Move SimpleSAML_Utilities:: checkURLAllowed() to SimpleSAML\Utils\HTTP::...

Move SimpleSAML_Utilities:: checkURLAllowed() to SimpleSAML\Utils\HTTP:: checkURLAllowed() and deprecate the former.

lib/SimpleSAML/Auth/Default.php

@@ -21,11 +21,11 @@ class SimpleSAML_Auth_Default {
 	 * @param string|array $return The URL or function we should direct the
 	 * user to after authentication. If using a URL obtained from user input,
 	 * please make sure to check it by calling
-	 * SimpleSAML_Utilities::checkURLAllowed().
+	 * \SimpleSAML\Utils\HTTP::checkURLAllowed().
 	 * @param string|NULL $errorURL The URL we should direct the user to after
 	 * failed authentication. Can be NULL, in which case a standard error page
 	 * will be shown. If using a URL obtained from user input, please make sure
-	 * to check it by calling SimpleSAML_Utilities::checkURLAllowed().
+	 * to check it by calling \SimpleSAML\Utils\HTTP::checkURLAllowed().
 	 * @param array $params Extra information about the login. Different
 	 * authentication requestors may provide different information. Optional,
 	 * will default to an empty array.
@@ -146,7 +146,7 @@ class SimpleSAML_Auth_Default {
 	 * @param string $returnURL The URL we should redirect the user to after
 	 * logging out. No checking is performed on the URL, so make sure to verify
 	 * it on beforehand if the URL is obtained from user input. Refer to
-	 * SimpleSAML_Utilities::checkURLAllowed() for more information.
+	 * \SimpleSAML\Utils\HTTP::checkURLAllowed() for more information.
 	 * @param string $authority The authentication source we are logging
 	 * out from.
 	 */
@@ -181,7 +181,7 @@ class SimpleSAML_Auth_Default {
 	 * @param string $returnURL The URL we should redirect the user to after
 	 * logging out. No checking is performed on the URL, so make sure to verify
 	 * it on beforehand if the URL is obtained from user input. Refer to
-	 * SimpleSAML_Utilities::checkURLAllowed() for more information.
+	 * \SimpleSAML\Utils\HTTP::checkURLAllowed() for more information.
 	 * @param string|NULL $authority The authentication source we are logging
 	 * out from.
 	 * @return void This function never returns.

lib/SimpleSAML/Utilities.php

@@ -102,45 +102,10 @@ class SimpleSAML_Utilities {
 
 
 	/**
-	 * Check if a URL is valid and is in our list of allowed URLs.
-	 *
-	 * @param string $url The URL to check.
-	 * @param array $trustedSites An optional white list of domains. If none specified, the 'trusted.url.domains'
-	 * configuration directive will be used.
-	 * @return string The normalized URL itself if it is allowed. An empty string if the $url parameter is empty as
-	 * defined by the empty() function.
-	 * @throws SimpleSAML_Error_Exception if the URL is malformed or is not allowed by configuration.
+	 * @deprecated This method will be removed in SSP 2.0. Please use \SimpleSAML\Utils\HTTP::checkURLAllowed() instead.
 	 */
 	public static function checkURLAllowed($url, array $trustedSites = NULL) {
-		if (empty($url)) {
-			return '';
-		}
-		$url = self::normalizeURL($url);
-
-		// get the white list of domains
-		if ($trustedSites === NULL) {
-			$trustedSites = SimpleSAML_Configuration::getInstance()->getArray('trusted.url.domains', NULL);
-			if ($trustedSites === NULL) {
-				$trustedSites = SimpleSAML_Configuration::getInstance()->getArray('redirect.trustedsites', NULL);
-			}
-		}
-
-		// validates the URL's host is among those allowed
-		if ($trustedSites !== NULL) {
-			assert(is_array($trustedSites));
-			preg_match('@^https?://([^/]+)@i', $url, $matches);
-			$hostname = $matches[1];
-
-			// add self host to the white list
-			$self_host = self::getSelfHost();
-			$trustedSites[] = $self_host;
-
-			/* Throw exception due to redirection to untrusted site */
-			if (!in_array($hostname, $trustedSites)) {
-				throw new SimpleSAML_Error_Exception('URL not allowed: '.$url);
-			}
-		}
-		return $url;
+		return \SimpleSAML\Utils\HTTP::checkURLAllowed($url, $trustedSites);
 	}
 
 

lib/SimpleSAML/Utils/HTTP.php

@@ -258,6 +258,54 @@ class HTTP
     }
 
 
+    /**
+     * Check if a URL is valid and is in our list of allowed URLs.
+     *
+     * @param string $url The URL to check.
+     * @param array  $trustedSites An optional white list of domains. If none specified, the 'trusted.url.domains'
+     * configuration directive will be used.
+     *
+     * @return string The normalized URL itself if it is allowed. An empty string if the $url parameter is empty as
+     * defined by the empty() function.
+     * @throws \SimpleSAML_Error_Exception if the URL is malformed or is not allowed by configuration.
+     *
+     * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
+     */
+    public static function checkURLAllowed($url, array $trustedSites = null)
+    {
+        if (empty($url)) {
+            return '';
+        }
+        $url = self::normalizeURL($url);
+
+        // get the white list of domains
+        if ($trustedSites === null) {
+            $trustedSites = \SimpleSAML_Configuration::getInstance()->getArray('trusted.url.domains', null);
+            // TODO: remove this before 2.0
+            if ($trustedSites === null) {
+                $trustedSites = \SimpleSAML_Configuration::getInstance()->getArray('redirect.trustedsites', null);
+            }
+        }
+
+        // validates the URL's host is among those allowed
+        if ($trustedSites !== null) {
+            assert(is_array($trustedSites));
+            preg_match('@^https?://([^/]+)@i', $url, $matches);
+            $hostname = $matches[1];
+
+            // add self host to the white list
+            $self_host = self::getSelfHost();
+            $trustedSites[] = $self_host;
+
+            // throw exception due to redirection to untrusted site
+            if (!in_array($hostname, $trustedSites)) {
+                throw new \SimpleSAML_Error_Exception('URL not allowed: '.$url);
+            }
+        }
+        return $url;
+    }
+
+
     /**
      * Helper function to retrieve a file or URL with proxy support.
      *

lib/SimpleSAML/XHTML/IdPDisco.php

@@ -123,7 +123,7 @@ class SimpleSAML_XHTML_IdPDisco {
 		if(!array_key_exists('return', $_GET)) {
 			throw new Exception('Missing parameter: return');
 		} else {
-			$this->returnURL = SimpleSAML_Utilities::checkURLAllowed($_GET['return']);
+			$this->returnURL = \SimpleSAML\Utils\HTTP::checkURLAllowed($_GET['return']);
 		}
 		
 		$this->isPassive = FALSE;

modules/adfs/lib/IdP/ADFS.php

@@ -175,7 +175,7 @@ class sspmod_adfs_IdP_ADFS {
 		// if a redirect is to occur based on wreply, we will redirect to url as
 		// this implies an override to normal sp notification.
 		if(isset($_GET['wreply']) && !empty($_GET['wreply'])) {
-			$idp->doLogoutRedirect(SimpleSAML_Utilities::checkURLAllowed($_GET['wreply']));
+			$idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed($_GET['wreply']));
 			assert(FALSE);
 		}
 

modules/core/www/as_login.php

@@ -18,7 +18,7 @@ if (!is_string($_REQUEST['AuthId'])) {
  * Setting up the options for the requireAuth() call later..
  */
 $options = array(
-	'ReturnTo' => SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']),
+	'ReturnTo' => \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']),
 );
 
 /*

modules/core/www/as_logout.php

@@ -15,4 +15,4 @@ if (!isset($_REQUEST['AuthId']) || !is_string($_REQUEST['AuthId'])) {
 }
 
 $as = new SimpleSAML_Auth_Simple($_REQUEST['AuthId']);
-$as->logout(SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']));
+$as->logout(\SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']));

modules/core/www/cleardiscochoices.php

@@ -26,7 +26,7 @@ foreach($_COOKIE as $cookieName => $value) {
 
 /* Find where we should go now. */
 if(array_key_exists('ReturnTo', $_REQUEST)) {
-	$returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']);
+	$returnTo = \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']);
 } else {
 	/* Return to the front page if no other destination is given. This is the same as the base cookie path. */
 	$returnTo = $cookiePath;

modules/exampleauth/www/authpage.php

@@ -13,7 +13,7 @@ if (!isset($_REQUEST['ReturnTo'])) {
 	die('Missing ReturnTo parameter.');
 }
 
-$returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']);
+$returnTo = \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']);
 
 
 /*

modules/saml/www/sp/saml1-acs.php

@@ -30,7 +30,7 @@ if (preg_match('@^https?://@i', $target)) {
 	$state = array(
 		'saml:sp:isUnsolicited' => TRUE,
 		'saml:sp:AuthId' => $sourceId,
-		'saml:sp:RelayState' => SimpleSAML_Utilities::checkURLAllowed($target),
+		'saml:sp:RelayState' => \SimpleSAML\Utils\HTTP::checkURLAllowed($target),
 	);
 } else {
 	$state = SimpleSAML_Auth_State::loadState($_REQUEST['TARGET'], 'saml:sp:sso');

modules/saml/www/sp/saml2-acs.php

@@ -90,7 +90,7 @@ if (!empty($stateId)) {
 	$state = array(
 		'saml:sp:isUnsolicited' => TRUE,
 		'saml:sp:AuthId' => $sourceId,
-		'saml:sp:RelayState' => SimpleSAML_Utilities::checkURLAllowed($response->getRelayState()),
+		'saml:sp:RelayState' => \SimpleSAML\Utils\HTTP::checkURLAllowed($response->getRelayState()),
 	);
 }
 

www/saml2/idp/SingleLogoutService.php

@@ -17,7 +17,7 @@ $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
 $idp = SimpleSAML_IdP::getById('saml2:' . $idpEntityId);
 
 if (isset($_REQUEST['ReturnTo'])) {
-	$idp->doLogoutRedirect(SimpleSAML_Utilities::checkURLAllowed((string)$_REQUEST['ReturnTo']));
+	$idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed((string)$_REQUEST['ReturnTo']));
 } else {
     try {
         sspmod_saml_IdP_SAML2::receiveLogoutMessage($idp);

www/saml2/idp/initSLO.php

@@ -11,5 +11,5 @@ if (!isset($_GET['RelayState'])) {
 	throw new SimpleSAML_Error_Error('NORELAYSTATE');
 }
 
-$idp->doLogoutRedirect(SimpleSAML_Utilities::checkURLAllowed((string)$_GET['RelayState']));
+$idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed((string)$_GET['RelayState']));
 assert('FALSE');
\ No newline at end of file