The session handler will be instantiated if this is the first call
to this function.
public static getSessionHandler ( ) : SimpleSAML_SessionHandler | ||
return | SimpleSAML_SessionHandler | The current session handler. |
public function process(&$state) { assert('is_array($state)'); if (empty($state['Expire']) || empty($state['Authority'])) { return; } $now = time(); $delta = $state['Expire'] - $now; $globalConfig = SimpleSAML_Configuration::getInstance(); $sessionDuration = $globalConfig->getInteger('session.duration', 8 * 60 * 60); /* Extend only if half of session duration already passed */ if ($delta >= $sessionDuration * 0.5) { return; } /* Update authority expire time */ $session = SimpleSAML_Session::getSessionFromRequest(); $session->setAuthorityExpire($state['Authority']); /* Update session cookies duration */ /* If remember me is active */ $rememberMeExpire = $session->getRememberMeExpire(); if (!empty($state['RememberMe']) && $rememberMeExpire !== NULL && $globalConfig->getBoolean('session.rememberme.enable', FALSE)) { $session->setRememberMeExpire(); return; } /* Or if session lifetime is more than zero */ $sessionHandler = SimpleSAML_SessionHandler::getSessionHandler(); $cookieParams = $sessionHandler->getCookieParams(); if ($cookieParams['lifetime'] > 0) { $session->updateSessionCookies(); } }
$password = $_REQUEST['password']; } else { $password = ''; } if (array_key_exists('organization', $_REQUEST)) { $organization = $_REQUEST['organization']; } elseif (isset($state['core:organization'])) { $organization = (string) $state['core:organization']; } else { $organization = ''; } $errorCode = NULL; if ($organizations === NULL || !empty($organization)) { if (!empty($username) && !empty($password)) { if ($source->getRememberUsernameEnabled()) { $sessionHandler = SimpleSAML_SessionHandler::getSessionHandler(); $params = $sessionHandler->getCookieParams(); $params['expire'] = time(); $params['expire'] += isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300; setcookie($source->getAuthId() . '-username', $username, $params['expire'], $params['path'], $params['domain'], $params['secure'], $params['httponly']); } $errorCode = sspmod_core_Auth_UserPassOrgBase::handleLogin($authStateId, $username, $password, $organization); } } $globalConfig = SimpleSAML_Configuration::getInstance(); $t = new SimpleSAML_XHTML_Template($globalConfig, 'core:loginuserpass.php'); $t->data['stateparams'] = array('AuthState' => $authStateId); $t->data['username'] = $username; $t->data['forceUsername'] = FALSE; $t->data['rememberUsernameEnabled'] = $source->getRememberUsernameEnabled(); $t->data['rememberUsernameChecked'] = $source->getRememberUsernameChecked();
/** * This function logs the user out by deleting the session information from memcache. */ private function doLogout() { $cookieName = $this->getCookieName(); /* Check if we have a valid cookie. */ if (!array_key_exists($cookieName, $_COOKIE)) { return; } $sessionID = $_COOKIE[$cookieName]; /* Delete the session from memcache. */ $memcache = $this->getMemcache(); $memcache->delete($sessionID); /* Delete the session cookie. */ $sessionHandler = SimpleSAML_SessionHandler::getSessionHandler(); $sessionHandler->setCookie($cookieName, NULL); }
/** * Check whether the session cookie is set. * * This function will only return FALSE if is is certain that the cookie isn't set. * * @return bool TRUE if it was set, FALSE if not. */ public function hasSessionCookie() { $sh = SimpleSAML_SessionHandler::getSessionHandler(); return $sh->hasSessionCookie(); }
/** * Log out of the given sessions. * * @param string $authId The authsource ID. * @param array $nameId The NameID of the user. * @param array $sessionIndexes The SessionIndexes we should log out of. Logs out of all if this is empty. * @returns int|FALSE Number of sessions logged out, or FALSE if not supported. */ public static function logoutSessions($authId, array $nameId, array $sessionIndexes) { assert('is_string($authId)'); $store = SimpleSAML_Store::getInstance(); if ($store === FALSE) { /* We don't have a datastore. */ return FALSE; } /* Normalize NameID. */ ksort($nameId); $strNameId = serialize($nameId); $strNameId = sha1($strNameId); /* Normalize SessionIndexes. */ foreach ($sessionIndexes as &$sessionIndex) { assert('is_string($sessionIndex)'); if (strlen($sessionIndex) > 50) { $sessionIndex = sha1($sessionIndex); } } unset($sessionIndex); // Remove reference if ($store instanceof SimpleSAML_Store_SQL) { $sessions = self::getSessionsSQL($store, $authId, $strNameId); } elseif (empty($sessionIndexes)) { /* We cannot fetch all sessions without a SQL store. */ return FALSE; } else { $sessions = self::getSessionsStore($store, $authId, $strNameId, $sessionIndexes); } if (empty($sessionIndexes)) { $sessionIndexes = array_keys($sessions); } $sessionHandler = SimpleSAML_SessionHandler::getSessionHandler(); $numLoggedOut = 0; foreach ($sessionIndexes as $sessionIndex) { if (!isset($sessions[$sessionIndex])) { SimpleSAML_Logger::info('saml.LogoutStore: Logout requested for unknown SessionIndex.'); continue; } $sessionId = $sessions[$sessionIndex]; $session = SimpleSAML_Session::getSession($sessionId); if ($session === NULL) { SimpleSAML_Logger::info('saml.LogoutStore: Skipping logout of missing session.'); continue; } if (!$session->isValid($authId)) { SimpleSAML_Logger::info('saml.LogoutStore: Skipping logout of session because it isn\'t authenticated.'); continue; } SimpleSAML_Logger::info('saml.LogoutStore: Logging out of session with trackId [' . $session->getTrackId() . '].'); $session->doLogout($authId); $numLoggedOut += 1; } return $numLoggedOut; }
/** * Save the session to the session handler. * * This function will check the dirty-flag to check if the session has changed. */ public function saveSession() { if (!$this->dirty) { /* Session hasn't changed - don't bother saving it. */ return; } $this->dirty = FALSE; $sessionData = serialize($this); $sh = SimpleSAML_SessionHandler::getSessionHandler(); $sh->set('SimpleSAMLphp_SESSION', $sessionData); }