Skip to content

Commit

Permalink
Merge pull request #34 from rutuja3407/saml_free_v11
Browse files Browse the repository at this point in the history 
Typo3 SAML SP Free v1.0.9
  • Loading branch information
@miniOrangeDev
miniOrangeDev authored Jul 24, 2024
2 parents 0a87ac0 + bfb41b3 commit e63759b
Show file tree
Hide file tree
Showing 25 changed files with 377 additions and 668 deletions.
265 changes: 121 additions & 144 deletions Classes/Controller/BesamlController.php
View file

Large diffs are not rendered by default.

9 changes: 3 additions & 6 deletions Classes/Controller/FesamlController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public function requestAction()
}
error_log("relaystate : ".print_r($_REQUEST,true));
$this->controlAction();
$this->bindingType = Constants::HTTP_REDIRECT;
$this->bindingType = $this->fetchBindingType();
$samlRequest = $this->build();
$relayState = isset($_REQUEST['RelayState']) ? $_REQUEST['RelayState'] : '/';

Expand Down Expand Up @@ -141,11 +141,10 @@ public function findSubstring($request)
return 0;
}

//Function to fetch login binding type
public function fetchBindingType()
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('saml');
$this->bindingType = $queryBuilder->select('login_binding_type')->from('saml')->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($this->uid, \PDO::PARAM_INT)))->execute()->fetch();
$this->bindingType = $this->bindingType['login_binding_type'];
$this->bindingType = Utilities::fetchFromTable(Constants::COLUMN_IDP_LOGIN_BINDING_TYPE, Constants::TABLE_SAML);
}

/**
Expand All @@ -155,8 +154,6 @@ public function fetchBindingType()
*/
public function controlAction()
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable(Constants::TABLE_SAML);

$idp_object = json_decode(Utilities::fetchFromTable(Constants::COLUMN_OBJECT_IDP, Constants::TABLE_SAML),true);
$sp_object = json_decode(Utilities::fetchFromTable(Constants::COLUMN_OBJECT_SP,Constants::TABLE_SAML),true);

Expand Down
77 changes: 46 additions & 31 deletions Classes/Controller/ResponseController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,11 @@ public function responseAction()
$_SESSION['ses_id'] = $user['uid'];
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_sessions');

if ($typo3Version >= 11.0) {
if ($typo3Version >= 12) {
$queryBuilder->delete('fe_sessions')->where($queryBuilder->expr()->eq('ses_userid', $queryBuilder->createNamedParameter($user['uid'], \PDO::PARAM_INT)))->executeStatement();
}
else
{
$queryBuilder->delete('fe_sessions')->where($queryBuilder->expr()->eq('ses_userid', $queryBuilder->createNamedParameter($user['uid'], \PDO::PARAM_INT)))->execute();
}
$context = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class);
Expand Down Expand Up @@ -142,13 +146,10 @@ public function responseAction()

public function control()
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable(Constants::TABLE_SAML);
$sp_object = $queryBuilder->select('spobject')->from(Constants::TABLE_SAML)->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetch();
$idp_object = $queryBuilder->select('object')->from(Constants::TABLE_SAML)->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetch();
$sp_object = Utilities::fetchFromTable(Constants::SAML_SPOBJECT, Constants::TABLE_SAML);
$idp_object = Utilities::fetchFromTable(Constants::SAML_IDPOBJECT, Constants::TABLE_SAML);
$sp_object = !is_array($sp_object) ? json_decode($sp_object, true) : $sp_object;
$idp_object = !is_array($idp_object) ? json_decode($idp_object, true) : $idp_object;
$sp_object = is_array($sp_object['spobject']) ? $sp_object['spobject'] : json_decode($sp_object['spobject'], true);
$idp_object = is_array($idp_object['object']) ? $idp_object['object'] : json_decode($idp_object['object'], true);
$this->acs_url = $sp_object['acs_url'];
$this->sp_entity_id = $sp_object['sp_entity_id'];
$this->saml_login_url = $idp_object['saml_login_url'];
Expand Down Expand Up @@ -176,8 +177,7 @@ public function createOrUpdateUser($username, $typo3Version)
$userExist = false;
if ($user == false) {
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('saml');
$count = $queryBuilder->select('countuser')->from(Constants::TABLE_SAML)->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetch();
$count = $count['countuser'];
$count = Utilities::fetchFromTable(Constants::COLUMN_COUNTUSER,Constants::TABLE_SAML);
if ($count > 0) {
Utilities::log_php_error("CREATING USER", $username);

Expand All @@ -188,18 +188,33 @@ public function createOrUpdateUser($username, $typo3Version)

// Insert the new user into the fe_users table
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$queryBuilder
if($typo3Version > 12)
{
$queryBuilder
->insert('fe_users')
->values($newUser)
->executeStatement();
}
else
{
$queryBuilder
->insert('fe_users')
->values($newUser)
->execute();
}

// Output the UID of the newly created user
$uid = $queryBuilder->getConnection()->lastInsertId('fe_users');
$queryBuilder->update('saml')->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter(1, PDO::PARAM_INT)))->set('countuser', $count - 1)->execute();
Utilities::updateTableSaml(Constants::COLUMN_COUNTUSER, $count-1);
} else {
$autocreate_exceed_email_sent = Utilities::fetchFromTable(Constants::AUTOCREATE_EXCEED_EMAIL_SENT, Constants::TABLE_SAML);
$site = GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST');
$customer = new CustomerSaml();
$customer->submit_to_magento_team_autocreate_limit_exceeded($site, $typo3Version);
if($autocreate_exceed_email_sent == NULL)
{
$customer->submit_to_magento_team_autocreate_limit_exceeded($site, $typo3Version);
Utilities::updateTableSaml(Constants::AUTOCREATE_EXCEED_EMAIL_SENT, 1);
}
echo "User limit exceeded!!! Please upgrade to the Premium Plan in order to continue the services";
exit;
}
Expand All @@ -212,8 +227,8 @@ public function createOrUpdateUser($username, $typo3Version)
}
$userExist = true;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$uid = $queryBuilder->select('uid')->from(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter($username, \PDO::PARAM_STR)))->execute()->fetch();
$uid = $uid['uid'];
$uid = $queryBuilder->select('uid')->from(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter($username, \PDO::PARAM_STR)))->executeQuery()->fetch();
$uid = is_array($uid) ? $uid['uid'] : $uid;
}

GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->flushCaches();
Expand All @@ -230,8 +245,16 @@ public function createOrUpdateUser($username, $typo3Version)
$mappedGroupUid = Utilities::fetchUidFromGroupName($mappedTypo3Group);
$mappedGroupUid = $mappedGroupUid;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$queryBuilder->update(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('uid', $uid))
if($typo3Version > 12)
{
$queryBuilder->update(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('uid', $uid))
->set('usergroup', $mappedGroupUid)->executeStatement();
}
else
{
$queryBuilder->update(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('uid', $uid))
->set('usergroup', $mappedGroupUid)->execute();
}
GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->flushCaches();

} else {
Expand All @@ -248,8 +271,16 @@ public function createOrUpdateUser($username, $typo3Version)
$mappedGroupUid = $mappedGroupUid;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
Utilities::log_php_error("assigning default group ");
$queryBuilder->update(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('uid', $uid))
if($typo3Version > 12)
{
$queryBuilder->update(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('uid', $uid))
->set('usergroup', $mappedGroupUid)->executeStatement();
}
else
{
$queryBuilder->update(Constants::TABLE_FE_USERS)->where($queryBuilder->expr()->eq('uid', $uid))
->set('usergroup', $mappedGroupUid)->execute();
}
Utilities::log_php_error("assigned default group");
}
Utilities::log_php_error("fetching user from username: ");
Expand All @@ -258,22 +289,6 @@ public function createOrUpdateUser($username, $typo3Version)
return $user;
}

public function fetchFromTable($col, $table)
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($table);
$variable = $queryBuilder->select($col)->from($table)->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($this->uid, \PDO::PARAM_INT)))->execute()->fetch();
return $variable && $variable[$col] ? $variable[$col] : null;
}

/**
* @param $val
*/
public function setFlag($val)
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('saml');
$queryBuilder->update('saml')->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($this->uid, \PDO::PARAM_INT)))->set('custom_attr', $val)->execute();
}

/**
* @param $instant
* @return false|string
Expand Down
11 changes: 9 additions & 2 deletions Classes/Domain/Repository/UserGroup/AbstractUserGroupRepository.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,16 @@ public function __construct()

abstract protected function setTableName(): void;

public function findAll(): array
public function findAll($typo3Version): array
{
return $this->getQueryBuilder()->select('*')->from($this->tableName)->execute()->fetchAll();
if($typo3Version > 12)
{
return $this->getQueryBuilder()->select('*')->from($this->tableName)->executeQuery()->fetchAll();
}
else
{
return $this->getQueryBuilder()->select('*')->from($this->tableName)->execute()->fetchAll();
}
}

protected function getQueryBuilder(): QueryBuilder
Expand Down
4 changes: 4 additions & 0 deletions Classes/Helper/Actions/ReadResponseAction.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,11 @@ public static function execute()
}

$document = new \DOMDocument();
if(!empty($samlResponse))
$document->loadXML($samlResponse);
else
Utilities::showErrorFlashMessage('Invalid Metadata.');

$samlResponseXML = $document->firstChild;

if ($samlResponseXML->localName == 'LogoutResponse') {
Expand Down
13 changes: 9 additions & 4 deletions Classes/Helper/Actions/TestResultActions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,11 +101,16 @@ public function execute()
$this->processTemplateFooter();

$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('saml');
$idp_object = $queryBuilder->select('object')->from('saml')->where($queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter(1, PDO::PARAM_INT)))->execute()->fetch();
$idp_object = $idp_object['object'];
$this->status = Utilities::isBlank($this->nameId) ? 'Test Failed' : 'Test SuccessFull';
$idp_object = Utilities::fetchFromTable(Constants::SAML_IDPOBJECT, Constants::TABLE_SAML);
$test_config_email_sent = Utilities::fetchFromTable(Constants::TEST_CONFIG_EMAIL_SENT, Constants::TABLE_SAML);
$this->status = Utilities::isBlank($this->nameId) ? 'Test Failed' : 'Test Successful';
$customer = new CustomerSaml();
$customer->submit_to_magento_team_core_config_data($this->status, $this->attrs ,$idp_object);
if($test_config_email_sent == NULL)
{
$site = GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST');
$customer->submit_to_magento_team_core_config_data($this->status, $this->attrs ,$idp_object, $site);
Utilities::updateTableSaml(Constants::TEST_CONFIG_EMAIL_SENT, 1);
}
printf($this->template);
return;
}
Expand Down
7 changes: 5 additions & 2 deletions Classes/Helper/Constants.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,9 @@ class Constants
//IDP
const COLUMN_IDP_NAME = 'idp_name';
const COLUMN_IDP_ENTITY_ID = 'idp_entity_id';
const COLUMN_IDP_BINDING_TYPE = 'login_binding_type';
const COLUMN_IDP_LOGIN_BINDING_TYPE = 'login_binding_type';
const COLUMN_IDP_LOGIN_URL = 'saml_login_url';
const COLUMN_SAML_LOGOUT_URL = 'saml_logout_url';
const COLUMN_IDP_CERTIFICATE = 'x509_certificate';

//Column SAML
Expand All @@ -35,6 +36,7 @@ class Constants
const COLUMN_PLUGIN_RESPONSE_URL = 'response';
const COLUMN_PLUGIN_FESAML_URL = 'fesaml';
const COLUMN_SITE_BASE_URL = 'site_base_url';
const COLUMN_COUNTUSER = 'countuser';

// COLUMNS IN CUSTOMER TABLE
const CUSTOMER_EMAIL = "cust_email";
Expand All @@ -45,7 +47,6 @@ class Constants
const CUSTOMER_CODE = "cust_code";
const IDP_LIMIT = 'idplimit';
//SAML Table Columns
const IDP_BINDING_TYPE = 'login_binding_type';
const IDP_X509_CERTIFICATE = 'x509_certificate';
const IDP_LOGIN_URL = 'saml_login_url';
const SAML_IDPOBJECT = 'object';
Expand Down Expand Up @@ -99,5 +100,7 @@ class Constants
const DEFAULT_CUSTOMER_KEY = "16555";
const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
const EMAIL_SENT = 'isEmailSent';
const TEST_CONFIG_EMAIL_SENT = 'test_config_email_sent';
const AUTOCREATE_EXCEED_EMAIL_SENT = 'autocreate_exceed_email_sent';

}
14 changes: 6 additions & 8 deletions Classes/Helper/CustomerSaml.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -246,9 +246,6 @@ function callAPI($url, $jsonData = [], $headers = ["Content-Type: application/js
if ($method === 'POST' || $method === 'PUT') {
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}

// Execute the cURL request
$response = curl_exec($ch);
return $response;
}

Expand Down Expand Up @@ -320,7 +317,8 @@ function submit_to_magento_team(
function submit_to_magento_team_core_config_data(
$sub,
$content,
$values
$values,
$site
) {
$url = Constants::HOSTNAME . "/moas/api/notify/send";
$customerKey = Constants::DEFAULT_CUSTOMER_KEY;
Expand All @@ -337,7 +335,7 @@ function submit_to_magento_team_core_config_data(
'fromName' => 'miniOrange',
'toEmail' => "[email protected]",
'toName' => "Nitesh",
'subject' => "Typo3 SAML SP free Plugin $sub",
'subject' => "Typo3 SAML SP free Plugin $sub site: $site",
'content' => "Attributes Received: $content <br><br>,IDP Configurations: $values"
),
);
Expand All @@ -352,7 +350,7 @@ function submit_to_magento_team_core_config_data(
'fromName' => 'miniOrange',
'toEmail' => "[email protected]",
'toName' => "Rushikesh",
'subject' => "Typo3 SAML SP free Plugin $sub",
'subject' => "Typo3 SAML SP free Plugin $sub site: $site",
'content' => " $content <br>, $values"
),
);
Expand Down Expand Up @@ -380,7 +378,7 @@ function submit_to_magento_team_autocreate_limit_exceeded($site, $typo3Version)
'fromName' => 'miniOrange',
'toEmail' => "[email protected]",
'toName' => "Nitesh",
'subject' => "Typo3 SAML SP free Plugin AUTOCREATE USER LIMIT EXEEDED",
'subject' => "Typo3 SAML SP free Plugin AUTOCREATE USER LIMIT EXEEDED site: $site",
'content' => "Site: $site, Typo3 Version = $typo3Version"
),
);
Expand All @@ -395,7 +393,7 @@ function submit_to_magento_team_autocreate_limit_exceeded($site, $typo3Version)
'fromName' => 'miniOrange',
'toEmail' => "[email protected]",
'toName' => "Rushikesh",
'subject' => "Typo3 SAML SP free Plugin AUTOCREATE USER LIMIT EXEEDED",
'subject' => "Typo3 SAML SP free Plugin AUTOCREATE USER LIMIT EXEEDED site: $site",
'content' => "Site: $site, Typo3 Version = $typo3Version"
),
);
Expand Down
13 changes: 8 additions & 5 deletions Classes/Helper/SAMLUtilities.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -662,17 +662,20 @@ public static function generateRandomAlphanumericValue($length)
public static function mo_saml_miniorange_generate_metadata($download = false)
{
$spObject = json_decode(self::fetchFromTable(Constants::SAML_SPOBJECT, Constants::TABLE_SAML), true);
$spObject = $spObject[Constants::SAML_SPOBJECT];
$sp_base_url = $spObject['site_base_url'];
$sp_response_url = $spObject['response'];
$sp_entity_id = $spObject['sp_entity_id'];
if(empty($spObject))
{
self::showErrorFlashMessage('Please fill all the SP Settings to download SP Metadata');
}
$sp_base_url = $spObject[Constants::COLUMN_SITE_BASE_URL];
$sp_response_url = $spObject[Constants::COLUMN_PLUGIN_RESPONSE_URL];
$sp_entity_id = $spObject[Constants::COLUMN_SP_ENTITY_ID];

$entity_id = $sp_entity_id;
$acs_url = $sp_response_url;
if (ob_get_contents())
ob_clean();

header('Content-Type: text/rss+xml; charset=utf-8');
header('Content-Type: text/xml; charset=utf-8');
if ($download)
header('Content-Disposition: attachment; filename="Metadata.xml"');

Expand Down
Loading

0 comments on commit e63759b

Please sign in to comment.