From 9c27058065dfe0cc7b88c27d47f7a6a081af5637 Mon Sep 17 00:00:00 2001 From: Arthur Egberink Date: Fri, 20 May 2016 08:12:00 +0000 Subject: [PATCH] RABO#36561 -- SSO script voor RABO svn path=/Website/branches/v2016.1/; revision=29472 --- CUST/RABO/SSO/SSOprodRABO.asp | 119 ++++++++++++++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 CUST/RABO/SSO/SSOprodRABO.asp diff --git a/CUST/RABO/SSO/SSOprodRABO.asp b/CUST/RABO/SSO/SSOprodRABO.asp new file mode 100644 index 0000000000..e5a621b0a2 --- /dev/null +++ b/CUST/RABO/SSO/SSOprodRABO.asp @@ -0,0 +1,119 @@ +<%@language="VBScript"%> +<% +'******************************************************************* +'Script: SSO.ASP +' +' $Revision$ +' $Id$ +' +'Doel: SSO bewerkstelligen voor ASP providers - deel 1 van 2 +'******************************************************************* +'* declare ********************************************************* +Dim strGUID, strCTID, strUserName, strKey, strASPUrl, strSharedKey +Dim strEncryptedCode, strControlEncryptedCode +'* variables ******************************************************* +strASPUrl = "https://rabo.facilitor.nl?sso=2" 'HTTPS URL adres van ASP +strSharedKey = "vDzWDwhzBtGkMPVkLjyOoRVJdhhxdgpr" 'Sharedkey - Should be the same at target side +'******************************************************************* +response.Buffer=true +Dim proto, zelf +If Request.ServerVariables("SERVER_PORT") = 443 Then + proto = "https://" +Else + proto = "http://" +End If +zelf = proto & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("SCRIPT_NAME") +%> + + + + + +Een moment aub. +
+ +<% +'* request action = requestid *************************************** +strGUID = Request.form("guid") +strCTID = Request.form("ctid") +if strGUID = "" or strCTID = "" then + '* first flow: requestid **************************************** + %> + + " ID="jumpTo"> + <% +else + '* second flow: create code ************************************* + strUserName = Request.ServerVariables("LOGON_USER") + if strUserName = "" then + strUserName = Request.ServerVariables("REMOTE_USER") + if strUserName = "" then + strUserName = Request.ServerVariables("HTTP_USER") + if strUserName = "" then + strUserName = Request.ServerVariables("HTTP_LOGIN") + if strUserName = "" then + 'Forse user to authenticate + response.Clear + response.Status = 401 + response.Flush + response.End + end if + end if + end if + end if + + ' * Strip domain name + Do While instr(strUserName, "\")>0 + strUserName = Mid(strUserName, instr(strUserName, "\") + 1) + Loop + '* crypt ******************************************************** + 'First coding phase + strKey = mid(strSharedKey & strGUID,1,Len(strUserName)) + strEncryptedCode = EnCrypt(strUserName) + 'Second coding phase + strKey = mid(strGUID,1,Len(strEncryptedCode)) + strEncryptedCode = EnCrypt(strEncryptedCode) + '* crypt Controlkey ********************************************* + 'First coding phase + strKey = mid(strSharedKey & strCTID,1,Len(strCTID)) + strControlEncryptedCode = EnCrypt(zelf) + 'Second coding phase + strKey = mid(strCTID,1,Len(strControlEncryptedCode)) + strControlEncryptedCode = EnCrypt(strControlEncryptedCode) + %> + + + + + <% +end if +'* Functions ******************************************************** +Function EnCrypt(strCryptThis) + Dim strChar, iKeyChar, iStringChar, i + for i = 1 to Len(strCryptThis) + iKeyChar = Asc(mid(strKey,i,1)) + iStringChar = Asc(mid(strCryptThis,i,1)) + iCryptChar = iKeyChar Xor iStringChar + strEncrypted = strEncrypted & Chr(iCryptChar) + next + EnCrypt = strEncrypted +End Function +Function ConvertToAsc(strAsc) + Dim iCount + Dim strTemp + ConvertToAsc = "" + for iCount = 1 to len(strAsc) + strTemp = (asc(mid(strAsc,iCount,1))) + ConvertToAsc = ConvertToAsc & len(strTemp) & strTemp + next +End Function +'********************************************************************* +%> +
+ +