From 3d916a20e8a8152577f1760dc53740e5ebb5ab6e Mon Sep 17 00:00:00 2001
From: Andjelko Horvat <comel@vingd.com>
Date: Tue, 8 Nov 2011 08:50:05 +0000
Subject: [PATCH] SimpleSAML_Auth_State: add session.state.timeout
 configuration option (issue 450).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2978 44740490-163a-0410-bde0-09ae8108e29a
---
 config-templates/config.php   |  5 +++++
 lib/SimpleSAML/Auth/State.php | 23 ++++++++++++++++++++++-
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/config-templates/config.php b/config-templates/config.php
index b9f1bfb2c..243d3d150 100644
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -170,6 +170,11 @@ $config = array (
 	 */
 	'session.datastore.timeout' => (4*60*60), // 4 hours
 	
+	/*
+	 * Sets the duration, in seconds, auth state should be stored.
+	 */
+	'session.state.timeout' => (60*60), // 1 hour
+
 	/*
 	 * Option to override the default settings for the session cookie name
 	 */
diff --git a/lib/SimpleSAML/Auth/State.php b/lib/SimpleSAML/Auth/State.php
index 635881225..c1bfdb630 100644
--- a/lib/SimpleSAML/Auth/State.php
+++ b/lib/SimpleSAML/Auth/State.php
@@ -79,6 +79,12 @@ class SimpleSAML_Auth_State {
 	const EXCEPTION_PARAM = 'SimpleSAML_Auth_State_exceptionId';
 
 
+	/**
+	 * State timeout.
+	 */
+	private static $stateTimeout = NULL;
+
+
 	/**
 	 * Retrieve the ID of a state array.
 	 *
@@ -108,6 +114,21 @@ class SimpleSAML_Auth_State {
 	}
 
 
+	/**
+	 * Retrieve state timeout.
+	 *
+	 * @return integer  State timeout.
+	 */
+	private static function getStateTimeout() {
+		if (self::$stateTimeout === NULL) {
+			$globalConfig = SimpleSAML_Configuration::getInstance();
+			self::$stateTimeout = $globalConfig->getInteger('session.state.timeout', 60*60);
+		}
+
+		return self::$stateTimeout;
+	}
+
+
 	/**
 	 * Save the state.
 	 *
@@ -133,7 +154,7 @@ class SimpleSAML_Auth_State {
 		/* Save state. */
 		$serializedState = serialize($state);
 		$session = SimpleSAML_Session::getInstance();
-		$session->setData('SimpleSAML_Auth_State', $id, $serializedState, 60*60);
+		$session->setData('SimpleSAML_Auth_State', $id, $serializedState, self::getStateTimeout());
 
 		SimpleSAML_Logger::debug('Saved state: ' . var_export($return, TRUE));
 
-- 
GitLab