/**
* Build a new logging handler based on syslog.
*/
public function __construct()
{
$config = SimpleSAML_Configuration::getInstance();
assert($config instanceof SimpleSAML_Configuration);
$facility = $config->getInteger('logging.facility', defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER);
$processname = $config->getString('logging.processname', 'simpleSAMLphp');
// Setting facility to LOG_USER (only valid in Windows), enable log level rewrite on windows systems.
if (SimpleSAML\Utils\System::getOS() === SimpleSAML\Utils\System::WINDOWS) {
$this->isWindows = TRUE;
$facility = LOG_USER;
}
openlog($processname, LOG_PID, $facility);
}
/**
* This function receives a SAML 1.1 artifact.
*
* @param SimpleSAML_Configuration $spMetadata The metadata of the SP.
* @param SimpleSAML_Configuration $idpMetadata The metadata of the IdP.
* @return string The <saml1p:Response> element, as an XML string.
*/
public static function receive(SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata)
{
$artifacts = self::getArtifacts();
$request = self::buildRequest($artifacts);
\SimpleSAML\Utils\XML::debugSAMLMessage($request, 'out');
$url = $idpMetadata->getDefaultEndpoint('ArtifactResolutionService', array('urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding'));
$url = $url['Location'];
$peerPublicKeys = $idpMetadata->getPublicKeys('signing', TRUE);
$certData = '';
foreach ($peerPublicKeys as $key) {
if ($key['type'] !== 'X509Certificate') {
continue;
}
$certData .= "-----BEGIN CERTIFICATE-----\n" . chunk_split($key['X509Certificate'], 64) . "-----END CERTIFICATE-----\n";
}
$file = SimpleSAML\Utils\System::getTempDir() . DIRECTORY_SEPARATOR . sha1($certData) . '.crt';
if (!file_exists($file)) {
SimpleSAML\Utils\System::writeFile($file, $certData);
}
$spKeyCertFile = \SimpleSAML\Utils\Config::getCertPath($spMetadata->getString('privatekey'));
$opts = array('ssl' => array('verify_peer' => TRUE, 'cafile' => $file, 'local_cert' => $spKeyCertFile, 'capture_peer_cert' => TRUE, 'capture_peer_chain' => TRUE), 'http' => array('method' => 'POST', 'content' => $request, 'header' => 'SOAPAction: http://www.oasis-open.org/committees/security' . "\r\n" . 'Content-Type: text/xml'));
// Fetch the artifact
$response = \SimpleSAML\Utils\HTTP::fetch($url, $opts);
if ($response === FALSE) {
throw new SimpleSAML_Error_Exception('Failed to retrieve assertion from IdP.');
}
\SimpleSAML\Utils\XML::debugSAMLMessage($response, 'in');
// Find the response in the SOAP message
$response = self::extractResponse($response);
return $response;
}
/**
* This function writes the metadata to to separate files in the output directory.
*/
function writeMetadataFiles($outputDir)
{
while (strlen($outputDir) > 0 && $outputDir[strlen($outputDir) - 1] === '/') {
$outputDir = substr($outputDir, 0, strlen($outputDir) - 1);
}
if (!file_exists($outputDir)) {
SimpleSAML_Logger::info('Creating directory: ' . $outputDir . "\n");
$res = @mkdir($outputDir, 0777, TRUE);
if ($res === FALSE) {
throw new Exception('Error creating directory: ' . $outputDir);
}
}
foreach ($this->types as $type) {
$filename = $outputDir . '/' . $type . '.php';
if (array_key_exists($type, $this->metadata)) {
$elements = $this->metadata[$type];
SimpleSAML_Logger::debug('Writing: ' . $filename);
$content = '<?php' . "\n" . '/* This file was generated by the metarefresh module at ' . $this->getTime() . "\n";
$content .= ' Do not update it manually as it will get overwritten' . "\n" . '*/' . "\n";
foreach ($elements as $m) {
$entityID = $m['metadata']['entityid'];
$content .= "\n";
$content .= '$metadata[\'' . addslashes($entityID) . '\'] = ' . var_export($m['metadata'], TRUE) . ';' . "\n";
}
$content .= "\n" . '?>';
SimpleSAML\Utils\System::writeFile($filename, $content, 0644);
} elseif (is_file($filename)) {
if (unlink($filename)) {
SimpleSAML_Logger::debug('Deleting stale metadata file: ' . $filename);
} else {
SimpleSAML_Logger::warning('Could not delete stale metadata file: ' . $filename);
}
}
}
}
/**
* @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\System::getOS() instead.
*/
public static function isWindowsOS()
{
return SimpleSAML\Utils\System::getOS() === SimpleSAML\Utils\System::WINDOWS;
}
function is_card_enabled($uuid, $delivery_time)
{
$now = time();
$filename = SimpleSAML\Utils\System::getTempDir() . DIRECTORY_SEPARATOR . $uuid;
//File check
if (!file_exists($filename)) {
return false;
}
//File doesn't exist
//Time check
$handle = fopen($filename, 'r');
if ($handle) {
$data = fread($handle, filesize($filename));
fclose($handle);
$parsed_data = parse_attributes($data, 3);
$parsed_data[2] = substr($parsed_data[2], 1);
//Extracting numeric value
$time = $parsed_data[2];
$endtime = $time + $delivery_time;
if ($now <= $time || $now > $endtime) {
return false;
}
//Incorrect time
return $parsed_data;
} else {
return false;
//Could not read the file
}
}
