Merge pull request #7 from pajavyskocil/perunAuthorize

Perun authorize

Author: tauceti2

composer.json

@@ -3,6 +3,7 @@
     "description": "Module which allows SSP to communicate with Perun IAM https://perun.cesnet.cz",
     "type": "simplesamlphp-module",
     "require": {
-        "simplesamlphp/composer-module-installer": "~1.0"
+        "simplesamlphp/composer-module-installer": "~1.0",
+        "cesnet/simplesamlphp-module-perunauthorize": "dev-master"
     }
 }

lib/Auth/Process/PerunIdentity.php

@@ -277,11 +277,21 @@ private function containsMembersGroup($entities)
          * @param array $request
          */
         protected function unauthorized(&$request) {
-                // Save state and redirect to 403 page
-                $id = SimpleSAML_Auth_State::saveState($request,
-                                'authorize:Authorize');
-                $url = SimpleSAML_Module::getModuleURL(
-                                'authorize/authorize_403.php');
-                \SimpleSAML\Utils\HTTP::redirectTrustedURL($url, array('StateId' => $id));
-        }
+		$id = SimpleSAML_Auth_State::saveState($request,
+			'perunauthorize:Perunauthorize');
+		$url = SimpleSAML_Module::getModuleURL(
+			'perunauthorize/perunauthorize_403.php');
+		if (isset($request['SPMetadata']['InformationURL']['en'])){
+			\SimpleSAML\Utils\HTTP::redirectTrustedURL($url,
+				array('StateId' => $id,
+                    'informationURL' => $request['SPMetadata']['InformationURL']['en'],
+					'administrationContact' => $request['SPMetadata']['administrationContact'],
+					'serviceName' => $request['SPMetadata']['name']['en']));
+		} else {
+			\SimpleSAML\Utils\HTTP::redirectTrustedURL($url,
+				array('StateId' => $id,
+                    'administrationContact' => $request['SPMetadata']['administrationContact'],
+					'serviceName' => $request['SPMetadata']['name']['en']));
+		}
+	}
 }