[simplesamlphp] r3043 committed - consent: Allow disabling of consent for all SPs on a given IdP.

Tue, 13 Mar 2012 02:56:42 -0700 

Revision: 3043
Author:   olavmrk
Date:     Tue Mar 13 02:40:13 2012
Log:      consent: Allow disabling of consent for all SPs on a given IdP.
http://code.google.com/p/simplesamlphp/source/detail?r=3043

Modified:
 /trunk/modules/consent/docs/consent.txt
 /trunk/modules/consent/lib/Auth/Process/Consent.php

=======================================
--- /trunk/modules/consent/docs/consent.txt     Thu Dec  8 05:56:33 2011
+++ /trunk/modules/consent/docs/consent.txt     Tue Mar 13 02:40:13 2012
@@ -188,7 +188,7 @@
 -----------------
It is possible to disable consent for a given service. You can add an option -in the matadata on the IdP, that will disable consent for det given service. +in the metadata on the IdP, that will disable consent for the given service. 
 Add 'consent.disable' array option and enter the entityids of the services,
 that you do not want consent for.

@@ -200,6 +200,12 @@
         ...
     ),
+It is also possible to disable consent for all SPs for a given IdP by setting 
+the 'consent.disable' option to TRUE:
+
+    'consent.disable' => TRUE,
+
+

 Attribute presentation
 ----------------------
=======================================
--- /trunk/modules/consent/lib/Auth/Process/Consent.php Tue Mar 13 02:40:01 2012 +++ /trunk/modules/consent/lib/Auth/Process/Consent.php Tue Mar 13 02:40:13 2012 
@@ -126,6 +126,21 @@
             }
         }
     }
+
+    /**
+     * Helper function to check whether consent is disabled.
+     *
+ * @param mixed $option The consent.disable option. Either an array or a boolean. 
+     * @param string $entityIdD  The entityID of the SP/IdP.
+     * @return boolean  TRUE if disabled, FALSE if not.
+     */
+    private static function checkDisable($option, $entityId) {
+        if (is_array($option)) {
+            return in_array($entityId, $option, TRUE);
+        } else {
+            return (boolean)$option;
+        }
+    }

     /**
      * Process a authentication response
@@ -167,7 +182,7 @@
         }

         // Do not use consent if disabled on source entity
- if ( isset($state['Source']['consent.disable']) && in_array($spEntityId, $state['Source']['consent.disable'])) { + if (isset($state['Source']['consent.disable']) && self::checkDisable($state['Source']['consent.disable'], $spEntityId)) { SimpleSAML_Logger::debug('Consent: Consent disabled for entity ' . $spEntityId); 
             return;
         }

--
You received this message because you are subscribed to the Google Groups 
"simpleSAMLphp commits" group.
To post to this group, send email to simplesamlphp-commits@googlegroups.com.
To unsubscribe from this group, send email to 
simplesamlphp-commits+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/simplesamlphp-commits?hl=en.

Reply via email to