/**
* Gets the name value from an entry array.
*
* @param SimpleSAML_XHTML_Template $view The view object.
* @param array $entry The entry array.
*
* @return string The resulting name value.
*/
function simplesamlphp_get_entry_name($view, $entry = array())
{
$result = $entry['entityid'];
if (!empty($entry['name'])) {
$name = SimpleSAML\Utils\Arrays::arrayize($entry['name'], 'en');
$result = $view->getTranslation($name);
} elseif (!empty($entry['OrganizationDisplayName'])) {
$name = SimpleSAML\Utils\Arrays::arrayize($entry['OrganizationDisplayName'], 'en');
$result = $view->getTranslation($name);
}
return htmlspecialchars($result);
}
/**
* Test the arrayize() function.
*/
public function testArrayize()
{
// check with empty array as input
$array = array();
$this->assertEquals($array, SimpleSAML\Utils\Arrays::arrayize($array));
// check non-empty array as input
$array = array('key' => 'value');
$this->assertEquals($array, SimpleSAML\Utils\Arrays::arrayize($array));
// check indexes are ignored when input is an array
$this->assertArrayNotHasKey('invalid', SimpleSAML\Utils\Arrays::arrayize($array, 'invalid'));
// check default index
$expected = array('string');
$this->assertEquals($expected, SimpleSAML\Utils\Arrays::arrayize($expected[0]));
// check string index
$index = 'key';
$expected = array($index => 'string');
$this->assertEquals($expected, SimpleSAML\Utils\Arrays::arrayize($expected[$index], $index));
}
public function loadData()
{
$statdir = $this->statconfig->getValue('statdir');
$resarray = array();
$rules = SimpleSAML\Utils\Arrays::arrayize($this->ruleid);
foreach ($rules as $rule) {
// Get file and extract results.
$resultFileName = $statdir . '/' . $rule . '-' . $this->timeres . '-' . $this->fileslot . '.stat';
if (!file_exists($resultFileName)) {
throw new Exception('Aggregated statitics file [' . $resultFileName . '] not found.');
}
if (!is_readable($resultFileName)) {
throw new Exception('Could not read statitics file [' . $resultFileName . ']. Bad file permissions?');
}
$resultfile = file_get_contents($resultFileName);
$newres = unserialize($resultfile);
if (empty($newres)) {
throw new Exception('Aggregated statistics in file [' . $resultFileName . '] was empty.');
}
$resarray[] = $newres;
}
$combined = $resarray[0];
if (count($resarray) > 1) {
for ($i = 1; $i < count($resarray); $i++) {
$combined = $this->combine($combined, $resarray[$i]);
}
}
$this->results = $combined;
}
/**
* Add an Organization element based on metadata array.
*
* @param array $metadata The metadata we should extract the organization information from.
*/
public function addOrganizationInfo(array $metadata)
{
if (empty($metadata['OrganizationName']) || empty($metadata['OrganizationDisplayName']) || empty($metadata['OrganizationURL'])) {
// empty or incomplete organization information
return;
}
$orgName = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationName'], 'en');
$orgDisplayName = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationDisplayName'], 'en');
$orgURL = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationURL'], 'en');
$this->addOrganization($orgName, $orgDisplayName, $orgURL);
}
?>
<?php
if (!empty($hm['name'])) {
?>
<p><?php
echo $this->getTranslation(SimpleSAML\Utils\Arrays::arrayize($hm['name'], 'en'));
?>
</p>
<?php
}
?>
<?php
if (!empty($hm['descr'])) {
?>
<p><?php
echo $this->getTranslation(SimpleSAML\Utils\Arrays::arrayize($hm['descr'], 'en'));
?>
</p>
<?php
}
?>
<p> [ <a href="<?php
echo $hm['metadata-url'];
?>
">
<?php
echo $this->t('{core:frontpage:show_metadata}');
?>
</a> ]
</p>
</dd>
/**
* Send a SAML2 SSO request to an IdP.
*
* @param SimpleSAML_Configuration $idpMetadata The metadata of the IdP.
* @param array $state The state array for the current authentication.
*/
private function startSSO2(SimpleSAML_Configuration $idpMetadata, array $state)
{
if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] < 0) {
SimpleSAML_Auth_State::throwException($state, new \SimpleSAML\Module\saml\Error\ProxyCountExceeded(\SAML2\Constants::STATUS_RESPONDER));
}
$ar = sspmod_saml_Message::buildAuthnRequest($this->metadata, $idpMetadata);
$ar->setAssertionConsumerServiceURL(SimpleSAML\Module::getModuleURL('saml/sp/saml2-acs.php/' . $this->authId));
if (isset($state['SimpleSAML_Auth_Source.ReturnURL'])) {
$ar->setRelayState($state['SimpleSAML_Auth_Source.ReturnURL']);
}
if (isset($state['saml:AuthnContextClassRef'])) {
$accr = SimpleSAML\Utils\Arrays::arrayize($state['saml:AuthnContextClassRef']);
$comp = SAML2\Constants::COMPARISON_EXACT;
if (isset($state['saml:AuthnContextComparison']) && in_array($state['AuthnContextComparison'], array(SAML2\Constants::COMPARISON_EXACT, SAML2\Constants::COMPARISON_MINIMUM, SAML2\Constants::COMPARISON_MAXIMUM, SAML2\Constants::COMPARISON_BETTER))) {
$comp = $state['saml:AuthnContextComparison'];
}
$ar->setRequestedAuthnContext(array('AuthnContextClassRef' => $accr, 'Comparison' => $comp));
}
if (isset($state['ForceAuthn'])) {
$ar->setForceAuthn((bool) $state['ForceAuthn']);
}
if (isset($state['isPassive'])) {
$ar->setIsPassive((bool) $state['isPassive']);
}
if (isset($state['saml:NameID'])) {
if (!is_array($state['saml:NameID'])) {
throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameID\'].');
}
$ar->setNameId($state['saml:NameID']);
}
if (isset($state['saml:NameIDPolicy'])) {
if (is_string($state['saml:NameIDPolicy'])) {
$policy = array('Format' => (string) $state['saml:NameIDPolicy'], 'AllowCreate' => TRUE);
} elseif (is_array($state['saml:NameIDPolicy'])) {
$policy = $state['saml:NameIDPolicy'];
} else {
throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameIDPolicy\'].');
}
$ar->setNameIdPolicy($policy);
}
if (isset($state['saml:IDPList'])) {
$IDPList = $state['saml:IDPList'];
} else {
$IDPList = array();
}
$ar->setIDPList(array_unique(array_merge($this->metadata->getArray('IDPList', array()), $idpMetadata->getArray('IDPList', array()), (array) $IDPList)));
if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] !== null) {
$ar->setProxyCount($state['saml:ProxyCount']);
} elseif ($idpMetadata->getInteger('ProxyCount', null) !== null) {
$ar->setProxyCount($idpMetadata->getInteger('ProxyCount', null));
} elseif ($this->metadata->getInteger('ProxyCount', null) !== null) {
$ar->setProxyCount($this->metadata->getInteger('ProxyCount', null));
}
$requesterID = array();
if (isset($state['saml:RequesterID'])) {
$requesterID = $state['saml:RequesterID'];
}
if (isset($state['core:SP'])) {
$requesterID[] = $state['core:SP'];
}
$ar->setRequesterID($requesterID);
if (isset($state['saml:Extensions'])) {
$ar->setExtensions($state['saml:Extensions']);
}
// save IdP entity ID as part of the state
$state['ExpectedIssuer'] = $idpMetadata->getString('entityid');
$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso', TRUE);
$ar->setId($id);
SimpleSAML\Logger::debug('Sending SAML 2 AuthnRequest to ' . var_export($idpMetadata->getString('entityid'), TRUE));
/* Select appropriate SSO endpoint */
if ($ar->getProtocolBinding() === \SAML2\Constants::BINDING_HOK_SSO) {
$dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(\SAML2\Constants::BINDING_HOK_SSO));
} else {
$dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(\SAML2\Constants::BINDING_HTTP_REDIRECT, \SAML2\Constants::BINDING_HTTP_POST));
}
$ar->setDestination($dst['Location']);
$b = \SAML2\Binding::getBinding($dst['Binding']);
$this->sendSAML2AuthnRequest($state, $b, $ar);
assert('FALSE');
}
/**
* @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\Arrays::arrayize() instead.
*/
public static function arrayize($data, $index = 0)
{
return SimpleSAML\Utils\Arrays::arrayize($data, $index);
}
/**
* Search for a DN.
*
* @param string|array $base
* The base, or bases, which to search from.
* @param string|array $attribute
* The attribute name(s) searched for.
* @param string $value
* The attribute value searched for.
* @param bool $allowZeroHits
* Determines if the method will throw an exception if no hits are found.
* Defaults to FALSE.
* @return string
* The DN of the matching element, if found. If no element was found and
* $allowZeroHits is set to FALSE, an exception will be thrown; otherwise
* NULL will be returned.
* @throws SimpleSAML_Error_AuthSource if:
* - LDAP search encounter some problems when searching cataloge
* - Not able to connect to LDAP server
* @throws SimpleSAML_Error_UserNotFound if:
* - $allowZeroHits er TRUE and no result is found
*
*/
public function searchfordn($base, $attribute, $value, $allowZeroHits = FALSE)
{
// Traverse all search bases, returning DN if found.
$bases = SimpleSAML\Utils\Arrays::arrayize($base);
$result = NULL;
foreach ($bases as $current) {
try {
// Single base search.
$result = $this->search($current, $attribute, $value);
// We don't hawe to look any futher if user is found
if (!empty($result)) {
return $result;
}
// If search failed, attempt the other base DNs.
} catch (SimpleSAML_Error_UserNotFound $e) {
// Just continue searching
}
}
// Decide what to do for zero entries.
SimpleSAML_Logger::debug('Library - LDAP searchfordn(): No entries found');
if ($allowZeroHits) {
// Zero hits allowed.
return NULL;
} else {
// Zero hits not allowed.
throw $this->makeException('Library - LDAP searchfordn(): LDAP search returned zero entries for filter \'(' . $attribute . ' = ' . $value . ')\' on base(s) \'(' . join(' & ', $bases) . ')\'', 2);
}
}
echo '<br />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('{core:frontpage:show_metadata}') . '</a> ]';
echo '</p></dd>';
}
}
echo '</dl>';
if (is_array($this->data['metaentries']['remote']) && count($this->data['metaentries']['remote']) > 0) {
foreach ($this->data['metaentries']['remote'] as $setkey => $set) {
echo '<fieldset class="fancyfieldset"><legend>' . $this->t(mtype($setkey)) . ' (Trusted)</legend>';
echo '<ul>';
foreach ($set as $entry) {
echo '<li>';
echo '<a href="' . htmlspecialchars(SimpleSAML\Module::getModuleURL('core/show_metadata.php', array('entityid' => $entry['entityid'], 'set' => $setkey))) . '">';
if (!empty($entry['name'])) {
echo htmlspecialchars($this->getTranslator()->getPreferredTranslation(SimpleSAML\Utils\Arrays::arrayize($entry['name'], 'en')));
} elseif (!empty($entry['OrganizationDisplayName'])) {
echo htmlspecialchars($this->getTranslator()->getPreferredTranslation(SimpleSAML\Utils\Arrays::arrayize($entry['OrganizationDisplayName'], 'en')));
} else {
echo htmlspecialchars($entry['entityid']);
}
echo '</a>';
if (array_key_exists('expire', $entry)) {
if ($entry['expire'] < $now) {
echo '<span style="color: #500; font-weight: bold"> (expired ' . number_format(($now - $entry['expire']) / 3600, 1) . ' hours ago)</span>';
} else {
echo ' (expires in ' . number_format(($entry['expire'] - $now) / 3600, 1) . ' hours)';
}
}
echo '</li>';
}
echo '</ul>';
echo '</fieldset>';
}
if (is_array($dstName)) {
$dstName = $this->t($dstName);
}
$srcName = htmlspecialchars($srcName);
$dstName = htmlspecialchars($dstName);
$attributes = $this->data['attributes'];
$this->data['header'] = $this->t('{consent:consent:consent_header}');
$this->data['head'] = '<link rel="stylesheet" type="text/css" href="/' . $this->data['baseurlpath'] . 'module.php/consent/style.css" />' . "\n";
$this->includeAtTemplateBase('includes/header.php');
?>
<p>
<?php
echo $this->t('{consent:consent:consent_accept}', array('SPNAME' => $dstName, 'IDPNAME' => $srcName));
if (array_key_exists('descr_purpose', $this->data['dstMetadata'])) {
echo '</p><p>' . $this->t('{consent:consent:consent_purpose}', array('SPNAME' => $dstName, 'SPDESC' => $this->getTranslation(SimpleSAML\Utils\Arrays::arrayize($this->data['dstMetadata']['descr_purpose'], 'en'))));
}
?>
</p>
<form style="display: inline; margin: 0px; padding: 0px"
action="<?php
echo htmlspecialchars($this->data['yesTarget']);
?>
">
<p style="margin: 1em">
<?php
if ($this->data['usestorage']) {
$checked = $this->data['checked'] ? 'checked="checked"' : '';
echo '<input type="checkbox" name="saveconsent" ' . $checked . ' value="1" /> ' . $this->t('{consent:consent:remember}');