private function importParsedMetadata($parsedMetadata)
{
// If metadata was not parsed
if ($parsedMetadata === null) {
SimpleSAML_Logger::error('Importer - Metadata was not parsed');
return 'error_metadata_not_parsed';
}
if (isset($parsedMetadata['expire']) && $parsedMetadata['expire'] < time()) {
SimpleSAML_Logger::error('Importer - Metadata was not parsed due expiration');
return 'error_metadata_not_parsed_due_expiration';
}
// Remove entity descriptor
unset($parsedMetadata['entityDescriptor']);
unset($parsedMetadata['metadata-set']);
// Validate that entity id is the same for imported metadata and entity
if ($parsedMetadata['entityid'] != $this->_entityId) {
SimpleSAML_Logger::error('Importer - EntityId does not match');
return 'error_entityid_no_match';
} else {
unset($parsedMetadata['entityid']);
}
$parsedMetadata = $this->_removeUnusedContacts($parsedMetadata);
$parsedMetadata = $this->_removeNonSaml2Services($parsedMetadata);
$parsedMetadata = $this->_applyRequestedAttributesAsArp($parsedMetadata);
$converter = sspmod_janus_DiContainer::getInstance()->getMetaDataConverter();
$parsedMetadata = $converter->execute($parsedMetadata);
$msg = $this->_addCertificateMetaData($parsedMetadata);
if ($msg) {
return $msg;
}
foreach ($parsedMetadata as $key => $value) {
if (!empty($this->_excludedMetadataKeys) && in_array($key, $this->_excludedMetadataKeys)) {
continue;
}
if ($this->_entityController->hasMetadata($key)) {
if (!$this->_entityController->updateMetadata($key, $value)) {
SimpleSAML_Logger::info('Importer - Metadata field ' . $key . ' with value ' . $value . ' was not added.');
} else {
$this->_updated = true;
}
} else {
if (!$this->_entityController->addMetadata($key, $value)) {
SimpleSAML_Logger::info('Importer - Metadata field ' . $key . ' with value ' . $value . ' was not added.');
} else {
$this->_updated = true;
}
}
}
return 'status_metadata_parsed_ok';
}
$arp = new sspmod_janus_ARP();
$arp->setName($key);
$arp->setAttributes($v);
$arp->save();
$econtroller->setArp($arp->getAid());
}
if ($k == 'name') {
$k = 'entity:name';
}
if ($k == 'description') {
$k = 'entity:description';
}
echo '<br>Key: ' . $k . '<br>';
if (is_string($v)) {
echo '<br/>Insert ' . $v . '<br/>';
if (!$econtroller->addMetadata($k, $v)) {
$econtroller->updateMetadata($k, $v);
echo 'Updated<br>';
} else {
echo 'Added<br>';
}
} else {
if (is_array($v)) {
foreach ($v as $sk => $sv) {
if (is_string($sk)) {
$newkey = $k . ':' . $sk;
} else {
$newkey = $k;
}
echo '<br/>Insert ' . $sv . '<br/>';
if (!$econtroller->addMetadata($newkey, $sv)) {
/**
* Create new entity with parsed entityid
*
* Create a new entity and give the user access to the entity.
*
* @param string $entityid Entity id for the new entity
* @param string $type Entity type
*
* @return sspmod_janus_Entity|bool Returns the entity or false on error.
* @since Method available since Release 1.0.0
*/
public function createNewEntity($entityid, $type)
{
assert('is_string($entityid)');
assert('is_string($type)');
if ($this->isEntityIdInUse($entityid, $errorMessage)) {
return $errorMessage;
}
if ($this->hasEntityIdBeenUsed($entityid, $errorMessage)) {
return $errorMessage;
}
$startstate = $this->_config->getString('workflowstate.default');
// Get the default ARP
$default_arp = '0';
$st = $this->execute("SELECT aid FROM " . self::$prefix . "arp WHERE is_default = TRUE AND deleted = ''");
if ($st) {
$rows = $st->fetchAll();
if (count($rows) === 1) {
$default_arp = $rows[0]['aid'];
}
}
// Instantiate a new entity
$entity = new sspmod_janus_Entity($this->_config, true);
$entity->setEntityid($entityid);
$entity->setWorkflow($startstate);
$entity->setType($type);
$entity->setArp($default_arp);
$entity->setUser($this->_user->getUid());
$entity->setRevisionnote('Entity created.');
$entity->save();
$st = $this->execute('INSERT INTO ' . self::$prefix . 'hasEntity
(`uid`, `eid`, `created`, `ip`)
VALUES
(?, ?, ?, ?);', array($this->_user->getUid(), $entity->getEid(), date('c'), $_SERVER['REMOTE_ADDR']));
if ($st === false) {
return 'error_db';
}
$ec = new sspmod_janus_EntityController($this->_config);
$ec->setEntity($entity);
$update = false;
// Get metadatafields for new type
$nm_mb = new sspmod_janus_MetadatafieldBuilder($this->_config->getArray('metadatafields.' . $type));
$metadatafields = $nm_mb->getMetadatafields();
// Add all required fileds
foreach ($metadatafields as $mf) {
if (isset($mf->required) && $mf->required === true) {
$ec->addMetadata($mf->name, $mf->default);
$update = true;
}
}
if ($update === true) {
$ec->saveEntity();
}
// Reset list of entities
$this->_entities = null;
$this->_loadEntities();
return $entity->getEid();
}
// Added persistent, transient and unspecified to all entities as valid NameIDFormats
/**
* DbPatch makes the following variables available to PHP patches:
*
* @var $this DbPatch_Command_Patch_PHP
* @var $writer DbPatch_Core_Writer
* @var $db Zend_Db_Adapter_Abstract
* @var $phpFile string
*/
define('SAML2_NAME_ID_FORMAT_UNSPECIFIED', 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified');
define('SAML2_NAME_ID_FORMAT_TRANSIENT', 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient');
define('SAML2_NAME_ID_FORMAT_PERSISTENT', 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent');
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
$janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
$userController = new sspmod_janus_UserController($janusConfig, sspmod_janus_DiContainer::getInstance()->getSecurityContext());
$userController->setUser('engine');
$entities = $userController->getEntities();
/** @var sspmod_janus_Entity $entity */
foreach ($entities as $entity) {
if ($entity->getType() != 'saml20-sp') {
continue;
}
$entity->setRevisionnote('patch-0015.php: Added persistent, transient and unspecified to all entities as valid NameIDFormats');
$entityController = new sspmod_janus_EntityController($janusConfig);
$entityController->setEntity($entity);
$entityController->addMetadata('NameIDFormats:0', SAML2_NAME_ID_FORMAT_PERSISTENT);
$entityController->addMetadata('NameIDFormats:1', SAML2_NAME_ID_FORMAT_TRANSIENT);
$entityController->addMetadata('NameIDFormats:2', SAML2_NAME_ID_FORMAT_UNSPECIFIED);
$entityController->saveEntity();
}
}
}
// Metadata
if (!empty($_POST['meta_value']) && $guard->hasPermission('addmetadata', $entity->getWorkflow(), $user->getType())) {
foreach ($_POST['meta_value'] as $k => $v) {
// If field is boolean
if (substr($k, -4) == 'TRUE') {
$k = substr($k, 0, -5);
$v = true;
} else {
if (substr($k, -5) == 'FALSE') {
$k = substr($k, 0, -6);
$v = false;
}
}
if ($mcontroller->addMetadata($k, $v)) {
$update = TRUE;
$note .= 'Metadata added: ' . $k . ' => ' . $v . '<br />';
}
}
}
// Update metadata
if ($guard->hasPermission('modifymetadata', $entity->getWorkflow(), $user->getType())) {
foreach ($_POST as $key => $value) {
//Metadata
if (substr($key, 0, 14) == 'edit-metadata-') {
if (!is_array($value)) {
$newkey = substr($key, 14, strlen($key));
// If field is boolean
if (substr($newkey, -4) == 'TRUE') {
$newkey = substr($newkey, 0, -5);
