/** * Save the current IdP choice to a cookie. * * This function overrides the corresponding function in the parent class, * to add support for common domain cookie. * * @param string $idp The entityID of the IdP. */ protected function setPreviousIdP($idp) { assert('is_string($idp)'); if ($this->cdcDomain === NULL) { parent::setPreviousIdP($idp); return; } $list = $this->getCDC(); $prevIndex = array_search($idp, $list, TRUE); if ($prevIndex !== FALSE) { unset($list[$prevIndex]); } $list[] = $idp; foreach ($list as &$value) { $value = base64_encode($value); } $newCookie = implode(' ', $list); while (strlen($newCookie) > 4000) { /* The cookie is too long. Remove the oldest elements until it is short enough. */ $tmp = explode(' ', $newCookie, 2); if (count($tmp) === 1) { /* * We are left with a single entityID whose base64 * representation is too long to fit in a cookie. */ break; } $newCookie = $tmp[1]; } $params = array('lifetime' => $this->cdcLifetime, 'domain' => $this->cdcDomain, 'secure' => TRUE, 'httponly' => FALSE); SimpleSAML_Utilities::setCookie('_saml_idp', $newCookie, $params, FALSE); }