Load a configuration file from a configuration set.
| public static getConfig ( string $filename = 'config.php', string $configSet = 'simplesaml' ) : SimpleSAML_Configuration | ||
| $filename | string | The name of the configuration file. |
| $configSet | string | The configuration set. Optional, defaults to 'simplesaml'. |
| return | SimpleSAML_Configuration | The SimpleSAML_Configuration object. |
/**
* Delete the ARP identified by the aid.
*
* @return PDOStatement|false The statement or false on error.
*/
public function delete()
{
if (empty($this->_aid)) {
SimpleSAML_Logger::error('JANUS:ARP:delete - aid needs to be set.');
return false;
}
$deleteStatement = $this->execute('UPDATE ' . self::$prefix . 'arp SET
`deleted` = ?
WHERE `aid` = ?;', array(date('c'), $this->_aid));
if ($deleteStatement === false) {
return false;
}
// Get all entities with the just removed ARP
$st = $this->execute('SELECT eid
FROM ' . self::$prefix . 'entity
WHERE `arp` = ?;', array($this->_aid));
if (!$st) {
return $deleteStatement;
}
$janus_config = SimpleSAML_Configuration::getConfig('module_janus.php');
$controller = new sspmod_janus_EntityController($janus_config);
// Remove the ARP from all entities
$entity_rows = $st->fetchAll();
foreach ($entity_rows as $entity_row) {
$controller->setEntity($entity_row['eid']);
$controller->loadEntity();
$controller->setArp('0');
$controller->saveEntity();
}
return $deleteStatement;
}
/**
* instantiate the postman
*
* @since Method available since Release 1.2.0
*/
public function __construct()
{
$this->_config = SimpleSAML_Configuration::getConfig('module_janus.php');
// Send DB config to parent class
parent::__construct($this->_config->getValue('store'));
$this->_paginate = $this->_config->getValue('dashboard.inbox.paginate_by', 20);
}
/**
* Hook to run a cron job.
*
* @param array &$croninfo Output
*/
function statistics_hook_cron(&$croninfo)
{
assert('is_array($croninfo)');
assert('array_key_exists("summary", $croninfo)');
assert('array_key_exists("tag", $croninfo)');
$statconfig = SimpleSAML_Configuration::getConfig('module_statistics.php');
if (is_null($statconfig->getValue('cron_tag', NULL))) {
return;
}
if ($statconfig->getValue('cron_tag', NULL) !== $croninfo['tag']) {
return;
}
$maxtime = $statconfig->getInteger('time_limit', NULL);
if ($maxtime) {
set_time_limit($maxtime);
}
try {
$aggregator = new sspmod_statistics_Aggregator();
$results = $aggregator->aggregate();
if (empty($results)) {
SimpleSAML\Logger::notice('Output from statistics aggregator was empty.');
} else {
$aggregator->store($results);
}
} catch (Exception $e) {
$message = 'Loganalyzer threw exception: ' . $e->getMessage();
SimpleSAML\Logger::warning($message);
$croninfo['summary'][] = $message;
}
}
/**
* Hook to run a cron job.
*
* @param array &$croninfo Output
*/
function sanitycheck_hook_cron(&$croninfo)
{
assert('is_array($croninfo)');
assert('array_key_exists("summary", $croninfo)');
assert('array_key_exists("tag", $croninfo)');
SimpleSAML_Logger::info('cron [sanitycheck]: Running cron in cron tag [' . $croninfo['tag'] . '] ');
try {
$sconfig = SimpleSAML_Configuration::getConfig('config-sanitycheck.php');
if (is_null($sconfig->getValue('cron_tag', NULL))) {
return;
}
if ($sconfig->getValue('cron_tag', NULL) !== $croninfo['tag']) {
return;
}
$info = array();
$errors = array();
$hookinfo = array('info' => &$info, 'errors' => &$errors);
SimpleSAML_Module::callHooks('sanitycheck', $hookinfo);
if (count($errors) > 0) {
foreach ($errors as $err) {
$croninfo['summary'][] = 'Sanitycheck error: ' . $err;
}
}
} catch (Exception $e) {
$croninfo['summary'][] = 'Error executing sanity check: ' . $e->getMessage();
}
}
/**
* Hook to do santity checks
*
* @param array &$hookinfo hookinfo
*/
function statistics_hook_sanitycheck(&$hookinfo)
{
assert('is_array($hookinfo)');
assert('array_key_exists("errors", $hookinfo)');
assert('array_key_exists("info", $hookinfo)');
try {
$statconfig = SimpleSAML_Configuration::getConfig('module_statistics.php');
} catch (Exception $e) {
$hookinfo['errors'][] = '[statistics] Could not get configuration: ' . $e->getMessage();
return;
}
$statdir = $statconfig->getValue('statdir');
$inputfile = $statconfig->getValue('inputfile');
if (file_exists($statdir)) {
$hookinfo['info'][] = '[statistics] Statistics dir [' . $statdir . '] exists';
if (is_writable($statdir)) {
$hookinfo['info'][] = '[statistics] Statistics dir [' . $statdir . '] is writable';
} else {
$hookinfo['errors'][] = '[statistics] Statistics dir [' . $statdir . '] is not writable';
}
} else {
$hookinfo['errors'][] = '[statistics] Statistics dir [' . $statdir . '] does not exists';
}
if (file_exists($inputfile)) {
$hookinfo['info'][] = '[statistics] Input file [' . $inputfile . '] exists';
} else {
$hookinfo['errors'][] = '[statistics] Input file [' . $inputfile . '] does not exists';
}
}
protected function _loadEntityMetadata($entityId)
{
$janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
$entityController = new sspmod_janus_EntityController($janusConfig);
$entityController->setEntity($entityId);
$entityController->loadEntity();
$this->_entityMetadata = $entityController->getMetaArray();
}
/**
* Initialize the SQL datastore.
*/
protected function __construct()
{
$config = \SimpleSAML_Configuration::getInstance();
$dbalconfig = \SimpleSAML_Configuration::getConfig('module_dbal.php');
$this->prefix = $config->getString('store.sql.prefix', 'simpleSAMLphp');
$this->kvstorePrefix = $this->prefix . '_kvstore';
$connectionParams = array('driver' => $dbalconfig->getString('store.dbal.driver'), 'user' => $dbalconfig->getString('store.dbal.user', null), 'password' => $dbalconfig->getString('store.dbal.password', null), 'host' => $dbalconfig->getString('store.dbal.host', 'localhost'), 'dbname' => $dbalconfig->getString('store.dbal.dbname'));
$this->conn = DriverManager::getConnection($connectionParams);
}
protected function _loadEntity($entityId)
{
$janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
$entityController = new sspmod_janus_EntityController($janusConfig);
$entityController->setEntity($entityId);
$entityController->loadEntity();
$this->_entityController = $entityController;
return $entityController ? true : false;
}
/**
* Hook to run a cron job.
*
* @param array &$croninfo Output
*/
function cron_hook_cron(&$croninfo)
{
assert('is_array($croninfo)');
assert('array_key_exists("summary", $croninfo)');
assert('array_key_exists("tag", $croninfo)');
$cronconfig = SimpleSAML_Configuration::getConfig('module_cron.php');
if ($cronconfig->getValue('debug_message', TRUE)) {
$croninfo['summary'][] = 'Cron did run tag [' . $croninfo['tag'] . '] at ' . date(DATE_RFC822);
}
}
/**
* Initializes this discovery service.
*
* The constructor does the parsing of the request. If this is an invalid request, it will
* throw an exception.
*
* @param array $metadataSets Array with metadata sets we find remote entities in.
* @param string $instance The name of this instance of the discovery service.
*/
public function __construct(array $metadataSets, $instance)
{
parent::__construct($metadataSets, $instance);
$this->discoconfig = SimpleSAML_Configuration::getConfig('module_discopower.php');
$this->cdcDomain = $this->discoconfig->getString('cdc.domain', NULL);
if ($this->cdcDomain !== NULL && $this->cdcDomain[0] !== '.') {
/* Ensure that the CDC domain starts with a dot ('.') as required by the spec. */
$this->cdcDomain = '.' . $this->cdcDomain;
}
$this->cdcLifetime = $this->discoconfig->getInteger('cdc.lifetime', NULL);
}
protected function __construct()
{
$config = SimpleSAML_Configuration::getConfig('module_riak.php');
$path = $config->getString('path', 'riak-php-client/riak.php');
$host = $config->getString('host', 'localhost');
$port = $config->getString('port', 8098);
$bucket = $config->getString('bucket', 'simpleSAMLphp');
require_once $path;
$this->client = new RiakClient($host, $port);
$this->bucket = $this->client->bucket($bucket);
}
/**
* Constructor
*/
public function __construct($inputfile = NULL)
{
$this->statconfig = SimpleSAML_Configuration::getConfig('module_statistics.php');
$this->statdir = $this->statconfig->getValue('statdir');
$this->inputfile = $this->statconfig->getValue('inputfile');
$this->statrules = $this->statconfig->getValue('statrules');
$this->offset = $this->statconfig->getValue('offset', 0);
if (isset($inputfile)) {
$this->inputfile = $inputfile;
}
}
private static function instantiateLdapStorage()
{
$selfRegConf = SimpleSAML_Configuration::getConfig('module_selfregister.php');
$writeConf = $selfRegConf->getArray('ldap');
$auth = $selfRegConf->getString('auth');
$authsources = SimpleSAML_Configuration::getConfig('authsources.php');
$authConf = $authsources->getArray($auth);
$attributes = $selfRegConf->getArray('attributes');
$ldap = new sspmod_selfregister_Storage_LdapMod($authConf, $writeConf, $attributes);
return $ldap;
}
public static function checkLoggedAndSameAuth()
{
$session = SimpleSAML_Session::getSessionFromRequest();
$uregconf = SimpleSAML_Configuration::getConfig('module_selfregister.php');
$asId = $uregconf->getString('auth');
$as = new SimpleSAML_Auth_Simple($asId);
if ($as->isAuthenticated()) {
return $as;
}
return false;
}
private static function instantiateSqlStorage()
{
$authsources = SimpleSAML_Configuration::getConfig('authsources.php');
$selAuthSource = self::getAuthSourceSelection();
$authConf = $authsources->getArray($selAuthSource);
$selfRegConf = SimpleSAML_Configuration::getConfig('module_selfregister.php');
$attributes = $selfRegConf->getArray('attributes');
$writeConf = $selfRegConf->getArray('sql');
$hashAlgo = $selfRegConf->getString('hash.algo');
$sql = new sspmod_selfregister_Storage_SqlMod($authConf, $writeConf, $attributes, $hashAlgo);
return $sql;
}
/**
* Initializes the SimpleSAML_MetaShare_Store object. Only called by the getInstance
* singleton accessor.
*/
private function __construct()
{
$metaConfig = SimpleSAML_Configuration::getConfig('metashare.php');
$this->metadataPath = $metaConfig->getString('metashare.path');
$this->metadataPath = SimpleSAML_Utilities::resolvePath($this->metadataPath);
if (!is_dir($this->metadataPath)) {
$ret = mkdir($this->metadataPath, 0755, TRUE);
if (!$ret) {
throw new Exception('Unable to create directory: ' . $this->metadataPath);
}
}
}
/**
* Constructor
*/
public function __construct($fromcmdline = FALSE)
{
$this->fromcmdline = $fromcmdline;
$this->statconfig = SimpleSAML_Configuration::getConfig('module_statistics.php');
$this->statdir = $this->statconfig->getValue('statdir');
$this->inputfile = $this->statconfig->getValue('inputfile');
$this->statrules = $this->statconfig->getValue('statrules');
$this->timeres = $this->statconfig->getValue('timeres');
$this->offset = $this->statconfig->getValue('offset', 0);
$this->metadata = NULL;
$this->starttime = time();
}
public static function getInstance()
{
if (self::$instance !== null) {
return self::$instance;
}
$config = \SimpleSAML_Configuration::getConfig();
$defaultLocale = $config->getString('language.default', 'en');
self::$instance = new BaseTranslator($defaultLocale, new MessageSelector());
self::$instance->addLoader('yaml', new YamlFileLoader());
self::$instance->setFallbackLocales([$defaultLocale]);
return self::$instance;
}
public static function checkLoggedAndSameAuth()
{
$session = SimpleSAML_Session::getInstance();
if ($session->isAuthenticated()) {
$uregconf = SimpleSAML_Configuration::getConfig('module_selfregister.php');
/* Get a reference to our authentication source. */
$asId = $uregconf->getString('auth');
if ($session->getAuthority() == $asId) {
return new SimpleSAML_Auth_Simple($asId);
}
}
return false;
}
/**
* @inheritDoc
*/
public function getScopeEntityByIdentifier($identifier)
{
$oauth2config = \SimpleSAML_Configuration::getConfig('module_oauth2.php');
$scopes = $oauth2config->getArray('scopes');
if (array_key_exists($identifier, $scopes) === false) {
return;
}
$scope = new ScopeEntity();
$scope->setIdentifier($identifier);
$scope->setIcon($scopes[$identifier]['icon']);
$scope->setDescription($scopes[$identifier]['description']);
$scope->setAttributes($scopes[$identifier]['attributes']);
return $scope;
}
public function validate()
{
$entityType = $this->_entityController->getEntity()->getType();
if ($entityType == 'saml20-idp') {
$idpMetadataConfig = $this->_loadExpandedMetadataConfig(SimpleSAML_Configuration::getConfig('module_janus.php')->getArray('metadatafields.saml20-idp'));
$this->_validate($idpMetadataConfig);
} else {
if ($entityType == 'saml20-sp') {
$spMetadataConfig = $this->_loadExpandedMetadataConfig(SimpleSAML_Configuration::getConfig('module_janus.php')->getArray('metadatafields.saml20-sp'));
$this->_validate($spMetadataConfig);
} else {
$_errors[] = 'Unknown Entity Type';
}
}
}
/**
* Hook to run a cron job.
*
* @param array &$croninfo Output
*/
function metarefresh_hook_cron(&$croninfo)
{
assert('is_array($croninfo)');
assert('array_key_exists("summary", $croninfo)');
assert('array_key_exists("tag", $croninfo)');
SimpleSAML_Logger::info('cron [metarefresh]: Running cron in cron tag [' . $croninfo['tag'] . '] ');
try {
$config = SimpleSAML_Configuration::getInstance();
$mconfig = SimpleSAML_Configuration::getConfig('config-metarefresh.php');
$sets = $mconfig->getConfigList('sets');
foreach ($sets as $setkey => $set) {
// Only process sets where cron matches the current cron tag.
$cronTags = $set->getArray('cron');
if (!in_array($croninfo['tag'], $cronTags)) {
continue;
}
SimpleSAML_Logger::info('cron [metarefresh]: Executing set [' . $setkey . ']');
$expireAfter = $set->getInteger('expireAfter', NULL);
if ($expireAfter !== NULL) {
$expire = time() + $expireAfter;
} else {
$expire = NULL;
}
$metaloader = new sspmod_metarefresh_MetaLoader($expire);
foreach ($set->getArray('sources') as $source) {
SimpleSAML_Logger::debug('cron [metarefresh]: In set [' . $setkey . '] loading source [' . $source['src'] . ']');
$metaloader->loadSource($source);
}
$outputDir = $set->getString('outputDir');
$outputDir = $config->resolvePath($outputDir);
$outputFormat = $set->getValueValidate('outputFormat', array('flatfile', 'serialize'), 'flatfile');
switch ($outputFormat) {
case 'flatfile':
$metaloader->writeMetadataFiles($outputDir);
break;
case 'serialize':
$metaloader->writeMetadataSerialize($outputDir);
break;
}
if ($set->hasValue('arp')) {
$arpconfig = SimpleSAML_Configuration::loadFromArray($set->getValue('arp'));
$metaloader->writeARPfile($arpconfig);
}
}
} catch (Exception $e) {
$croninfo['summary'][] = 'Error during metarefresh: ' . $e->getMessage();
}
}
/**
*
* @param array &$hookinfo hookinfo
*/
function consentSimpleAdmin_hook_sanitycheck(&$hookinfo)
{
assert('is_array($hookinfo)');
assert('array_key_exists("errors", $hookinfo)');
assert('array_key_exists("info", $hookinfo)');
try {
$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');
// Parse consent config
$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));
// Get all consents for user
$stats = $consent_storage->getStatistics();
$hookinfo['info'][] = '[consentSimpleAdmin] Consent Storage connection OK.';
} catch (Exception $e) {
$hookinfo['errors'][] = '[consentSimpleAdmin] Error connecting to storage: ' . $e->getMessage();
}
}
/**
* Initialize a CDC server.
*
* @param string $domain The domain we are a server for.
*/
public function __construct($domain)
{
assert('is_string($domain)');
$cdcConfig = SimpleSAML_Configuration::getConfig('module_cdc.php');
$config = $cdcConfig->getConfigItem($domain, NULL);
if ($config === NULL) {
throw new SimpleSAML_Error_Exception('Unknown CDC domain: ' . var_export($domain, TRUE));
}
$this->domain = $domain;
$this->server = $config->getString('server');
$this->key = $config->getString('key');
$this->cookieLifetime = $config->getInteger('cookie.lifetime', 0);
if ($this->key === 'ExampleSharedKey') {
throw new SimpleSAML_Error_Exception('Key for CDC domain ' . var_export($domain, TRUE) . ' not changed from default.');
}
}
public function __construct($metadata)
{
$this->config = SimpleSAML_Configuration::getConfig('module_aa.php');
$this->signAssertion = false;
if ($this->config->hasValue('signAssertion')) {
$this->signAssertion = $this->config->getBoolean('signAssertion');
}
$this->signResponse = true;
if ($this->config->hasValue('signResponse')) {
$this->signResponse = $this->config->getBoolean('signResponse');
}
$this->binding = $this->getBinding();
$this->query = $this->getQuery();
$this->attributeNameFormat = $this->getAttributeNameFormat();
$this->getEntities($metadata);
}
/**
* Constructor for this authentication source.
*
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
public function __construct($info, $config) {
assert('is_array($info)');
assert('is_array($config)');
/* Call the parent constructor first, as required by the interface. */
parent::__construct($info, $config);
if (!array_key_exists('sources', $config)) {
throw new Exception('The required "sources" config option was not found');
}
$globalConfiguration = SimpleSAML_Configuration::getInstance();
$defaultLanguage = $globalConfiguration->getString('language.default', 'en');
$authsources = SimpleSAML_Configuration::getConfig('authsources.php');
$this->sources = array();
foreach($config['sources'] as $source => $info) {
if (is_int($source)) { // Backwards compatibility
$source = $info;
$info = array();
}
if (array_key_exists('text', $info)) {
$text = $info['text'];
} else {
$text = array($defaultLanguage => $source);
}
if (array_key_exists('css-class', $info)) {
$css_class = $info['css-class'];
} else {
/* Use the authtype as the css class */
$authconfig = $authsources->getArray($source, NULL);
if (!array_key_exists(0, $authconfig) || !is_string($authconfig[0])) {
$css_class = "";
} else {
$css_class = str_replace(":", "-", $authconfig[0]);
}
}
$this->sources[] = array(
'source' => $source,
'text' => $text,
'css_class' => $css_class,
);
}
}
protected function _loadEntityCertificate($entityId)
{
$janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
$entityController = new sspmod_janus_EntityController($janusConfig);
$entityController->setEntity($entityId);
$entityController->loadEntity();
try {
$certificate = $entityController->getCertificate();
} catch (Exception $e) {
$this->_response->Errors[] = "Certificate data invalid!";
return false;
}
if (!$certificate) {
$this->_response->Warnings[] = "No certificate data for this entity";
return false;
}
$this->_certificate = $certificate;
return true;
}
/**
* The constructor for the OpenID provider class.
*
* Initializes and validates the configuration.
*/
private function __construct()
{
$config = SimpleSAML_Configuration::getConfig('module_openidProvider.php');
$this->authSource = new SimpleSAML_Auth_Simple($config->getString('auth'));
$this->usernameAttribute = $config->getString('username_attribute');
try {
$store = new Auth_OpenID_FileStore($config->getString('filestore'));
$this->server = new Auth_OpenID_Server($store, $this->getServerURL());
} catch (Exception $e) {
throw $e;
}
$this->trustStoreDir = realpath($config->getString('filestore')) . '/truststore';
if (!is_dir($this->trustStoreDir)) {
$res = mkdir($this->trustStoreDir, 0777, TRUE);
if (!$res) {
throw new SimpleSAML_Error_Exception('Failed to create directory: ' . $this->trustStoreDir);
}
}
}
/**
* Create a new Databse object
*
* The constructor takes the configuration and checks that all parameters is
* corect. An exception will be throwen if the configuration parameters is
* not known by the class. The constructor do not initiate the connection to
* the database. This will be done when the method {@link execute()
* execute} is called.
*
* @param array|null $parsedconfig Configuration for database
*
* @throws SimpleSAML_Error_Exception
*/
protected function __construct($parsedconfig = null)
{
$config = SimpleSAML_Configuration::getConfig('module_janus.php');
$config = $config->getArray('store');
if (isset($parsedconfig) && is_array($parsedconfig)) {
$config = $parsedconfig;
}
foreach (array('dsn', 'username', 'password') as $id) {
if (!array_key_exists($id, $config)) {
throw new SimpleSAML_Error_Exception('JANUS:Database - Missing required option \'' . $id . '\'.');
}
if (!is_string($config[$id])) {
throw new SimpleSAML_Error_Exception('JANUS:Database - \'' . $id . '\' is supposed to be a string.');
}
self::$_dsn = $config['dsn'];
self::$_username = $config['username'];
self::$_password = $config['password'];
self::$prefix = $config['prefix'];
}
}
/**
* Initialize login.
*
* This function saves the information about the login, and redirects to a
* login page.
*
* @param array &$state Information about the current authentication.
*/
public function authenticate(&$state)
{
assert('is_array($state)');
$config = SimpleSAML_Configuration::getConfig('authsources.php');
$state[sspmod_authTiqr_Auth_Tiqr::CONFIGID] = $config->getArray(self::getAuthId(), array());
/* We are going to need the authId in order to retrieve this authentication source later. */
$state[self::AUTHID] = $this->authId;
$id = SimpleSAML_Auth_State::saveState($state, sspmod_authTiqr_Auth_Tiqr::STAGEID);
$server = sspmod_authTiqr_Auth_Tiqr::getServer(false);
$session = SimpleSAML_Session::getSessionFromRequest();
$sessionId = $session->getSessionId();
$user = $server->getAuthenticatedUser($sessionId);
if (empty($user)) {
$url = SimpleSAML_Module::getModuleURL('authTiqr/login.php');
SimpleSAML_Utilities::redirect($url, array('AuthState' => $id));
} else {
$attributes = array('uid' => array($user), 'displayName' => array(sspmod_authTiqr_Auth_Tiqr::getUserStorage()->getDisplayName($user)));
$attributes = array_merge($attributes, sspmod_authTiqr_Auth_Tiqr::getUserStorage()->getAdditionalAttributes($user));
$state['Attributes'] = $attributes;
}
}