<?php /* Load simpleSAMLphp, configuration and metadata */ $config = SimpleSAML_Configuration::getInstance(); $session = SimpleSAML_Session::getInstance(); $metaconfig = SimpleSAML_Configuration::getConfig('module_metaedit.php'); $mdh = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize($metaconfig->getValue('metahandlerConfig', NULL)); $authsource = $metaconfig->getValue('auth', 'login-admin'); $useridattr = $metaconfig->getValue('useridattr', 'eduPersonPrincipalName'); if ($session->isValid($authsource)) { $attributes = $session->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; } else { SimpleSAML_Auth_Default::initLogin($authsource, SimpleSAML_Utilities::selfURL()); } function requireOwnership($metadata, $userid) { if (!isset($metadata['owner'])) { throw new Exception('Metadata has no owner. Which means no one is granted access, not even you.'); } if ($metadata['owner'] !== $userid) { throw new Exception('Metadata has an owner that is not equal to your userid, hence you are not granted access.'); } } if (array_key_exists('entityid', $_REQUEST)) { $metadata = $mdh->getMetadata($_REQUEST['entityid'], 'saml20-sp-remote'); requireOwnership($metadata, $userid);
<?php /* Load simpleSAMLphp, configuration and metadata */ $config = SimpleSAML_Configuration::getInstance(); $metaconfig = SimpleSAML_Configuration::getConfig('module_metaedit.php'); $mdh = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize($metaconfig->getValue('metahandlerConfig', NULL)); $authsource = $metaconfig->getValue('auth', 'login-admin'); $useridattr = $metaconfig->getValue('useridattr', 'eduPersonPrincipalName'); $as = new SimpleSAML_Auth_Simple($authsource); $as->requireAuth(); $attributes = $as->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; function requireOwnership($metadata, $userid) { if (!isset($metadata['owner'])) { throw new Exception('Metadata has no owner. Which means no one is granted access, not even you.'); } if ($metadata['owner'] !== $userid) { throw new Exception('Metadata has an owner that is not equal to your userid, hence you are not granted access.'); } } if (isset($_REQUEST['delete'])) { $premetadata = $mdh->getMetadata($_REQUEST['delete'], 'saml20-sp-remote'); requireOwnership($premetadata, $userid); $mdh->deleteMetadata($_REQUEST['delete'], 'saml20-sp-remote'); } $list = $mdh->getMetadataSet('saml20-sp-remote');
/** * Save metadata for loading with the 'serialize' metadata loader. * * @param string $outputDir The directory we should save the metadata to. */ public function writeMetadataSerialize($outputDir) { assert('is_string($outputDir)'); $metaHandler = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize(array('directory' => $outputDir)); /* First we add all the metadata entries to the metadata handler. */ foreach ($this->metadata as $set => $elements) { foreach ($elements as $m) { $entityId = $m['metadata']['entityid']; SimpleSAML_Logger::debug('metarefresh: Add metadata entry ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '.'); $metaHandler->saveMetadata($entityId, $set, $m['metadata']); } } /* Then we delete old entries which should no longer exist. */ $ct = time(); foreach ($metaHandler->getMetadataSets() as $set) { foreach ($metaHandler->getMetadataSet($set) as $entityId => $metadata) { if (!array_key_exists('expire', $metadata)) { SimpleSAML_Logger::warning('metarefresh: Metadata entry without expire timestamp: ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '.'); continue; } if ($metadata['expire'] > $ct) { continue; } SimpleSAML_Logger::debug('metarefresh: ' . $entityId . ' expired ' . date('l jS \\of F Y h:i:s A', $metadata['expire'])); SimpleSAML_Logger::debug('metarefresh: Delete expired metadata entry ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '. (' . ($ct - $metadata['expire']) . ' sec)'); $metaHandler->deleteMetadata($entityId, $set); } } }
<?php $config = SimpleSAML_Configuration::getInstance(); $session = SimpleSAML_Session::getInstance(); $kconfig = SimpleSAML_Configuration::getConfig('module_metalisting.php'); $tag = $kconfig->getString('defaultTags', 'prod'); $allowedTags = $kconfig->getArray('allowedTags'); if (isset($_REQUEST['set'])) { if (in_array($_REQUEST['set'], $allowedTags)) { $tag = $_REQUEST['set']; } } $kdconfig = $kconfig->getConfigItem('dirs'); $dir = $kdconfig->getString($tag); // echo('<pre>'); // print_r($tag); // print_r($allowedTags); // print_r($dir); // exit; $mh = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize(array('directory' => $dir)); $metaentries = array(); $metaentries['remote']['saml20-idp-remote'] = $mh->getMetadataSet('saml20-idp-remote'); $metaentries['remote']['saml20-sp-remote'] = $mh->getMetadataSet('saml20-sp-remote'); // echo('<pre>'); // print_r($mentries); $t = new SimpleSAML_XHTML_Template($config, 'metalisting:metalisting.tpl.php'); $t->data['header'] = 'Federation entities'; $t->data['metaentries'] = $metaentries; $t->data['extended'] = isset($_REQUEST['extended']); $t->show(); exit;