PSR-2 / Whitespace

6c4b3f23 · Tim van Dijen · 05ab9308 · 6c4b3f23 · 6c4b3f23 · 6c4b3f23
Commit 6c4b3f23 authored 7 years ago by Tim van Dijen
--- a/modules/adfs/lib/IdP/ADFS.php
+++ b/modules/adfs/lib/IdP/ADFS.php
 <?php
-class sspmod_adfs_IdP_ADFS {
+class sspmod_adfs_IdP_ADFS
+{
-	public static function receiveAuthnRequest(SimpleSAML_IdP $idp) {
+    public static function receiveAuthnRequest(SimpleSAML_IdP $idp)
-		try {
+    {
-			// accomodate for disfunctional $_GET "windows" slash decoding in PHP
+        try {
-			$wctx = $_GET['wctx'];
+            // accomodate for disfunctional $_GET "windows" slash decoding in PHP
-			foreach (explode('&', $_SERVER['REQUEST_URI']) as $e) {
+            $wctx = $_GET['wctx'];
-				$a = explode('=', $e);
+            foreach (explode('&', $_SERVER['REQUEST_URI']) as $e) {
-				if ($a[0] == 'wctx') $wctx = urldecode($a[1]);
+                $a = explode('=', $e);
-			}
+                if ($a[0] == 'wctx') {
-			$requestid = $wctx;
+                    $wctx = urldecode($a[1]);
-			$issuer = $_GET['wtrealm'];
+                }
-			$requestcache = array(
+            }
-				'RequestID' => $requestid,
+            $requestid = $wctx;
-				'Issuer' => $issuer,
+            $issuer = $_GET['wtrealm'];
-				'RelayState' => $requestid
+            $requestcache = array(
-			);
+                'RequestID' => $requestid,
+                'Issuer' => $issuer,
-			$spEntityId = $requestcache['Issuer'];
+                'RelayState' => $requestid
-			$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+            );
-			$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'adfs-sp-remote');
+            $spEntityId = $requestcache['Issuer'];
-			SimpleSAML\Logger::info('ADFS - IdP.prp: Incoming Authentication request: '.$issuer.' id '.$requestid);
+            $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+            $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'adfs-sp-remote');
-		} catch(Exception $exception) {
-			throw new SimpleSAML_Error_Error('PROCESSAUTHNREQUEST', $exception);
+            SimpleSAML\Logger::info('ADFS - IdP.prp: Incoming Authentication request: '.$issuer.' id '.$requestid);
-		}
+        } catch(Exception $exception) {
-		$sessionLostURL = NULL; // TODO?
+            throw new SimpleSAML_Error_Error('PROCESSAUTHNREQUEST', $exception);
-		$forceAuthn = FALSE;
+        }
-		$isPassive = FALSE;
+        $sessionLostURL = null; // TODO?
-		$state = array(
+        $forceAuthn = false;
-			'Responder' => array('sspmod_adfs_IdP_ADFS', 'sendResponse'),
+        $isPassive = false;
-			'SPMetadata' => $spMetadata->toArray(),
-			'ForceAuthn' => $forceAuthn,
+        $state = array(
-			'isPassive' => $isPassive,
+            'Responder' => array('sspmod_adfs_IdP_ADFS', 'sendResponse'),
-			'adfs:wctx' => $wctx,
+            'SPMetadata' => $spMetadata->toArray(),
-		);
+            'ForceAuthn' => $forceAuthn,
+            'isPassive' => $isPassive,
-		$idp->handleAuthenticationRequest($state);		
+            'adfs:wctx' => $wctx,
-	}
+        );
-	public static function ADFS_GenerateResponse($issuer, $target, $nameid, $attributes) {
+        $idp->handleAuthenticationRequest($state);		
-		$issueInstant = SimpleSAML\Utils\Time::generateTimestamp();
+    }
-		$notBefore = SimpleSAML\Utils\Time::generateTimestamp(time() - 30);
-		$assertionExpire = SimpleSAML\Utils\Time::generateTimestamp(time() + 60 * 5);
+    public static function ADFS_GenerateResponse($issuer, $target, $nameid, $attributes)
-		$assertionID = SimpleSAML\Utils\Random::generateID();
+    {
-		$nameidFormat = 'http://schemas.xmlsoap.org/claims/UPN';
+        $issueInstant = SimpleSAML\Utils\Time::generateTimestamp();
-		$result =
+        $notBefore = SimpleSAML\Utils\Time::generateTimestamp(time() - 30);
-'<wst:RequestSecurityTokenResponse xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
+        $assertionExpire = SimpleSAML\Utils\Time::generateTimestamp(time() + 60 * 5);
-   <wst:RequestedSecurityToken>
+        $assertionID = SimpleSAML\Utils\Random::generateID();
-     <saml:Assertion Issuer="' . $issuer . '" IssueInstant="' . $issueInstant . '" AssertionID="' . $assertionID . '" MinorVersion="1" MajorVersion="1" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+        $nameidFormat = 'http://schemas.xmlsoap.org/claims/UPN';
-       <saml:Conditions NotOnOrAfter="' . $assertionExpire . '" NotBefore="' . $notBefore . '">
+        $nameid = htmlspecialchars($nameid);
-         <saml:AudienceRestrictionCondition>
-           <saml:Audience>' . $target .'</saml:Audience>
+        $result = <<<MSG
-         </saml:AudienceRestrictionCondition>
+<wst:RequestSecurityTokenResponse xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
-       </saml:Conditions>
+    <wst:RequestedSecurityToken>
-       <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="' . $issueInstant . '">
+        <saml:Assertion Issuer="$issuer" IssueInstant="$issueInstant" AssertionID="$assertionID" MinorVersion="1" MajorVersion="1" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
-         <saml:Subject>
+            <saml:Conditions NotOnOrAfter="$assertionExpire" NotBefore="$notBefore">
-           <saml:NameIdentifier Format="' . $nameidFormat . '">' . htmlspecialchars($nameid) . '</saml:NameIdentifier>
+                <saml:AudienceRestrictionCondition>
-         </saml:Subject>
+                    <saml:Audience>$target</saml:Audience>
-       </saml:AuthenticationStatement>
+                </saml:AudienceRestrictionCondition>
-       <saml:AttributeStatement>
+            </saml:Conditions>
-         <saml:Subject>
+            <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="$issueInstant">
-           <saml:NameIdentifier Format="' . $nameidFormat . '">' . htmlspecialchars($nameid) . '</saml:NameIdentifier>
+                <saml:Subject>
-         </saml:Subject>';
+                    <saml:NameIdentifier Format="$nameidFormat">$nameid</saml:NameIdentifier>
-		foreach ($attributes as $name => $values) {
+                </saml:Subject>
-			if ((!is_array($values)) || (count($values) == 0)) continue;
+            </saml:AuthenticationStatement>
-			$hasValue = FALSE;
+            <saml:AttributeStatement>
-			$r = '<saml:Attribute AttributeNamespace="http://schemas.xmlsoap.org/claims" AttributeName="' . htmlspecialchars($name) .'">';
+                <saml:Subject>
-			foreach ($values as $value) {
+                    <saml:NameIdentifier Format="$nameidFormat">$nameid</saml:NameIdentifier>
-				if ( (!isset($value)) || ($value === '')) continue;
+                </saml:Subject>
-				$r .= '<saml:AttributeValue>' . htmlspecialchars($value) . '</saml:AttributeValue>';
+MSG;
-				$hasValue = TRUE;
-			}
+        foreach ($attributes as $name => $values) {
-			$r .= '</saml:Attribute>';
+            if ((!is_array($values)) || (count($values) == 0)) {
-			if ($hasValue) $result .= $r;
+                continue;
-		}
+            }
-		$result .= '
+            $name = $htmlspecialchars($name);
-       </saml:AttributeStatement>
+            foreach ($values as $value) {
-     </saml:Assertion>
+                if ((!isset($value)) || ($value === '')) {
+                    continue;
+                }
+                $value = htmlspecialchars($value);
+                $result .= <<<MSG
+                <saml:Attribute AttributeNamespace="http://schemas.xmlsoap.org/claims" AttributeName="$name">
+                    <saml:AttributeValue>$value</saml:AttributeValue>
+                </saml:Attribute>
+MSG;
+            }
+        }
+        $result .= <<<MSG
+            </saml:AttributeStatement>
+        </saml:Assertion>
   </wst:RequestedSecurityToken>
-   <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
+   <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
-     <wsa:Address>' . $target . '</wsa:Address>
+       <wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
-   </wsa:EndpointReference></wsp:AppliesTo>
+           <wsa:Address>$target</wsa:Address>
- </wst:RequestSecurityTokenResponse>';
+       </wsa:EndpointReference>
-		return $result;
+   </wsp:AppliesTo>
-	}
+</wst:RequestSecurityTokenResponse>
+MSG;
-	public static function ADFS_SignResponse($response, $key, $cert) {
-		$objXMLSecDSig = new XMLSecurityDSig();
+        return $result;
-		$objXMLSecDSig->idKeys = array('AssertionID');	
+    }
-		$objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);	
-		$responsedom = \SAML2\DOMDocumentFactory::fromString(str_replace ("\r", "", $response));
+    public static function ADFS_SignResponse($response, $key, $cert)
-		$firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
+    {
-		$objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1,
+        $objXMLSecDSig = new XMLSecurityDSig();
-			array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N),
+        $objXMLSecDSig->idKeys = array('AssertionID');	
-			array('id_name' => 'AssertionID'));
+        $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);	
-		$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private'));
+        $responsedom = \SAML2\DOMDocumentFactory::fromString(str_replace ("\r", "", $response));
-		$objKey->loadKey($key, TRUE);
+        $firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
-		$objXMLSecDSig->sign($objKey);
+        $objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1,
-		if ($cert) {
+            array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N),
-			$public_cert = file_get_contents($cert);
+            array('id_name' => 'AssertionID'));
-			$objXMLSecDSig->add509Cert($public_cert, TRUE);
+        $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private'));
-		}
+        $objKey->loadKey($key, true);
-		$newSig = $responsedom->importNode($objXMLSecDSig->sigNode, TRUE);
+        $objXMLSecDSig->sign($objKey);
-		$firstassertionroot->appendChild($newSig);	
+        if ($cert) {
-		return $responsedom->saveXML();
+            $public_cert = file_get_contents($cert);
-	}
+            $objXMLSecDSig->add509Cert($public_cert, true);
+        }
-	public static function ADFS_PostResponse($url, $wresult, $wctx) {
+        $newSig = $responsedom->importNode($objXMLSecDSig->sigNode, true);
-		print '
+        $firstassertionroot->appendChild($newSig);	
-<body onload="document.forms[0].submit()"><form method="post" action="' . $url . '" enctype="multipart/form-data">
+        return $responsedom->saveXML();
-	<input type="hidden" name="wa" value="wsignin1.0">
+    }
-	<input type="hidden" name="wresult" value="' . htmlspecialchars($wresult) . '">
-	<input type="hidden" name="wctx" value="' . htmlspecialchars($wctx) . '">
+    public static function ADFS_PostResponse($url, $wresult, $wctx)
-	<noscript><input type="submit" value="Continue"></noscript>
+    {
-</form></body>';
+        $wresult = htmlspecialchars($wresult);
-		exit;
+        $wctx = htmlspecialchars($wctx);
-	}
+        $post = <<<MSG
-	public static function sendResponse(array $state) {
+    <body onload="document.forms[0].submit()">
-		$spMetadata = $state["SPMetadata"];
+        <form method="post" action="$url" enctype="multipart/form-data">
-		$spEntityId = $spMetadata['entityid'];
+            <input type="hidden" name="wa" value="wsignin1.0">
-		$spMetadata = SimpleSAML_Configuration::loadFromArray($spMetadata,
+            <input type="hidden" name="wresult" value="$wresult">
-			'$metadata[' . var_export($spEntityId, TRUE) . ']');
+            <input type="hidden" name="wctx" value="$wctx">
+            <noscript>
-		$attributes = $state['Attributes'];
+                <input type="submit" value="Continue">
+            </noscript>
-		$nameidattribute = $spMetadata->getValue('simplesaml.nameidattribute');
+        </form>
-		if (!empty($nameidattribute)) {
+    </body>
-			if (!array_key_exists($nameidattribute, $attributes)) {
+MSG;
-				throw new Exception('simplesaml.nameidattribute does not exist in resulting attribute set');
-			}
+        echo $post;
-			$nameid = $attributes[$nameidattribute][0];
+        exit;
-		} else {
+    }
-			$nameid = SimpleSAML\Utils\Random::generateID();
-		}
+    public static function sendResponse(array $state)
+    {
-		$idp = SimpleSAML_IdP::getByState($state);		
+        $spMetadata = $state["SPMetadata"];
-		$idpMetadata = $idp->getConfig();
+        $spEntityId = $spMetadata['entityid'];
-		$idpEntityId = $idpMetadata->getString('entityid');
+        $spMetadata = SimpleSAML_Configuration::loadFromArray($spMetadata,
+            '$metadata[' . var_export($spEntityId, true) . ']');
-		$idp->addAssociation(array(
-			'id' => 'adfs:' . $spEntityId,
+        $attributes = $state['Attributes'];
-			'Handler' => 'sspmod_adfs_IdP_ADFS',
-			'adfs:entityID' => $spEntityId,
+        $nameidattribute = $spMetadata->getValue('simplesaml.nameidattribute');
-		));
+        if (!empty($nameidattribute)) {
+            if (!array_key_exists($nameidattribute, $attributes)) {
-		$response = sspmod_adfs_IdP_ADFS::ADFS_GenerateResponse($idpEntityId, $spEntityId, $nameid, $attributes);
+                throw new Exception('simplesaml.nameidattribute does not exist in resulting attribute set');
+            }
-		$privateKeyFile = \SimpleSAML\Utils\Config::getCertPath($idpMetadata->getString('privatekey'));
+            $nameid = $attributes[$nameidattribute][0];
-		$certificateFile = \SimpleSAML\Utils\Config::getCertPath($idpMetadata->getString('certificate'));
+        } else {
-		$wresult = sspmod_adfs_IdP_ADFS::ADFS_SignResponse($response, $privateKeyFile, $certificateFile);
+            $nameid = SimpleSAML\Utils\Random::generateID();
+        }
-		$wctx = $state['adfs:wctx'];
-		sspmod_adfs_IdP_ADFS::ADFS_PostResponse($spMetadata->getValue('prp'), $wresult, $wctx);
+        $idp = SimpleSAML_IdP::getByState($state);		
-	}
+        $idpMetadata = $idp->getConfig();
+        $idpEntityId = $idpMetadata->getString('entityid');
+        $idp->addAssociation(array(
+            'id' => 'adfs:' . $spEntityId,
+            'Handler' => 'sspmod_adfs_IdP_ADFS',
+            'adfs:entityID' => $spEntityId,
+        ));
+        $response = sspmod_adfs_IdP_ADFS::ADFS_GenerateResponse($idpEntityId, $spEntityId, $nameid, $attributes);
+        $privateKeyFile = \SimpleSAML\Utils\Config::getCertPath($idpMetadata->getString('privatekey'));
+        $certificateFile = \SimpleSAML\Utils\Config::getCertPath($idpMetadata->getString('certificate'));
+        $wresult = sspmod_adfs_IdP_ADFS::ADFS_SignResponse($response, $privateKeyFile, $certificateFile);
+        $wctx = $state['adfs:wctx'];
+        sspmod_adfs_IdP_ADFS::ADFS_PostResponse($spMetadata->getValue('prp'), $wresult, $wctx);
+    }
 /*
-	public static function handleAuthError(SimpleSAML_Error_Exception $exception, array $state) {
+    public static function handleAuthError(SimpleSAML_Error_Exception $exception, array $state)
-	}
+    {
+    }
 */
-	public static function sendLogoutResponse(SimpleSAML_IdP $idp, array $state) {
+    public static function sendLogoutResponse(SimpleSAML_IdP $idp, array $state)
-		// NB:: we don't know from which SP the logout request came from
+    {
-		$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+        // NB:: we don't know from which SP the logout request came from
-		$idpMetadata = $idp->getConfig();
+        $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-		\SimpleSAML\Utils\HTTP::redirectTrustedURL($idpMetadata->getValue('redirect-after-logout', \SimpleSAML\Utils\HTTP::getBaseURL()));
+        $idpMetadata = $idp->getConfig();
-	}
+        \SimpleSAML\Utils\HTTP::redirectTrustedURL($idpMetadata->getValue('redirect-after-logout', \SimpleSAML\Utils\HTTP::getBaseURL()));
+    }
-	public static function receiveLogoutMessage(SimpleSAML_IdP $idp) {
-		// if a redirect is to occur based on wreply, we will redirect to url as
+    public static function receiveLogoutMessage(SimpleSAML_IdP $idp)
-		// this implies an override to normal sp notification
+    {
-		if(isset($_GET['wreply']) && !empty($_GET['wreply'])) {
+        // if a redirect is to occur based on wreply, we will redirect to url as
-			$idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed($_GET['wreply']));
+        // this implies an override to normal sp notification
-			assert(FALSE);
+        if (isset($_GET['wreply']) && !empty($_GET['wreply'])) {
-		}
+            $idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed($_GET['wreply']));
+            assert('false');
-		$state = array(
+        }
-			'Responder' => array('sspmod_adfs_IdP_ADFS', 'sendLogoutResponse'),
-		);
+        $state = array(
-		$assocId = NULL;
+            'Responder' => array('sspmod_adfs_IdP_ADFS', 'sendLogoutResponse'),
-		// TODO: verify that this is really no problem for: 
+        );
-		//       a) SSP, because there's no caller SP.
+        $assocId = null;
-		//       b) ADFS SP because caller will be called back..
+        // TODO: verify that this is really no problem for: 
-		$idp->handleLogoutRequest($state, $assocId);
+        //       a) SSP, because there's no caller SP.
-	}
+        //       b) ADFS SP because caller will be called back..
+        $idp->handleLogoutRequest($state, $assocId);
-	// accepts an association array, and returns a URL that can be accessed to terminate the association
+    }
-	public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState) {
-		$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+    // accepts an association array, and returns a URL that can be accessed to terminate the association
-		$idpMetadata = $idp->getConfig();
+    public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState)
-		$spMetadata = $metadata->getMetaDataConfig($association['adfs:entityID'], 'adfs-sp-remote');
+    {
-		$returnTo = SimpleSAML\Module::getModuleURL('adfs/idp/prp.php?assocId=' . urlencode($association["id"]) . '&relayState=' . urlencode($relayState));
+        $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-		return $spMetadata->getValue('prp') . '?' . 'wa=wsignoutcleanup1.0&wreply=' . urlencode($returnTo);
+        $idpMetadata = $idp->getConfig();
-	}
+        $spMetadata = $metadata->getMetaDataConfig($association['adfs:entityID'], 'adfs-sp-remote');
+        $returnTo = SimpleSAML\Module::getModuleURL('adfs/idp/prp.php?assocId=' . urlencode($association["id"]) . '&relayState=' . urlencode($relayState));
+        return $spMetadata->getValue('prp') . '?' . 'wa=wsignoutcleanup1.0&wreply=' . urlencode($returnTo);
+    }
 }
--- a/modules/adfs/lib/SAML2/XML/fed/Const.php
+++ b/modules/adfs/lib/SAML2/XML/fed/Const.php
@@ -4,9 +4,10 @@
 *
 * @package SimpleSAMLphp
 */
-class sspmod_adfs_SAML2_XML_fed_Const {
+class sspmod_adfs_SAML2_XML_fed_Const
-        /**
+{
-        * The namespace for WS-FED protocol.
+    /**
-        */
+     * The namespace for WS-FED protocol.
-        const NS_FED = 'http://docs.oasis-open.org/wsfed/federation/200706';
+     */
+    const NS_FED = 'http://docs.oasis-open.org/wsfed/federation/200706';
 }
--- a/modules/adfs/lib/SAML2/XML/fed/Endpoint.php
+++ b/modules/adfs/lib/SAML2/XML/fed/Endpoint.php
@@ -4,28 +4,29 @@
 *
 * @package SimpleSAMLphp
 */
-class sspmod_adfs_SAML2_XML_fed_Endpoint {
+class sspmod_adfs_SAML2_XML_fed_Endpoint
-	/**
+{
-	 * Add this endpoint to an XML element.
+    /**
-	 *
+     * Add this endpoint to an XML element.
-	 * @param DOMElement $parent  The element we should append this endpoint to.
+     *
-	 * @param string $name  The name of the element we should create.
+     * @param DOMElement $parent  The element we should append this endpoint to.
-	 */
+     * @param string $name  The name of the element we should create.
-	public static function appendXML(DOMElement $parent, $name, $address) {
+     */
-		assert('is_string($name)');
+    public static function appendXML(DOMElement $parent, $name, $address)
-		assert('is_string($address)');
+    {
+        assert('is_string($name)');
+        assert('is_string($address)');
-		$e = $parent->ownerDocument->createElement($name);
+        $e = $parent->ownerDocument->createElement($name);
-                $parent->appendChild($e);
+        $parent->appendChild($e);
-		$endpoint = $parent->ownerDocument->createElement('EndpointReference');
+        $endpoint = $parent->ownerDocument->createElement('EndpointReference');
-                $endpoint->setAttribute('xmlns', 'http://www.w3.org/2005/08/addressing');
+        $endpoint->setAttribute('xmlns', 'http://www.w3.org/2005/08/addressing');
-		$e->appendChild($endpoint);
+        $e->appendChild($endpoint);
-		$address = $parent->ownerDocument->createElement('Address', $address);
+        $address = $parent->ownerDocument->createElement('Address', $address);
-		$endpoint->appendChild($address);
+        $endpoint->appendChild($address);
-		return $e;
-	}
+        return $e;
+    }
 }
--- a/modules/adfs/lib/SAML2/XML/fed/SecurityTokenServiceType.php
+++ b/modules/adfs/lib/SAML2/XML/fed/SecurityTokenServiceType.php
@@ -4,52 +4,52 @@
 *
 * @package SimpleSAMLphp
 */
-class sspmod_adfs_SAML2_XML_fed_SecurityTokenServiceType extends SAML2_XML_md_RoleDescriptor {
+class sspmod_adfs_SAML2_XML_fed_SecurityTokenServiceType extends SAML2_XML_md_RoleDescriptor
+{
-	/**
+    /**
-	 * List of supported protocols.
+     * List of supported protocols.
-	 *
+     *
-	 * @var array
+     * @var array
-	 */
+     */
-	public $protocolSupportEnumeration = array(sspmod_adfs_SAML2_XML_fed_Const::NS_FED);
+    public $protocolSupportEnumeration = array(sspmod_adfs_SAML2_XML_fed_Const::NS_FED);
-	/**
+    /**
-	 * The Location of Services.
+     * The Location of Services.
-	 *
+     *
-	 * @var string
+     * @var string
-	 */
+     */
-	public $Location;
+    public $Location;
-	/**
+    /**
-	 * Initialize a SecurityTokenServiceType element.
+     * Initialize a SecurityTokenServiceType element.
-	 *
+     *
-	 * @param DOMElement|NULL $xml  The XML element we should load.
+     * @param DOMElement|null $xml  The XML element we should load.
-	 */
+     */
-	public function __construct(DOMElement $xml = NULL) {
+    public function __construct(DOMElement $xml = null)
+    {
-                parent::__construct('RoleDescriptor', $xml);
+        parent::__construct('RoleDescriptor', $xml);
+        if ($xml === null) {
-		if ($xml === NULL) {
+            return;
-			return;
+        }
-		}
+    }
-	}
+    /**
-	/**
+     * Convert this SecurityTokenServiceType RoleDescriptor to XML.
-	 * Convert this SecurityTokenServiceType RoleDescriptor to XML.
+     *
-	 *
+     * @param DOMElement $parent  The element we should add this contact to.
-	 * @param DOMElement $parent  The element we should add this contact to.
+     * @return DOMElement  The new ContactPerson-element.
-	 * @return DOMElement  The new ContactPerson-element.
+     */
-	 */
+    public function toXML(DOMElement $parent)
-	public function toXML(DOMElement $parent) {
+    {
-		assert('is_string($this->Location)');
+        assert('is_string($this->Location)');
-		$e = parent::toXML($parent);
+        $e = parent::toXML($parent);
-		$e->setAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:fed', sspmod_adfs_SAML2_XML_fed_Const::NS_FED);
+        $e->setAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:fed', sspmod_adfs_SAML2_XML_fed_Const::NS_FED);
-		$e->setAttributeNS(\SAML2\Constants::NS_XSI, 'xsi:type', 'fed:SecurityTokenServiceType');
+        $e->setAttributeNS(\SAML2\Constants::NS_XSI, 'xsi:type', 'fed:SecurityTokenServiceType');
-                sspmod_adfs_SAML2_XML_fed_TokenTypesOffered::appendXML($e);
+        sspmod_adfs_SAML2_XML_fed_TokenTypesOffered::appendXML($e);
-                sspmod_adfs_SAML2_XML_fed_Endpoint::appendXML($e, 'SecurityTokenServiceEndpoint', $this->Location);
+        sspmod_adfs_SAML2_XML_fed_Endpoint::appendXML($e, 'SecurityTokenServiceEndpoint', $this->Location);
-                sspmod_adfs_SAML2_XML_fed_Endpoint::appendXML($e, 'fed:PassiveRequestorEndpoint', $this->Location);
+        sspmod_adfs_SAML2_XML_fed_Endpoint::appendXML($e, 'fed:PassiveRequestorEndpoint', $this->Location);
-		return $e;
+        return $e;
-	}
+    }
 }
--- a/modules/adfs/lib/SAML2/XML/fed/TokenTypesOffered.php
+++ b/modules/adfs/lib/SAML2/XML/fed/TokenTypesOffered.php
@@ -4,22 +4,22 @@
 *
 * @package SimpleSAMLphp
 */
-class sspmod_adfs_SAML2_XML_fed_TokenTypesOffered {
+class sspmod_adfs_SAML2_XML_fed_TokenTypesOffered
-	/**
+{
-	 * Add tokentypesoffered to an XML element.
+    /**
-	 *
+     * Add tokentypesoffered to an XML element.
-	 * @param DOMElement $parent  The element we should append this endpoint to.
+     *
-	 */
+     * @param DOMElement $parent  The element we should append this endpoint to.
-	public static function appendXML(DOMElement $parent) {
+     */
+    public static function appendXML(DOMElement $parent)
+    {
+        $e = $parent->ownerDocument->createElementNS(sspmod_adfs_SAML2_XML_fed_Const::NS_FED, 'fed:TokenTypesOffered');
+        $parent->appendChild($e);
-		$e = $parent->ownerDocument->createElementNS(sspmod_adfs_SAML2_XML_fed_Const::NS_FED, 'fed:TokenTypesOffered');
+        $tokentype = $parent->ownerDocument->createElementNS(sspmod_adfs_SAML2_XML_fed_Const::NS_FED, 'fed:TokenType');
-                $parent->appendChild($e);
+        $tokentype->setAttribute('Uri', 'urn:oasis:names:tc:SAML:1.0:assertion');
+        $e->appendChild($tokentype);
-		$tokentype = $parent->ownerDocument->createElementNS(sspmod_adfs_SAML2_XML_fed_Const::NS_FED, 'fed:TokenType');
-                $tokentype->setAttribute('Uri', 'urn:oasis:names:tc:SAML:1.0:assertion');
-		$e->appendChild($tokentype);
-		return $e;
-	}
+        return $e;
+    }
 }
--- a/modules/adfs/lib/XMLSecurityDSig.php
+++ b/modules/adfs/lib/XMLSecurityDSig.php
@@ -12,14 +12,16 @@
 * @author Daniel Tsosie
 * @package SimpleSAMLphp
 */
-class sspmod_adfs_XMLSecurityDSig extends XMLSecurityDSig {
+class sspmod_adfs_XMLSecurityDSig extends XMLSecurityDSig
+{
-    function __construct($metaxml) {
+    function __construct($metaxml)
+    {
        $template = '';
-        if (strpos("\n", $metaxml) === FALSE) {
+        if (strpos("\n", $metaxml) === false) {
-            foreach (explode("\n", self::template) as $line)
+            foreach (explode("\n", self::template) as $line) {
                $template .= trim($line);
+            }
        } else {
            $template = self::template;
        }

--- a/modules/adfs/www/idp/prp.php
+++ b/modules/adfs/www/idp/prp.php
@@ -13,16 +13,16 @@ $idpEntityId = $metadata->getMetaDataCurrentEntityID('adfs-idp-hosted');
 $idp = SimpleSAML_IdP::getById('adfs:' . $idpEntityId);
 if (isset($_GET['wa'])) {
-	if ($_GET['wa'] === 'wsignout1.0') {
+    if ($_GET['wa'] === 'wsignout1.0') {
-		sspmod_adfs_IdP_ADFS::receiveLogoutMessage($idp);
+        sspmod_adfs_IdP_ADFS::receiveLogoutMessage($idp);
-	} else if ($_GET['wa'] === 'wsignin1.0') {
+    } else if ($_GET['wa'] === 'wsignin1.0') {
-		sspmod_adfs_IdP_ADFS::receiveAuthnRequest($idp);
+        sspmod_adfs_IdP_ADFS::receiveAuthnRequest($idp);
-	}
+    }
-	assert('FALSE');		
+    assert('false');		
-} elseif(isset($_GET['assocId'])) {
+} elseif (isset($_GET['assocId'])) {
-	// logout response from ADFS SP
+    // logout response from ADFS SP
-	$assocId = $_GET['assocId']; // Association ID of the SP that sent the logout response
+    $assocId = $_GET['assocId']; // Association ID of the SP that sent the logout response
-	$relayState = $_GET['relayState']; // Data that was sent in the logout request to the SP. Can be null
+    $relayState = $_GET['relayState']; // Data that was sent in the logout request to the SP. Can be null
-	$logoutError = NULL; /* NULL on success, or an instance of a SimpleSAML_Error_Exception on failure. */
+    $logoutError = null; // null on success, or an instance of a SimpleSAML_Error_Exception on failure.
-	$idp->handleLogoutResponse($assocId, $relayState, $logoutError);
+    $idp->handleLogoutResponse($assocId, $relayState, $logoutError);
 }