/** * Process the error/Exception returned from SimpleSaml and return an appropriate error to the user. * * @return SS_HTTPResponse */ private function realMeErrorHandler() { // Error handling, to prevent infinite login loops if there was an internal error with SimpleSAMLphp if ($exceptionId = $this->owner->getRequest()->getVar('SimpleSAML_Auth_State_exceptionId')) { if (is_string($exceptionId) && strlen($exceptionId) > 1) { $authState = SimpleSAML_Auth_State::loadExceptionState($exceptionId); if (true === array_key_exists('SimpleSAML_Auth_State.exceptionData', $authState) && $authState['SimpleSAML_Auth_State.exceptionData'] instanceof sspmod_saml_Error) { $exception = $authState['SimpleSAML_Auth_State.exceptionData']; $message = $this->getErrorMessage($exception); SS_Log::log(sprintf('Error while validating RealMe authentication details: %s', $message), SS_Log::ERR); return Security::permissionFailure($this->owner, $message); } } } SS_Log::log('Unknown error while attempting to parse RealMe authentication', SS_Log::ERR); return Security::permissionFailure($this->owner, _t('RealMeSecurityExtension.GENERAL_ERROR', '', array('errorMsg' => 'Unknown'))); }
* */ $requestcache['NeedAuthentication'] = TRUE; } $requestcache['IsPassive'] = $isPassive; $requestcache['ForceAuthn'] = $forceAuthn; SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Incomming Authentication request: ' . $issuer . ' id ' . $requestid); } catch (Exception $exception) { SimpleSAML_Utilities::fatalError($session->getTrackID(), 'PROCESSAUTHNREQUEST', $exception); } } elseif (isset($_REQUEST[SimpleSAML_Auth_State::EXCEPTION_PARAM])) { /* * We have received an exception. It can either be from the authentication module, * or from the authentication processing filters. */ $state = SimpleSAML_Auth_State::loadExceptionState(); if (array_key_exists('core:saml20-idp:requestcache', $state)) { /* This was from a processing chain. */ $requestcache = $state['core:saml20-idp:requestcache']; } elseif (array_key_exists('RequestID', $_REQUEST)) { /* This was from an authentication module. */ $authId = $_REQUEST['RequestID']; $requestcache = $session->getAuthnRequest('saml2', $authId); if (!$requestcache) { throw new Exception('Could not retrieve saved request while handling exceptions. RequestID=' . var_export($authId, TRUE)); } } else { /* We have no idea where this comes from. We have received a bad request. */ throw new Exception('Bad request to exception handing code.'); } assert('array_key_exists(SimpleSAML_Auth_State::EXCEPTION_DATA, $state)');