public static function getInstance()
{
if (self::$instance !== null) {
return self::$instance;
}
$loader = new \Twig_Loader_Filesystem();
$translator = Translator::getInstance();
$modules = \SimpleSAML_Module::getModules();
foreach ($modules as $module) {
if (\SimpleSAML_Module::isModuleEnabled($module)) {
$path = \SimpleSAML_Module::getModuleDir($module);
$templatePath = self::resourceExists('templates', $path);
if (false !== $templatePath) {
$loader->addPath($templatePath, $module);
}
$translationPath = self::resourceExists('translations', $path);
if (false !== $translationPath) {
$translations = new Finder();
$translations->files()->in($translationPath)->name('/\\.[a-zA-Z_]+\\.yml$/');
/** @var SplFileInfo $translation */
foreach ($translations as $translation) {
$name = $translation->getBasename('.yml');
$locale = substr($name, strrpos($name, '.') + 1);
$translator->addResource('yaml', $translation->getPathname(), $locale, $module);
}
}
}
}
self::$instance = new \Twig_Environment($loader);
self::$instance->addExtension(new TranslationExtension($translator));
return self::$instance;
}
/**
* Autoload function for SimpleSAMLphp modules.
*
* @param string $className Name of the class.
*/
function SimpleSAML_autoload($className)
{
$modulePrefixLength = strlen('sspmod_');
$classPrefix = substr($className, 0, $modulePrefixLength);
if ($classPrefix !== 'sspmod_') {
return;
}
$modNameEnd = strpos($className, '_', $modulePrefixLength);
$module = substr($className, $modulePrefixLength, $modNameEnd - $modulePrefixLength);
$moduleClass = substr($className, $modNameEnd + 1);
if (!SimpleSAML_Module::isModuleEnabled($module)) {
return;
}
$file = SimpleSAML_Module::getModuleDir($module) . '/lib/' . str_replace('_', '/', $moduleClass) . '.php';
if (file_exists($file)) {
require_once $file;
}
}
/**
* Constructor for SAML SP authentication source.
*
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
public function __construct($info, $config)
{
assert('is_array($info)');
assert('is_array($config)');
/* Call the parent constructor first, as required by the interface. */
parent::__construct($info, $config);
if (!isset($config['entityID'])) {
$config['entityID'] = $this->getMetadataURL();
}
/* For compatibility with code that assumes that $metadata->getString('entityid') gives the entity id. */
$config['entityid'] = $config['entityID'];
$this->metadata = SimpleSAML_Configuration::loadFromArray($config, 'authsources[' . var_export($this->authId, TRUE) . ']');
$this->entityId = $this->metadata->getString('entityID');
$this->idp = $this->metadata->getString('idp', NULL);
$this->discoURL = $this->metadata->getString('discoURL', NULL);
if (empty($this->discoURL) && SimpleSAML_Module::isModuleEnabled('discojuice')) {
$this->discoURL = SimpleSAML_Module::getModuleURL('discojuice/central.php');
}
}
/**
* Autoload function for simpleSAMLphp.
*
* It will autoload all classes stored in the lib-directory.
*
* @param $className The name of the class.
*/
function SimpleSAML_autoload($className)
{
$libDir = dirname(__FILE__) . '/';
/* Special handling for xmlseclibs.php. */
if (in_array($className, array('XMLSecurityKey', 'XMLSecurityDSig', 'XMLSecEnc'), TRUE)) {
require_once $libDir . 'xmlseclibs.php';
return;
}
/* Handlig of modules. */
if (substr($className, 0, 7) === 'sspmod_') {
$modNameEnd = strpos($className, '_', 7);
$module = substr($className, 7, $modNameEnd - 7);
$moduleClass = substr($className, $modNameEnd + 1);
if (!SimpleSAML_Module::isModuleEnabled($module)) {
return;
}
$file = SimpleSAML_Module::getModuleDir($module) . '/lib/' . str_replace('_', '/', $moduleClass) . '.php';
} else {
$file = $libDir . str_replace('_', '/', $className) . '.php';
}
if (file_exists($file)) {
require_once $file;
}
}
#!/usr/bin/env php
<?php
/*
* This script can be used to generate metadata for simpleSAMLphp
* based on an XML metadata file.
*/
/* This is the base directory of the simpleSAMLphp installation. */
$baseDir = dirname(dirname(dirname(dirname(__FILE__))));
/* Add library autoloader. */
require_once $baseDir . '/lib/_autoload.php';
SimpleSAML_Session::useTransientSession();
/* No need to try to create a session here. */
if (!SimpleSAML_Module::isModuleEnabled('metarefresh')) {
echo "You need to enable the metarefresh module before this script can be used.\n";
echo "You can enable it by running the following command:\n";
echo ' echo >"' . $baseDir . '/modules/metarefresh/enable' . "\"\n";
exit(1);
}
/* Initialize the configuration. */
SimpleSAML_Configuration::setConfigDir($baseDir . '/config');
/* $outputDir contains the directory we will store the generated metadata in. */
$outputDir = $baseDir . '/metadata-generated';
/* $toStdOut is a boolean telling us wheter we will print the output to stdout instead
* of writing it to files in $outputDir.
*/
$toStdOut = FALSE;
/* $validateFingerprint contains the fingerprint of the certificate which should have been used
* to sign the EntityDescriptor in the metadata, or NULL if fingerprint validation shouldn't be
* done.
*/
$validateFingerprint = NULL;
assert('substr($url, 0, 1) === "/"');
/* clear the PATH_INFO option, so that a script can detect whether it is called with anything following the
*'.php'-ending.
*/
unset($_SERVER['PATH_INFO']);
$modEnd = strpos($url, '/', 1);
if ($modEnd === false) {
// the path must always be on the form /module/
throw new SimpleSAML_Error_NotFound('The URL must at least contain a module name followed by a slash.');
}
$module = substr($url, 1, $modEnd - 1);
$url = substr($url, $modEnd + 1);
if ($url === false) {
$url = '';
}
if (!SimpleSAML_Module::isModuleEnabled($module)) {
throw new SimpleSAML_Error_NotFound('The module \'' . $module . '\' was either not found, or wasn\'t enabled.');
}
/* Make sure that the request isn't suspicious (contains references to current directory or parent directory or
* anything like that. Searching for './' in the URL will detect both '../' and './'. Searching for '\' will detect
* attempts to use Windows-style paths.
*/
if (strpos($url, '\\') !== false) {
throw new SimpleSAML_Error_BadRequest('Requested URL contained a backslash.');
} elseif (strpos($url, './') !== false) {
throw new SimpleSAML_Error_BadRequest('Requested URL contained \'./\'.');
}
$moduleDir = SimpleSAML_Module::getModuleDir($module) . '/www/';
// check for '.php/' in the path, the presence of which indicates that another php-script should handle the request
for ($phpPos = strpos($url, '.php/'); $phpPos !== false; $phpPos = strpos($url, '.php/', $phpPos + 1)) {
$newURL = substr($url, 0, $phpPos + 4);
<?php
$modules = SimpleSAML_Module::getModules();
sort($modules);
$modinfo = array();
foreach ($modules as $m) {
$modinfo[$m] = array('enabled' => SimpleSAML_Module::isModuleEnabled($m));
if (sspmod_core_ModuleDefinition::isDefined($m)) {
$modinfo[$m]['def'] = sspmod_core_ModuleDefinition::load($m);
}
}
function cmpa($a, $b)
{
if (isset($a['def']) && !isset($b['def'])) {
return -1;
}
if (isset($b['def']) && !isset($a['def'])) {
return 1;
}
return 0;
}
uasort($modinfo, 'cmpa');
$config = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($config, 'modinfo:modlist.php');
$t->data['modules'] = $modinfo;
$t->show();
}
$links = array();
$links_welcome = array();
$links_config = array();
$links_auth = array();
$links_federation = array();
$links_config[] = array('href' => SimpleSAML_Utilities::getBaseURL() . 'example-simple/hostnames.php?dummy=1', 'text' => '{core:frontpage:link_diagnostics}');
$links_config[] = array('href' => SimpleSAML_Utilities::getBaseURL() . 'admin/phpinfo.php', 'text' => '{core:frontpage:link_phpinfo}');
$allLinks = array('links' => &$links, 'welcome' => &$links_welcome, 'config' => &$links_config, 'auth' => &$links_auth, 'federation' => &$links_federation);
SimpleSAML_Module::callHooks('frontpage', $allLinks);
$enablematrix = array('saml20-idp' => $config->getBoolean('enable.saml20-idp', false), 'shib13-idp' => $config->getBoolean('enable.shib13-idp', false));
$functionchecks = array('hash' => array('required', 'Hashing function'), 'gzinflate' => array('required', 'ZLib'), 'openssl_sign' => array('required', 'OpenSSL'), 'simplexml_import_dom' => array('required', 'SimpleXML'), 'dom_import_simplexml' => array('required', 'XML DOM'), 'preg_match' => array('required', 'RegEx support'), 'mcrypt_module_open' => array('required', 'MCrypt'), 'mysql_connect' => array('optional', 'MySQL support'));
if (SimpleSAML_Module::isModuleEnabled('ldap')) {
$functionchecks['ldap_bind'] = array('required_ldap', 'LDAP Extension');
}
if (SimpleSAML_Module::isModuleEnabled('radius')) {
$functionchecks['radius_auth_open'] = array('required_radius', 'Radius Extension');
}
$funcmatrix = array();
$funcmatrix[] = array('required' => 'required', 'descr' => 'PHP Version >= 5.2. You run: ' . phpversion(), 'enabled' => version_compare(phpversion(), '5.2', '>='));
foreach ($functionchecks as $func => $descr) {
$funcmatrix[] = array('descr' => $descr[1], 'required' => $descr[0], 'enabled' => function_exists($func));
}
/* Some basic configuration checks */
if ($config->getString('technicalcontact_email', '*****@*****.**') === '*****@*****.**') {
$mail_ok = FALSE;
} else {
$mail_ok = TRUE;
}
$funcmatrix[] = array('required' => 'reccomended', 'descr' => 'technicalcontact_email option set', 'enabled' => $mail_ok);
if ($config->getString('auth.adminpassword', '123') === '123') {
$entry['meta_status'] = 'expires soon';
} else {
$entry['meta_status'] = 'expires';
}
$entry['meta_expiration_time'] = ($metaArray['expire'] - $now) / 3600;
}
} else {
$entry['meta_status'] = 'no_data';
}
// Fill in some more data
$entry['name'] = array_key_exists('name', $metaArray) ? $metaArray['name'] : null;
$entry['url'] = array_key_exists('url', $metaArray) ? $metaArray['url'] : null;
// Check if we have a flag icon
$entry['flag'] = null;
$entry['flag_name'] = null;
if (SimpleSAML_Module::isModuleEnabled('metalisting') && array_key_exists('tags', $metaArray)) {
$countries = array('denmark' => 'dk', 'finland' => 'fi', 'france' => 'fr', 'germany' => 'de', 'norway' => 'no', 'poland' => 'pl', 'spain' => 'es', 'sweden' => 'se', 'switzerland' => 'ch');
foreach ($countries as $country_name => $code) {
if (in_array($country_name, $metaArray['tags'])) {
$entry['flag'] = SimpleSAML_Module::getModuleURL('metalisting/flags/' . $code . '.png');
$entry['flag_name'] = $country_name;
break;
}
}
}
// Store the data in the result array
if (array_key_exists($entity_type, $metaentries)) {
array_push($metaentries[$entity_type], $entry);
}
}
if (!isset($_GET['output']) || $_GET['output'] !== 'json') {
function __autoload($class_name)
{
$tab_classes = array(
'DB' => '_lib'.DIRECTORY_SEPARATOR.'DB'.DIRECTORY_SEPARATOR.'DB.class.php' ,
'FirePHP' => '_lib'.DIRECTORY_SEPARATOR.'FirePHPCore'.DIRECTORY_SEPARATOR.'FirePHP.class.php' ,
'FPDF' => '_lib'.DIRECTORY_SEPARATOR.'FPDF'.DIRECTORY_SEPARATOR.'fpdf.php' ,
'PDF_Label' => '_lib'.DIRECTORY_SEPARATOR.'FPDF'.DIRECTORY_SEPARATOR.'PDF_Label.php' ,
'FPDI' => '_lib'.DIRECTORY_SEPARATOR.'FPDI'.DIRECTORY_SEPARATOR.'fpdi.php' ,
'PDFMerger' => '_lib'.DIRECTORY_SEPARATOR.'FPDI'.DIRECTORY_SEPARATOR.'PDFMerger.php' ,
'phpCAS' => '_lib'.DIRECTORY_SEPARATOR.'phpCAS'.DIRECTORY_SEPARATOR.'CAS.php' ,
'cssmin' => '_inc'.DIRECTORY_SEPARATOR.'class.CssMinified.php' ,
'MyDOMDocument' => '_inc'.DIRECTORY_SEPARATOR.'class.domdocument.php' ,
'JSMin' => '_inc'.DIRECTORY_SEPARATOR.'class.JavaScriptMinified.php' ,
'JavaScriptPacker' => '_inc'.DIRECTORY_SEPARATOR.'class.JavaScriptPacker.php' ,
'PDF' => '_inc'.DIRECTORY_SEPARATOR.'class.PDF.php' ,
'Formulaire' => '_inc'.DIRECTORY_SEPARATOR.'class.formulaire.php' ,
'DB_STRUCTURE_ADMINISTRATEUR' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_administrateur.php' ,
'DB_STRUCTURE_DIRECTEUR' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_directeur.php' ,
'DB_STRUCTURE_ELEVE' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_eleve.php' ,
'DB_STRUCTURE_PROFESSEUR' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_professeur.php' ,
'DB_STRUCTURE_PUBLIC' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_public.php' ,
'DB_STRUCTURE_WEBMESTRE' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_webmestre.php' ,
'DB_STRUCTURE_BILAN' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_bilan.php' ,
'DB_STRUCTURE_OFFICIEL' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_officiel.php' ,
'DB_STRUCTURE_COMMUN' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_commun.php' ,
'DB_STRUCTURE_MAJ_BASE' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_maj_base.php' ,
'DB_STRUCTURE_REFERENTIEL' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_referentiel.php' ,
'DB_STRUCTURE_SOCLE' => '_sql'.DIRECTORY_SEPARATOR.'requetes_structure_socle.php' ,
'DB_WEBMESTRE_PUBLIC' => '_sql'.DIRECTORY_SEPARATOR.'requetes_webmestre_public.php' ,
'DB_WEBMESTRE_SELECT' => '_sql'.DIRECTORY_SEPARATOR.'requetes_webmestre_select.php' ,
'DB_WEBMESTRE_WEBMESTRE' => '_sql'.DIRECTORY_SEPARATOR.'requetes_webmestre_webmestre.php'
);
if(isset($tab_classes[$class_name]))
{
load_class($class_name,CHEMIN_SACOCHE.$tab_classes[$class_name]);
}
// Remplacement de l'autoload de phpCAS qui n'est pas chargé à cause de celui de SACoche
// Voir le fichier ./_lib/phpCAS/CAS/autoload.php
elseif(substr($class_name,0,4)=='CAS_')
{
load_class($class_name,CHEMIN_SACOCHE.'_lib'.DIRECTORY_SEPARATOR.'phpCAS'.DIRECTORY_SEPARATOR.str_replace('_',DIRECTORY_SEPARATOR,$class_name).'.php');
}
// Remplacement de l'autoload de SimpleSAMLphp qui n'est pas chargé à cause de celui de SACoche
// Voir le fichier ./_lib/SimpleSAMLphp/lib/_autoload.php
else if(in_array($class_name, array('XMLSecurityKey', 'XMLSecurityDSig', 'XMLSecEnc'), TRUE))
{
load_class($class_name,CHEMIN_SACOCHE.'_lib'.DIRECTORY_SEPARATOR.'SimpleSAMLphp'.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'xmlseclibs.php');
}
else if(substr($class_name,0,7)=='sspmod_')
{
$modNameEnd = strpos($class_name, '_', 7);
$module = substr($class_name, 7, $modNameEnd - 7);
$moduleClass = substr($class_name, $modNameEnd + 1);
if(SimpleSAML_Module::isModuleEnabled($module))
{
load_class($class_name,SimpleSAML_Module::getModuleDir($module).'/lib/'.str_replace('_', DIRECTORY_SEPARATOR, $moduleClass).'.php');
}
}
elseif( (substr($class_name,0,5)=='SAML2') || (substr($class_name,0,10)=='SimpleSAML') )
{
load_class($class_name,CHEMIN_SACOCHE.'_lib'.DIRECTORY_SEPARATOR.'SimpleSAMLphp'.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.str_replace('_','/',$class_name).'.php');
}
// La classe invoquée ne correspond pas à ce qui vient d'être passé en revue
else
{
affich_message_exit($titre='Classe introuvable',$contenu='La classe '.$class_name.' est inconnue.');
}
}
function listMetadata($t, $entries, $workflowstates, $extended = false)
{
echo '<table width="100%">';
echo '<thead><tr>';
echo '<th width="40px" align="center">' . $t->t('tab_edit_entity_state') . '</th>';
echo '<th width="160px" align="center">' . $t->t('validation_metadata_column') . '</th>';
if (SimpleSAML_Module::isModuleEnabled('x509')) {
echo '<th width="160px" align="center">' . $t->t('validation_certificate_column') . '</th>';
}
echo '<th>' . $t->t('validation_identity_column') . '</th>';
echo '</tr></thead>';
echo '<tbody>';
foreach ($entries as $entry) {
echo '<tr>';
if (isset($workflowstates[$entry['workflow']]['name'][$t->getLanguage()])) {
$workflow_translated = $workflowstates[$entry['workflow']]['name'][$t->getLanguage()];
} else {
$workflow_translated = $workflowstates[$entry['workflow']]['name']['en'];
}
// Workflow colum
echo '<td width="40px" align="center">';
if ($entry['workflow'] == 'prodaccepted') {
echo '<img class="display_inline" src="resources/images/icons/production.png"';
} else {
echo '<img class="display_inline" src="resources/images/icons/test.png"';
}
echo ' title="' . $workflow_translated . '" alt="' . $workflow_translated . '" />';
echo '</td>';
// Metadata column
echo '<td width="160px" align="center">';
if ($entry['invalid_metadata']) {
echo '<img class="display_inline" src="resources/images/icons/reject.png" title="' . $t->t('missing_require_metadata') . implode(" ", $entry['invalid_metadata']) . '" alt="' . $t->t('validation_problem') . '" />';
} else {
echo '<img class="display_inline" src="resources/images/icons/accept.png" title="ok" alt="' . $t->t('validation_success') . '" />';
}
if ($entry['meta_status'] == 'expired') {
echo '<img class="display_inline" src="resources/images/icons/expired.png" title="' . $t->t('hour_expired', array('%META_EXPIRED_TIME%' => number_format($entry['meta_expiration_time'], 1))) . '" alt="' . $t->t('expired') . '">';
} else {
if ($entry['meta_status'] == 'expires soon') {
echo '<img class="display_inline" src="resources/images/icons/almost_expired.png" title="' . $t->t('hour_expires', array('%META_EXPIRES_TIME%' => number_format($entry['meta_expiration_time'], 1))) . '" alt="' . $t->t('no_expired') . '">';
} else {
if ($entry['meta_status'] == 'expires') {
echo '<img class="display_inline" src="resources/images/icons/fresh.png" title="' . $t->t('hour_expires', array('%META_EXPIRES_TIME%' => number_format($entry['meta_expiration_time'], 1))) . '" alt="' . $t->t('no_expired') . '">';
}
}
}
echo '</td>';
// Certificate column
if (SimpleSAML_Module::isModuleEnabled('x509')) {
echo '<td width="160px" align="center">';
if ($entry['invalid_certificate']) {
$title = $t->t('{x509:x509:' . $entry['invalid_certificate'] . '}');
// if in strict certificate validation and validation error response in
// allowed_warnings we display a warning instead of reject
if ($entry['cert_validation'] == 'poor' || $entry['cert_validation'] == 'unknown') {
echo '<img class="display_inline" src="resources/images/icons/warning.png" title="' . $title . '" alt="' . $t->t('validation_warning') . '" />';
} else {
echo '<img class="display_inline" src="resources/images/icons/reject.png" title="' . $title . '" alt="' . $t->t('validation_problem') . '" />';
}
} else {
echo '<img class="display_inline" src="resources/images/icons/accept.png" title="ok" alt="' . $t->t('validation_success') . '" />';
}
if ($entry['cert_status'] == 'expired') {
echo '<img class="display_inline" src="resources/images/icons/expired.png" title="' . $t->t('expired') . '" alt="' . $t->t('expired') . '">';
} else {
if ($entry['cert_status'] == 'expires soon') {
echo '<img class="display_inline" src="resources/images/icons/almost_expired.png" title="' . $t->t('day_expires', array('%CERT_EXPIRES_TIME%' => number_format($entry['cert_expiration_date'], 1))) . '" alt="' . $t->t('no_expired') . '">';
} else {
if ($entry['cert_status'] == 'expires') {
echo '<img class="display_inline" src="resources/images/icons/fresh.png" title="' . $t->t('day_expires', array('%CERT_EXPIRES_TIME%' => number_format($entry['cert_expiration_date'], 1))) . '" alt="' . $t->t('no_expired') . '">';
}
}
}
echo '</td>';
}
// Name column
echo '<td>';
if ($entry['flag'] !== null) {
echo '<img class="metalisting_flag" src="' . $entry['flag'] . '" alt="' . $entry['flag_name'] . '" />';
}
echo $entry['prettyname'];
if ($entry['url'] !== null) {
echo ' [ <a href="' . $t->getTranslation(SimpleSAML_Utilities::arrayize($entry['url'], 'en')) . '">more</a> ]';
}
echo '</td></tr>';
}
echo '</tbody>';
echo '</table>';
}
