/** * Continue the logout operation. * * This function will never return. * * @param string $assocId The association that is terminated. * @param string|null $relayState The RelayState from the start of the logout. * @param \SimpleSAML_Error_Exception|null $error The error that occurred during session termination (if any). * * @throws \SimpleSAML_Error_Exception If the RelayState was lost during logout. */ public function onResponse($assocId, $relayState, \SimpleSAML_Error_Exception $error = null) { assert('is_string($assocId)'); assert('is_string($relayState) || is_null($relayState)'); if ($relayState === null) { throw new \SimpleSAML_Error_Exception('RelayState lost during logout.'); } $state = \SimpleSAML_Auth_State::loadState($relayState, 'core:LogoutTraditional'); if ($error === null) { Logger::info('Logged out of ' . var_export($assocId, true) . '.'); $this->idp->terminateAssociation($assocId); } else { Logger::warning('Error received from ' . var_export($assocId, true) . ' during logout:'); $error->logWarning(); $state['core:Failed'] = true; } self::logoutNextSP($state); }
/** * Translate a tag into the current language, with a fallback to english. * * This function is used to look up a translation tag in dictionaries, and return the translation into the current * language. If no translation into the current language can be found, english will be tried, and if that fails, * placeholder text will be returned. * * An array can be passed as the tag. In that case, the array will be assumed to be on the form (language => text), * and will be used as the source of translations. * * This function can also do replacements into the translated tag. It will search the translated tag for the keys * provided in $replacements, and replace any found occurrences with the value of the key. * * @param string|array $tag A tag name for the translation which should be looked up, or an array with * (language => text) mappings. The array version will go away in 2.0 * @param array $replacements An associative array of keys that should be replaced with values in the * translated string. * @param boolean $fallbackdefault Default translation to use as a fallback if no valid translation was found. * @deprecated Not used in twig, gettext * * @return string The translated tag, or a placeholder value if the tag wasn't found. */ public function t($tag, $replacements = array(), $fallbackdefault = true, $oldreplacements = array(), $striptags = false) { $backtrace = debug_backtrace(); $where = $backtrace[0]['file'] . ':' . $backtrace[0]['line']; if (!$fallbackdefault) { \SimpleSAML\Logger::warning('Deprecated use of new SimpleSAML\\Locale\\Translate::t(...) at ' . $where . '. This parameter will go away, the fallback will become' . ' identical to the $tag in 2.0.'); } if (!is_array($replacements)) { // TODO: remove this entire if for 2.0 // old style call to t(...). Print warning to log \SimpleSAML\Logger::warning('Deprecated use of SimpleSAML\\Locale\\Translate::t(...) at ' . $where . '. Please update the code to use the new style of parameters.'); // for backwards compatibility if (!$replacements && $this->getTag($tag) === null) { \SimpleSAML\Logger::warning('Code which uses $fallbackdefault === FALSE should be updated to use the getTag() method instead.'); return null; } $replacements = $oldreplacements; } if (is_array($tag)) { $tagData = $tag; \SimpleSAML\Logger::warning('Deprecated use of new SimpleSAML\\Locale\\Translate::t(...) at ' . $where . '. The $tag-parameter can only be a string in 2.0.'); } else { $tagData = $this->getTag($tag); if ($tagData === null) { // tag not found \SimpleSAML\Logger::info('Template: Looking up [' . $tag . ']: not translated at all.'); return $this->getStringNotTranslated($tag, $fallbackdefault); } } $translated = $this->getPreferredTranslation($tagData); foreach ($replacements as $k => $v) { // try to translate if no replacement is given if ($v == null) { $v = $this->t($k); } $translated = str_replace($k, $v, $translated); } return $translated; }
/** * Logs with an arbitrary level. * * @param mixed $level * @param string $message * @param array $context * @return null */ public function log($level, $message, array $context = array()) { switch ($level) { case \SimpleSAML\Logger::ALERT: \SimpleSAML\Logger::alert($message); break; case \SimpleSAML\Logger::CRIT: \SimpleSAML\Logger::critical($message); break; case \SimpleSAML\Logger::DEBUG: \SimpleSAML\Logger::debug($message); break; case \SimpleSAML\Logger::EMERG: \SimpleSAML\Logger::emergency($message); break; case \SimpleSAML\Logger::ERR: \SimpleSAML\Logger::error($message); break; case \SimpleSAML\Logger::INFO: \SimpleSAML\Logger::info($message); break; case \SimpleSAML\Logger::NOTICE: \SimpleSAML\Logger::notice($message); break; case \SimpleSAML\Logger::WARNING: \SimpleSAML\Logger::warning($message); } }
// From a remote idp (as bridge) $idp_entityid = $as->getAuthData('saml:sp:IdP'); $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote'); } else { // from the local idp $idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted'); } \SimpleSAML\Logger::debug('consentAdmin: IdP is [' . $idp_entityid . ']'); $source = $idp_metadata['metadata-set'] . '|' . $idp_entityid; // Parse consent config $consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store')); // Calc correct user ID hash $hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source); // Check if button with withdraw all consent was clicked if (array_key_exists('withdraw', $_REQUEST)) { \SimpleSAML\Logger::info('consentAdmin: UserID [' . $hashed_user_id . '] has requested to withdraw all consents given...'); $consent_storage->deleteAllConsents($hashed_user_id); } // Get all consents for user $user_consent_list = $consent_storage->getConsents($hashed_user_id); $consentServices = array(); foreach ($user_consent_list as $c) { $consentServices[$c[1]] = 1; } \SimpleSAML\Logger::debug('consentAdmin: no of consents [' . count($user_consent_list) . '] no of services [' . count($consentServices) . ']'); // Init template $t = new SimpleSAML_XHTML_Template($config, 'consentSimpleAdmin:consentadmin.php'); $t->data['consentServices'] = count($consentServices); $t->data['consents'] = count($user_consent_list); $t->show();
/** * Overriding this function from the superclass SimpleSAML_Metadata_MetaDataStorageSource. * * This function retrieves metadata for the given entity id in the given set of metadata. * It will return NULL if it is unable to locate the metadata. * * This class implements this function using the getMetadataSet-function. A subclass should * override this function if it doesn't implement the getMetadataSet function, or if the * implementation of getMetadataSet is slow. * * @param string $index The entityId or metaindex we are looking up. * @param string $set The set we are looking for metadata in. * * @return array An associative array with metadata for the given entity, or NULL if we are unable to * locate the entity. * @throws \Exception If an error occurs while downloading metadata, validating the signature or writing to cache. */ public function getMetaData($index, $set) { assert('is_string($index)'); assert('is_string($set)'); Logger::info(__CLASS__ . ': loading metadata entity [' . $index . '] from [' . $set . ']'); // read from cache if possible $data = $this->getFromCache($set, $index); if ($data !== null && array_key_exists('expires', $data) && $data['expires'] < time()) { // metadata has expired $data = null; } if (isset($data)) { // metadata found in cache and not expired Logger::debug(__CLASS__ . ': using cached metadata for: ' . $index . '.'); return $data; } // look at Metadata Query Protocol: https://github.com/iay/md-query/blob/master/draft-young-md-query.txt $mdq_url = $this->server . '/entities/' . urlencode($index); Logger::debug(__CLASS__ . ': downloading metadata for "' . $index . '" from [' . $mdq_url . ']'); try { $xmldata = HTTP::fetch($mdq_url); } catch (\Exception $e) { Logger::warning('Fetching metadata for ' . $index . ': ' . $e->getMessage()); } if (empty($xmldata)) { $error = error_get_last(); throw new \Exception('Error downloading metadata for "' . $index . '" from "' . $mdq_url . '": ' . $error['message']); } /** @var string $xmldata */ $entity = \SimpleSAML_Metadata_SAMLParser::parseString($xmldata); Logger::debug(__CLASS__ . ': completed parsing of [' . $mdq_url . ']'); if ($this->validateFingerprint !== null) { if (!$entity->validateFingerprint($this->validateFingerprint)) { throw new \Exception(__CLASS__ . ': error, could not verify signature for entity: ' . $index . '".'); } } $data = self::getParsedSet($entity, $set); if ($data === null) { throw new \Exception(__CLASS__ . ': no metadata for set "' . $set . '" available from "' . $index . '".'); } $this->writeToCache($set, $index, $data); return $data; }