SimpleSAML_Auth_State: add session.state.timeout configuration option (issue 450).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2978 44740490-163a-0410-bde0-09ae8108e29a

config-templates/config.php

@@ -170,6 +170,11 @@ $config = array (
 	 */
 	'session.datastore.timeout' => (4*60*60), // 4 hours
 	
+	/*
+	 * Sets the duration, in seconds, auth state should be stored.
+	 */
+	'session.state.timeout' => (60*60), // 1 hour
+
 	/*
 	 * Option to override the default settings for the session cookie name
 	 */

lib/SimpleSAML/Auth/State.php

@@ -79,6 +79,12 @@ class SimpleSAML_Auth_State {
 	const EXCEPTION_PARAM = 'SimpleSAML_Auth_State_exceptionId';
 
 
+	/**
+	 * State timeout.
+	 */
+	private static $stateTimeout = NULL;
+
+
 	/**
 	 * Retrieve the ID of a state array.
 	 *
@@ -108,6 +114,21 @@ class SimpleSAML_Auth_State {
 	}
 
 
+	/**
+	 * Retrieve state timeout.
+	 *
+	 * @return integer  State timeout.
+	 */
+	private static function getStateTimeout() {
+		if (self::$stateTimeout === NULL) {
+			$globalConfig = SimpleSAML_Configuration::getInstance();
+			self::$stateTimeout = $globalConfig->getInteger('session.state.timeout', 60*60);
+		}
+
+		return self::$stateTimeout;
+	}
+
+
 	/**
 	 * Save the state.
 	 *
@@ -133,7 +154,7 @@ class SimpleSAML_Auth_State {
 		/* Save state. */
 		$serializedState = serialize($state);
 		$session = SimpleSAML_Session::getInstance();
-		$session->setData('SimpleSAML_Auth_State', $id, $serializedState, 60*60);
+		$session->setData('SimpleSAML_Auth_State', $id, $serializedState, self::getStateTimeout());
 
 		SimpleSAML_Logger::debug('Saved state: ' . var_export($return, TRUE));