<?php
/* Load simpleSAMLphp, configuration and metadata */
$config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getInstance();
$metaconfig = SimpleSAML_Configuration::getConfig('module_metaedit.php');
$mdh = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize($metaconfig->getValue('metahandlerConfig', NULL));
$authsource = $metaconfig->getValue('auth', 'login-admin');
$useridattr = $metaconfig->getValue('useridattr', 'eduPersonPrincipalName');
if ($session->isValid($authsource)) {
$attributes = $session->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
SimpleSAML_Auth_Default::initLogin($authsource, SimpleSAML_Utilities::selfURL());
}
function requireOwnership($metadata, $userid)
{
if (!isset($metadata['owner'])) {
throw new Exception('Metadata has no owner. Which means no one is granted access, not even you.');
}
if ($metadata['owner'] !== $userid) {
throw new Exception('Metadata has an owner that is not equal to your userid, hence you are not granted access.');
}
}
if (array_key_exists('entityid', $_REQUEST)) {
$metadata = $mdh->getMetadata($_REQUEST['entityid'], 'saml20-sp-remote');
requireOwnership($metadata, $userid);
<?php
/* Load simpleSAMLphp, configuration and metadata */
$config = SimpleSAML_Configuration::getInstance();
$metaconfig = SimpleSAML_Configuration::getConfig('module_metaedit.php');
$mdh = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize($metaconfig->getValue('metahandlerConfig', NULL));
$authsource = $metaconfig->getValue('auth', 'login-admin');
$useridattr = $metaconfig->getValue('useridattr', 'eduPersonPrincipalName');
$as = new SimpleSAML_Auth_Simple($authsource);
$as->requireAuth();
$attributes = $as->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
function requireOwnership($metadata, $userid)
{
if (!isset($metadata['owner'])) {
throw new Exception('Metadata has no owner. Which means no one is granted access, not even you.');
}
if ($metadata['owner'] !== $userid) {
throw new Exception('Metadata has an owner that is not equal to your userid, hence you are not granted access.');
}
}
if (isset($_REQUEST['delete'])) {
$premetadata = $mdh->getMetadata($_REQUEST['delete'], 'saml20-sp-remote');
requireOwnership($premetadata, $userid);
$mdh->deleteMetadata($_REQUEST['delete'], 'saml20-sp-remote');
}
$list = $mdh->getMetadataSet('saml20-sp-remote');
/**
* Save metadata for loading with the 'serialize' metadata loader.
*
* @param string $outputDir The directory we should save the metadata to.
*/
public function writeMetadataSerialize($outputDir)
{
assert('is_string($outputDir)');
$metaHandler = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize(array('directory' => $outputDir));
/* First we add all the metadata entries to the metadata handler. */
foreach ($this->metadata as $set => $elements) {
foreach ($elements as $m) {
$entityId = $m['metadata']['entityid'];
SimpleSAML_Logger::debug('metarefresh: Add metadata entry ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '.');
$metaHandler->saveMetadata($entityId, $set, $m['metadata']);
}
}
/* Then we delete old entries which should no longer exist. */
$ct = time();
foreach ($metaHandler->getMetadataSets() as $set) {
foreach ($metaHandler->getMetadataSet($set) as $entityId => $metadata) {
if (!array_key_exists('expire', $metadata)) {
SimpleSAML_Logger::warning('metarefresh: Metadata entry without expire timestamp: ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '.');
continue;
}
if ($metadata['expire'] > $ct) {
continue;
}
SimpleSAML_Logger::debug('metarefresh: ' . $entityId . ' expired ' . date('l jS \\of F Y h:i:s A', $metadata['expire']));
SimpleSAML_Logger::debug('metarefresh: Delete expired metadata entry ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '. (' . ($ct - $metadata['expire']) . ' sec)');
$metaHandler->deleteMetadata($entityId, $set);
}
}
}
<?php
$config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getInstance();
$kconfig = SimpleSAML_Configuration::getConfig('module_metalisting.php');
$tag = $kconfig->getString('defaultTags', 'prod');
$allowedTags = $kconfig->getArray('allowedTags');
if (isset($_REQUEST['set'])) {
if (in_array($_REQUEST['set'], $allowedTags)) {
$tag = $_REQUEST['set'];
}
}
$kdconfig = $kconfig->getConfigItem('dirs');
$dir = $kdconfig->getString($tag);
// echo('<pre>');
// print_r($tag);
// print_r($allowedTags);
// print_r($dir);
// exit;
$mh = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize(array('directory' => $dir));
$metaentries = array();
$metaentries['remote']['saml20-idp-remote'] = $mh->getMetadataSet('saml20-idp-remote');
$metaentries['remote']['saml20-sp-remote'] = $mh->getMetadataSet('saml20-sp-remote');
// echo('<pre>');
// print_r($mentries);
$t = new SimpleSAML_XHTML_Template($config, 'metalisting:metalisting.tpl.php');
$t->data['header'] = 'Federation entities';
$t->data['metaentries'] = $metaentries;
$t->data['extended'] = isset($_REQUEST['extended']);
$t->show();
exit;
