This method will try to see if the current script is part of SimpleSAMLphp. In that case, it will use the
'baseurlpath' configuration option to rebuild the current URL based on that. If the current script is NOT
part of SimpleSAMLphp, it will just return the current URL.
Note that this method does NOT make use of the HTTP X-Forwarded-* set of headers.
| public static getSelfURL ( ) : string | ||
| return | string | The current URL, including query parameters. |
/**
* Retrieve a admin login URL.
*
* @param string|NULL $returnTo The URL the user should arrive on after admin authentication. Defaults to null.
*
* @return string A URL which can be used for admin authentication.
* @throws \InvalidArgumentException If $returnTo is neither a string nor null.
*/
public static function getAdminLoginURL($returnTo = null)
{
if (!(is_string($returnTo) || is_null($returnTo))) {
throw new \InvalidArgumentException('Invalid input parameters.');
}
if ($returnTo === null) {
$returnTo = \SimpleSAML\Utils\HTTP::getSelfURL();
}
return \SimpleSAML_Module::getModuleURL('core/login-admin.php', array('ReturnTo' => $returnTo));
}
/**
* Create a new NotFound error
*
* @param string $reason Optional description of why the given page could not be found.
*/
public function __construct($reason = NULL)
{
assert('is_null($reason) || is_string($reason)');
$url = \SimpleSAML\Utils\HTTP::getSelfURL();
if ($reason === NULL) {
parent::__construct(array('NOTFOUND', '%URL%' => $url));
} else {
parent::__construct(array('NOTFOUNDREASON', '%URL%' => $url, '%REASON%' => $reason));
}
$this->reason = $reason;
$this->httpCode = 404;
}
/**
* Create a new NotFound error
*
* @param string $reason Optional description of why the given page could not be found.
*/
public function __construct($reason = NULL)
{
assert('is_null($reason) || is_string($reason)');
$url = \SimpleSAML\Utils\HTTP::getSelfURL();
if ($reason === NULL) {
parent::__construct(array('NOTFOUND', '%URL%' => $url));
$this->message = "The requested page '{$url}' could not be found.";
} else {
parent::__construct(array('NOTFOUNDREASON', '%URL%' => $url, '%REASON%' => $reason));
$this->message = "The requested page '{$url}' could not be found. " . $reason;
}
$this->reason = $reason;
$this->httpCode = 404;
}
/**
* Gets the language navigation bar.
*
* @param SimpleSAML_XHTML_Template $view The view object,
* @param array $post The _POST array.
*
* @return string Resulting html markup.
*/
function simplesamlphp_get_languagebar(SimpleSAML_XHTML_Template $view, $params = array())
{
if (!empty($params['post'])) {
return '';
}
if (isset($view->data['hideLanguageBar']) && $view->data['hideLanguageBar'] === TRUE) {
return '';
}
$languages = simplesamlphp_get_languages();
$result = '<ul class="dropdown-menu">';
$template = '<li><a href="!href">!name</a></li>';
foreach ($languages as $lang => $name) {
$href = \SimpleSAML\Utils\HTTP::addURLParameters(\SimpleSAML\Utils\HTTP::getSelfURL(), array($params['languageParameterName'] => $lang));
$result .= strtr($template, array('!href' => $href, '!name' => $name));
}
return $result . '</ul>';
}
}
if (isset($this->data['hideLanguageBar']) && $this->data['hideLanguageBar'] === TRUE) {
$includeLanguageBar = FALSE;
}
if ($includeLanguageBar) {
$languages = $this->getLanguageList();
if (count($languages) > 1) {
echo '<div id="languagebar">';
$langnames = array('no' => 'Bokmål', 'nn' => 'Nynorsk', 'se' => 'Sámegiella', 'sam' => 'Åarjelh-saemien giele', 'da' => 'Dansk', 'en' => 'English', 'de' => 'Deutsch', 'sv' => 'Svenska', 'fi' => 'Suomeksi', 'es' => 'Español', 'fr' => 'Français', 'it' => 'Italiano', 'nl' => 'Nederlands', 'lb' => 'Lëtzebuergesch', 'cs' => 'Čeština', 'sl' => 'Slovenščina', 'lt' => 'Lietuvių kalba', 'hr' => 'Hrvatski', 'hu' => 'Magyar', 'pl' => 'Język polski', 'pt' => 'Português', 'pt-br' => 'Português brasileiro', 'ru' => 'русский язык', 'et' => 'eesti keel', 'tr' => 'Türkçe', 'el' => 'ελληνικά', 'ja' => '日本語', 'zh' => '简体中文', 'zh-tw' => '繁體中文', 'ar' => 'العربية', 'fa' => 'پارسی', 'ur' => 'اردو', 'he' => 'עִבְרִית', 'id' => 'Bahasa Indonesia', 'sr' => 'Srpski', 'lv' => 'Latviešu', 'ro' => 'Românește', 'eu' => 'Euskara');
$textarray = array();
foreach ($languages as $lang => $current) {
$lang = strtolower($lang);
if ($current) {
$textarray[] = $langnames[$lang];
} else {
$textarray[] = '<a href="' . htmlspecialchars(\SimpleSAML\Utils\HTTP::addURLParameters(\SimpleSAML\Utils\HTTP::getSelfURL(), array($this->languageParameterName => $lang))) . '">' . $langnames[$lang] . '</a>';
}
}
echo join(' | ', $textarray);
echo '</div>';
}
}
?>
<div id="content">
<?php
if (!empty($this->data['htmlinject']['htmlContentPre'])) {
foreach ($this->data['htmlinject']['htmlContentPre'] as $c) {
echo $c;
/**
* Receive an authentication request.
*
* @param SimpleSAML_IdP $idp The IdP we are receiving it for.
*/
public static function receiveAuthnRequest(SimpleSAML_IdP $idp)
{
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpMetadata = $idp->getConfig();
$supportedBindings = array(SAML2_Const::BINDING_HTTP_POST);
if ($idpMetadata->getBoolean('saml20.sendartifact', FALSE)) {
$supportedBindings[] = SAML2_Const::BINDING_HTTP_ARTIFACT;
}
if ($idpMetadata->getBoolean('saml20.hok.assertion', FALSE)) {
$supportedBindings[] = SAML2_Const::BINDING_HOK_SSO;
}
if (isset($_REQUEST['spentityid'])) {
/* IdP initiated authentication. */
if (isset($_REQUEST['cookieTime'])) {
$cookieTime = (int) $_REQUEST['cookieTime'];
if ($cookieTime + 5 > time()) {
/*
* Less than five seconds has passed since we were
* here the last time. Cookies are probably disabled.
*/
\SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL());
}
}
$spEntityId = (string) $_REQUEST['spentityid'];
$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
if (isset($_REQUEST['RelayState'])) {
$relayState = (string) $_REQUEST['RelayState'];
} else {
$relayState = NULL;
}
if (isset($_REQUEST['binding'])) {
$protocolBinding = (string) $_REQUEST['binding'];
} else {
$protocolBinding = NULL;
}
if (isset($_REQUEST['NameIDFormat'])) {
$nameIDFormat = (string) $_REQUEST['NameIDFormat'];
} else {
$nameIDFormat = NULL;
}
$requestId = NULL;
$IDPList = array();
$ProxyCount = NULL;
$RequesterID = NULL;
$forceAuthn = FALSE;
$isPassive = FALSE;
$consumerURL = NULL;
$consumerIndex = NULL;
$extensions = NULL;
$allowCreate = TRUE;
$idpInit = TRUE;
SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: IdP initiated authentication: ' . var_export($spEntityId, TRUE));
} else {
$binding = SAML2_Binding::getCurrentBinding();
$request = $binding->receive();
if (!$request instanceof SAML2_AuthnRequest) {
throw new SimpleSAML_Error_BadRequest('Message received on authentication request endpoint wasn\'t an authentication request.');
}
$spEntityId = $request->getIssuer();
if ($spEntityId === NULL) {
throw new SimpleSAML_Error_BadRequest('Received message on authentication request endpoint without issuer.');
}
$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
sspmod_saml_Message::validateMessage($spMetadata, $idpMetadata, $request);
$relayState = $request->getRelayState();
$requestId = $request->getId();
$IDPList = $request->getIDPList();
$ProxyCount = $request->getProxyCount();
if ($ProxyCount !== null) {
$ProxyCount--;
}
$RequesterID = $request->getRequesterID();
$forceAuthn = $request->getForceAuthn();
$isPassive = $request->getIsPassive();
$consumerURL = $request->getAssertionConsumerServiceURL();
$protocolBinding = $request->getProtocolBinding();
$consumerIndex = $request->getAssertionConsumerServiceIndex();
$extensions = $request->getExtensions();
$nameIdPolicy = $request->getNameIdPolicy();
if (isset($nameIdPolicy['Format'])) {
$nameIDFormat = $nameIdPolicy['Format'];
} else {
$nameIDFormat = NULL;
}
if (isset($nameIdPolicy['AllowCreate'])) {
$allowCreate = $nameIdPolicy['AllowCreate'];
} else {
$allowCreate = FALSE;
}
$idpInit = FALSE;
SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: incoming authentication request: ' . var_export($spEntityId, TRUE));
}
SimpleSAML_Stats::log('saml:idp:AuthnRequest', array('spEntityID' => $spEntityId, 'idpEntityID' => $idpMetadata->getString('entityid'), 'forceAuthn' => $forceAuthn, 'isPassive' => $isPassive, 'protocol' => 'saml2', 'idpInit' => $idpInit));
$acsEndpoint = self::getAssertionConsumerService($supportedBindings, $spMetadata, $consumerURL, $protocolBinding, $consumerIndex);
$IDPList = array_unique(array_merge($IDPList, $spMetadata->getArrayizeString('IDPList', array())));
if ($ProxyCount === null) {
$ProxyCount = $spMetadata->getInteger('ProxyCount', null);
}
if (!$forceAuthn) {
$forceAuthn = $spMetadata->getBoolean('ForceAuthn', FALSE);
}
$sessionLostParams = array('spentityid' => $spEntityId, 'cookieTime' => time());
if ($relayState !== NULL) {
$sessionLostParams['RelayState'] = $relayState;
}
$sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery(), $sessionLostParams);
$state = array('Responder' => array('sspmod_saml_IdP_SAML2', 'sendResponse'), SimpleSAML_Auth_State::EXCEPTION_HANDLER_FUNC => array('sspmod_saml_IdP_SAML2', 'handleAuthError'), SimpleSAML_Auth_State::RESTART => $sessionLostURL, 'SPMetadata' => $spMetadata->toArray(), 'saml:RelayState' => $relayState, 'saml:RequestId' => $requestId, 'saml:IDPList' => $IDPList, 'saml:ProxyCount' => $ProxyCount, 'saml:RequesterID' => $RequesterID, 'ForceAuthn' => $forceAuthn, 'isPassive' => $isPassive, 'saml:ConsumerURL' => $acsEndpoint['Location'], 'saml:Binding' => $acsEndpoint['Binding'], 'saml:NameIDFormat' => $nameIDFormat, 'saml:AllowCreate' => $allowCreate, 'saml:Extensions' => $extensions, 'saml:AuthnRequestReceivedAt' => microtime(TRUE));
$idp->handleAuthenticationRequest($state);
}
}
}
echo "</ul>";
echo <<<TRSTART
\t </div></td></tr>
</table>
</td>
\t
<td class='caAllowed'><input onClick="javascript:checkConsent(this.value, {$show_spid}, this.checked)" value='{$consentValue}' type='checkbox' {$checkedAttr}><span id="consentText{$show_spid}">{$consentText}</span></td>
TRSTART;
echo "</td></tr>\n";
$show_spid++;
}
?>
</table>
<p>
<?php
echo $this->t('consentadmin_description2');
?>
</p>
<h2>Logout</h2>
<p><a href="<?php
echo \SimpleSAML\Utils\HTTP::getSelfURL() . '?logout';
?>
">Logout</a></p>
<?php
$this->includeAtTemplateBase('includes/footer.php');
$session = SimpleSAML_Session::getSessionFromRequest();
$oauthconfig = SimpleSAML_Configuration::getOptionalConfig('module_oauth.php');
$store = new sspmod_core_Storage_SQLPermanentStorage('oauth');
$authsource = "admin";
// force admin to authenticate as registry maintainer
$useridattr = $oauthconfig->getValue('useridattr', 'user');
if ($session->isValid($authsource)) {
$attributes = $session->getAuthData($authsource, 'Attributes');
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
$as = SimpleSAML_Auth_Source::getById($authsource);
$as->initLogin(\SimpleSAML\Utils\HTTP::getSelfURL());
}
function requireOwnership($entry, $userid)
{
if (!isset($entry['owner'])) {
throw new Exception('OAuth Consumer has no owner. Which means no one is granted access, not even you.');
}
if ($entry['owner'] !== $userid) {
throw new Exception('OAuth Consumer has an owner that is not equal to your userid, hence you are not granted access.');
}
}
if (array_key_exists('editkey', $_REQUEST)) {
$entryc = $store->get('consumers', $_REQUEST['editkey'], '');
$entry = $entryc['value'];
requireOwnership($entry, $userid);
} else {
</div>
<?php
}
?>
<h2 style="break: both"><?php
echo $this->t('{authX509:X509error:certificate_header}');
?>
</h2>
<p><?php
echo $this->t('{authX509:X509error:certificate_text}');
?>
</p>
<a href="<?php
echo htmlspecialchars(\SimpleSAML\Utils\HTTP::getSelfURL());
?>
">
<?php
echo $this->t('{login:login_button}');
?>
</a>
<?php
if (!empty($this->data['links'])) {
echo '<ul class="links" style="margin-top: 2em">';
foreach ($this->data['links'] as $l) {
echo '<li><a href="' . htmlspecialchars($l['href']) . '">' . htmlspecialchars($this->t($l['text'])) . '</a></li>';
}
echo '</ul>';
}
/**
* @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\HTTP::getSelfURL() instead.
*/
public static function selfURL()
{
return \SimpleSAML\Utils\HTTP::getSelfURL();
}
/**
* Process an authentication response.
*
* @param array &$state The state array.
*/
public function postAuth(array &$state)
{
$consumer = $this->getConsumer($state);
$return_to = \SimpleSAML\Utils\HTTP::getSelfURL();
// Complete the authentication process using the server's
// response.
$response = $consumer->complete($return_to);
// Check the response status.
if ($response->status == Auth_OpenID_CANCEL) {
// This means the authentication was cancelled.
throw new SimpleSAML_Error_UserAborted();
} else {
if ($response->status == Auth_OpenID_FAILURE) {
// Authentication failed; display the error message.
throw new SimpleSAML_Error_AuthSource($this->authId, 'Authentication failed: ' . var_export($response->message, TRUE));
} else {
if ($response->status != Auth_OpenID_SUCCESS) {
throw new SimpleSAML_Error_AuthSource($this->authId, 'General error. Try again.');
}
}
}
// This means the authentication succeeded; extract the
// identity URL and Simple Registration data (if it was
// returned).
$openid = $response->identity_url;
$attributes = array('openid' => array($openid));
$attributes['openid.server_url'] = array($response->endpoint->server_url);
if ($response->endpoint->canonicalID) {
$attributes['openid.canonicalID'] = array($response->endpoint->canonicalID);
}
if ($response->endpoint->local_id) {
$attributes['openid.local_id'] = array($response->endpoint->local_id);
}
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response, $this->validateSReg);
$sregresponse = $sreg_resp->contents();
if (is_array($sregresponse) && count($sregresponse) > 0) {
$attributes['openid.sregkeys'] = array_keys($sregresponse);
foreach ($sregresponse as $sregkey => $sregvalue) {
$attributes['openid.sreg.' . $sregkey] = array($sregvalue);
}
}
// Get AX response information
$ax = new Auth_OpenID_AX_FetchResponse();
$ax_resp = $ax->fromSuccessResponse($response);
if ($ax_resp instanceof Auth_OpenID_AX_FetchResponse && !empty($ax_resp->data)) {
$axresponse = $ax_resp->data;
$attributes['openid.axkeys'] = array_keys($axresponse);
foreach ($axresponse as $axkey => $axvalue) {
if (preg_match("/^\\w+:/", $axkey)) {
$attributes[$axkey] = is_array($axvalue) ? $axvalue : array($axvalue);
} else {
SimpleSAML\Logger::warning('Invalid attribute name in AX response: ' . var_export($axkey, TRUE));
}
}
}
SimpleSAML\Logger::debug('OpenID Returned Attributes: ' . implode(", ", array_keys($attributes)));
$state['Attributes'] = $attributes;
SimpleSAML_Auth_Source::completeAuth($state);
}
if ($groupsAttr !== null) {
if (!array_key_exists($groupsAttr, $attributes)) {
throw new Exception("The user doesn't have an attribute named '" . $groupsAttr . "'. This attribute is expected to contain the groups the user is a member of.");
}
$authData['Groups'] = $attributes[$groupsAttr];
} else {
$authData['Groups'] = array();
}
$authData['RemoteIP'] = $_SERVER['REMOTE_ADDR'];
foreach ($attributes as $n => $v) {
$authData['ATTR_' . $n] = $v;
}
// store the authentication data in the memcache server
$data = '';
foreach ($authData as $n => $v) {
if (is_array($v)) {
$v = implode(':', $v);
}
$data .= $n . '=' . $v . "\r\n";
}
$memcache = $amc->getMemcache();
$expirationTime = $s->getAuthData('Expire');
$memcache->set($sessionID, $data, 0, $expirationTime);
// register logout handler
$session = SimpleSAML_Session::getSessionFromRequest();
$session->registerLogoutHandler($sourceId, 'SimpleSAML_AuthMemCookie', 'logoutHandler');
// redirect the user back to this page to signal that the login is completed
\SimpleSAML\Utils\HTTP::redirectTrustedURL(\SimpleSAML\Utils\HTTP::getSelfURL());
} catch (Exception $e) {
throw new SimpleSAML_Error_Error('CONFIG', $e);
}
/**
* Receive an authentication request.
*
* @param SimpleSAML_IdP $idp The IdP we are receiving it for.
*/
public static function receiveAuthnRequest(SimpleSAML_IdP $idp)
{
if (isset($_REQUEST['cookieTime'])) {
$cookieTime = (int) $_REQUEST['cookieTime'];
if ($cookieTime + 5 > time()) {
/*
* Less than five seconds has passed since we were
* here the last time. Cookies are probably disabled.
*/
\SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL());
}
}
if (!isset($_REQUEST['providerId'])) {
throw new SimpleSAML_Error_BadRequest('Missing providerId parameter.');
}
$spEntityId = (string) $_REQUEST['providerId'];
if (!isset($_REQUEST['shire'])) {
throw new SimpleSAML_Error_BadRequest('Missing shire parameter.');
}
$shire = (string) $_REQUEST['shire'];
if (isset($_REQUEST['target'])) {
$target = $_REQUEST['target'];
} else {
$target = NULL;
}
SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Got incoming Shib authnRequest from ' . var_export($spEntityId, TRUE) . '.');
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');
$found = FALSE;
foreach ($spMetadata->getEndpoints('AssertionConsumerService') as $ep) {
if ($ep['Binding'] !== 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post') {
continue;
}
if ($ep['Location'] !== $shire) {
continue;
}
$found = TRUE;
break;
}
if (!$found) {
throw new Exception('Invalid AssertionConsumerService for SP ' . var_export($spEntityId, TRUE) . ': ' . var_export($shire, TRUE));
}
SimpleSAML_Stats::log('saml:idp:AuthnRequest', array('spEntityID' => $spEntityId, 'protocol' => 'saml1'));
$sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters(\SimpleSAML\Utils\HTTP::getSelfURL(), array('cookieTime' => time()));
$state = array('Responder' => array('sspmod_saml_IdP_SAML1', 'sendResponse'), 'SPMetadata' => $spMetadata->toArray(), SimpleSAML_Auth_State::RESTART => $sessionLostURL, 'saml:shire' => $shire, 'saml:target' => $target, 'saml:AuthnRequestReceivedAt' => microtime(TRUE));
$idp->handleAuthenticationRequest($state);
}
// groups
$groupsAttr = $amc_cf->getGroupsAttr();
if ($groupsAttr !== null) {
if (!array_key_exists($groupsAttr, $attributes)) {
throw new SimpleSAML_Error_Exception("The user doesn't have an attribute named '" . $groupsAttr . "'. This attribute is expected to contain the groups the user is a member of.");
}
$authData['Groups'] = $attributes[$groupsAttr];
} else {
$authData['Groups'] = array();
}
$authData['RemoteIP'] = $_SERVER['REMOTE_ADDR'];
foreach ($attributes as $n => $v) {
$authData['ATTR_' . $n] = $v;
}
// store the authentication data in the memcache server
$data = '';
foreach ($authData as $n => $v) {
if (is_array($v)) {
$v = implode(':', $v);
}
$data .= $n . '=' . $v . "\r\n";
}
$memcache = $amc_cf->getMemcache();
$expirationTime = $s->getAuthData('Expire');
$memcache->set($sessionID, $data, 0, $expirationTime);
// register logout handler
$session = SimpleSAML_Session::getSessionFromRequest();
$session->registerLogoutHandler($sourceId, 'SimpleSAML\\module\\memcookie\\AuthMemCookie', 'logoutHandler');
// redirect the user back to this page to signal that the login is completed
Utils\HTTP::redirectTrustedURL(Utils\HTTP::getSelfURL());
$config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getSessionFromRequest();
$oauthconfig = SimpleSAML_Configuration::getOptionalConfig('module_oauth.php');
$store = new sspmod_core_Storage_SQLPermanentStorage('oauth');
$authsource = "admin";
// force admin to authenticate as registry maintainer
$useridattr = $oauthconfig->getValue('useridattr', 'user');
if ($session->isValid($authsource)) {
$attributes = $session->getAuthData($authsource, 'Attributes');
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
SimpleSAML_Auth_Default::initLogin($authsource, \SimpleSAML\Utils\HTTP::getSelfURL());
}
function requireOwnership($entry, $userid)
{
if (!isset($entry['owner'])) {
throw new Exception('OAuth Consumer has no owner. Which means no one is granted access, not even you.');
}
if ($entry['owner'] !== $userid) {
throw new Exception('OAuth Consumer has an owner that is not equal to your userid, hence you are not granted access.');
}
}
if (isset($_REQUEST['delete'])) {
$entryc = $store->get('consumers', $_REQUEST['delete'], '');
$entry = $entryc['value'];
requireOwnership($entry, $userid);
$store->remove('consumers', $entry['key'], '');
/**
* Test SimpleSAML\Utils\HTTP::getSelfURL().
*/
public function testGetSelfURLMethods()
{
$original = $_SERVER;
/*
* Test a URL pointing to a script that's not part of the public interface. This allows us to test calls to
* getSelfURL() from scripts outside of SimpleSAMLphp
*/
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => 'http://example.com/simplesaml/'), '[ARRAY]', 'simplesaml');
$url = 'https://example.com/app/script.php/some/path?foo=bar';
$this->setupEnvFromURL($url);
$_SERVER['SCRIPT_FILENAME'] = '/var/www/app/script.php';
$this->assertEquals($url, HTTP::getSelfURL());
$this->assertEquals('https://example.com', HTTP::getSelfURLHost());
$this->assertEquals('https://example.com/app/script.php/some/path', HTTP::getSelfURLNoQuery());
$this->assertTrue(HTTP::isHTTPS());
$this->assertEquals('https://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
// test a request URI that doesn't match the current script
$cfg = \SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => 'https://example.org/simplesaml/'), '[ARRAY]', 'simplesaml');
$baseDir = $cfg->getBaseDir();
$_SERVER['SCRIPT_FILENAME'] = $baseDir . 'www/module.php';
$this->setupEnvFromURL('http://www.example.com/protected/resource.asp?foo=bar');
$this->assertEquals('http://www.example.com/protected/resource.asp?foo=bar', HTTP::getSelfURL());
$this->assertEquals('http://www.example.com', HTTP::getSelfURLHost());
$this->assertEquals('http://www.example.com/protected/resource.asp', HTTP::getSelfURLNoQuery());
$this->assertFalse(HTTP::isHTTPS());
$this->assertEquals('example.org', HTTP::getSelfHostWithNonStandardPort());
$this->assertEquals('http://www.example.com', HTTP::getSelfURLHost());
// test a valid, full URL, based on a full URL in the configuration
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => 'https://example.com/simplesaml/'), '[ARRAY]', 'simplesaml');
$this->setupEnvFromURL('http://www.example.org/module.php/module/file.php?foo=bar');
$this->assertEquals('https://example.com/simplesaml/module.php/module/file.php?foo=bar', HTTP::getSelfURL());
$this->assertEquals('https://example.com', HTTP::getSelfURLHost());
$this->assertEquals('https://example.com/simplesaml/module.php/module/file.php', HTTP::getSelfURLNoQuery());
$this->assertTrue(HTTP::isHTTPS());
$this->assertEquals('https://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
// test a valid, full URL, based on a full URL *without* a trailing slash in the configuration
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => 'https://example.com/simplesaml'), '[ARRAY]', 'simplesaml');
$this->assertEquals('https://example.com/simplesaml/module.php/module/file.php?foo=bar', HTTP::getSelfURL());
$this->assertEquals('https://example.com', HTTP::getSelfURLHost());
$this->assertEquals('https://example.com/simplesaml/module.php/module/file.php', HTTP::getSelfURLNoQuery());
$this->assertTrue(HTTP::isHTTPS());
$this->assertEquals('https://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
// test a valid, full URL, based on a full URL *without* a path in the configuration
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => 'https://example.com'), '[ARRAY]', 'simplesaml');
$this->assertEquals('https://example.com/module.php/module/file.php?foo=bar', HTTP::getSelfURL());
$this->assertEquals('https://example.com', HTTP::getSelfURLHost());
$this->assertEquals('https://example.com/module.php/module/file.php', HTTP::getSelfURLNoQuery());
$this->assertTrue(HTTP::isHTTPS());
$this->assertEquals('https://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
// test a valid, full URL, based on a relative path in the configuration
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => '/simplesaml/'), '[ARRAY]', 'simplesaml');
$this->setupEnvFromURL('http://www.example.org/simplesaml/module.php/module/file.php?foo=bar');
$this->assertEquals('http://www.example.org/simplesaml/module.php/module/file.php?foo=bar', HTTP::getSelfURL());
$this->assertEquals('http://www.example.org', HTTP::getSelfURLHost());
$this->assertEquals('http://www.example.org/simplesaml/module.php/module/file.php', HTTP::getSelfURLNoQuery());
$this->assertFalse(HTTP::isHTTPS());
$this->assertEquals('http://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
// test a valid, full URL, based on a relative path in the configuration and a non standard port
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => '/simplesaml/'), '[ARRAY]', 'simplesaml');
$this->setupEnvFromURL('http://example.org:8080/simplesaml/module.php/module/file.php?foo=bar');
$this->assertEquals('http://example.org:8080/simplesaml/module.php/module/file.php?foo=bar', HTTP::getSelfURL());
$this->assertEquals('http://example.org:8080', HTTP::getSelfURLHost());
$this->assertEquals('http://example.org:8080/simplesaml/module.php/module/file.php', HTTP::getSelfURLNoQuery());
$this->assertFalse(HTTP::isHTTPS());
$this->assertEquals('http://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
// test a valid, full URL, based on a relative path in the configuration, a non standard port and HTTPS
\SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => '/simplesaml/'), '[ARRAY]', 'simplesaml');
$this->setupEnvFromURL('https://example.org:8080/simplesaml/module.php/module/file.php?foo=bar');
$this->assertEquals('https://example.org:8080/simplesaml/module.php/module/file.php?foo=bar', HTTP::getSelfURL());
$this->assertEquals('https://example.org:8080', HTTP::getSelfURLHost());
$this->assertEquals('https://example.org:8080/simplesaml/module.php/module/file.php', HTTP::getSelfURLNoQuery());
$this->assertTrue(HTTP::isHTTPS());
$this->assertEquals('https://' . HTTP::getSelfHostWithNonStandardPort(), HTTP::getSelfURLHost());
$_SERVER = $original;
}
/**
* Retrieve a URL that can be used to log the user out.
*
* @param string|NULL $returnTo The page the user should be returned to afterwards.
* If this parameter is NULL, the user will be returned to the current page.
* @return string A URL which is suitable for use in link-elements.
*/
public function getLogoutURL($returnTo = NULL)
{
assert('is_null($returnTo) || is_string($returnTo)');
if ($returnTo === NULL) {
$returnTo = \SimpleSAML\Utils\HTTP::getSelfURL();
}
$logout = SimpleSAML\Module::getModuleURL('core/as_logout.php', array('AuthId' => $this->authSource, 'ReturnTo' => $returnTo));
return $logout;
}
<?php
require_once '../_include.php';
/* Load simpleSAMLphp, configuration */
$config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getSessionFromRequest();
/* Check if valid local session exists.. */
SimpleSAML\Utils\Auth::requireAdmin();
$attributes = array();
$attributes['HTTP_HOST'] = array($_SERVER['HTTP_HOST']);
$attributes['HTTPS'] = isset($_SERVER['HTTPS']) ? array($_SERVER['HTTPS']) : array();
$attributes['SERVER_PROTOCOL'] = array($_SERVER['SERVER_PROTOCOL']);
$attributes['SERVER_PORT'] = array($_SERVER['SERVER_PORT']);
$attributes['Utilities_getBaseURL()'] = array(\SimpleSAML\Utils\HTTP::getBaseURL());
$attributes['Utilities_getSelfHost()'] = array(\SimpleSAML\Utils\HTTP::getSelfHost());
$attributes['Utilities_selfURLhost()'] = array(\SimpleSAML\Utils\HTTP::getSelfURLHost());
$attributes['Utilities_selfURLNoQuery()'] = array(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
$attributes['Utilities_getSelfHostWithPath()'] = array(\SimpleSAML\Utils\HTTP::getSelfHostWithPath());
$attributes['Utilities_getFirstPathElement()'] = array(\SimpleSAML\Utils\HTTP::getFirstPathElement());
$attributes['Utilities_selfURL()'] = array(\SimpleSAML\Utils\HTTP::getSelfURL());
$template = new SimpleSAML_XHTML_Template($config, 'hostnames.php');
$template->data['remaining'] = $session->getAuthData('admin', 'Expire') - time();
$template->data['attributes'] = $attributes;
$template->data['valid'] = 'na';
$template->data['logout'] = null;
$template->show();
$cronconfig = SimpleSAML_Configuration::getConfig('module_cron.php');
if (!is_null($cronconfig->getValue('key'))) {
if ($_REQUEST['key'] !== $cronconfig->getValue('key')) {
SimpleSAML_Logger::error('Cron - Wrong key provided. Cron will not run.');
exit;
}
}
if (!is_null($cronconfig->getValue('allowed_tags'))) {
if (!in_array($_REQUEST['tag'], $cronconfig->getValue('allowed_tags'))) {
SimpleSAML_Logger::error('Cron - Illegal tag [' . $_REQUEST['tag'] . '].');
exit;
}
}
$summary = array();
$croninfo = array('summary' => &$summary, 'tag' => $_REQUEST['tag']);
$url = \SimpleSAML\Utils\HTTP::getSelfURL();
$time = date(DATE_RFC822);
SimpleSAML_Module::callHooks('cron', $croninfo);
foreach ($summary as $s) {
SimpleSAML_Logger::debug('Cron - Summary: ' . $s);
}
if ($cronconfig->getValue('sendemail', TRUE) && count($summary) > 0) {
$message = '<h1>Cron report</h1><p>Cron ran at ' . $time . '</p>' . '<p>URL: <tt>' . $url . '</tt></p>' . '<p>Tag: ' . $croninfo['tag'] . "</p>\n\n" . '<ul><li>' . join('</li><li>', $summary) . '</li></ul>';
$toaddress = $config->getString('technicalcontact_email', '*****@*****.**');
if ($toaddress == '*****@*****.**') {
SimpleSAML_Logger::error('Cron - Could not send email. [technicalcontact_email] not set in config.');
} else {
// Use $toaddress for both TO and FROM
$email = new SimpleSAML_XHTML_EMail($toaddress, 'SimpleSAMLphp cron report', $toaddress);
$email->setBody($message);
$email->send();
