-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathindex.php
96 lines (77 loc) · 3.2 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<?php
/*
* OIDplus 2.0
* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
use ViaThinkSoft\OIDplus\Core\OIDplus;
use ViaThinkSoft\OIDplus\Core\OIDplusGui;
use ViaThinkSoft\OIDplus\Plugins\ObjectTypes\OID\WeidOidConverter;
header('Content-Type:text/html; charset=UTF-8');
require_once __DIR__ . '/includes/oidplus.inc.php';
set_exception_handler(array(OIDplusGui::class, 'html_exception_handler'));
ob_start(); // allow cookie headers to be sent
OIDplus::init(true);
$static_node_id = $_REQUEST['goto'] ?? 'oidplus:system';
if (isset($_REQUEST['h404'])) {
$handled = false;
$plugins = OIDplus::getAllPlugins();
foreach ($plugins as $plugin) {
if ($plugin->handle404($_REQUEST['h404'])) $handled = true;
}
if (!$handled) {
// TODO: Is canonical host OK? Because we might have a login cookie on this domain!
header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404']));
die();
}
}
$static_node_id_original = $static_node_id;
$was_weid = str_starts_with(strtolower($static_node_id), 'weid:');
$static_node_id = OIDplus::prefilterQuery($static_node_id, false);
if ($was_weid && class_exists(WeidOidConverter::class)) {
$static_node_id = (strtolower($static_node_id) == 'oid:') ? 'weid:' : WeidOidConverter::oid2weid(substr($static_node_id,strlen('oid:')));
}
if ($static_node_id_original !== $static_node_id) {
// Redirect to the corrected query
// TODO: Is canonical host OK? Because we might have a login cookie on this domain!
$canonical_url = OIDplus::canonicalURL($static_node_id);
if ($canonical_url) {
header('Location:'.$canonical_url);
die();
}
unset($canonical_url);
}
unset($static_node_id_original);
$static = OIDplus::gui()->generateContentPage($static_node_id);
$page_title_2 = $static['title'];
$static_icon = $static['icon'];
$static_content = $static['text'];
if (!isset($_COOKIE['csrf_token'])) {
// This is the main CSRF token used for AJAX.
$token = OIDplus::authUtils()->genCSRFToken();
OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false);
unset($token);
}
if (!isset($_COOKIE['csrf_token_weak'])) {
// This CSRF token is created with SameSite=Lax and must be used
// for OAuth 2.0 redirects or similar purposes.
$token = OIDplus::authUtils()->genCSRFToken();
OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax');
unset($token);
}
OIDplus::handleLangArgument();
$page_title_1 = OIDplus::gui()->combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $page_title_2);
$cont = OIDplus::gui()->showMainPage($page_title_1, $page_title_2, $static_icon, $static_content, $extra_head_tags=array(), $static_node_id);
OIDplus::invoke_shutdown();
echo $cont;