From 9bba167f1a1d301022681e61faa9e4f016c26686 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 16 May 2008 06:55:34 +0000
Subject: [PATCH] Session: Changed setData to have a default $timeout
 parameter.

This also changes the declaration of the setData method, as the $timeout
parameter moves to the end of the list.

If no $timeout parameter is supplied, then the 'session.datastore.timeout'
configuration option will be used. If this option doesn't exist, the
'session.requestcache' option will be used. If neither of these are used, then
four hours will be used as the timeout.


git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@576 44740490-163a-0410-bde0-09ae8108e29a
---
 config-templates/config.php           |  7 +++++++
 lib/SimpleSAML/Session.php            | 29 ++++++++++++++++++++++++---
 www/saml2/idp/SingleLogoutService.php |  2 +-
 www/saml2/sp/initSLO.php              |  2 +-
 4 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/config-templates/config.php b/config-templates/config.php
index 4c2cc0af5..d43a1c065 100644
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -122,6 +122,13 @@ $config = array (
 	 */
 	'session.duration'		=>  8 * (60*60), // 8 hours.
 	'session.requestcache'	=>  4 * (60*60), // 4 hours
+
+	/*
+	 * Sets the duration, in seconds, data should be stored in the datastore. As the datastore is used for
+	 * login and logout requests, thid option will control the maximum time these operations can take.
+	 * The default is 4 hours (4*60*60) seconds, which should be more than enough for these operations.
+	 */
+	'session.datastore.timeout' => (4*60*60), // 4 hours
 	
 	/*
 	 * Options to override the default settings for php sessions.
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index d12c13eb8..57bf19995 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -551,17 +551,40 @@ class SimpleSAML_Session {
 	 *
 	 * @param $type     The type of the data. This is checked when retrieving data from the store.
 	 * @param $id       The identifier of the data.
-	 * @param $timeout  The number of seconds this data should be stored after its last access.
 	 * @param $data     The data.
+	 * @param $timeout  The number of seconds this data should be stored after its last access.
+	 *                  This parameter is optional. The default value is set in 'session.datastore.timeout',
+	 *                  and the default is 4 hours.
 	 */
-	public function setData($type, $id, $timeout, $data) {
+	public function setData($type, $id, $data, $timeout = NULL) {
 		assert(is_string($type));
 		assert(is_string($id));
-		assert(is_int($timeout));
+		assert(is_int($timeout) || is_null($timeout));
 
 		/* Clean out old data. */
 		$this->expireData();
 
+		if($timeout === NULL) {
+			/* Use the default timeout. */
+
+			$configuration = SimpleSAML_Configuration::getInstance();
+
+			$timeout = $configuration->getValue('session.datastore.timeout', NULL);
+			if($timeout !== NULL) {
+				if(!is_int($timeout) || $timeout <= 0) {
+					throw new Exception('The value of the session.datastore.timeout' .
+						' configuration option should be a positive integer.');
+				}
+			} else {
+				/* For backwards compatibility. */
+				$timeout = $configuration->getValue('session.requestcache', 4*(60*60));
+				if(!is_int($timeout) || $timeout <= 0) {
+					throw new Exception('The value of the session.requestcache' .
+						' configuration option should be a positive integer.');
+				}
+			}
+		}
+
 		$dataInfo = array('expires' => time() + $timeout, 'timeout' => $timeout, 'data' => $data);
 
 		if(!is_array($this->dataStore)) {
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index e9a3f3f8c..77d0d46f0 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -78,7 +78,7 @@ function saveLogoutInfo($id) {
 	global $session;
 	global $logoutInfo;
 
-	$session->setData('idplogoutresponsedata', $id, 15*60, $logoutInfo);
+	$session->setData('idplogoutresponsedata', $id, $logoutInfo);
 }
 
 
diff --git a/www/saml2/sp/initSLO.php b/www/saml2/sp/initSLO.php
index 2c752c93e..12314f974 100644
--- a/www/saml2/sp/initSLO.php
+++ b/www/saml2/sp/initSLO.php
@@ -43,7 +43,7 @@ if (isset($session) ) {
 		$req = $lr->generate($spentityid, $idpentityid, $session->getNameID(), $session->getSessionIndex(), 'SP');
 
 		/* Save the $returnTo url until the user returns from the IdP. */
-		$session->setData('spLogoutReturnTo', $lr->getGeneratedID(), 15*60, $returnTo);
+		$session->setData('spLogoutReturnTo', $lr->getGeneratedID(), $returnTo);
 		
 		$httpredirect = new SimpleSAML_Bindings_SAML20_HTTPRedirect($config, $metadata);
 		
-- 
GitLab