Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
S
simplesamlphp-module-cesnet
Manage
Activity
Members
Labels
Plan
Jira
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Perun
Perun ProxyIdP
v1
simplesamlphp-module-cesnet
Commits
f7b3bf4a
Verified
Commit
f7b3bf4a
authored
1 year ago
by
Dominik Frantisek Bucik
Browse files
Options
Downloads
Patches
Plain Diff
fix:
potential Undefined array keys in IsCesnetEligible
parent
e5cc0642
Branches
Branches containing commit
Tags
Tags containing commit
1 merge request
!63
Fixes in AuthProc filters
Pipeline
#354759
passed
1 year ago
Stage: .pre
Stage: test
Changes
2
Pipelines
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
lib/Auth/Process/IsCesnetEligible.php
+8
-8
8 additions, 8 deletions
lib/Auth/Process/IsCesnetEligible.php
lib/Auth/Process/IsEinfraCZEligible.php
+1
-1
1 addition, 1 deletion
lib/Auth/Process/IsEinfraCZEligible.php
with
9 additions
and
9 deletions
lib/Auth/Process/IsCesnetEligible.php
+
8
−
8
View file @
f7b3bf4a
...
@@ -85,7 +85,7 @@ class IsCesnetEligible extends ProcessingFilter
...
@@ -85,7 +85,7 @@ class IsCesnetEligible extends ProcessingFilter
{
{
parent
::
__construct
(
$config
,
$reserved
);
parent
::
__construct
(
$config
,
$reserved
);
$conf
=
Configuration
::
loadFromArray
(
$config
);
$conf
=
Configuration
::
loadFromArray
(
$config
);
if
(
!
isset
(
$config
[
self
::
RPC_ATTRIBUTE_NAME
])
||
empty
(
$config
[
self
::
RPC_ATTRIBUTE_NAME
]))
{
if
(
empty
(
$config
[
self
::
RPC_ATTRIBUTE_NAME
]))
{
throw
new
Exception
(
throw
new
Exception
(
'cesnet:IsCesnetEligible - missing mandatory configuration option \''
.
self
::
RPC_ATTRIBUTE_NAME
.
'\'.'
'cesnet:IsCesnetEligible - missing mandatory configuration option \''
.
self
::
RPC_ATTRIBUTE_NAME
.
'\'.'
);
);
...
@@ -96,13 +96,13 @@ class IsCesnetEligible extends ProcessingFilter
...
@@ -96,13 +96,13 @@ class IsCesnetEligible extends ProcessingFilter
$this
->
cesnetLdapConnector
=
(
new
AdapterLdap
(
self
::
CONFIG_FILE_NAME
))
->
getConnector
();
$this
->
cesnetLdapConnector
=
(
new
AdapterLdap
(
self
::
CONFIG_FILE_NAME
))
->
getConnector
();
$this
->
rpcAdapter
=
Adapter
::
getInstance
(
Adapter
::
RPC
);
$this
->
rpcAdapter
=
Adapter
::
getInstance
(
Adapter
::
RPC
);
if
(
isset
(
$config
[
self
::
ATTR_NAME
])
&&
!
empty
(
$config
[
self
::
ATTR_NAME
]))
{
if
(
!
empty
(
$config
[
self
::
ATTR_NAME
]))
{
$this
->
returnAttrName
=
$config
[
'attrName'
];
$this
->
returnAttrName
=
$config
[
'attrName'
];
}
}
if
(
if
(
isset
(
$config
[
self
::
INTERFACE_PROPNAME
]
,
$config
[
self
::
LDAP_ATTRIBUTE_NAME
])
&&
(
$config
[
self
::
INTERFACE_PROPNAME
]
??
self
::
RPC
)
===
self
::
LDAP
$config
[
self
::
INTERFACE_PROPNAME
]
===
self
::
LDAP
&&
!
empty
(
$config
[
self
::
LDAP_ATTRIBUTE_NAME
])
&&
!
empty
(
$config
[
self
::
LDAP_ATTRIBUTE_NAME
])
)
{
)
{
$this
->
interface
=
$config
[
self
::
INTERFACE_PROPNAME
];
$this
->
interface
=
$config
[
self
::
INTERFACE_PROPNAME
];
$this
->
ldapAttrName
=
$config
[
self
::
LDAP_ATTRIBUTE_NAME
];
$this
->
ldapAttrName
=
$config
[
self
::
LDAP_ATTRIBUTE_NAME
];
...
@@ -119,7 +119,7 @@ class IsCesnetEligible extends ProcessingFilter
...
@@ -119,7 +119,7 @@ class IsCesnetEligible extends ProcessingFilter
$conf
->
getString
(
self
::
PERUN_USER_SPONSORING_ORGANIZATIONS_ATTR_NAME
,
null
);
$conf
->
getString
(
self
::
PERUN_USER_SPONSORING_ORGANIZATIONS_ATTR_NAME
,
null
);
$this
->
userAffiliationsAttrName
=
$conf
->
getString
(
self
::
PERUN_USER_AFFILIATIONS_ATTR_NAME
,
null
);
$this
->
userAffiliationsAttrName
=
$conf
->
getString
(
self
::
PERUN_USER_AFFILIATIONS_ATTR_NAME
,
null
);
if
(
!
isset
(
$this
->
userAffiliationsAttrName
,
$this
->
userSponsoringOrganizationsAttrName
))
{
if
(
empty
(
$this
->
userAffiliationsAttrName
)
||
empty
(
$this
->
userSponsoringOrganizationsAttrName
))
{
Logger
::
warning
(
Logger
::
warning
(
'cesnet:IsCesnetEligible - One of attributes ['
.
$this
->
userAffiliationsAttrName
.
', '
.
'cesnet:IsCesnetEligible - One of attributes ['
.
$this
->
userAffiliationsAttrName
.
', '
.
$this
->
userSponsoringOrganizationsAttrName
.
'] wasn\'t set!'
$this
->
userSponsoringOrganizationsAttrName
.
'] wasn\'t set!'
...
@@ -129,7 +129,7 @@ class IsCesnetEligible extends ProcessingFilter
...
@@ -129,7 +129,7 @@ class IsCesnetEligible extends ProcessingFilter
public
function
process
(
&
$request
)
public
function
process
(
&
$request
)
{
{
if
(
isset
(
$request
[
'perun'
][
'user'
]))
{
if
(
!
empty
(
$request
[
'perun'
][
'user'
]))
{
$user
=
$request
[
'perun'
][
'user'
];
$user
=
$request
[
'perun'
][
'user'
];
}
else
{
}
else
{
Logger
::
debug
(
Logger
::
debug
(
...
@@ -140,7 +140,7 @@ class IsCesnetEligible extends ProcessingFilter
...
@@ -140,7 +140,7 @@ class IsCesnetEligible extends ProcessingFilter
}
}
$this
->
idpEntityId
=
$request
[
'saml:sp:IdP'
];
$this
->
idpEntityId
=
$request
[
'saml:sp:IdP'
];
if
(
isset
(
$request
[
'Attributes'
][
'eduPersonScopedAffiliation'
]))
{
if
(
!
empty
(
$request
[
'Attributes'
][
'eduPersonScopedAffiliation'
]))
{
$this
->
eduPersonScopedAffiliation
$this
->
eduPersonScopedAffiliation
=
$request
[
'Attributes'
][
'eduPersonScopedAffiliation'
];
=
$request
[
'Attributes'
][
'eduPersonScopedAffiliation'
];
}
else
{
}
else
{
...
@@ -153,7 +153,7 @@ class IsCesnetEligible extends ProcessingFilter
...
@@ -153,7 +153,7 @@ class IsCesnetEligible extends ProcessingFilter
if
(
!
empty
(
$user
))
{
if
(
!
empty
(
$user
))
{
if
(
$this
->
interface
===
self
::
LDAP
)
{
if
(
$this
->
interface
===
self
::
LDAP
)
{
$attrs
=
$this
->
adapter
->
getUserAttributes
(
$user
,
[
$this
->
ldapAttrName
]);
$attrs
=
$this
->
adapter
->
getUserAttributes
(
$user
,
[
$this
->
ldapAttrName
]);
if
(
isset
(
$attrs
[
$this
->
ldapAttrName
][
0
]))
{
if
(
!
empty
(
$attrs
[
$this
->
ldapAttrName
][
0
]))
{
$this
->
cesnetEligibleLastSeenValue
=
$attrs
[
$this
->
ldapAttrName
][
0
];
$this
->
cesnetEligibleLastSeenValue
=
$attrs
[
$this
->
ldapAttrName
][
0
];
}
}
}
else
{
}
else
{
...
...
This diff is collapsed.
Click to expand it.
lib/Auth/Process/IsEinfraCZEligible.php
+
1
−
1
View file @
f7b3bf4a
...
@@ -61,7 +61,7 @@ class IsEinfraCZEligible extends ProcessingFilter
...
@@ -61,7 +61,7 @@ class IsEinfraCZEligible extends ProcessingFilter
public
function
process
(
&
$request
)
public
function
process
(
&
$request
)
{
{
$userScopedAffiliations
=
[];
$userScopedAffiliations
=
[];
if
(
isset
(
$request
[
'Attributes'
][
$this
->
userAffiliationAttr
]))
{
if
(
!
empty
(
$request
[
'Attributes'
][
$this
->
userAffiliationAttr
]))
{
$userScopedAffiliations
$userScopedAffiliations
=
$request
[
'Attributes'
][
$this
->
userAffiliationAttr
];
=
$request
[
'Attributes'
][
$this
->
userAffiliationAttr
];
}
else
{
}
else
{
...
...
This diff is collapsed.
Click to expand it.
Jednotné přihlášení test
@9008807
mentioned in commit
eb989a72
·
1 year ago
mentioned in commit
eb989a72
mentioned in commit eb989a72084a9924928cc367a16feafea853080e
Toggle commit list
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment