dani/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
cf564122d6
ansible-roles/roles/phpmyadmin/templates/sso.php.j2

53 lines
2.4 KiB
Django/Jinja
Raw Blame History

<?php
{% for user in pma_sso_users | default([]) %}
$login['{{ user.user }}'] = '{{ user.sql_login }}';
$password['{{ user.user }}'] = '{{ (pma_sso_encryption_token is defined) | ternary(pma_sso_users_encrypted.results | selectattr('item.user', 'equalto', user.user) | map(attribute='stdout') | first, user.sql_password | regex_replace('\'', '\\\'')) }}';
{% endfor %}
{% for group in pma_sso_groups | default([]) %}
$g_login['{{ group.group }}'] = '{{ group.sql_login }}';
$g_password['{{ group.group }}'] = '{{ (pma_sso_encryption_token is defined) | ternary(pma_sso_groups_encrypted.results | selectattr('item.group', 'equalto', group.group) | map(attribute='stdout') | first, group.sql_password | regex_replace('\'', '\\\'')) }}';
{% endfor %}
{% for field in pma_sso_user_fields %}
if (!isSet($ssologin) && isSet($_SERVER['{{ field }}'])){
$ssologin = $_SERVER['{{ field }}'];
}
{% endfor %}
{% for field in pma_sso_groups_fields %}
if (!isSet($ssogroups) && isSet($_SERVER['{{ field }}'])){
$ssogroups = explode('; ', $_SERVER['{{ field }}']);
}
{% endfor %}
if(isSet($ssologin) && isSet($login[$ssologin]) && isSet($password[$ssologin])) {
session_set_cookie_params(0, '/', '', 0);
session_name('PmaSignonSession');
session_start();
$_SESSION['PMA_single_signon_user'] = $login[$ssologin];
$_SESSION['PMA_single_signon_password'] = {{ (pma_sso_encryption_token is defined) | ternary("openssl_decrypt($password[$ssologin],'aes-128-cbc',$_SERVER['HTTP_X_ENCRYPTION_TOKEN'],0,substr(hash('sha256',$ssologin),0,16))",'$password[$ssologin]') }};
session_write_close();
header('Location: /index.php');
exit(0);
} elseif (isSet($ssogroups)) {
foreach ($ssogroups as $group){
if (isSet($g_login[$group]) && isSet($g_password[$group])){
session_set_cookie_params(0, '/', '', 0);
session_name('PmaSignonSession');
session_start();
$_SESSION['PMA_single_signon_user'] = $g_login[$group];
$_SESSION['PMA_single_signon_password'] = {{ (pma_sso_encryption_token is defined) | ternary("openssl_decrypt($g_password[$group],'aes-128-cbc',$_SERVER['HTTP_X_ENCRYPTION_TOKEN'],0,substr(hash('sha256',$group),0,16))",'$g_password[$group]') }};
session_write_close();
header('Location: /index.php');
exit(0);
}
}
}
header('HTTP/1.0 403 Forbidden');
echo 'Not logged in the SSO system';
die;
?>
Reference in New Issue View Git Blame Copy Permalink