Skip to content
Snippets Groups Projects
Commit 87a4cd7c authored by Jaime Perez Crespo's avatar Jaime Perez Crespo
Browse files

Reformat SimpleSAML_Metadata_MetaDataStorageHandler and fix some issues with phpdoc.

parent a60d9fc5
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
+ 361
350
View file @ 87a4cd7c
<?php <?php
/** /**
* This file defines a class for metadata handling. * This file defines a class for metadata handling.
* *
* @author Andreas Åkre Solberg, UNINETT AS. <andreas.solberg@uninett.no> * @author Andreas Åkre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
* @package simpleSAMLphp * @package SimpleSAMLphp
*/ */
class SimpleSAML_Metadata_MetaDataStorageHandler { class SimpleSAML_Metadata_MetaDataStorageHandler
{
/**
* This static variable contains a reference to the current /**
* instance of the metadata handler. This variable will be null if * This static variable contains a reference to the current
* we haven't instantiated a metadata handler yet. * instance of the metadata handler. This variable will be null if
* * we haven't instantiated a metadata handler yet.
* @var SimpleSAML_Metadata_MetaDataStorageHandler *
*/ * @var SimpleSAML_Metadata_MetaDataStorageHandler
private static $metadataHandler = NULL; */
private static $metadataHandler = null;
/**
* This is a list of all the metadata sources we have in our metadata /**
* chain. When we need metadata, we will look through this chain from start to end. * This is a list of all the metadata sources we have in our metadata
* * chain. When we need metadata, we will look through this chain from start to end.
* @var array *
*/ * @var SimpleSAML_Metadata_MetaDataStorageSource[]
private $sources; */
private $sources;
/**
* This function retrieves the current instance of the metadata handler. /**
* The metadata handler will be instantiated if this is the first call * This function retrieves the current instance of the metadata handler.
* to this fuunction. * The metadata handler will be instantiated if this is the first call
* * to this function.
* @return SimpleSAML_Metadata_MetaDataStorageHandler The current metadata handler instance. *
*/ * @return SimpleSAML_Metadata_MetaDataStorageHandler The current metadata handler instance.
public static function getMetadataHandler() { */
if(self::$metadataHandler === NULL) { public static function getMetadataHandler()
self::$metadataHandler = new SimpleSAML_Metadata_MetaDataStorageHandler(); {
} if (self::$metadataHandler === null) {
self::$metadataHandler = new SimpleSAML_Metadata_MetaDataStorageHandler();
return self::$metadataHandler; }
}
return self::$metadataHandler;
}
/**
* This constructor initializes this metadata storage handler. It will load and
* parse the configuration, and initialize the metadata source list. /**
*/ * This constructor initializes this metadata storage handler. It will load and
protected function __construct() { * parse the configuration, and initialize the metadata source list.
*/
$config = SimpleSAML_Configuration::getInstance(); protected function __construct()
{
$sourcesConfig = $config->getArray('metadata.sources', NULL); $config = SimpleSAML_Configuration::getInstance();
/* For backwards compatibility, and to provide a default configuration. */ $sourcesConfig = $config->getArray('metadata.sources', null);
if($sourcesConfig === NULL) {
$type = $config->getString('metadata.handler', 'flatfile'); // for backwards compatibility, and to provide a default configuration
$sourcesConfig = array(array('type' => $type)); if ($sourcesConfig === null) {
} $type = $config->getString('metadata.handler', 'flatfile');
$sourcesConfig = array(array('type' => $type));
try { }
$this->sources = SimpleSAML_Metadata_MetaDataStorageSource::parseSources($sourcesConfig);
} catch (Exception $e) { try {
throw new Exception('Invalid configuration of the \'metadata.sources\'' . $this->sources = SimpleSAML_Metadata_MetaDataStorageSource::parseSources($sourcesConfig);
' configuration option: ' . $e->getMessage()); } catch (Exception $e) {
} throw new Exception(
"Invalid configuration of the 'metadata.sources' configuration option: ".$e->getMessage()
} );
}
}
/**
* This function is used to generate some metadata elements automatically.
* /**
* @param string $property The metadata property which should be autogenerated. * This function is used to generate some metadata elements automatically.
* @param string $set The set we the property comes from. *
* @return string The autogenerated metadata property. * @param string $property The metadata property which should be auto-generated.
*/ * @param string $set The set we the property comes from.
public function getGenerated($property, $set) { *
* @return string The auto-generated metadata property.
/* First we check if the user has overridden this property in the metadata. */ * @throws Exception If the metadata cannot be generated automatically.
try { */
$metadataSet = $this->getMetaDataCurrent($set); public function getGenerated($property, $set)
if(array_key_exists($property, $metadataSet)) { {
return $metadataSet[$property]; // first we check if the user has overridden this property in the metadata
} try {
} catch(Exception $e) { $metadataSet = $this->getMetaDataCurrent($set);
/* Probably metadata wasn't found. In any case we continue by generating the metadata. */ if (array_key_exists($property, $metadataSet)) {
} return $metadataSet[$property];
}
/* Get the configuration. */ } catch (Exception $e) {
$config = SimpleSAML_Configuration::getInstance(); // probably metadata wasn't found. In any case we continue by generating the metadata
assert($config instanceof SimpleSAML_Configuration); }
$baseurl = \SimpleSAML\Utils\HTTP::getSelfURLHost() . '/' . // get the configuration
$config->getBaseURL(); $config = SimpleSAML_Configuration::getInstance();
assert($config instanceof SimpleSAML_Configuration);
if ($set == 'saml20-sp-hosted') {
switch ($property) { $baseurl = \SimpleSAML\Utils\HTTP::getSelfURLHost().'/'.
case 'SingleLogoutServiceBinding' : $config->getBaseURL();
return SAML2_Const::BINDING_HTTP_REDIRECT;
} if ($set == 'saml20-sp-hosted') {
} elseif($set == 'saml20-idp-hosted') { if ($property === 'SingleLogoutServiceBinding') {
switch ($property) { return SAML2_Const::BINDING_HTTP_REDIRECT;
case 'SingleSignOnService' : }
return $baseurl . 'saml2/idp/SSOService.php'; } elseif ($set == 'saml20-idp-hosted') {
switch ($property) {
case 'SingleSignOnServiceBinding' : case 'SingleSignOnService':
return SAML2_Const::BINDING_HTTP_REDIRECT; return $baseurl.'saml2/idp/SSOService.php';
case 'SingleLogoutService' : case 'SingleSignOnServiceBinding':
return $baseurl . 'saml2/idp/SingleLogoutService.php'; return SAML2_Const::BINDING_HTTP_REDIRECT;
case 'SingleLogoutServiceBinding' : case 'SingleLogoutService':
return SAML2_Const::BINDING_HTTP_REDIRECT; return $baseurl.'saml2/idp/SingleLogoutService.php';
}
} elseif($set == 'shib13-idp-hosted') { case 'SingleLogoutServiceBinding':
switch ($property) { return SAML2_Const::BINDING_HTTP_REDIRECT;
case 'SingleSignOnService' : }
return $baseurl . 'shib13/idp/SSOService.php'; } elseif ($set == 'shib13-idp-hosted') {
} if ($property === 'SingleSignOnService') {
} return $baseurl.'shib13/idp/SSOService.php';
}
throw new Exception('Could not generate metadata property ' . $property . ' for set ' . $set . '.'); }
}
throw new Exception('Could not generate metadata property '.$property.' for set '.$set.'.');
}
/**
* This function lists all known metadata in the given set. It is returned as an associative array
* where the key is the entity id. /**
* * This function lists all known metadata in the given set. It is returned as an associative array
* @param string $set The set we want to list metadata from. * where the key is the entity id.
* @return array An associative array with the metadata from from the given set. *
*/ * @param string $set The set we want to list metadata from.
public function getList($set = 'saml20-idp-remote') { *
* @return array An associative array with the metadata from from the given set.
assert('is_string($set)'); */
public function getList($set = 'saml20-idp-remote')
$result = array(); {
assert('is_string($set)');
foreach($this->sources as $source) {
$srcList = $source->getMetadataSet($set); $result = array();
foreach($srcList AS $key => $le) { foreach ($this->sources as $source) {
if (array_key_exists('expire', $le)) { $srcList = $source->getMetadataSet($set);
if ($le['expire'] < time()) {
unset($srcList[$key]); foreach ($srcList as $key => $le) {
SimpleSAML_Logger::warning("Dropping metadata entity " . if (array_key_exists('expire', $le)) {
var_export($key,true) . ", expired " . if ($le['expire'] < time()) {
SimpleSAML\Utils\Time::generateTimestamp($le['expire']) . unset($srcList[$key]);
"."); SimpleSAML_Logger::warning(
} "Dropping metadata entity ".var_export($key, true).", expired ".
} SimpleSAML\Utils\Time::generateTimestamp($le['expire'])."."
} );
}
}
}
/* $result is the last argument to array_merge because we want the content already
* in $result to have precedence. /* $result is the last argument to array_merge because we want the content already
*/ * in $result to have precedence.
$result = array_merge($srcList, $result); */
} $result = array_merge($srcList, $result);
}
return $result;
} return $result;
}
/**
* This function retrieves metadata for the current entity based on the hostname/path the request /**
* was directed to. It will throw an exception if it is unable to locate the metadata. * This function retrieves metadata for the current entity based on the hostname/path the request
* * was directed to. It will throw an exception if it is unable to locate the metadata.
* @param string $set The set we want metadata from. *
* @return array An associative array with the metadata. * @param string $set The set we want metadata from.
*/ *
public function getMetaDataCurrent($set) { * @return array An associative array with the metadata.
return $this->getMetaData(NULL, $set); */
} public function getMetaDataCurrent($set)
{
return $this->getMetaData(null, $set);
/** }
* This function locates the current entity id based on the hostname/path combination the user accessed.
* It will throw an exception if it is unable to locate the entity id.
* /**
* @param string $set The set we look for the entity id in. * This function locates the current entity id based on the hostname/path combination the user accessed.
* @param string $type Do you want to return the metaindex or the entityID. [entityid|metaindex] * It will throw an exception if it is unable to locate the entity id.
* @return string The entity id which is associated with the current hostname/path combination. *
*/ * @param string $set The set we look for the entity id in.
public function getMetaDataCurrentEntityID($set, $type = 'entityid') { * @param string $type Do you want to return the metaindex or the entityID. [entityid|metaindex]
*
assert('is_string($set)'); * @return string The entity id which is associated with the current hostname/path combination.
* @throws Exception If no default metadata can be found in the set for the current host.
/* First we look for the hostname/path combination. */ */
$currenthostwithpath = \SimpleSAML\Utils\HTTP::getSelfHostWithPath(); // sp.example.org/university public function getMetaDataCurrentEntityID($set, $type = 'entityid')
{
foreach($this->sources as $source) { assert('is_string($set)');
$index = $source->getEntityIdFromHostPath($currenthostwithpath, $set, $type);
if($index !== NULL) { // first we look for the hostname/path combination
return $index; $currenthostwithpath = \SimpleSAML\Utils\HTTP::getSelfHostWithPath(); // sp.example.org/university
}
} foreach ($this->sources as $source) {
$index = $source->getEntityIdFromHostPath($currenthostwithpath, $set, $type);
if ($index !== null) {
/* Then we look for the hostname. */ return $index;
$currenthost = \SimpleSAML\Utils\HTTP::getSelfHost(); // sp.example.org }
if(strpos($currenthost, ":") !== FALSE) { }
$currenthostdecomposed = explode(":", $currenthost);
$currenthost = $currenthostdecomposed[0]; // then we look for the hostname
} $currenthost = \SimpleSAML\Utils\HTTP::getSelfHost(); // sp.example.org
if (strpos($currenthost, ":") !== false) {
foreach($this->sources as $source) { $currenthostdecomposed = explode(":", $currenthost);
$index = $source->getEntityIdFromHostPath($currenthost, $set, $type); $currenthost = $currenthostdecomposed[0];
if($index !== NULL) { }
return $index;
} foreach ($this->sources as $source) {
} $index = $source->getEntityIdFromHostPath($currenthost, $set, $type);
if ($index !== null) {
return $index;
/* Then we look for the DEFAULT entry. */ }
foreach($this->sources as $source) { }
$entityId = $source->getEntityIdFromHostPath('__DEFAULT__', $set, $type);
if($entityId !== NULL) { // then we look for the DEFAULT entry
return $entityId; foreach ($this->sources as $source) {
} $entityId = $source->getEntityIdFromHostPath('__DEFAULT__', $set, $type);
} if ($entityId !== null) {
return $entityId;
}
}
/* We were unable to find the hostname/path in any metadata source. */
throw new Exception('Could not find any default metadata entities in set [' . $set . '] for host [' . $currenthost . ' : ' . $currenthostwithpath . ']'); // we were unable to find the hostname/path in any metadata source
} throw new Exception(
'Could not find any default metadata entities in set ['.$set.'] for host ['.$currenthost.' : '.
/** $currenthostwithpath.']'
* This method will call getPreferredEntityIdFromCIDRhint() on all of the );
* sources. }
*
* @param string $set Which set of metadata we are looking it up in.
* @param string $ip IP address /**
* @return string The entity id of a entity which have a CIDR hint where the provided * This method will call getPreferredEntityIdFromCIDRhint() on all of the
* IP address match. * sources.
*/ *
public function getPreferredEntityIdFromCIDRhint($set, $ip) { * @param string $set Which set of metadata we are looking it up in.
* @param string $ip IP address
foreach($this->sources as $source) { *
$entityId = $source->getPreferredEntityIdFromCIDRhint($set, $ip); * @return string The entity id of a entity which have a CIDR hint where the provided
if($entityId !== NULL) { * IP address match.
return $entityId; */
} public function getPreferredEntityIdFromCIDRhint($set, $ip)
} {
foreach ($this->sources as $source) {
return NULL; $entityId = $source->getPreferredEntityIdFromCIDRhint($set, $ip);
if ($entityId !== null) {
} return $entityId;
}
/** }
* This function looks up the metadata for the given entity id in the given set. It will throw an
* exception if it is unable to locate the metadata. return null;
* }
* @param string $index The entity id we are looking up. This parameter may be NULL, in which case we look up
* the current entity id based on the current hostname/path.
* @param string $set The set of metadata we are looking up the entity id in. /**
* @return array The metadata array describing the specified entity. * This function looks up the metadata for the given entity id in the given set. It will throw an
* @throws Exception If metadata for the specified entity is expired. * exception if it is unable to locate the metadata.
* @throws SimpleSAML_Error_MetadataNotFound If no metadata for the entity specified can be found. *
*/ * @param string $index The entity id we are looking up. This parameter may be NULL, in which case we look up
public function getMetaData($index, $set) { * the current entity id based on the current hostname/path.
* @param string $set The set of metadata we are looking up the entity id in.
assert('is_string($set)'); *
* @return array The metadata array describing the specified entity.
if($index === NULL) { * @throws Exception If metadata for the specified entity is expired.
$index = $this->getMetaDataCurrentEntityID($set, 'metaindex'); * @throws SimpleSAML_Error_MetadataNotFound If no metadata for the entity specified can be found.
} */
public function getMetaData($index, $set)
assert('is_string($index)'); {
assert('is_string($set)');
foreach($this->sources as $source) {
$metadata = $source->getMetaData($index, $set); if ($index === null) {
$index = $this->getMetaDataCurrentEntityID($set, 'metaindex');
if($metadata !== NULL) { }
if (array_key_exists('expire', $metadata)) { assert('is_string($index)');
if ($metadata['expire'] < time()) {
throw new Exception('Metadata for the entity [' . $index . '] expired ' . foreach ($this->sources as $source) {
(time() - $metadata['expire']) . ' seconds ago.' $metadata = $source->getMetaData($index, $set);
);
} if ($metadata !== null) {
}
if (array_key_exists('expire', $metadata)) {
$metadata['metadata-index'] = $index; if ($metadata['expire'] < time()) {
$metadata['metadata-set'] = $set; throw new Exception(
assert('array_key_exists("entityid", $metadata)'); 'Metadata for the entity ['.$index.'] expired '.
return $metadata; (time() - $metadata['expire']).' seconds ago.'
} );
} }
}
throw new SimpleSAML_Error_MetadataNotFound($index);
} $metadata['metadata-index'] = $index;
$metadata['metadata-set'] = $set;
assert('array_key_exists("entityid", $metadata)');
/** return $metadata;
* Retrieve the metadata as a configuration object. }
* }
* This function will throw an exception if it is unable to locate the metadata.
* throw new SimpleSAML_Error_MetadataNotFound($index);
* @param string $entityId The entity ID we are looking up. }
* @param string $set The metadata set we are searching.
* @return SimpleSAML_Configuration The configuration object representing the metadata.
* @throws SimpleSAML_Error_MetadataNotFound If no metadata for the entity specified can be found. /**
*/ * Retrieve the metadata as a configuration object.
public function getMetaDataConfig($entityId, $set) { *
assert('is_string($entityId)'); * This function will throw an exception if it is unable to locate the metadata.
assert('is_string($set)'); *
* @param string $entityId The entity ID we are looking up.
$metadata = $this->getMetaData($entityId, $set); * @param string $set The metadata set we are searching.
return SimpleSAML_Configuration::loadFromArray($metadata, $set . '/' . var_export($entityId, TRUE)); *
} * @return SimpleSAML_Configuration The configuration object representing the metadata.
* @throws SimpleSAML_Error_MetadataNotFound If no metadata for the entity specified can be found.
*/
/** public function getMetaDataConfig($entityId, $set)
* Search for an entity's metadata, given the SHA1 digest of its entity ID. {
* assert('is_string($entityId)');
* @param string $sha1 The SHA1 digest of the entity ID. assert('is_string($set)');
* @param string $set The metadata set we are searching.
* $metadata = $this->getMetaData($entityId, $set);
* @return null|SimpleSAML_Configuration The metadata corresponding to the entity, or null if the entity cannot be return SimpleSAML_Configuration::loadFromArray($metadata, $set.'/'.var_export($entityId, true));
* found. }
*/
public function getMetaDataConfigForSha1($sha1, $set) {
assert('is_string($sha1)'); /**
assert('is_string($set)'); * Search for an entity's metadata, given the SHA1 digest of its entity ID.
*
* @param string $sha1 The SHA1 digest of the entity ID.
$result = array(); * @param string $set The metadata set we are searching.
*
foreach($this->sources as $source) { * @return null|SimpleSAML_Configuration The metadata corresponding to the entity, or null if the entity cannot be
$srcList = $source->getMetadataSet($set); * found.
*/
public function getMetaDataConfigForSha1($sha1, $set)
/* $result is the last argument to array_merge because we want the content already {
* in $result to have precedence. assert('is_string($sha1)');
*/ assert('is_string($set)');
$result = array_merge($srcList, $result);
} $result = array();
foreach($result as $remote_provider ){
foreach ($this->sources as $source) {
if(sha1($remote_provider['entityid'])==$sha1){ $srcList = $source->getMetadataSet($set);
$remote_provider['metadata-set'] = $set;
/* $result is the last argument to array_merge because we want the content already
return SimpleSAML_Configuration::loadFromArray($remote_provider, $set . '/' . var_export($remote_provider['entityid'], TRUE)); * in $result to have precedence.
} */
} $result = array_merge($srcList, $result);
}
return null; foreach ($result as $remote_provider) {
}
if (sha1($remote_provider['entityid']) == $sha1) {
$remote_provider['metadata-set'] = $set;
return SimpleSAML_Configuration::loadFromArray(
$remote_provider,
$set.'/'.var_export($remote_provider['entityid'], true)
);
}
}
return null;
}
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment