
103  else if(!empty($this->request->get['state']) and $this->gluu_is_port_working() and $this->request->get['route'] == 'account/logout'){
104  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
105  if(!empty($gluu_other_config['gluu_custom_logout'])){
106  $gluu_custom_logout = $gluu_other_config['gluu_custom_logout'];
107  if($gluu_custom_logout == HTTPS_CATALOG){
108  $this->response->redirect($gluu_custom_logout);
109  }else{
110  $this->response->redirect($this->url->link('account/login', '', 'SSL'));
111  return;
112  }
113  }else{
114  $this->response->redirect($this->url->link('account/login', '', 'SSL'));
115  return;
116  }
117  } else if($this->gluu_is_port_working() and $this->request->get['route'] == 'account/logout'){
118  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
119  if(!empty($gluu_other_config['gluu_custom_logout'])){
120  $gluu_custom_logout = $gluu_other_config['gluu_custom_logout'];
121  }else{
122  $gluu_custom_logout = HTTPS_CATALOG;
123  }
124  $this->response->redirect($gluu_custom_logout);
125  return;
126  }
127 
128 
129  }
ControllerModuleGluuSSO\gluu_is_oxd_registered
gluu_is_oxd_registered()
Definition: gluu_sso.php:1332
ControllerModuleGluuSSO\show_template
show_template($data)
Definition: gluu_sso.php:440
ControllerModuleGluuSSO\gluu_is_port_working
gluu_is_port_working()
Definition: gluu_sso.php:1341
ControllerModuleGluuSSO\login_url
login_url()
Definition: gluu_sso.php:579
ControllerModuleGluuSSO\login
login($customer_id)
Definition: gluu_sso.php:505
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ index() [2/2]

ControllerModuleGluuSSO::index ( )
81  {
82  $this->load->model('module/gluu_sso');
83  $this->model_module_gluu_sso->adding_gluu_data();
84  $this->load->language('module/gluu_sso');
85  $this->document->setTitle($this->language->get('heading_title'));
86  $this->document->addStyle('view/stylesheet/gluu_sso/gluu_sso.css');
87  $this->load->model('setting/setting');
88  if(!empty($_SESSION['message_error'])){
89  $data['message_error'] = $_SESSION['message_error'];
90  $_SESSION['message_error'] = '';
91  }
92  else{
93  $data['message_error'] = '';
94  }
95  if(!empty($_SESSION['message_success'])){
96  $data['message_success'] = $_SESSION['message_success'];
97  $_SESSION['message_success'] = '';
98  }
99  else{
100  $data['message_success'] = '';
101  }
102  if(!empty($_SESSION['openid_error'])){
103  $data['openid_error'] = $_SESSION['openid_error'];
104  }else{
105  $data['openid_error'] = '';
106  }
107  if(!empty($_SESSION['openid_error_edit'])){
108  $data['openid_error_edit'] = $_SESSION['openid_error_edit'];
109  }else{
110  $data['openid_error_edit'] = '';
111  }
112  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
113  $data['heading_title'] = $this->language->get('heading_title');
114  $data['get_scopes'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
115  $data['gluu_config'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
116  $data['gluu_acr'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
117  $data['gluu_auth_type'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_auth_type');
118  $data['gluu_send_user_check'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_send_user_check');
119  $data['gluu_new_roles'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
120  $data['gluu_users_can_register'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
121  if($this->gluu_is_oxd_registered()){
122  $data['gluu_is_oxd_registered'] = $this->gluu_is_oxd_registered();
123  }else{
124  $data['gluu_is_oxd_registered'] = false;
125  }
126  $data['text_edit'] = $this->language->get('text_edit');
127  $data['base_url'] = HTTPS_CATALOG;
128  $customer_groups = $this->model_module_gluu_sso->getCustomerGroup();
129  $user_types = array();
130  foreach ($customer_groups as $customer_group){
131  $user_types [] = array('name'=>$customer_group['name'], 'status'=>$customer_group['customer_group_id']);
132  }
133  $data['user_types'] = $user_types;
134  if(!empty($gluu_other_config['gluu_oxd_id'])){
135  $data['gluu_oxd_id'] = $gluu_other_config['gluu_oxd_id'];
136  }else{
137  $data['gluu_oxd_id'] = false;
138  }
139  if(!empty($gluu_other_config['gluu_custom_logout'])){
140  $data['gluu_custom_logout'] = $gluu_other_config['gluu_custom_logout'];
141  }else{
142  $data['gluu_custom_logout'] = HTTPS_CATALOG;
143  }
144  if(!empty($gluu_other_config['gluu_user_role'])){
145  $data['gluu_user_role'] = $gluu_other_config['gluu_user_role'];
146  }else{
147  $data['gluu_user_role'] = $this->config->get('config_customer_group_id');;
148  }
149  if(!empty($gluu_other_config['gluu_provider'])){
150  $data['gluu_provider'] = $gluu_other_config['gluu_provider'];
151  }else{
152  $data['gluu_provider'] = '';
153  }
154 
155  $data['action'] = $this->url->link('module/gluu_sso/gluupostdata', 'token=' . $this->session->data['token'], 'SSL');
156  $data['action_edit'] = $this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL');
157  $data['action_openidconfig'] = $this->url->link('module/gluu_sso/openidconfig', 'token=' . $this->session->data['token'], 'SSL');
158  $data['cancel'] = $this->url->link('extension/module', 'token=' . $this->session->data['token'], 'SSL');
159  $data['action_general'] = $this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL');
160  $data['header'] = $this->load->controller('common/header');
161  $data['column_left'] = $this->load->controller('common/column_left');
162  $data['footer'] = $this->load->controller('common/footer');
163 
164  $this->response->setOutput($this->load->view('module/gluu_sso/gluu_sso.tpl', $data));
165  }
ControllerModuleGluuSSO\gluu_is_oxd_registered
gluu_is_oxd_registered()
Definition: gluu_sso.php:1332
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ install()

ControllerModuleGluuSSO::install ( )
45  {
46  $this->load->model('module/gluu_sso');
47  $this->model_module_gluu_sso->adding_gluu_data();
48  $this->load->model('extension/event');
49  $this->model_extension_event->addEvent('gluu_sso', 'post.customer.logout', 'module/gluu_sso/logout');
50 
51  $query = $this->db->query("SELECT `code` FROM `" . DB_PREFIX ."setting` WHERE `key` = 'gluu_sso_status' ;");
52  if(!$query->num_rows){
53 
54  $this->db->query("INSERT INTO `" . DB_PREFIX ."setting` (`setting_id`, `store_id`, `code`, `key`, `value`, `serialized`) VALUES (NULL, '0', 'gluu_sso', 'gluu_sso_status', '1', '0');");
55  }
56  $result = $this->db->query ("SELECT layout_id FROM `" . DB_PREFIX . "layout` WHERE name IN ('Account', 'Checkout')");
57  if ($result->num_rows > 0)
58  {
59  foreach ($result->rows as $row)
60  {
61  // Prevent Duplicates
62  $this->db->query ("DELETE FROM `" . DB_PREFIX . "layout_module` WHERE layout_id = '".intval ($row['layout_id'])."' AND code = 'gluu_sso' AND position='content_top'");
63 
64  // Add Position
65  $this->db->query ("INSERT INTO `" . DB_PREFIX . "layout_module` SET layout_id = '".intval ($row['layout_id'])."', code = 'gluu_sso', position='content_top', sort_order='1'");
66  }
67  }
68  // Callback Handler
69  if (defined ('VERSION') && version_compare (VERSION, '2.2.0', '>='))
70  {
71  $this->load->model('extension/event');
72  $this->model_extension_event->addEvent('gluu_sso', 'catalog/controller/module/gluu_sso/before', 'module/gluu_sso');
73  }
74  }

◆ login()

ControllerModuleGluuSSO::login (   $customer_id)
506  {
507  $this->load->model('module/gluu_sso');
508  $result = $this->db->query ("SELECT email FROM `" . DB_PREFIX . "customer` WHERE customer_id = '" . intval ($customer_id) . "'")->row;
509  if (is_array ($result) && ! empty ($result['email']))
510  {
511  if ($this->customer->login($result['email'], '', true))
512  {
513  unset($this->session->data['guest']);
514 
515  $this->load->model('account/address');
516 
517  if ($this->config->get('config_tax_customer') == 'payment')
518  {
519  $this->session->data['payment_address'] = $this->model_account_address->getAddress($this->customer->getAddressId());
520  }
521 
522  if ($this->config->get('config_tax_customer') == 'shipping')
523  {
524  $this->session->data['shipping_address'] = $this->model_account_address->getAddress($this->customer->getAddressId());
525  }
526 
527  $this->load->model('account/activity');
528 
529  $activity_data = array(
530  'customer_id' => $this->customer->getId(),
531  'name' => $this->customer->getFirstName() . ' ' . $this->customer->getLastName()
532  );
533 
534  $this->model_account_activity->addActivity('login', $activity_data);
535 
536  return true;
537  }
538  }
539  return false;
540  }

◆ login_by_sso()

ControllerModuleGluuSSO::login_by_sso ( )
198  {
199  $this->load->model('module/gluu_sso');
200  require_once(DIR_SYSTEM . 'library/oxd-rp/Get_tokens_by_code.php');
201  require_once(DIR_SYSTEM . 'library/oxd-rp/Get_user_info.php');
202 
203  if( isset( $_REQUEST['session_state'] ) ) {
204  if (isset($_REQUEST['error']) and strpos($_REQUEST['error'], 'session_selection_required') !== false) {
205  header("Location: " . $this->prompt_login_url('login'));
206  exit;
207  }
208  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
209  if(!empty($gluu_other_config['gluu_oxd_id'])){
210  $gluu_oxd_id = $gluu_other_config['gluu_oxd_id'];
211  }
212  else{
213  $gluu_oxd_id = '';
214  }
215  $gluu_new_roles = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
216  $gluu_users_can_register = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
217  $get_tokens_by_code = new Get_tokens_by_code();
218  $get_tokens_by_code->setRequestOxdId($gluu_oxd_id);
219  $get_tokens_by_code->setRequestCode($_REQUEST['code']);
220  $get_tokens_by_code->setRequestState($_REQUEST['state']);
221  $get_tokens_by_code->request();
222 
223  $get_tokens_by_code_array = array();
224  if(!empty($get_tokens_by_code->getResponseObject()->data->id_token_claims))
225  {
226  $get_tokens_by_code_array = $get_tokens_by_code->getResponseObject()->data->id_token_claims;
227  }
228  else{
229  $_SESSION['openid_error_message'] = 'Missing claims : Please talk to your organizational system administrator or try again.';
230  echo "<script type='application/javascript'>
231  location.href='".$this->url->link('account/login', '', 'SSL')."';
232  </script>";
233  exit;
234  }
235 
236  $get_user_info = new Get_user_info();
237  $get_user_info->setRequestOxdId($gluu_oxd_id);
238  $get_user_info->setRequestAccessToken($get_tokens_by_code->getResponseAccessToken());
239  $get_user_info->request();
240  $get_user_info_array = $get_user_info->getResponseObject()->data->claims;
241  $_SESSION['session_in_op'] = $get_tokens_by_code->getResponseIdTokenClaims()->exp[0];
242  $_SESSION['user_oxd_id_token'] = $get_tokens_by_code->getResponseIdToken();
243  $_SESSION['user_oxd_access_token'] = $get_tokens_by_code->getResponseAccessToken();
244  $_SESSION['session_state'] = $_REQUEST['session_state'];
245  $_SESSION['state'] = $_REQUEST['state'];
246  $get_user_info_array = $get_user_info->getResponseObject()->data->claims;
247  $reg_first_name = '';
248  $reg_last_name = '';
249  $reg_country = '';
250  $reg_city = '';
251  $reg_region = '';
252  $reg_postal_code = '';
253  $reg_fax = '';
254  $reg_home_phone_number = '';
255  $reg_phone_mobile_number = '';
256  $reg_street_address = '';
257  $reg_street_address_2 = '';
258  $reg_user_permission = '';
259  if (!empty($get_user_info_array->email[0])) {
260  $reg_email = $get_user_info_array->email[0];
261  } elseif (!empty($get_tokens_by_code_array->email[0])) {
262  $reg_email = $get_tokens_by_code_array->email[0];
263  }else{
264  $_SESSION['openid_error_message'] = 'Missing claim : (email). Please talk to your organizational system administrator.';
265  echo "<script type='application/javascript'>
266  location.href='".$this->url->link('account/login', '', 'SSL')."';
267  </script>";
268  exit;
269  }
270  if (!empty($get_user_info_array->given_name[0])) {
271  $reg_first_name = $get_user_info_array->given_name[0];
272  } elseif (!empty($get_tokens_by_code_array->given_name[0])) {
273  $reg_first_name = $get_tokens_by_code_array->given_name[0];
274  }
275  if (!empty($get_user_info_array->family_name[0])) {
276  $reg_last_name = $get_user_info_array->family_name[0];
277  } elseif (!empty($get_tokens_by_code_array->family_name[0])) {
278  $reg_last_name = $get_tokens_by_code_array->family_name[0];
279  }
280  if (!empty($get_user_info_array->country[0])) {
281  $reg_country = $get_user_info_array->country[0];
282  } elseif (!empty($get_tokens_by_code_array->country[0])) {
283  $reg_country = $get_tokens_by_code_array->country[0];
284  }
285  if (!empty($get_user_info_array->locality[0])) {
286  $reg_city = $get_user_info_array->locality[0];
287  } elseif (!empty($get_tokens_by_code_array->locality[0])) {
288  $reg_city = $get_tokens_by_code_array->locality[0];
289  }
290  if (!empty($get_user_info_array->postal_code[0])) {
291  $reg_postal_code = $get_user_info_array->postal_code[0];
292  } elseif (!empty($get_tokens_by_code_array->postal_code[0])) {
293  $reg_postal_code = $get_tokens_by_code_array->postal_code[0];
294  }
295  if (!empty($get_user_info_array->phone_number[0])) {
296  $reg_home_phone_number = $get_user_info_array->phone_number[0];
297  } elseif (!empty($get_tokens_by_code_array->phone_number[0])) {
298  $reg_home_phone_number = $get_tokens_by_code_array->phone_number[0];
299  }
300  if (!empty($get_user_info_array->phone_mobile_number[0])) {
301  $reg_phone_mobile_number = $get_user_info_array->phone_mobile_number[0];
302  } elseif (!empty($get_tokens_by_code_array->phone_mobile_number[0])) {
303  $reg_phone_mobile_number = $get_tokens_by_code_array->phone_mobile_number[0];
304  }
305  if (!empty($get_user_info_array->street_address[0])) {
306  $reg_street_address = $get_user_info_array->street_address[0];
307  } elseif (!empty($get_tokens_by_code_array->street_address[0])) {
308  $reg_street_address = $get_tokens_by_code_array->street_address[0];
309  }
310  if (!empty($get_user_info_array->street_address[1])) {
311  $reg_street_address_2 = $get_user_info_array->street_address[1];
312  } elseif (!empty($get_tokens_by_code_array->street_address[1])) {
313  $reg_street_address_2 = $get_tokens_by_code_array->street_address[1];
314  }
315  if (!empty($get_user_info_array->region[0])) {
316  $reg_region = $get_user_info_array->region[0];
317  } elseif (!empty($get_tokens_by_code_array->region[0])) {
318  $reg_region = $get_tokens_by_code_array->region[0];
319  }
320 
321  $username = '';
322  if (!empty($get_user_info_array->user_name[0])) {
323  $username = $get_user_info_array->user_name[0];
324  } else {
325  $email_split = explode("@", $reg_email);
326  $username = $email_split[0];
327  }
328  if(!empty($get_user_info_array->permission[0])){
329  $world = str_replace("[","",$get_user_info_array->permission[0]);
330  $reg_user_permission = str_replace("]","",$world);
331  }elseif(!empty($get_tokens_by_code_array->permission[0])){
332  $world = str_replace("[","",$get_user_info_array->permission[0]);
333  $reg_user_permission = str_replace("]","",$world);
334  }
335  $bool = false;
336  if($gluu_users_can_register == 2 and !empty($gluu_new_roles)){
337  foreach ($gluu_new_roles as $gluu_new_role) {
338  if (strstr($reg_user_permission, $gluu_new_role)) {
339  $bool = true;
340  }
341  }
342  if(!$bool){
343  $_SESSION['openid_error_message'] = 'You are not authorized for an account on this application. If you think this is an error, please contact your OpenID Connect Provider (OP) admin.';
344  $this->response->redirect($this->gluu_sso_doing_logout($get_tokens_by_code->getResponseIdToken(), $_REQUEST['session_state'], $_REQUEST['state']));
345  return;
346  }
347  }
348  $phone = $reg_home_phone_number . ', '. $reg_phone_mobile_number;
349  if($this->admin_login($reg_email)){
350  $token = token(32);
351  $this->session->data['token'] = $token;
352  $customer_data = array(
353  'customer_first_name' => $reg_first_name,
354  'customer_last_name' => $reg_last_name,
355  'customer_email' => $reg_email,
356  'customer_telephone' => $phone,
357  'customer_fax' => $reg_fax,
358  'customer_company' => $reg_first_name,
359  'customer_address_1' => $reg_street_address,
360  'customer_address_2' => $reg_street_address_2,
361  'customer_city' => $reg_city,
362  'customer_postcode' => $reg_postal_code,
363  'customer_country' => $reg_country,
364  'customer_zone' => $reg_region
365  );
366  $customer_id = $this->get_by_email($reg_email);
367  if($customer_id){
368  if ($this->login ($customer_id))
369  {
370  $this->model_module_gluu_sso->editCustomer ($customer_id,$customer_data);
371 /* echo '<script type="text/javascript"> window.open("'.$this->url->link('account/account', '', 'SSL').'", "_blank"); </script>';*/
372  header('Location: /admin/index.php?route=common/dashboard&token='.$token);
373  exit;
374  }
375  }
376  else {
377 
378  if($gluu_users_can_register == 3){
379  $_SESSION['openid_error_message'] = 'You are not authorized for an account on this application. If you think this is an error, please contact your OpenID Connect Provider (OP) admin.';
380  $this->response->redirect($this->gluu_sso_doing_logout($get_tokens_by_code->getResponseIdToken(), $_REQUEST['session_state'], $_REQUEST['state']));
381  return;
382  }
383  else{
384  if (($customer_id = $this->add_customer ($customer_data)) !== false){
385  if ($this->login ($customer_id))
386  {
387  header('Location: /admin/index.php?route=common/dashboard&token='.$token);
388  exit;
389  }
390  }
391  }
392 
393  }
394 
395  }
396  else{
397  $customer_data = array(
398  'customer_first_name' => $reg_first_name,
399  'customer_last_name' => $reg_last_name,
400  'customer_email' => $reg_email,
401  'customer_telephone' => $phone,
402  'customer_fax' => $reg_fax,
403  'customer_company' => $reg_first_name,
404  'customer_address_1' => $reg_street_address,
405  'customer_address_2' => $reg_street_address_2,
406  'customer_city' => $reg_city,
407  'customer_postcode' => $reg_postal_code,
408  'customer_country' => $reg_country,
409  'customer_zone' => $reg_region
410  );
411  $customer_id = $this->get_by_email($reg_email);
412  if($customer_id){
413  if ($this->login ($customer_id))
414  {
415  $this->model_module_gluu_sso->editCustomer ($customer_id,$customer_data);
416  $this->response->redirect($this->url->link('account/account', '', 'SSL'));
417  return;
418  }
419  }
420  else {
421  if($gluu_users_can_register == 3){
422  $_SESSION['openid_error_message'] = 'You are not authorized for an account on this application. If you think this is an error, please contact your OpenID Connect Provider (OP) admin.';
423  $this->response->redirect($this->gluu_sso_doing_logout($get_tokens_by_code->getResponseIdToken(), $_REQUEST['session_state'], $_REQUEST['state']));
424  return;
425  }
426  if (($customer_id = $this->add_customer ($customer_data)) !== false){
427  if ($this->login ($customer_id))
428  {
429  $this->response->redirect($this->url->link('account/account', '', 'SSL'));
430  return;
431  }
432  }
433  }
434  }
435 
436  }
437 
438  }
ControllerModuleGluuSSO\prompt_login_url
prompt_login_url($prompt)
Definition: gluu_sso.php:626
oxdrp\$get_user_info
$get_user_info
Definition: Get_user_info_test.php:8
ControllerModuleGluuSSO\admin_login
admin_login($username)
Definition: gluu_sso.php:759
ControllerModuleGluuSSO\gluu_sso_doing_logout
gluu_sso_doing_logout($user_oxd_id_token, $session_states, $state)
Definition: gluu_sso.php:688
Get_user_info
Definition: Get_user_info.php:62
ControllerModuleGluuSSO\get_by_email
get_by_email($email)
Definition: gluu_sso.php:541
ControllerModuleGluuSSO\add_customer
add_customer($data)
Definition: gluu_sso.php:463
Get_tokens_by_code
Definition: Get_tokens_by_code.php:62
oxdrp\$get_tokens_by_code
$get_tokens_by_code
Definition: Get_tokens_by_code_test.php:6
ControllerModuleGluuSSO\login
login($customer_id)
Definition: gluu_sso.php:505
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ login_url()

ControllerModuleGluuSSO::login_url ( )
579  {
580  $this->load->model('module/gluu_sso');
581  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
582  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
583  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
584  $gluu_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
585  $gluu_auth_type = $this->model_module_gluu_sso->gluu_db_query_select('gluu_auth_type');
586  $gluu_send_user_check = $this->model_module_gluu_sso->gluu_db_query_select('gluu_send_user_check');
587  $gluu_new_roles = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
588  $gluu_users_can_register = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
589 
590  if(!empty($gluu_other_config['gluu_oxd_id'])){
591  $gluu_oxd_id = $gluu_other_config['gluu_oxd_id'];
592  }else{
593  $gluu_oxd_id = false;
594  }
595  if(!empty($gluu_other_config['gluu_custom_logout'])){
596  $gluu_custom_logout = $gluu_other_config['gluu_custom_logout'];
597  }else{
598  $gluu_custom_logout = HTTPS_CATALOG;
599  }
600  if(!empty($gluu_other_config['gluu_user_role'])){
601  $gluu_user_role = $gluu_other_config['gluu_user_role'];
602  }else{
603  $gluu_user_role = $this->config->get('config_customer_group_id');
604  }
605  if(!empty($gluu_other_config['gluu_provider'])){
606  $gluu_provider = $gluu_other_config['gluu_provider'];
607  }else{
608  $gluu_provider = '';
609  }
610  require_once(DIR_SYSTEM . 'library/oxd-rp/Get_authorization_url.php');
611 
612  $get_authorization_url = new Get_authorization_url();
613  $get_authorization_url->setRequestOxdId($gluu_oxd_id);
614 
615 
616  $get_authorization_url->setRequestScope($gluu_config['config_scopes']);
617  if($gluu_auth_type != "default"){
618  $get_authorization_url->setRequestAcrValues([$gluu_auth_type]);
619  }else{
620  $get_authorization_url->setRequestAcrValues(null);
621  }
622  $get_authorization_url->request();
623 
624  return $get_authorization_url->getResponseAuthorizationUrl();
625  }
Get_authorization_url
Definition: Get_authorization_url.php:62
oxdrp\$get_authorization_url
$get_authorization_url
Definition: Get_authorization_url_test.php:7

◆ logout()

ControllerModuleGluuSSO::logout ( )
130  {
131  $this->load->model('module/gluu_sso');
132  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
133  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
134 
135  if(!empty($gluu_other_config['gluu_oxd_id'])){
136  $gluu_oxd_id = $gluu_other_config['gluu_oxd_id'];
137  }else{
138  $gluu_oxd_id = '';
139  }
140  if(!empty($gluu_other_config['gluu_custom_logout'])){
141  $gluu_custom_logout = $gluu_other_config['gluu_custom_logout'];
142  }else{
143  $gluu_custom_logout = HTTPS_CATALOG;
144  }
145  if(!empty($gluu_other_config['gluu_user_role'])){
146  $gluu_user_role = $gluu_other_config['gluu_user_role'];
147  }else{
148  $gluu_user_role = 0;
149  }
150  if(!empty($gluu_other_config['gluu_provider'])){
151  $gluu_provider = $gluu_other_config['gluu_provider'];
152  }else{
153  $gluu_provider = '';
154  }
155  if(isset($_SESSION['session_in_op'])){
156  if(time()<(int)$_SESSION['session_in_op']) {
157  require_once(DIR_SYSTEM . 'library/oxd-rp/Logout.php');
158  $arrContextOptions=array(
159  "ssl"=>array(
160  "verify_peer"=>false,
161  "verify_peer_name"=>false,
162  ),
163  );
164  $json = file_get_contents($gluu_provider.'/.well-known/openid-configuration', false, stream_context_create($arrContextOptions));
165  $obj = json_decode($json);
166 
167  if (!empty($obj->end_session_endpoint ) or $gluu_provider == 'https://accounts.google.com') {
168  if (!empty($_SESSION['user_oxd_id_token'])) {
169  if ($gluu_oxd_id && $_SESSION['user_oxd_id_token'] && $_SESSION['session_in_op']) {
170  $logout = new Logout();
171  $logout->setRequestOxdId($gluu_oxd_id);
172  $logout->setRequestIdToken($_SESSION['user_oxd_id_token']);
173  $logout->setRequestPostLogoutRedirectUri($gluu_config['post_logout_redirect_uri']);
174  $logout->setRequestSessionState($_SESSION['session_state']);
175  $logout->setRequestState($_SESSION['state']);
176  $logout->request();
177  unset($_SESSION['user_oxd_access_token']);
178  unset($_SESSION['user_oxd_id_token']);
179  unset($_SESSION['session_state']);
180  unset($_SESSION['state']);
181  unset($_SESSION['session_in_op']);
182  header("Location: " . $logout->getResponseObject()->data->uri);
183  exit;
184  }
185  }
186  } else {
187  session_destroy();
188  unset($_SESSION['user_oxd_access_token']);
189  unset($_SESSION['user_oxd_id_token']);
190  unset($_SESSION['session_state']);
191  unset($_SESSION['state']);
192  unset($_SESSION['session_in_op']);
193  }
194  }
195  }
196  @session_destroy();
197  }
oxdrp\$logout
$logout
Definition: Logout_test.php:6
Logout
Definition: Logout.php:62
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ openidconfig()

ControllerModuleGluuSSO::openidconfig ( )
250  {
251  $this->load->model('module/gluu_sso');
252 
253  if( isset( $_POST['form_key_scope_delete'] ) and strpos( $_POST['form_key_scope_delete'], 'form_key_scope_delete' ) !== false ) {
254  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
255  $up_cust_sc = array();
256  foreach($get_scopes as $custom_scop){
257  if($custom_scop !=$_POST['delete_scope']){
258  array_push($up_cust_sc,$custom_scop);
259  }
260  }
261  $get_scopes = json_encode($up_cust_sc);
262  $get_scopes = $this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes);
263 
264 
265  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select( "gluu_config"),true);
266  $up_cust_scope = array();
267  foreach($gluu_config['config_scopes'] as $custom_scop){
268  if($custom_scop !=$_POST['delete_scope']){
269  array_push($up_cust_scope,$custom_scop);
270  }
271  }
272  $gluu_config['config_scopes'] = $up_cust_scope;
273  $gluu_config = json_encode($gluu_config);
274  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
275  return true;
276  }
277  else if (isset($_POST['form_key_scope']) and strpos( $_POST['form_key_scope'], 'oxd_openid_config_new_scope' ) !== false) {
278  if ($this->gluu_is_oxd_registered()) {
279  if (!empty($_POST['new_value_scope']) && isset($_POST['new_value_scope'])) {
280 
281  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_select("gluu_scopes"),true);
282  if($_POST['new_value_scope'] && !in_array($_POST['new_value_scope'],$get_scopes)){
283  array_push($get_scopes, $_POST['new_value_scope']);
284  }
285  $get_scopes = json_encode($get_scopes);
286  $this->model_module_gluu_sso->gluu_db_query_update('gluu_scopes', $get_scopes);
287  return true;
288  }
289  }
290  }
291  else if( isset( $_REQUEST['form_key'] ) and strpos( $_REQUEST['form_key'], 'openid_config_page' ) !== false ) {
292  $params = $_REQUEST;
293  if(!empty($params['scope']) && isset($params['scope'])){
294  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select("gluu_config"),true);
295  $gluu_config['config_scopes'] = $params['scope'];
296  $gluu_config = json_encode($gluu_config);
297  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_update('gluu_config', $gluu_config),true);
298  return true;
299  }
300  }
301  if(!empty($_SESSION['message_error'])){
302  $data['message_error'] = $_SESSION['message_error'];
303  $_SESSION['message_error'] = '';
304  }
305  else{
306  $data['message_error'] = '';
307  }
308  if(!empty($_SESSION['message_success'])){
309  $data['message_success'] = $_SESSION['message_success'];
310  $_SESSION['message_success'] = '';
311  }
312  else{
313  $data['message_success'] = '';
314  }
315  if(!empty($_SESSION['openid_error'])){
316  $data['openid_error'] = $_SESSION['openid_error'];
317  }
318  else{
319  $data['openid_error'] = '';
320  }
321  if(!empty($_SESSION['openid_error_edit'])){
322  $data['openid_error_edit'] = $_SESSION['openid_error_edit'];
323  }
324  else{
325  $data['openid_error_edit'] = '';
326  }
327  $this->model_module_gluu_sso->adding_gluu_data();
328  $this->load->language('module/gluu_sso');
329  $this->document->setTitle($this->language->get('heading_title'));
330  $this->document->addStyle('view/stylesheet/gluu_sso/gluu_sso.css');
331  $this->load->model('setting/setting');
332  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
333  $data['heading_title'] = $this->language->get('heading_title');
334  $data['get_scopes'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
335  $data['gluu_config'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
336  $data['gluu_acr'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
337  $data['gluu_auth_type'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_auth_type');
338  $data['gluu_send_user_check'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_send_user_check');
339  $data['gluu_new_roles'] = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
340  $data['gluu_users_can_register'] = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
341  if($this->gluu_is_oxd_registered()){
342  $data['gluu_is_oxd_registered'] = $this->gluu_is_oxd_registered();
343  }
344  else{
345  $data['gluu_is_oxd_registered'] = false;
346  }
347  $data['text_edit'] = $this->language->get('text_edit');
348  $data['base_url'] = HTTPS_CATALOG;
349  $customer_groups = $this->model_module_gluu_sso->getCustomerGroup();
350  $user_types = array();
351  foreach ($customer_groups as $customer_group){
352  $user_types [] = array('name'=>$customer_group['name'], 'status'=>$customer_group['customer_group_id']);
353  }
354  $data['user_types'] = $user_types;
355  if(!empty($gluu_other_config['gluu_oxd_id'])){
356  $data['gluu_oxd_id'] = $gluu_other_config['gluu_oxd_id'];
357  }else{
358  $this->response->redirect($this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL'));
359  return;
360  }
361  if(!empty($gluu_other_config['gluu_custom_logout'])){
362  $data['gluu_custom_logout'] = $gluu_other_config['gluu_custom_logout'];
363  }else{
364  $data['gluu_custom_logout'] = HTTPS_CATALOG;
365  }
366  if(!empty($gluu_other_config['gluu_user_role'])){
367  $data['gluu_user_role'] = $gluu_other_config['gluu_user_role'];
368  }else{
369  $data['gluu_user_role'] = $this->config->get('config_customer_group_id');
370  }
371  if(!empty($gluu_other_config['gluu_provider'])){
372  $data['gluu_provider'] = $gluu_other_config['gluu_provider'];
373  }else{
374  $data['gluu_provider'] = '';
375  }
376  $data['action'] = $this->url->link('module/gluu_sso/gluupostdata', 'token=' . $this->session->data['token'], 'SSL');
377  $data['action_edit'] = $this->url->link('module/gluu_sso/edit', 'token=' . $this->session->data['token'], 'SSL');
378  $data['action_openidconfig'] = $this->url->link('module/gluu_sso/openidconfig', 'token=' . $this->session->data['token'], 'SSL');
379  $data['action_general'] = $this->url->link('module/gluu_sso', 'token=' . $this->session->data['token'], 'SSL');
380 
381  $data['header'] = $this->load->controller('common/header');
382  $data['column_left'] = $this->load->controller('common/column_left');
383  $data['footer'] = $this->load->controller('common/footer');
384 
385  $this->response->setOutput($this->load->view('module/gluu_sso/gluu_sso_openidconfig.tpl', $data));
386  }
ControllerModuleGluuSSO\gluu_is_oxd_registered
gluu_is_oxd_registered()
Definition: gluu_sso.php:1332
oxdrp\$_SESSION
$_SESSION['id_token']
Definition: Get_tokens_by_code_test.php:15

◆ prompt_login_url()

ControllerModuleGluuSSO::prompt_login_url (   $prompt)
626  {
627  $this->load->model('module/gluu_sso');
628  $gluu_other_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_other_config'),true);
629  $get_scopes = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_scopes'),true);
630  $gluu_config = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_config'),true);
631  $gluu_acr = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_acr'),true);
632  $gluu_auth_type = $this->model_module_gluu_sso->gluu_db_query_select('gluu_auth_type');
633  $gluu_send_user_check = $this->model_module_gluu_sso->gluu_db_query_select('gluu_send_user_check');
634  $gluu_new_roles = json_decode($this->model_module_gluu_sso->gluu_db_query_select('gluu_new_role'));
635  $gluu_users_can_register = $this->model_module_gluu_sso->gluu_db_query_select('gluu_users_can_register');
636 
637  if(!empty($gluu_other_config['gluu_oxd_id'])){
638  $gluu_oxd_id = $gluu_other_config['gluu_oxd_id'];
639  }else{
640  $gluu_oxd_id = false;
641  }
642  if(!empty($gluu_other_config['gluu_custom_logout'])){
643  $gluu_custom_logout = $gluu_other_config['gluu_custom_logout'];
644  }else{
645  $gluu_custom_logout = '';
646  }
647  if(!empty($gluu_other_config['gluu_user_role'])){
648  $gluu_user_role = $gluu_other_config['gluu_user_role'];
649  }else{
650  $gluu_user_role = 0;
651  }
652  if(!empty($gluu_other_config['gluu_provider'])){
653  $gluu_provider = $gluu_other_config['gluu_provider'];
654  }else{
655  $gluu_provider = '';
656  }
657  require_once(DIR_SYSTEM . 'library/oxd-rp/Get_authorization_url.php');
658 
659  $get_authorization_url = new Get_authorization_url();
660  $get_authorization_url->setRequestOxdId($gluu_oxd_id);
661 
662 
663  $get_authorization_url->setRequestScope($gluu_config['config_scopes']);
664  $get_authorization_url->setRequestPrompt($prompt);
665  if($gluu_auth_type != "default"){
666  $get_authorization_url->setRequestAcrValues([$gluu_auth_type]);
667  }else{
668  $get_authorization_url->setRequestAcrValues(null);
669  }
670  $get_authorization_url->request();
671 
672  return $get_authorization_url->getResponseAuthorizationUrl();
673  }
Get_authorization_url
Definition: Get_authorization_url.php:62
oxdrp\$get_authorization_url
$get_authorization_url
Definition: Get_authorization_url_test.php:7

◆ show_template()

ControllerModuleGluuSSO::show_template (   $data)
private
441  {
442  $temp = $this->get_template ('module/gluu_sso');
443  return $this->load->view ($temp , $data);
444  }
ControllerModuleGluuSSO\get_template
get_template($template)
Definition: gluu_sso.php:445

◆ uninstall()

ControllerModuleGluuSSO::uninstall ( )
76  {
77  $this->load->model('module/gluu_sso');
78 
79  $this->model_module_gluu_sso->uninstall();
80  }

メンバ詳解

◆ $error

ControllerModuleGluuSSO::$error
protected
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時45分00秒作成 - gluu / 構成:   doxygen 1.8.13