An exception will be thrown if this option isn't an integer, or if this option isn't found, and no default value
is given.
public getInteger ( string $name, mixed $default = self::REQUIRED_OPTION ) : integer | mixed | ||
$name | string | The name of the option. |
$default | mixed | A default value which will be returned if the option isn't found. The option will be required if this parameter isn't given. The default value can be any value, including null. |
리턴 | integer | mixed | The option with the given name, or $default if the option isn't found and $default is specified. |
/** * Initializes this discovery service. * * The constructor does the parsing of the request. If this is an invalid request, it will throw an exception. * * @param array $metadataSets Array with metadata sets we find remote entities in. * @param string $instance The name of this instance of the discovery service. */ public function __construct(array $metadataSets, $instance) { parent::__construct($metadataSets, $instance); $this->discoconfig = SimpleSAML_Configuration::getConfig('module_discopower.php'); $this->cdcDomain = $this->discoconfig->getString('cdc.domain', null); if ($this->cdcDomain !== null && $this->cdcDomain[0] !== '.') { // ensure that the CDC domain starts with a dot ('.') as required by the spec $this->cdcDomain = '.' . $this->cdcDomain; } $this->cdcLifetime = $this->discoconfig->getInteger('cdc.lifetime', null); }
/** * Build a new logging handler based on syslog. */ public function __construct(\SimpleSAML_Configuration $config) { $facility = $config->getInteger('logging.facility', defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER); $processname = $config->getString('logging.processname', 'SimpleSAMLphp'); // Setting facility to LOG_USER (only valid in Windows), enable log level rewrite on windows systems if (System::getOS() === System::WINDOWS) { $this->isWindows = true; $facility = LOG_USER; } openlog($processname, LOG_PID, $facility); }
/** * Getter for the LDAP connection object. Created this getter * rather than setting in the constructor to avoid unnecessarily * connecting to LDAP when it might not be needed. * * @return sspmod_ldap_LdapConnection */ protected function getLdap() { // Check if already connected if ($this->ldap) { return $this->ldap; } // Get the connection specific options $hostname = $this->config->getString('ldap.hostname'); $port = $this->config->getInteger('ldap.port', 389); $enable_tls = $this->config->getBoolean('ldap.enable_tls', false); $debug = $this->config->getBoolean('ldap.debug', false); $timeout = $this->config->getInteger('ldap.timeout', 0); $username = $this->config->getString('ldap.username', null); $password = $this->config->getString('ldap.password', null); // Log the LDAP connection SimpleSAML\Logger::debug($this->title . 'Connecting to LDAP server;' . ' Hostname: ' . $hostname . ' Port: ' . $port . ' Enable TLS: ' . ($enable_tls ? 'Yes' : 'No') . ' Debug: ' . ($debug ? 'Yes' : 'No') . ' Timeout: ' . $timeout . ' Username: '******' Password: '******'*', strlen($password))); // Connect to the LDAP server to be queried during processing $this->ldap = new SimpleSAML_Auth_LDAP($hostname, $enable_tls, $debug, $timeout, $port); $this->ldap->bind($username, $password); // All done return $this->ldap; }
/** * Build an authentication request based on information in the metadata. * * @param SimpleSAML_Configuration $spMetadata The metadata of the service provider. * @param SimpleSAML_Configuration $idpMetadata The metadata of the identity provider. */ public static function buildAuthnRequest(SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata) { $ar = new \SAML2\AuthnRequest(); // get the NameIDPolicy to apply. IdP metadata has precedence. $nameIdPolicy = array(); if ($idpMetadata->hasValue('NameIDPolicy')) { $nameIdPolicy = $idpMetadata->getValue('NameIDPolicy'); } elseif ($spMetadata->hasValue('NameIDPolicy')) { $nameIdPolicy = $spMetadata->getValue('NameIDPolicy'); } if (!is_array($nameIdPolicy)) { // handle old configurations where 'NameIDPolicy' was used to specify just the format $nameIdPolicy = array('Format' => $nameIdPolicy); } $nameIdPolicy_cf = SimpleSAML_Configuration::loadFromArray($nameIdPolicy); $policy = array('Format' => $nameIdPolicy_cf->getString('Format', \SAML2\Constants::NAMEID_TRANSIENT), 'AllowCreate' => $nameIdPolicy_cf->getBoolean('AllowCreate', true)); $spNameQualifier = $nameIdPolicy_cf->getString('SPNameQualifier', false); if ($spNameQualifier !== false) { $policy['SPNameQualifier'] = $spNameQualifier; } $ar->setNameIdPolicy($policy); $ar->setForceAuthn($spMetadata->getBoolean('ForceAuthn', FALSE)); $ar->setIsPassive($spMetadata->getBoolean('IsPassive', FALSE)); $protbind = $spMetadata->getValueValidate('ProtocolBinding', array(\SAML2\Constants::BINDING_HTTP_POST, \SAML2\Constants::BINDING_HOK_SSO, \SAML2\Constants::BINDING_HTTP_ARTIFACT, \SAML2\Constants::BINDING_HTTP_REDIRECT), \SAML2\Constants::BINDING_HTTP_POST); /* Shoaib - setting the appropriate binding based on parameter in sp-metadata defaults to HTTP_POST */ $ar->setProtocolBinding($protbind); $ar->setIssuer($spMetadata->getString('entityid')); $ar->setAssertionConsumerServiceIndex($spMetadata->getInteger('AssertionConsumerServiceIndex', NULL)); $ar->setAttributeConsumingServiceIndex($spMetadata->getInteger('AttributeConsumingServiceIndex', NULL)); if ($spMetadata->hasValue('AuthnContextClassRef')) { $accr = $spMetadata->getArrayizeString('AuthnContextClassRef'); $comp = $spMetadata->getValueValidate('AuthnContextComparison', array(\SAML2\Constants::COMPARISON_EXACT, \SAML2\Constants::COMPARISON_MINIMUM, \SAML2\Constants::COMPARISON_MAXIMUM, \SAML2\Constants::COMPARISON_BETTER), \SAML2\Constants::COMPARISON_EXACT); $ar->setRequestedAuthnContext(array('AuthnContextClassRef' => $accr, 'Comparison' => $comp)); } self::addRedirectSign($spMetadata, $idpMetadata, $ar); return $ar; }
/** * Build an authentication request based on information in the metadata. * * @param SimpleSAML_Configuration $spMetadata The metadata of the service provider. * @param SimpleSAML_Configuration $idpMetadata The metadata of the identity provider. */ public static function buildAuthnRequest(SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata) { $ar = new SAML2_AuthnRequest(); if ($spMetadata->hasValue('NameIDPolicy')) { $nameIdPolicy = $spMetadata->getString('NameIDPolicy', NULL); } else { $nameIdPolicy = $spMetadata->getString('NameIDFormat', SAML2_Const::NAMEID_TRANSIENT); } if ($nameIdPolicy !== NULL) { $ar->setNameIdPolicy(array('Format' => $nameIdPolicy, 'AllowCreate' => TRUE)); } $ar->setForceAuthn($spMetadata->getBoolean('ForceAuthn', FALSE)); $ar->setIsPassive($spMetadata->getBoolean('IsPassive', FALSE)); $protbind = $spMetadata->getValueValidate('ProtocolBinding', array(SAML2_Const::BINDING_HTTP_POST, SAML2_Const::BINDING_HOK_SSO, SAML2_Const::BINDING_HTTP_ARTIFACT, SAML2_Const::BINDING_HTTP_REDIRECT), SAML2_Const::BINDING_HTTP_POST); /* Shoaib - setting the appropriate binding based on parameter in sp-metadata defaults to HTTP_POST */ $ar->setProtocolBinding($protbind); $ar->setIssuer($spMetadata->getString('entityid')); $ar->setAssertionConsumerServiceIndex($spMetadata->getInteger('AssertionConsumerServiceIndex', NULL)); $ar->setAttributeConsumingServiceIndex($spMetadata->getInteger('AttributeConsumingServiceIndex', NULL)); if ($spMetadata->hasValue('AuthnContextClassRef')) { $accr = $spMetadata->getArrayizeString('AuthnContextClassRef'); $ar->setRequestedAuthnContext(array('AuthnContextClassRef' => $accr)); } self::addRedirectSign($spMetadata, $idpMetadata, $ar); return $ar; }
/** * Initialize this aggregator. * * @param string $id The id of this aggregator. * @param SimpleSAML_Configuration $config The configuration for this aggregator. */ protected function __construct($id, SimpleSAML_Configuration $config) { assert('is_string($id)'); $this->id = $id; $this->logLoc = 'aggregator2:' . $this->id . ': '; $this->cronTag = $config->getString('cron.tag', NULL); $this->cacheDirectory = $config->getString('cache.directory', NULL); if ($this->cacheDirectory !== NULL) { $this->cacheDirectory = SimpleSAML_Utilities::resolvePath($this->cacheDirectory); } $this->cacheGenerated = $config->getInteger('cache.generated', NULL); if ($this->cacheGenerated !== NULL) { $this->cacheId = sha1($this->id); $this->cacheTag = sha1(serialize($config)); } // configure entity IDs excluded by default $this->excludeEntities($config->getArrayize('exclude', null)); // configure filters $this->setFilters($config->getArrayize('filter', null)); $this->validLength = $config->getInteger('valid.length', 7 * 24 * 60 * 60); $globalConfig = SimpleSAML_Configuration::getInstance(); $certDir = $globalConfig->getPathValue('certdir', 'cert/'); $signKey = $config->getString('sign.privatekey', NULL); if ($signKey !== NULL) { $signKey = SimpleSAML_Utilities::resolvePath($signKey, $certDir); $this->signKey = @file_get_contents($signKey); if ($this->signKey === NULL) { throw new SimpleSAML_Error_Exception('Unable to load private key from ' . var_export($signKey, TRUE)); } } $this->signKeyPass = $config->getString('sign.privatekey_pass', NULL); $signCert = $config->getString('sign.certificate', NULL); if ($signCert !== NULL) { $signCert = SimpleSAML_Utilities::resolvePath($signCert, $certDir); $this->signCert = @file_get_contents($signCert); if ($this->signCert === NULL) { throw new SimpleSAML_Error_Exception('Unable to load certificate file from ' . var_export($signCert, TRUE)); } } $this->sslCAFile = $config->getString('ssl.cafile', NULL); $this->regInfo = $config->getArray('RegistrationInfo', NULL); $this->initSources($config->getConfigList('sources')); }