private function importParsedMetadata($parsedMetadata) { // If metadata was not parsed if ($parsedMetadata === null) { SimpleSAML_Logger::error('Importer - Metadata was not parsed'); return 'error_metadata_not_parsed'; } if (isset($parsedMetadata['expire']) && $parsedMetadata['expire'] < time()) { SimpleSAML_Logger::error('Importer - Metadata was not parsed due expiration'); return 'error_metadata_not_parsed_due_expiration'; } // Remove entity descriptor unset($parsedMetadata['entityDescriptor']); unset($parsedMetadata['metadata-set']); // Validate that entity id is the same for imported metadata and entity if ($parsedMetadata['entityid'] != $this->_entityId) { SimpleSAML_Logger::error('Importer - EntityId does not match'); return 'error_entityid_no_match'; } else { unset($parsedMetadata['entityid']); } $parsedMetadata = $this->_removeUnusedContacts($parsedMetadata); $parsedMetadata = $this->_removeNonSaml2Services($parsedMetadata); $parsedMetadata = $this->_applyRequestedAttributesAsArp($parsedMetadata); $converter = sspmod_janus_DiContainer::getInstance()->getMetaDataConverter(); $parsedMetadata = $converter->execute($parsedMetadata); $msg = $this->_addCertificateMetaData($parsedMetadata); if ($msg) { return $msg; } foreach ($parsedMetadata as $key => $value) { if (!empty($this->_excludedMetadataKeys) && in_array($key, $this->_excludedMetadataKeys)) { continue; } if ($this->_entityController->hasMetadata($key)) { if (!$this->_entityController->updateMetadata($key, $value)) { SimpleSAML_Logger::info('Importer - Metadata field ' . $key . ' with value ' . $value . ' was not added.'); } else { $this->_updated = true; } } else { if (!$this->_entityController->addMetadata($key, $value)) { SimpleSAML_Logger::info('Importer - Metadata field ' . $key . ' with value ' . $value . ' was not added.'); } else { $this->_updated = true; } } } return 'status_metadata_parsed_ok'; }
$arp = new sspmod_janus_ARP(); $arp->setName($key); $arp->setAttributes($v); $arp->save(); $econtroller->setArp($arp->getAid()); } if ($k == 'name') { $k = 'entity:name'; } if ($k == 'description') { $k = 'entity:description'; } echo '<br>Key: ' . $k . '<br>'; if (is_string($v)) { echo '<br/>Insert ' . $v . '<br/>'; if (!$econtroller->addMetadata($k, $v)) { $econtroller->updateMetadata($k, $v); echo 'Updated<br>'; } else { echo 'Added<br>'; } } else { if (is_array($v)) { foreach ($v as $sk => $sv) { if (is_string($sk)) { $newkey = $k . ':' . $sk; } else { $newkey = $k; } echo '<br/>Insert ' . $sv . '<br/>'; if (!$econtroller->addMetadata($newkey, $sv)) {
/** * Create new entity with parsed entityid * * Create a new entity and give the user access to the entity. * * @param string $entityid Entity id for the new entity * @param string $type Entity type * * @return sspmod_janus_Entity|bool Returns the entity or false on error. * @since Method available since Release 1.0.0 */ public function createNewEntity($entityid, $type) { assert('is_string($entityid)'); assert('is_string($type)'); if ($this->isEntityIdInUse($entityid, $errorMessage)) { return $errorMessage; } if ($this->hasEntityIdBeenUsed($entityid, $errorMessage)) { return $errorMessage; } $startstate = $this->_config->getString('workflowstate.default'); // Get the default ARP $default_arp = '0'; $st = $this->execute("SELECT aid FROM " . self::$prefix . "arp WHERE is_default = TRUE AND deleted = ''"); if ($st) { $rows = $st->fetchAll(); if (count($rows) === 1) { $default_arp = $rows[0]['aid']; } } // Instantiate a new entity $entity = new sspmod_janus_Entity($this->_config, true); $entity->setEntityid($entityid); $entity->setWorkflow($startstate); $entity->setType($type); $entity->setArp($default_arp); $entity->setUser($this->_user->getUid()); $entity->setRevisionnote('Entity created.'); $entity->save(); $st = $this->execute('INSERT INTO ' . self::$prefix . 'hasEntity (`uid`, `eid`, `created`, `ip`) VALUES (?, ?, ?, ?);', array($this->_user->getUid(), $entity->getEid(), date('c'), $_SERVER['REMOTE_ADDR'])); if ($st === false) { return 'error_db'; } $ec = new sspmod_janus_EntityController($this->_config); $ec->setEntity($entity); $update = false; // Get metadatafields for new type $nm_mb = new sspmod_janus_MetadatafieldBuilder($this->_config->getArray('metadatafields.' . $type)); $metadatafields = $nm_mb->getMetadatafields(); // Add all required fileds foreach ($metadatafields as $mf) { if (isset($mf->required) && $mf->required === true) { $ec->addMetadata($mf->name, $mf->default); $update = true; } } if ($update === true) { $ec->saveEntity(); } // Reset list of entities $this->_entities = null; $this->_loadEntities(); return $entity->getEid(); }
// Added persistent, transient and unspecified to all entities as valid NameIDFormats /** * DbPatch makes the following variables available to PHP patches: * * @var $this DbPatch_Command_Patch_PHP * @var $writer DbPatch_Core_Writer * @var $db Zend_Db_Adapter_Abstract * @var $phpFile string */ define('SAML2_NAME_ID_FORMAT_UNSPECIFIED', 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified'); define('SAML2_NAME_ID_FORMAT_TRANSIENT', 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'); define('SAML2_NAME_ID_FORMAT_PERSISTENT', 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'); $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; $janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php'); $userController = new sspmod_janus_UserController($janusConfig, sspmod_janus_DiContainer::getInstance()->getSecurityContext()); $userController->setUser('engine'); $entities = $userController->getEntities(); /** @var sspmod_janus_Entity $entity */ foreach ($entities as $entity) { if ($entity->getType() != 'saml20-sp') { continue; } $entity->setRevisionnote('patch-0015.php: Added persistent, transient and unspecified to all entities as valid NameIDFormats'); $entityController = new sspmod_janus_EntityController($janusConfig); $entityController->setEntity($entity); $entityController->addMetadata('NameIDFormats:0', SAML2_NAME_ID_FORMAT_PERSISTENT); $entityController->addMetadata('NameIDFormats:1', SAML2_NAME_ID_FORMAT_TRANSIENT); $entityController->addMetadata('NameIDFormats:2', SAML2_NAME_ID_FORMAT_UNSPECIFIED); $entityController->saveEntity(); }
} } // Metadata if (!empty($_POST['meta_value']) && $guard->hasPermission('addmetadata', $entity->getWorkflow(), $user->getType())) { foreach ($_POST['meta_value'] as $k => $v) { // If field is boolean if (substr($k, -4) == 'TRUE') { $k = substr($k, 0, -5); $v = true; } else { if (substr($k, -5) == 'FALSE') { $k = substr($k, 0, -6); $v = false; } } if ($mcontroller->addMetadata($k, $v)) { $update = TRUE; $note .= 'Metadata added: ' . $k . ' => ' . $v . '<br />'; } } } // Update metadata if ($guard->hasPermission('modifymetadata', $entity->getWorkflow(), $user->getType())) { foreach ($_POST as $key => $value) { //Metadata if (substr($key, 0, 14) == 'edit-metadata-') { if (!is_array($value)) { $newkey = substr($key, 14, strlen($key)); // If field is boolean if (substr($newkey, -4) == 'TRUE') { $newkey = substr($newkey, 0, -5);