diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php index e373dc4f4350563e2dd1abb8b108392db3c77193..4cfd11cb1af45cadba59680ee972507ab1e3677c 100644 --- a/lib/SimpleSAML/Session.php +++ b/lib/SimpleSAML/Session.php @@ -163,7 +163,7 @@ class SimpleSAML_Session { } $sh = SimpleSAML_SessionHandler::getSessionHandler(); - $this->sessionId = $sh->getCookieSessionId(); + $this->sessionId = $sh->newSessionId(); $this->trackid = substr(md5(uniqid(rand(), true)), 0, 10); diff --git a/lib/SimpleSAML/SessionHandler.php b/lib/SimpleSAML/SessionHandler.php index a61844ed5149f5b8604d501ff79b20f70cb95764..2d1a28c9075718dbb6abe37f72e966c2ba4553ec 100644 --- a/lib/SimpleSAML/SessionHandler.php +++ b/lib/SimpleSAML/SessionHandler.php @@ -47,6 +47,14 @@ abstract class SimpleSAML_SessionHandler { } + /** + * Create and set new session id. + * + * @return string The new session id. + */ + abstract public function newSessionId(); + + /** * Retrieve the session id of saved in the session cookie. * diff --git a/lib/SimpleSAML/SessionHandlerCookie.php b/lib/SimpleSAML/SessionHandlerCookie.php index 9d6d8461899a9d4a87432310e248da33a8f1a2dc..7c5ae37a79214a4f7ec995eb4f56986ea9bcd46a 100644 --- a/lib/SimpleSAML/SessionHandlerCookie.php +++ b/lib/SimpleSAML/SessionHandlerCookie.php @@ -39,6 +39,20 @@ extends SimpleSAML_SessionHandler { } + /** + * Create and set new session id. + * + * @return string The new session id. + */ + public function newSessionId() { + $this->session_id = self::createSessionID(); + SimpleSAML_Session::createSession($this->session_id); + $this->setCookie($this->cookie_name, $this->session_id); + + return $this->session_id; + } + + /** * Retrieve the session id of saved in the session cookie. * @@ -54,9 +68,7 @@ extends SimpleSAML_SessionHandler { /* Check if we have a valid session id. */ if(!self::isValidSessionID($this->session_id)) { /* We don't have a valid session. Create a new session id. */ - $this->session_id = self::createSessionID(); - SimpleSAML_Session::createSession($this->session_id); - $this->setCookie($this->cookie_name, $this->session_id); + return self::newSessionId(); } } @@ -115,5 +127,3 @@ extends SimpleSAML_SessionHandler { } } - -?> \ No newline at end of file diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php index 1d07f37071dc53cad0f886d75e222abbbe9471d6..b95bdcb22bb2b0d9f2bfee28c8b0b6b2155cbcca 100644 --- a/lib/SimpleSAML/SessionHandlerPHP.php +++ b/lib/SimpleSAML/SessionHandlerPHP.php @@ -53,6 +53,33 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler { } + /** + * Create and set new session id. + * + * @return string The new session id. + */ + public function newSessionId() { + $session_cookie_params = session_get_cookie_params(); + + if ($session_cookie_params['secure'] && !SimpleSAML_Utilities::isHTTPS()) { + throw new SimpleSAML_Error_Exception('Session start with secure cookie not allowed on http.'); + } + + if (headers_sent()) { + throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.'); + } + + /* Generate new (secure) session id. */ + $sessionId = SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16)); + SimpleSAML_Session::createSession($sessionId); + session_id($sessionId); + + session_start(); + + return session_id(); + } + + /** * Retrieve the session id of saved in the session cookie. * @@ -60,24 +87,16 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler { */ public function getCookieSessionId() { if(session_id() === '') { + if(!self::hasSessionCookie()) { + return self::newSessionId(); + } + $session_cookie_params = session_get_cookie_params(); if ($session_cookie_params['secure'] && !SimpleSAML_Utilities::isHTTPS()) { throw new SimpleSAML_Error_Exception('Session start with secure cookie not allowed on http.'); } - if(!self::hasSessionCookie()) { - - if (headers_sent()) { - throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.'); - } - - /* Session cookie unset - session id not set. Generate new (secure) session id. */ - $sessionId = SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16)); - SimpleSAML_Session::createSession($sessionId); - session_id($sessionId); - } - session_start(); }