function enableEntity($params) { if (!isset($params['eid'])) { return FALSE; } $eid = $params['eid']; $util = new sspmod_janus_AdminUtil(); $util->enableEntity($eid); return array('eid' => $eid); }
public function runForCronTag($cronTag) { if (!$this->_isExecuteRequired($cronTag)) { return array("Not doing metadata_refresh"); } $cronLogger = new sspmod_janus_Cron_Logger(); try { $janusConfig = sspmod_janus_DiContainer::getInstance()->getConfig(); $util = new sspmod_janus_AdminUtil(); $entities = $util->getEntities(); foreach ($entities as $partialEntity) { $entityController = sspmod_janus_DiContainer::getInstance()->getEntityController(); $eid = $partialEntity['eid']; if (!$entityController->setEntity($eid)) { $cronLogger->with($eid)->error("Failed import of entity. Wrong eid '{$eid}'."); continue; } $entityController->loadEntity(); $entity = $entityController->getEntity(); $entityId = $entity->getEntityId(); $metadataUrl = $entity->getMetadataURL(); $metadataCachingInfo = $entityController->getMetadataCaching(); if (empty($metadataUrl)) { $cronLogger->with($entityId)->warn("No metadata url."); continue; } $nextRun = time(); switch ($cronTag) { case 'hourly': $nextRun += 3600; break; case 'daily': $nextRun += 24 * 60 * 60; break; case 'frequent': $nextRun += 0; // How often is frequent? break; default: throw new Exception("Unknown cron tag '{$cronTag}'"); } if ($metadataCachingInfo['validUntil'] > $nextRun && $metadataCachingInfo['cacheUntil'] > $nextRun) { $cronLogger->with($entityId)->notice("Should not update, cache still valid."); continue; } $xml = @file_get_contents($metadataUrl); if (!$xml) { $cronLogger->with($entityId)->error("Failed import of entity. Bad URL '{$metadataUrl}'? "); continue; } $document = new DOMDocument(); if (!@$document->loadXML($xml)) { $cronLogger->with($entityId)->error("Failed import of entity. Invalid XML at '{$metadataUrl}'?"); continue; } $query = new DOMXPath($document); $nsFound = false; foreach ($query->query('namespace::*') as $node) { if ($node->nodeValue === "urn:oasis:names:tc:SAML:2.0:metadata") { $nsFound = true; break; } } if (!$nsFound) { $cronLogger->with($entityId)->error("Failed import of entity. Metadata at '{$metadataUrl}' does not contain SAML2 Metadata namespace?"); continue; } $query->registerNamespace('md', "urn:oasis:names:tc:SAML:2.0:metadata"); $entityDescriptorDomElement = $query->query("//md:EntityDescriptor[@entityID=\"{$entityId}\"]"); if ($entityDescriptorDomElement->length === 0) { $cronLogger->with($entityId)->error("Failed import of entity. Metadata at '{$metadataUrl}' does not contain an EntityDescriptor with entityId '{$entityId}'?"); continue; } $updated = false; if ($entity->getType() == 'saml20-sp') { $statusCode = $entityController->importMetadata20SP($xml, $updated); if ($statusCode !== 'status_metadata_parsed_ok') { $cronLogger->with($entityId)->error("Entity not updated"); } } else { if ($entity->getType() == 'saml20-idp') { $statusCode = $entityController->importMetadata20IdP($xml, $updated); if ($statusCode !== 'status_metadata_parsed_ok') { $cronLogger->with($entityId)->error("Entity not updated"); } } else { $cronLogger->with($entityId)->error("Failed import of entity. Wrong type"); } } if ($updated) { $entity->setParent($entity->getRevisionid()); $entityController->saveEntity(); $cronLogger->with($entityId)->notice("Entity updated"); $metadataCachingInfo = $this->_getMetaDataCachingInfo($xml, $entityId); $entityController->setMetadataCaching($metadataCachingInfo['validUntil'], $metadataCachingInfo['cacheUntil']); } else { $cronLogger->with($entityId)->notice("Entity not updated, no changes required"); // Update metadata caching info (validUntil ) $metadataCachingInfo = $this->_getMetaDataCachingInfo($xml, $entityId); $entityController->setMetadataCaching($metadataCachingInfo['validUntil'], $metadataCachingInfo['cacheUntil']); } } } catch (Exception $e) { $cronLogger->error($e->getMessage()); } if ($cronLogger->hasErrors()) { $this->_mailTechnicalContact($cronTag, $cronLogger); } return $cronLogger->getSummaryLines(); }
* * You should have received a copy of the GNU Lesser General Public License * along with JANUS. If not, see <http://www.gnu.org/licenses/>. * * @category SimpleSAMLphp * @package JANUS * @author Sixto Martín, <*****@*****.**> * @author Jacob Christiansen <*****@*****.**> * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General Public License * @version SVN: $Id: metalisting.php 655 2011-03-03 09:35:25Z jach@wayf.dk $ * @link http://code.google.com/p/janus-ssp/ */ $janus_config = SimpleSAML_Configuration::getConfig('module_janus.php'); $metaentries = array('saml20-idp' => array(), 'saml20-sp' => array(), 'shib13-idp' => array(), 'shib13-sp' => array()); $now = time(); $util = new sspmod_janus_AdminUtil(); if (SimpleSAML_Module::isModuleEnabled('x509')) { $strict_cert_validation = $janus_config->getBoolean('cert.strict.validation', true); $cert_allowed_warnings = $janus_config->getArray('cert.allowed.warnings', array()); $cert_time_limit = $janus_config->getInteger('notify.cert.expiring.before', 30); } $notify_meta_expiring_before = $janus_config->getInteger('notify.meta.expiring.before', 5); $meta_time_limit = $now + $notify_meta_expiring_before * 86400; $workflowstates = $janus_config->getValue('workflowstates'); foreach ($util->getEntities() as $entity) { $entry = array(); $eid = $entity['eid']; // Get Entity controller $mcontroller = new sspmod_janus_EntityController($janus_config); $mcontroller->setEntity($eid); $mcontroller->loadEntity();
$this->data['head'] .= '<script type="text/javascript" src="/' . $this->data['baseurlpath'] . 'module.php/janus/resources/scripts/theme-crimson_editor.js"></script>' . "\n"; $this->data['head'] .= '<script type="text/javascript" src="/' . $this->data['baseurlpath'] . 'module.php/janus/resources/scripts/jquery.tablesorter.min.js"></script>' . "\n"; $this->data['head'] .= '<script type="text/javascript" src="/' . $this->data['baseurlpath'] . 'module.php/janus/resources/scripts/jquery.tablesorter.widgets.min.js"></script>' . "\n"; $this->data['head'] .= ' <style type="text/css"> li, ul { list-style: none; margin: 0 0 0 10px; } ul { margin: 0; } </style>'; $this->includeAtTemplateBase('includes/header.php'); $util = new sspmod_janus_AdminUtil(); $wfstate = $this->data['entity_state']; $states = $janus_config->getArray('workflowstates'); /** @var sspmod_janus_Entity $entity */ $entity = $this->data['entity']; /** @var \Symfony\Component\Security\Core\SecurityContext $securityContext */ $securityContext = $this->data['security.context']; // @todo Define these in some sort of form helper class define('JANUS_FORM_ELEMENT_CHECKED', 'checked="checked"'); define('JANUS_FORM_ELEMENT_DISABLED', 'disabled="disabled"'); ?> <form id="mainform" method="post" action="<?php echo SimpleSAML_Utilities::selfURLNoQuery(); ?> " data-revision-required="<?php echo $janus_config->getBoolean('revision.notes.required', false);
} if(e.which == 67 && isCtrl == true) { \$("#options").toggle("fast"); \$("#options input[name='entityid']").focus(); return false; } }); JAVASCRIPT_SUBTAB_ADMIN_ENTITIES; } /* END TAB ADMIN ENTITIES JS ******************************************************************************************/ } /* END TAB ADMIN JS ***************************************************************************************************/ if (!IS_AJAX) { $this->includeAtTemplateBase('includes/header.php'); } $util = new sspmod_janus_AdminUtil(); if (!IS_AJAX) { // @todo: improve this workaround and make the form reload the ajax tab // Build urls for tabs with search and pass optional searchparameters $entitiesUrl = DASHBOARD_URL . '/' . TAB_AJAX_CONTENT_PREFIX . 'entities'; if (!empty($_GET)) { switch ($this->data['selectedtab']) { case SELECTED_TAB_ENTITIES: $entitiesUrl .= '?' . http_build_query($_GET); break; } } ?> <div id="tabdiv"> <h1><?php
public function runForCronTag($cronTag) { if (!$this->_isExecuteRequired($cronTag)) { return array(); } $cronLogger = new sspmod_janus_Cron_Logger(); try { $janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php'); $srConfig = SimpleSAML_Configuration::getConfig('module_janus.php'); $rootCertificatesFile = $srConfig->getString('ca_bundle_file'); $util = new sspmod_janus_AdminUtil(); $entities = $util->getEntities(); foreach ($entities as $partialEntity) { try { $entityController = new sspmod_janus_EntityController($janusConfig); $eid = $partialEntity['eid']; if (!$entityController->setEntity($eid)) { $cronLogger->with($eid)->error("Failed import of entity. Wrong eid '{$eid}'."); continue; } $entityController->loadEntity(); $entityId = $entityController->getEntity()->getEntityid(); $entityType = $entityController->getEntity()->getType(); try { try { $certificate = $entityController->getCertificate(); // @workaround // Since getCertificate() returns false when certificate does not exist following check is required to skip validation if (empty($certificate)) { throw new Exception('No certificate found'); } } catch (Exception $e) { if ($entityType === 'saml20-sp') { $cronLogger->with($entityId)->notice("SP does not have a certificate"); } else { if ($entityType === 'saml20-idp') { $cronLogger->with($entityId)->warn("Unable to create certificate object, certData missing?"); } } continue; } $validator = new sspmod_janus_OpenSsl_Certificate_Validator($certificate); $validator->setIgnoreSelfSigned(true); $validator->validate(); $validatorWarnings = $validator->getWarnings(); $validatorErrors = $validator->getErrors(); foreach ($validatorWarnings as $warning) { $cronLogger->with($entityId)->warn($warning); } foreach ($validatorErrors as $error) { $cronLogger->with($entityId)->error($error); } sspmod_janus_OpenSsl_Certificate_Chain_Factory::loadRootCertificatesFromFile($rootCertificatesFile); $chain = sspmod_janus_OpenSsl_Certificate_Chain_Factory::createFromCertificateIssuerUrl($certificate); $validator = new sspmod_janus_OpenSsl_Certificate_Chain_Validator($chain); $validator->setIgnoreSelfSigned(true); $validator->setTrustedRootCertificateAuthorityFile($rootCertificatesFile); $validator->validate(); $validatorWarnings = $validator->getWarnings(); $validatorErrors = $validator->getErrors(); foreach ($validatorWarnings as $warning) { $cronLogger->with($entityId)->warn($warning); } foreach ($validatorErrors as $error) { $cronLogger->with($entityId)->error($error); } } catch (Exception $e) { $cronLogger->with($entityId)->error($e->getMessage()); } } catch (Exception $e) { $cronLogger->error($e->getMessage() . $e->getTraceAsString()); } } } catch (Exception $e) { $cronLogger->error($e->getMessage() . $e->getTraceAsString()); } if ($cronLogger->hasErrors()) { $this->_mailTechnicalContact($cronTag, $cronLogger); } return $cronLogger->getSummaryLines(); }
}).keydown(function (e) { if(e.which == 17) isCtrl=true; if(e.which == 83 && isCtrl == true) { $("#search").toggle("fast"); $("#search input[name=\'q\']").focus(); return false; } if(e.which == 67 && isCtrl == true) { $("#options").toggle("fast"); $("#options input[name=\'entityid\']").focus(); return false; } }); </script>'; $this->includeAtTemplateBase('includes/header.php'); $util = new sspmod_janus_AdminUtil(); ?> <div id="tabdiv"> <h1><?php echo $this->t('text_dashboard') . ' for ' . $this->data['user']->getUserid(); ?> </h1> <!-- TABS --> <ul> <li><a href="#userdata"><?php echo $this->t('tab_user_data_header'); ?> </a></li> <li><a href="#entities"><?php echo $this->t('tab_entities_header');
// Get type filter $export_type = null; if (isset($_GET['type'])) { if (is_array($_GET['type'])) { $export_type = $_GET['type']; } else { $export_type = array($_GET['type']); } } // Get external $export_external = null; if (isset($_GET['external']) && $_GET['external'] != 'null') { $export_external = $_GET['external']; } // Create a AdminUtil object $util = new sspmod_janus_AdminUtil(); // Show UI if (!isset($export_state) && !isset($export_type)) { // Init session $session = SimpleSAML_Session::getInstance(); // Get data from config $authsource = $janus_config->getValue('auth', 'login-admin'); $useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName'); // Only valid users are allowed to se UI if ($session->isValid($authsource)) { $attributes = $session->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0];
public function runForCronTag($cronTag) { if (!$this->_isExecuteRequired($cronTag)) { return array(); } $cronLogger = new sspmod_janus_Cron_Logger(); try { $janusConfig = sspmod_janus_DiContainer::getInstance()->getConfig(); $util = new sspmod_janus_AdminUtil(); $entities = $util->getEntities(); foreach ($entities as $partialEntity) { $entityController = sspmod_janus_DiContainer::getInstance()->getEntityController(); $eid = $partialEntity['eid']; if (!$entityController->setEntity($eid)) { $cronLogger->with($eid)->error("Failed import of entity. Wrong eid '{$eid}'."); continue; } $entityController->loadEntity(); $entityId = $entityController->getEntity()->getEntityid(); $entityMetadata = $entityController->getMetaArray(); foreach ($this->_endpointMetadataFields as $endPointMetaKey) { if (!isset($entityMetadata[$endPointMetaKey])) { // This entity does not have this binding continue; } foreach ($entityMetadata[$endPointMetaKey] as $index => $binding) { $key = $endPointMetaKey . ':' . $index; if (!isset($binding['Location']) || trim($binding['Location']) === "") { $cronLogger->with($entityId)->with($key)->error("Binding has no Location?"); continue; } try { $sslUrl = new Janus_OpenSsl_Url($binding['Location']); } catch (Exception $e) { $cronLogger->with($entityId)->with($key)->with($sslUrl->getUrl())->error("Endpoint is not a valid URL"); continue; } if (!$sslUrl->isHttps()) { $cronLogger->with($entityId)->with($key)->with($sslUrl->getUrl())->error("Endpoint is not HTTPS"); continue; } $connectSuccess = $sslUrl->connect(); if (!$connectSuccess) { $cronLogger->with($entityId)->with($key)->with($sslUrl->getUrl())->error("Endpoint is unreachable"); continue; } if (!$sslUrl->isCertificateValidForUrlHostname()) { $urlHostName = $sslUrl->getHostName(); $validHostNames = $sslUrl->getServerCertificate()->getValidHostNames(); $cronLogger->with($entityId)->with($key)->with($sslUrl->getUrl())->error("Certificate does not match the hostname '{$urlHostName}' (instead it matches " . implode(', ', $validHostNames) . ")"); } $urlChain = $sslUrl->getServerCertificateChain(); $validator = new Janus_OpenSsl_Certificate_Chain_Validator($urlChain); $validator->validate(); $validatorWarnings = $validator->getWarnings(); $validatorErrors = $validator->getErrors(); foreach ($validatorWarnings as $warning) { $cronLogger->with($entityId)->with($key)->with($sslUrl->getUrl())->warn($warning); } foreach ($validatorErrors as $error) { $cronLogger->with($entityId)->with($key)->with($sslUrl->getUrl())->error($error); } } } } } catch (Exception $e) { $cronLogger->error($e->getMessage()); } if ($cronLogger->hasErrors()) { $this->_mailTechnicalContact($cronTag, $cronLogger); } return $cronLogger->getSummaryLines(); }
} function check_uri($uri) { if (preg_match('/^[a-z][a-z0-9+-\\.]*:.+$/i', $uri) == 1) { return TRUE; } return FALSE; } // Get Entity controller $entityController = sspmod_janus_DiContainer::getInstance()->getEntityController(); // Get the user $user = new sspmod_janus_User(); $user->setUserid($loggedInUsername); $user->load(sspmod_janus_User::USERID_LOAD); // Get Admin util which we use to retrieve entities $adminUtil = new sspmod_janus_AdminUtil(); // @todo move to separate class // Function to fix up PHP's messing up POST input containing dots, etc. function getRealPOST() { $vars = array(); $input = file_get_contents("php://input"); if (!empty($input)) { $pairs = explode("&", $input); foreach ($pairs as $pair) { $nv = explode("=", $pair); $name = urldecode($nv[0]); $value = urldecode($nv[1]); $name = explode('[', $name); if (count($name) > 1) { $subkey = substr($name[1], 0, -1);
<?php require __DIR__ . '/_includes.php'; // Get configuration $session = SimpleSAML_Session::getInstance(); $config = SimpleSAML_Configuration::getInstance(); $janus_config = sspmod_janus_DiContainer::getInstance()->getConfig(); $util = new sspmod_janus_AdminUtil(); $access = false; $user = null; // Validate user if ($session->isValid($janus_config->getValue('auth'))) { $useridattr = $janus_config->getValue('useridattr'); $attributes = $session->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; // Get the user $user = new sspmod_janus_User(); $user->setUserid($userid); $user->load(sspmod_janus_User::USERID_LOAD); // Check for permission $securityContext = sspmod_janus_DiContainer::getInstance()->getSecurityContext(); if ($securityContext->isGranted('exportallentities')) { $access = true; } } // Get default options $md_options['types'] = array();
$aggregators = $janus_config->getArray('aggregators', null); $id = null; if (isset($_GET['id'])) { $id = $_GET['id']; } else { $session = SimpleSAML_Session::getInstance(); SimpleSAML_Utilities::fatalError($session->getTrackID(), 'AGGREGATORID', $exception); } $export_state = $aggregators[$id]['state']; $export_type = $aggregators[$id]['type']; $exclude_entityid = null; if (isset($_GET['exclude_entityid'])) { $exclude_entityid = $_GET['exclude_entityid']; } // Create a AdminUtil object $util = new sspmod_janus_AdminUtil(); // Generate metadata try { $maxCache = $janus_config->getValue('maxCache', NULL); $maxDuration = $janus_config->getValue('maxDuration', NULL); $entities = $util->getEntitiesByStateType($export_state, $export_type); $xml = new DOMDocument(); $entitiesDescriptor = $xml->createElementNS('urn:oasis:names:tc:SAML:2.0:metadata', 'EntitiesDescriptor'); $entitiesDescriptorName = $janus_config->getString('export.entitiesDescriptorName', 'Federation'); $entitiesDescriptor->setAttribute('Name', $entitiesDescriptorName); if ($maxCache !== NULL) { $entitiesDescriptor->setAttribute('cacheDuration', 'PT' . $maxCache . 'S'); } if ($maxDuration !== NULL) { $entitiesDescriptor->setAttribute('validUntil', SimpleSAML_Utilities::generateTimestamp(time() + $maxDuration)); }
/** * Create new entity with parsed entityid * * Create a new entity and give the user access to the entity. * * @param string $entityid Entity id for the new entity * @param string $type Entity type * @param string $metadataUrl The -optional- metadata url for the new entity * * @return sspmod_janus_Entity|bool Returns the entity or false on error. * @since Method available since Release 1.0.0 */ public function createNewEntity($entityid, $type, $metadataUrl = null) { assert('is_string($entityid)'); assert('is_string($type)'); if ($this->isEntityIdInUse($entityid, $errorMessage)) { return $errorMessage; } $startstate = $this->_config->getString('workflowstate.default'); // Instantiate a new entity $entity = new sspmod_janus_Entity($this->_config, true); $entity->setEntityid($entityid); $entity->setWorkflow($startstate); $entity->setType($type); $entity->setUser($this->_user->getUid()); $entity->setRevisionnote('Entity created.'); if ($metadataUrl) { $entity->setMetadataURL($metadataUrl); } $entity->save(array()); $adminUtil = new sspmod_janus_AdminUtil(); $adminUtil->addUserToEntity($entity->getEid(), $this->_user->getUid()); $ec = sspmod_janus_DiContainer::getInstance()->getEntityController(); $ec->setEntity($entity); $update = false; // Get metadatafields for new type $nm_mb = new sspmod_janus_MetadataFieldBuilder($this->_config->getArray('metadatafields.' . $type)); $metadatafields = $nm_mb->getMetadataFields(); // Add all required fileds foreach ($metadatafields as $mf) { if (isset($mf->required) && $mf->required === true) { $ec->addMetadata($mf->name, $mf->default); $update = true; } } if ($update === true) { $ec->saveEntity(); } // Reset list of entities $this->_entities = null; $this->_loadEntities(); return $entity->getEid(); }
{ if (preg_match('/^[a-z][a-z0-9+-\\.]*:.+$/i', $uri) == 1) { return TRUE; } return FALSE; } // Get metadata to present remote entitites $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); // Get Entity controller $mcontroller = new sspmod_janus_EntityController($janus_config); // Get the user $user = new sspmod_janus_User($janus_config->getValue('store')); $user->setUserid($userid); $user->load(sspmod_janus_User::USERID_LOAD); // Get Admin util which we use to retrieve entities $autil = new sspmod_janus_AdminUtil(); // Function to fix up PHP's messing up POST input containing dots, etc. function getRealPOST() { $vars = array(); $input = file_get_contents("php://input"); if (!empty($input)) { $pairs = explode("&", $input); foreach ($pairs as $pair) { $nv = explode("=", $pair); $name = urldecode($nv[0]); $value = urldecode($nv[1]); $name = explode('[', $name); if (count($name) > 1) { $subkey = substr($name[1], 0, -1); if (empty($subkey)) {