diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index da35c28b17a517bb8b452e328e229894fd8c9223..863f5e0d1c1d6cb64cdf22ac3c7d63172a01cd79 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -789,34 +789,26 @@ class SimpleSAML_Session {
private static function loadSession() {
$sh = SimpleSAML_SessionHandler::getSessionHandler();
- $sessionData = $sh->get('SimpleSAMLphp_SESSION');
- if($sessionData == NULL) {
- return NULL;
- }
- if(!is_string($sessionData)) {
+ $session = $sh->loadSession();
+ if($session === NULL) {
return NULL;
}
- $sessionData = unserialize($sessionData);
-
- if(!($sessionData instanceof self)) {
- SimpleSAML_Logger::warning('Retrieved and deserialized session data was not a session.');
- return NULL;
- }
+ assert('$session instanceof self');
- if ($sessionData->authToken !== NULL) {
+ if ($session->authToken !== NULL) {
if (!isset($_COOKIE['SimpleSAMLAuthToken'])) {
SimpleSAML_Logger::warning('Missing AuthToken cookie.');
return NULL;
}
- if ($_COOKIE['SimpleSAMLAuthToken'] !== $sessionData->authToken) {
+ if ($_COOKIE['SimpleSAMLAuthToken'] !== $session->authToken) {
SimpleSAML_Logger::warning('Invalid AuthToken cookie.');
return NULL;
}
}
- return $sessionData;
+ return $session;
}
@@ -833,10 +825,9 @@ class SimpleSAML_Session {
}
$this->dirty = FALSE;
- $sessionData = serialize($this);
$sh = SimpleSAML_SessionHandler::getSessionHandler();
- $sh->set('SimpleSAMLphp_SESSION', $sessionData);
+ $sh->saveSession($this);
}
diff --git a/lib/SimpleSAML/SessionHandler.php b/lib/SimpleSAML/SessionHandler.php
index 59d1a25418c18a5c58a8517376c861a741666515..b3dbfceb33fb1b39a6de94a2d092eb30198aa1ea 100644
--- a/lib/SimpleSAML/SessionHandler.php
+++ b/lib/SimpleSAML/SessionHandler.php
@@ -55,31 +55,20 @@ abstract class SimpleSAML_SessionHandler {
abstract public function getSessionId();
- /* This function is used to store data in this session object.
- *
- * Note: You are allowed to store a reference to an object in the
- * session. We will store the latest value the object has on script
- * termination.
+ /**
+ * Save the session.
*
- * Parameters:
- * $key The key we are going to set the value of. This key must
- * be an alphanumeric string.
- * $value The value the key should have.
+ * @param SimpleSAML_Session $session The session object we should save.
*/
- abstract public function set($key, $value);
+ abstract public function saveSession(SimpleSAML_Session $session);
- /* This function retrieves a value from this session object.
- *
- * Parameters:
- * $key The key we are going to retrieve the value of. This key
- * must be an alphanumeric string.
+ /**
+ * Load the session.
*
- * Returns:
- * The value of the key, or NULL if no value is associated with
- * this key.
+ * @return SimpleSAML_Session|NULL The session object, or NULL if it doesn't exist.
*/
- abstract public function get($key);
+ abstract public function loadSession();
/**
diff --git a/lib/SimpleSAML/SessionHandlerMemcache.php b/lib/SimpleSAML/SessionHandlerMemcache.php
index 3722f88531ce24879d9790771c1273213ac264a2..52dfc3e5f8049fcc82b985771d1456aa0282fef9 100644
--- a/lib/SimpleSAML/SessionHandlerMemcache.php
+++ b/lib/SimpleSAML/SessionHandlerMemcache.php
@@ -47,24 +47,35 @@ extends SimpleSAML_SessionHandlerCookie {
}
- /* This function is used to store data in this session object.
+ /**
+ * Save the current session to the PHP session array.
*
- * See the information in SimpleSAML_SessionHandler::set(...) for
- * more information.
+ * @param SimpleSAML_Session $session The session object we should save.
*/
- public function set($key, $value) {
- $this->store->set($key, $value);
+ public function saveSession(SimpleSAML_Session $session) {
+
+ $this->store->set('SimpleSAMLphp_SESSION', serialize($session));
}
- /* This function retrieves a value from this session object.
+ /**
+ * Load the session from the PHP session array.
*
- * See the information in SimpleSAML_SessionHandler::get(...) for
- * more information.
+ * @return SimpleSAML_Session|NULL The session object, or NULL if it doesn't exist.
*/
- public function get($key) {
- return $this->store->get($key);
+ public function loadSession() {
+
+ $session = $this->store->get('SimpleSAMLphp_SESSION');
+ if ($session === NULL) {
+ return NULL;
+ }
+
+ assert('is_string($session)');
+
+ $session = unserialize($session);
+ assert('$session instanceof SimpleSAML_Session');
+
+ return $session;
}
-}
-?>
\ No newline at end of file
+}
diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 6faea09bf70542c666201e583b6c6cd345c86def..37b12d4df5046bd81824b11765c2b2f36eccf56b 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -75,34 +75,35 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler {
}
- /* This function is used to store data in this session object.
+ /**
+ * Save the current session to the PHP session array.
*
- * See the information in SimpleSAML_SessionHandler::set(...) for
- * more information.
+ * @param SimpleSAML_Session $session The session object we should save.
*/
- public function set($key, $value) {
- $_SESSION[$key] = $value;
+ public function saveSession(SimpleSAML_Session $session) {
+
+ $_SESSION['SimpleSAMLphp_SESSION'] = serialize($session);
}
- /* This function retrieves a value from this session object.
+ /**
+ * Load the session from the PHP session array.
*
- * See the information in SimpleSAML_SessionHandler::get(...) for
- * more information.
+ * @return SimpleSAML_Session|NULL The session object, or NULL if it doesn't exist.
*/
- public function get($key) {
- /* Check if key exists first to avoid notice-messages in the
- * log.
- */
- if (!isset($_SESSION)) return NULL;
- if(!array_key_exists($key, $_SESSION)) {
- /* We should return NULL if we don't have that
- * key in the session.
- */
+ public function loadSession() {
+
+ if (!isset($_SESSION['SimpleSAMLphp_SESSION'])) {
return NULL;
}
- return $_SESSION[$key];
+ $session = $_SESSION['SimpleSAMLphp_SESSION'];
+ assert('is_string($session)');
+
+ $session = unserialize($session);
+ assert('$session instanceof SimpleSAML_Session');
+
+ return $session;
}