/** * Constructor for this authentication source. * * @param array $info Information about this authentication source. * @param array $config Configuration. */ public function __construct($info, $config) { assert('is_array($info)'); assert('is_array($config)'); /* Call the parent constructor first, as required by the interface. */ parent::__construct($info, $config); $this->users = array(); /* Validate and parse our configuration. */ foreach ($config as $userpass => $attributes) { if (!is_string($userpass)) { throw new Exception('Invalid <username>:<password> for authentication source ' . $this->authId . ': ' . $userpass); } $userpass = explode(':', $userpass, 2); if (count($userpass) !== 2) { throw new Exception('Invalid <username>:<password> for authentication source ' . $this->authId . ': ' . $userpass[0]); } $username = $userpass[0]; $password = $userpass[1]; try { $attributes = SimpleSAML\Utils\Arrays::normalizeAttributesArray($attributes); } catch (Exception $e) { throw new Exception('Invalid attributes for user ' . $username . ' in authentication source ' . $this->authId . ': ' . $e->getMessage()); } $this->users[$username . ':' . $password] = $attributes; } }
/** * Gets the name value from an entry array. * * @param SimpleSAML_XHTML_Template $view The view object. * @param array $entry The entry array. * * @return string The resulting name value. */ function simplesamlphp_get_entry_name($view, $entry = array()) { $result = $entry['entityid']; if (!empty($entry['name'])) { $name = SimpleSAML\Utils\Arrays::arrayize($entry['name'], 'en'); $result = $view->getTranslation($name); } elseif (!empty($entry['OrganizationDisplayName'])) { $name = SimpleSAML\Utils\Arrays::arrayize($entry['OrganizationDisplayName'], 'en'); $result = $view->getTranslation($name); } return htmlspecialchars($result); }
/** * Constructor for this authentication source. * * @param array $info Information about this authentication source. * @param array $config Configuration. */ public function __construct($info, $config) { assert('is_array($info)'); assert('is_array($config)'); /* Call the parent constructor first, as required by the interface. */ parent::__construct($info, $config); /* Parse attributes. */ try { $this->attributes = SimpleSAML\Utils\Arrays::normalizeAttributesArray($config); } catch (Exception $e) { throw new Exception('Invalid attributes for authentication source ' . $this->authId . ': ' . $e->getMessage()); } }
/** * Constructor for this authentication source. * * @param array $info Information about this authentication source. * @param array $config Configuration. */ public function __construct($info, $config) { assert('is_array($info)'); assert('is_array($config)'); /* Call the parent constructor first, as required by the interface. */ parent::__construct($info, $config); $this->users = array(); if (!($htpasswd = file_get_contents($config['htpasswd_file']))) { throw new Exception('Could not read ' . $config['htpasswd_file']); } $this->users = explode("\n", trim($htpasswd)); try { $this->attributes = SimpleSAML\Utils\Arrays::normalizeAttributesArray($config['static_attributes']); } catch (Exception $e) { throw new Exception('Invalid static_attributes in authentication source ' . $this->authId . ': ' . $e->getMessage()); } }
/** * Test the transpose() function. */ public function testTranspose() { // check bad arrays $this->assertFalse(SimpleSAML\Utils\Arrays::transpose(array('1', '2', '3')), 'Invalid two-dimensional array was accepted'); $this->assertFalse(SimpleSAML\Utils\Arrays::transpose(array('1' => 0, '2' => '0', '3' => array(0))), 'Invalid elements on a two-dimensional array were accepted'); // check array with numerical keys $array = array('key1' => array('value1'), 'key2' => array('value1', 'value2')); $transposed = array(array('key1' => 'value1', 'key2' => 'value1'), array('key2' => 'value2')); $this->assertEquals($transposed, SimpleSAML\Utils\Arrays::transpose($array), 'Unexpected result of transpose()'); // check array with string keys $array = array('key1' => array('subkey1' => 'value1'), 'key2' => array('subkey1' => 'value1', 'subkey2' => 'value2')); $transposed = array('subkey1' => array('key1' => 'value1', 'key2' => 'value1'), 'subkey2' => array('key2' => 'value2')); $this->assertEquals($transposed, SimpleSAML\Utils\Arrays::transpose($array), 'Unexpected result of transpose()'); // check array with no keys in common between sub arrays $array = array('key1' => array('subkey1' => 'value1'), 'key2' => array('subkey2' => 'value1', 'subkey3' => 'value2')); $transposed = array('subkey1' => array('key1' => 'value1'), 'subkey2' => array('key2' => 'value1'), 'subkey3' => array('key2' => 'value2')); $this->assertEquals($transposed, SimpleSAML\Utils\Arrays::transpose($array), 'Unexpected result of transpose()'); }
public function loadData() { $statdir = $this->statconfig->getValue('statdir'); $resarray = array(); $rules = SimpleSAML\Utils\Arrays::arrayize($this->ruleid); foreach ($rules as $rule) { // Get file and extract results. $resultFileName = $statdir . '/' . $rule . '-' . $this->timeres . '-' . $this->fileslot . '.stat'; if (!file_exists($resultFileName)) { throw new Exception('Aggregated statitics file [' . $resultFileName . '] not found.'); } if (!is_readable($resultFileName)) { throw new Exception('Could not read statitics file [' . $resultFileName . ']. Bad file permissions?'); } $resultfile = file_get_contents($resultFileName); $newres = unserialize($resultfile); if (empty($newres)) { throw new Exception('Aggregated statistics in file [' . $resultFileName . '] was empty.'); } $resarray[] = $newres; } $combined = $resarray[0]; if (count($resarray) > 1) { for ($i = 1; $i < count($resarray); $i++) { $combined = $this->combine($combined, $resarray[$i]); } } $this->results = $combined; }
/** * Add an Organization element based on metadata array. * * @param array $metadata The metadata we should extract the organization information from. */ public function addOrganizationInfo(array $metadata) { if (empty($metadata['OrganizationName']) || empty($metadata['OrganizationDisplayName']) || empty($metadata['OrganizationURL'])) { // empty or incomplete organization information return; } $orgName = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationName'], 'en'); $orgDisplayName = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationDisplayName'], 'en'); $orgURL = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationURL'], 'en'); $this->addOrganization($orgName, $orgDisplayName, $orgURL); }
SimpleSAML\Utils\Auth::requireAdmin(); $config = SimpleSAML_Configuration::getInstance(); if (!empty($_FILES['xmlfile']['tmp_name'])) { $xmldata = file_get_contents($_FILES['xmlfile']['tmp_name']); } elseif (array_key_exists('xmldata', $_POST)) { $xmldata = $_POST['xmldata']; } if (!empty($xmldata)) { \SimpleSAML\Utils\XML::checkSAMLMessage($xmldata, 'saml-meta'); $entities = SimpleSAML_Metadata_SAMLParser::parseDescriptorsString($xmldata); /* Get all metadata for the entities. */ foreach ($entities as &$entity) { $entity = array('shib13-sp-remote' => $entity->getMetadata1xSP(), 'shib13-idp-remote' => $entity->getMetadata1xIdP(), 'saml20-sp-remote' => $entity->getMetadata20SP(), 'saml20-idp-remote' => $entity->getMetadata20IdP()); } /* Transpose from $entities[entityid][type] to $output[type][entityid]. */ $output = SimpleSAML\Utils\Arrays::transpose($entities); /* Merge all metadata of each type to a single string which should be * added to the corresponding file. */ foreach ($output as $type => &$entities) { $text = ''; foreach ($entities as $entityId => $entityMetadata) { if ($entityMetadata === NULL) { continue; } /* Remove the entityDescriptor element because it is unused, and only * makes the output harder to read. */ unset($entityMetadata['entityDescriptor']); $text .= '$metadata[' . var_export($entityId, TRUE) . '] = ' . var_export($entityMetadata, TRUE) . ";\n"; }
/** * This function retrieves statistics about all memcache server groups. * * @return array Array with the names of each stat and an array with the value for each server group. * * @throws Exception If memcache server status couldn't be retrieved. */ public static function getStats() { $ret = array(); foreach (self::getMemcacheServers() as $sg) { $stats = $sg->getExtendedStats(); if ($stats === false) { throw new Exception('Failed to get memcache server status.'); } $stats = SimpleSAML\Utils\Arrays::transpose($stats); $ret = array_merge_recursive($ret, $stats); } return $ret; }
?> <?php if (!empty($hm['name'])) { ?> <p><?php echo $this->getTranslation(SimpleSAML\Utils\Arrays::arrayize($hm['name'], 'en')); ?> </p> <?php } ?> <?php if (!empty($hm['descr'])) { ?> <p><?php echo $this->getTranslation(SimpleSAML\Utils\Arrays::arrayize($hm['descr'], 'en')); ?> </p> <?php } ?> <p> [ <a href="<?php echo $hm['metadata-url']; ?> "> <?php echo $this->t('{core:frontpage:show_metadata}'); ?> </a> ] </p> </dd>
/** * Send a SAML2 SSO request to an IdP. * * @param SimpleSAML_Configuration $idpMetadata The metadata of the IdP. * @param array $state The state array for the current authentication. */ private function startSSO2(SimpleSAML_Configuration $idpMetadata, array $state) { if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] < 0) { SimpleSAML_Auth_State::throwException($state, new \SimpleSAML\Module\saml\Error\ProxyCountExceeded(\SAML2\Constants::STATUS_RESPONDER)); } $ar = sspmod_saml_Message::buildAuthnRequest($this->metadata, $idpMetadata); $ar->setAssertionConsumerServiceURL(SimpleSAML\Module::getModuleURL('saml/sp/saml2-acs.php/' . $this->authId)); if (isset($state['SimpleSAML_Auth_Source.ReturnURL'])) { $ar->setRelayState($state['SimpleSAML_Auth_Source.ReturnURL']); } if (isset($state['saml:AuthnContextClassRef'])) { $accr = SimpleSAML\Utils\Arrays::arrayize($state['saml:AuthnContextClassRef']); $comp = SAML2\Constants::COMPARISON_EXACT; if (isset($state['saml:AuthnContextComparison']) && in_array($state['AuthnContextComparison'], array(SAML2\Constants::COMPARISON_EXACT, SAML2\Constants::COMPARISON_MINIMUM, SAML2\Constants::COMPARISON_MAXIMUM, SAML2\Constants::COMPARISON_BETTER))) { $comp = $state['saml:AuthnContextComparison']; } $ar->setRequestedAuthnContext(array('AuthnContextClassRef' => $accr, 'Comparison' => $comp)); } if (isset($state['ForceAuthn'])) { $ar->setForceAuthn((bool) $state['ForceAuthn']); } if (isset($state['isPassive'])) { $ar->setIsPassive((bool) $state['isPassive']); } if (isset($state['saml:NameID'])) { if (!is_array($state['saml:NameID'])) { throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameID\'].'); } $ar->setNameId($state['saml:NameID']); } if (isset($state['saml:NameIDPolicy'])) { if (is_string($state['saml:NameIDPolicy'])) { $policy = array('Format' => (string) $state['saml:NameIDPolicy'], 'AllowCreate' => TRUE); } elseif (is_array($state['saml:NameIDPolicy'])) { $policy = $state['saml:NameIDPolicy']; } else { throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameIDPolicy\'].'); } $ar->setNameIdPolicy($policy); } if (isset($state['saml:IDPList'])) { $IDPList = $state['saml:IDPList']; } else { $IDPList = array(); } $ar->setIDPList(array_unique(array_merge($this->metadata->getArray('IDPList', array()), $idpMetadata->getArray('IDPList', array()), (array) $IDPList))); if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] !== null) { $ar->setProxyCount($state['saml:ProxyCount']); } elseif ($idpMetadata->getInteger('ProxyCount', null) !== null) { $ar->setProxyCount($idpMetadata->getInteger('ProxyCount', null)); } elseif ($this->metadata->getInteger('ProxyCount', null) !== null) { $ar->setProxyCount($this->metadata->getInteger('ProxyCount', null)); } $requesterID = array(); if (isset($state['saml:RequesterID'])) { $requesterID = $state['saml:RequesterID']; } if (isset($state['core:SP'])) { $requesterID[] = $state['core:SP']; } $ar->setRequesterID($requesterID); if (isset($state['saml:Extensions'])) { $ar->setExtensions($state['saml:Extensions']); } // save IdP entity ID as part of the state $state['ExpectedIssuer'] = $idpMetadata->getString('entityid'); $id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso', TRUE); $ar->setId($id); SimpleSAML\Logger::debug('Sending SAML 2 AuthnRequest to ' . var_export($idpMetadata->getString('entityid'), TRUE)); /* Select appropriate SSO endpoint */ if ($ar->getProtocolBinding() === \SAML2\Constants::BINDING_HOK_SSO) { $dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(\SAML2\Constants::BINDING_HOK_SSO)); } else { $dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(\SAML2\Constants::BINDING_HTTP_REDIRECT, \SAML2\Constants::BINDING_HTTP_POST)); } $ar->setDestination($dst['Location']); $b = \SAML2\Binding::getBinding($dst['Binding']); $this->sendSAML2AuthnRequest($state, $b, $ar); assert('FALSE'); }
/** * @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\Arrays::arrayize() instead. */ public static function arrayize($data, $index = 0) { return SimpleSAML\Utils\Arrays::arrayize($data, $index); }
/** * Search for a DN. * * @param string|array $base * The base, or bases, which to search from. * @param string|array $attribute * The attribute name(s) searched for. * @param string $value * The attribute value searched for. * @param bool $allowZeroHits * Determines if the method will throw an exception if no hits are found. * Defaults to FALSE. * @return string * The DN of the matching element, if found. If no element was found and * $allowZeroHits is set to FALSE, an exception will be thrown; otherwise * NULL will be returned. * @throws SimpleSAML_Error_AuthSource if: * - LDAP search encounter some problems when searching cataloge * - Not able to connect to LDAP server * @throws SimpleSAML_Error_UserNotFound if: * - $allowZeroHits er TRUE and no result is found * */ public function searchfordn($base, $attribute, $value, $allowZeroHits = FALSE) { // Traverse all search bases, returning DN if found. $bases = SimpleSAML\Utils\Arrays::arrayize($base); $result = NULL; foreach ($bases as $current) { try { // Single base search. $result = $this->search($current, $attribute, $value); // We don't hawe to look any futher if user is found if (!empty($result)) { return $result; } // If search failed, attempt the other base DNs. } catch (SimpleSAML_Error_UserNotFound $e) { // Just continue searching } } // Decide what to do for zero entries. SimpleSAML_Logger::debug('Library - LDAP searchfordn(): No entries found'); if ($allowZeroHits) { // Zero hits allowed. return NULL; } else { // Zero hits not allowed. throw $this->makeException('Library - LDAP searchfordn(): LDAP search returned zero entries for filter \'(' . $attribute . ' = ' . $value . ')\' on base(s) \'(' . join(' & ', $bases) . ')\'', 2); } }
echo '<br />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('{core:frontpage:show_metadata}') . '</a> ]'; echo '</p></dd>'; } } echo '</dl>'; if (is_array($this->data['metaentries']['remote']) && count($this->data['metaentries']['remote']) > 0) { foreach ($this->data['metaentries']['remote'] as $setkey => $set) { echo '<fieldset class="fancyfieldset"><legend>' . $this->t(mtype($setkey)) . ' (Trusted)</legend>'; echo '<ul>'; foreach ($set as $entry) { echo '<li>'; echo '<a href="' . htmlspecialchars(SimpleSAML\Module::getModuleURL('core/show_metadata.php', array('entityid' => $entry['entityid'], 'set' => $setkey))) . '">'; if (!empty($entry['name'])) { echo htmlspecialchars($this->getTranslator()->getPreferredTranslation(SimpleSAML\Utils\Arrays::arrayize($entry['name'], 'en'))); } elseif (!empty($entry['OrganizationDisplayName'])) { echo htmlspecialchars($this->getTranslator()->getPreferredTranslation(SimpleSAML\Utils\Arrays::arrayize($entry['OrganizationDisplayName'], 'en'))); } else { echo htmlspecialchars($entry['entityid']); } echo '</a>'; if (array_key_exists('expire', $entry)) { if ($entry['expire'] < $now) { echo '<span style="color: #500; font-weight: bold"> (expired ' . number_format(($now - $entry['expire']) / 3600, 1) . ' hours ago)</span>'; } else { echo ' (expires in ' . number_format(($entry['expire'] - $now) / 3600, 1) . ' hours)'; } } echo '</li>'; } echo '</ul>'; echo '</fieldset>';
} if (is_array($dstName)) { $dstName = $this->t($dstName); } $srcName = htmlspecialchars($srcName); $dstName = htmlspecialchars($dstName); $attributes = $this->data['attributes']; $this->data['header'] = $this->t('{consent:consent:consent_header}'); $this->data['head'] = '<link rel="stylesheet" type="text/css" href="/' . $this->data['baseurlpath'] . 'module.php/consent/style.css" />' . "\n"; $this->includeAtTemplateBase('includes/header.php'); ?> <p> <?php echo $this->t('{consent:consent:consent_accept}', array('SPNAME' => $dstName, 'IDPNAME' => $srcName)); if (array_key_exists('descr_purpose', $this->data['dstMetadata'])) { echo '</p><p>' . $this->t('{consent:consent:consent_purpose}', array('SPNAME' => $dstName, 'SPDESC' => $this->getTranslation(SimpleSAML\Utils\Arrays::arrayize($this->data['dstMetadata']['descr_purpose'], 'en')))); } ?> </p> <form style="display: inline; margin: 0px; padding: 0px" action="<?php echo htmlspecialchars($this->data['yesTarget']); ?> "> <p style="margin: 1em"> <?php if ($this->data['usestorage']) { $checked = $this->data['checked'] ? 'checked="checked"' : ''; echo '<input type="checkbox" name="saveconsent" ' . $checked . ' value="1" /> ' . $this->t('{consent:consent:remember}');