feat: Do not show previous selection for SPs listed in config

Author: BaranekD

config-templates/module_perun.php

@@ -264,6 +264,8 @@
         'display_sp_name' => false,
         // interface needed just in case of display_sp_name => true
         'interface' => 'rpc',
+        // don't show 'previous selection' for entity/client ids listed below
+        'skip_previous_selection_services' => [],
     ],
 
     'warning_test_sp_config' => [

lib/Disco.php

@@ -53,6 +53,8 @@ class Disco extends PowerIdPDisco
 
     public const ADD_AUTHN_CONTEXT_CLASSES_FOR_MFA = 'add_authn_context_classes_for_mfa';
 
+    public const SKIP_PREVIOUS_SELECTION = 'skip_previous_selection_services';
+
     // CONFIGURATION ENTRIES IDP BLOCKS
     public const IDP_BLOCKS = 'idp_blocks_config';
 
@@ -117,6 +119,8 @@ class Disco extends PowerIdPDisco
 
     public const IDP_ENTITY_ID = 'entityid';
 
+    public const SP_ENTITY_ID = 'entityid';
+
     public const IDP_COLOR = 'color';
 
     public const IDP_FULL_DISPLAY_NAME = 'fullDisplayName';
@@ -282,6 +286,11 @@ public function handleRequest()
             $this->fillSpName($t);
         }
 
+        $spsToSkipPreviousSelection = $this->wayfConfiguration->getArray(self::SKIP_PREVIOUS_SELECTION, []);
+        $spIdentifier = $this->getSpIdentifier($t);
+
+        $skipPreviousSelection = in_array($spIdentifier, $spsToSkipPreviousSelection, true);
+
         $t->data[self::ORIGINAL_SP] = $this->originalsp;
         $t->data[self::IDP_LIST] = $this->idplistStructured($idpList);
         $t->data[self::PREFERRED_IDP] = $preferredIdP;
@@ -293,6 +302,7 @@ public function handleRequest()
         $t->data[self::WAYF] = $this->wayfConfiguration;
         $t->data[self::NAME] = $this->spName;
         $t->data[self::DISPLAY_SP] = $this->displaySpName;
+        $t->data[self::SKIP_PREVIOUS_SELECTION] = $skipPreviousSelection;
         $t->show();
     }
 
@@ -961,8 +971,8 @@ private function fillSpNameForOidc($t, $clientIdWithPrefix)
     private function fillSpNameForSaml($t)
     {
         $this->spName = null;
-        if (!empty($this->originalsp['entityid'])) {
-            $entityId = $this->originalsp['entityid'];
+        if (!empty($this->originalsp[self::SP_ENTITY_ID])) {
+            $entityId = $this->originalsp[self::SP_ENTITY_ID];
             $entityIdAttr = $this->wayfConfiguration->getString(self::ENTITY_ID_ATTR, null);
             if (null === $entityIdAttr) {
                 $facility = $this->adapter->getFacilityByEntityId($entityId);
@@ -994,4 +1004,17 @@ private function prepareAcrsForMfa(array &$state)
         $contextsToAdd = $this->wayfConfiguration->getArray(self::ADD_AUTHN_CONTEXT_CLASSES_FOR_MFA, []);
         MultifactorAcrs::addAndStoreAcrs($state, $contextsToAdd);
     }
+
+    private function getSpIdentifier()
+    {
+        $clientIdWithPrefix = self::substrInArray(self::CLIENT_ID_PREFIX, $this->originalAuthnContextClassRef);
+
+        if (null !== $clientIdWithPrefix) {
+            $parts = explode(':', $clientIdWithPrefix);
+
+            return end($parts); // clientId
+        }
+
+        return empty($this->originalsp[self::SP_ENTITY_ID]) ? null : $this->originalsp[self::SP_ENTITY_ID];
+    }
 }

themes/perun/perun/disco-tpl.php

@@ -30,6 +30,7 @@
 $wayfConfig = $this->data[Disco::WAYF];
 $displaySpName = $this->data[Disco::DISPLAY_SP];
 $spName = $this->data[Disco::NAME];
+$skipPreviousSelection = $this->data[Disco::SKIP_PREVIOUS_SELECTION];
 
 $translateModule = $wayfConfig->getString(Disco::TRANSLATE_MODULE, 'disco');
 $addInstitutionConfig = $wayfConfig->getConfigItem(Disco::ADD_INSTITUTION, null);
@@ -94,7 +95,7 @@
 } else {
     // CHECK IF WE HAVE PREVIOUS SELECTION, IF YES, DISPLAY IT
     // Last selection is not null => Firstly show last selection
-    if (!empty($this->getPreferredIdp())) {
+    if (!empty($this->getPreferredIdp()) && !$skipPreviousSelection) {
         // ENTRY FOR PREVIOUS SELECTION
         echo '<div id="last-used-idp-wrap" class="d-none">' . PHP_EOL;
         echo '    <p class="discoDescription-left" id="last-used-idp-desc">'