From 0146ea4ff15874cd36fbb1dd7bb60468a44d804e Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 13 May 2008 13:17:15 +0000
Subject: [PATCH] Change SAML20 & Shib13 xml handlers to use generateID and
generateTimestamp from Utilities.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@546 44740490-163a-0410-bde0-09ae8108e29a
---
lib/SimpleSAML/Utilities.php | 14 ++++++++++++--
lib/SimpleSAML/XML/AuthnResponse.php | 18 ------------------
lib/SimpleSAML/XML/SAML20/AuthnResponse.php | 14 +++++++-------
lib/SimpleSAML/XML/Shib13/AuthnRequest.php | 17 ++++-------------
lib/SimpleSAML/XML/Shib13/AuthnResponse.php | 10 +++++-----
5 files changed, 28 insertions(+), 45 deletions(-)
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 3bacd2b58..3251ce8cc 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -186,8 +186,18 @@ class SimpleSAML_Utilities {
return $key;
}
- public static function generateTimestamp() {
- return gmdate("Y-m-d\TH:i:s\Z");
+
+ /**
+ * This function generates a timestamp on the form used by the SAML protocols.
+ *
+ * @param $instant The time the timestamp should represent.
+ * @return The timestamp.
+ */
+ public static function generateTimestamp($instant = NULL) {
+ if($instant === NULL) {
+ $instant = time();
+ }
+ return gmdate('Y-m-d\TH:i:s\Z', $instant);
}
public static function generateTrackID() {
diff --git a/lib/SimpleSAML/XML/AuthnResponse.php b/lib/SimpleSAML/XML/AuthnResponse.php
index 7ae6048eb..fc1d370b1 100644
--- a/lib/SimpleSAML/XML/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/AuthnResponse.php
@@ -83,25 +83,7 @@ require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'xmlsecli
return null;
}
-
-
-
- public static function generateID() {
-
- $length = 42;
- $key = "_";
- for ( $i=0; $i < $length; $i++ )
- {
- $key .= dechex( rand(0,15) );
- }
- return $key;
- }
-
- public static function generateIssueInstant($offset = 0) {
- return gmdate("Y-m-d\TH:i:s\Z", time() + $offset);
- }
-
}
?>
\ No newline at end of file
diff --git a/lib/SimpleSAML/XML/SAML20/AuthnResponse.php b/lib/SimpleSAML/XML/SAML20/AuthnResponse.php
index a9bdddeb1..7ac0a60aa 100644
--- a/lib/SimpleSAML/XML/SAML20/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/SAML20/AuthnResponse.php
@@ -583,13 +583,13 @@ class SimpleSAML_XML_SAML20_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
/**
* Generating IDs and timestamps.
*/
- $id = self::generateID();
- $issueInstant = self::generateIssueInstant();
- $assertionExpire = self::generateIssueInstant(60 * 5); # 5 minutes
- $notBefore = self::generateIssueInstant(-30);
+ $id = SimpleSAML_Utilities::generateID();
+ $issueInstant = SimpleSAML_Utilities::generateTimestamp();
+ $assertionExpire = SimpleSAML_Utilities::generateTimestamp(time() + 60 * 5);# 5 minutes
+ $notBefore = SimpleSAML_Utilities::generateTimestamp(time() - 30);
- $assertionid = self::generateID();
- $sessionindex = self::generateID();
+ $assertionid = SimpleSAML_Utilities::generateID();
+ $sessionindex = SimpleSAML_Utilities::generateID();
/**
@@ -618,7 +618,7 @@ class SimpleSAML_XML_SAML20_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
if ($nameidformat == self::EMAIL) {
$nameid = $this->generateNameID($nameidformat, $attributes[$spmd['simplesaml.nameidattribute']][0], $spnamequalifier);
} else {
- $nameid = $this->generateNameID($nameidformat, self::generateID(), $spnamequalifier);
+ $nameid = $this->generateNameID($nameidformat, SimpleSAML_Utilities::generateID(), $spnamequalifier);
}
$assertion = "";
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnRequest.php b/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
index cda9062cf..4f67c3a8a 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
@@ -1,6 +1,7 @@
<?php
require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Configuration.php');
+require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Utilities.php');
require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Metadata/MetaDataStorageHandler.php');
/**
@@ -30,7 +31,7 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
$this->configuration = $configuration;
$this->metadata = $metadatastore;
- $this->requestid = $this->generateID();
+ $this->requestid = SimpleSAML_Utilities::generateID();
}
public function setRelayState($relayState) {
@@ -71,7 +72,7 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
}
public function setNewRequestID() {
- $this->requestid = $this->generateID();
+ $this->requestid = SimpleSAML_Utilities::generateID();
}
public function getRequestID() {
@@ -97,17 +98,7 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
(isset($target) ? '&target=' . urlencode($target) : '');
return $url;
}
-
- public static function generateID() {
- $length = 42;
- $key = "_";
- for ( $i=0; $i < $length; $i++ ) {
- $key .= dechex( rand(0,15) );
- }
- return $key;
- }
-
-
+
}
?>
\ No newline at end of file
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
index 12176fe3f..05ffe1cbe 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
@@ -263,15 +263,15 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
$idpmd = $this->metadata->getMetaData($idpentityid, 'shib13-idp-hosted');
$spmd = $this->metadata->getMetaData($spentityid, 'shib13-sp-remote');
- $id = self::generateID();
- $issueInstant = self::generateIssueInstant();
- $assertionExpire = self::generateIssueInstant(60 * 5); # 5 minutes
+ $id = SimpleSAML_Utilities::generateID();
+ $issueInstant = SimpleSAML_Utilities::generateTimestamp();
+ $assertionExpire = SimpleSAML_Utilities::generateTimestamp(time() + 60 * 5);# 5 minutes
- $assertionid = self::generateID();
+ $assertionid = SimpleSAML_Utilities::generateID();
if (is_null($nameid)) {
- $nameid = self::generateID();
+ $nameid = SimpleSAML_Utilities::generateID();
}
$issuer = $idpentityid;
--
GitLab