From a3513e46214c1ef7419dff4fb892e847b4c4c392 Mon Sep 17 00:00:00 2001 From: Tim van Dijen <tvdijen@gmail.com> Date: Wed, 30 May 2018 20:00:54 +0200 Subject: [PATCH] Replace SimpleSAML_Error_* with namespaced version --- config-templates/config.php | 4 +- lib/SimpleSAML/Auth/LDAP.php | 33 +++--- lib/SimpleSAML/Auth/ProcessingChain.php | 14 +-- lib/SimpleSAML/Auth/Simple.php | 4 +- lib/SimpleSAML/Auth/Source.php | 10 +- lib/SimpleSAML/Auth/State.php | 10 +- lib/SimpleSAML/Bindings/Shib13/Artifact.php | 14 +-- lib/SimpleSAML/Configuration.php | 6 +- lib/SimpleSAML/Error/Assertion.php | 9 +- lib/SimpleSAML/Error/AuthSource.php | 8 +- lib/SimpleSAML/Error/BadRequest.php | 7 +- lib/SimpleSAML/Error/BadUserInput.php | 7 +- lib/SimpleSAML/Error/CannotSetCookie.php | 8 +- lib/SimpleSAML/Error/ConfigurationError.php | 8 +- .../Error/CriticalConfigurationError.php | 9 +- lib/SimpleSAML/Error/Error.php | 16 +-- lib/SimpleSAML/Error/ErrorCodes.php | 5 +- lib/SimpleSAML/Error/Exception.php | 42 ++++---- lib/SimpleSAML/Error/InvalidCredential.php | 7 +- lib/SimpleSAML/Error/MetadataNotFound.php | 7 +- lib/SimpleSAML/Error/NoPassive.php | 9 +- lib/SimpleSAML/Error/NoState.php | 7 +- lib/SimpleSAML/Error/NotFound.php | 8 +- lib/SimpleSAML/Error/ProxyCountExceeded.php | 9 +- .../Error/UnserializableException.php | 8 +- lib/SimpleSAML/Error/User.php | 6 +- lib/SimpleSAML/Error/UserAborted.php | 10 +- lib/SimpleSAML/Error/UserNotFound.php | 6 +- lib/SimpleSAML/IdP.php | 30 +++--- lib/SimpleSAML/IdP/IFrameLogoutHandler.php | 6 +- lib/SimpleSAML/IdP/LogoutHandlerInterface.php | 7 +- .../IdP/TraditionalLogoutHandler.php | 10 +- lib/SimpleSAML/Memcache.php | 26 +++-- .../Metadata/MetaDataStorageHandler.php | 10 +- .../Metadata/MetaDataStorageHandlerPdo.php | 7 +- lib/SimpleSAML/Module.php | 5 +- lib/SimpleSAML/Session.php | 22 ++-- lib/SimpleSAML/SessionHandlerPHP.php | 14 +-- lib/SimpleSAML/Utilities.php | 7 +- lib/SimpleSAML/Utils/Attributes.php | 11 +- lib/SimpleSAML/Utils/Auth.php | 5 +- lib/SimpleSAML/Utils/Crypto.php | 37 +++---- lib/SimpleSAML/Utils/HTTP.php | 17 +-- lib/SimpleSAML/Utils/System.php | 19 ++-- lib/SimpleSAML/Utils/Time.php | 6 +- lib/SimpleSAML/Utils/XML.php | 8 +- lib/SimpleSAML/XHTML/Template.php | 4 +- lib/SimpleSAML/XML/Shib13/AuthnResponse.php | 9 +- modules/adfs/lib/IdP/ADFS.php | 30 +++--- modules/adfs/www/idp/metadata.php | 8 +- modules/adfs/www/idp/prp.php | 2 +- modules/authX509/www/expirywarning.php | 2 +- .../authYubiKey/lib/Auth/Source/YubiKey.php | 20 ++-- modules/authYubiKey/www/yubikeylogin.php | 12 +-- modules/authcrypt/lib/Auth/Source/Hash.php | 21 ++-- .../authcrypt/lib/Auth/Source/Htpasswd.php | 10 +- .../authfacebook/lib/Auth/Source/Facebook.php | 4 +- modules/authfacebook/www/linkback.php | 12 +-- modules/authorize/www/authorize_403.php | 2 +- .../authtwitter/lib/Auth/Source/Twitter.php | 8 +- modules/authtwitter/www/linkback.php | 12 +-- modules/authwindowslive/www/linkback.php | 2 +- modules/cas/www/linkback.php | 8 +- modules/casserver/www/cas.php | 14 +-- modules/cdc/lib/Auth/Process/CDC.php | 2 +- modules/cdc/lib/Server.php | 31 +++--- modules/cdc/www/resume.php | 8 +- modules/consent/lib/Auth/Process/Consent.php | 18 ++-- modules/consent/www/getconsent.php | 2 +- modules/consent/www/noconsent.php | 2 +- modules/core/lib/ACL.php | 10 +- .../core/lib/Auth/Process/AttributeAlter.php | 18 ++-- .../core/lib/Auth/Process/AttributeLimit.php | 12 +-- .../lib/Auth/Process/AttributeValueMap.php | 8 +- modules/core/lib/Auth/Process/Cardinality.php | 10 +- modules/core/lib/Auth/Process/PHP.php | 7 +- .../core/lib/Auth/Source/AdminPassword.php | 15 ++- modules/core/lib/Auth/UserPassBase.php | 6 +- modules/core/lib/Auth/UserPassOrgBase.php | 8 +- modules/core/lib/Stats/Output/File.php | 2 +- modules/core/www/as_login.php | 8 +- modules/core/www/as_logout.php | 4 +- modules/core/www/cardinality_error.php | 3 +- modules/core/www/frontpage_welcome.php | 1 - modules/core/www/idp/logout-iframe-done.php | 2 +- modules/core/www/idp/logout-iframe-post.php | 6 +- modules/core/www/idp/logout-iframe.php | 4 +- modules/core/www/idp/resumelogout.php | 2 +- modules/core/www/login-admin.php | 3 +- modules/core/www/loginuserpass.php | 4 +- modules/core/www/loginuserpassorg.php | 4 +- modules/core/www/postredirect.php | 6 +- modules/core/www/short_sso_interval.php | 2 +- modules/discopower/www/disco.php | 16 +-- .../www/attributeserver.php | 4 +- .../exampleauth/lib/Auth/Source/External.php | 8 +- .../exampleauth/lib/Auth/Source/UserPass.php | 4 +- modules/exampleauth/www/redirecttest.php | 2 +- modules/expirycheck/www/about2expire.php | 6 +- modules/expirycheck/www/expired.php | 2 +- .../Auth/Process/AttributeAddUsersGroups.php | 25 ++--- modules/ldap/lib/Auth/Process/BaseFilter.php | 8 +- modules/ldap/lib/Auth/Source/LDAPMulti.php | 5 +- modules/ldap/lib/ConfigHelper.php | 15 +-- modules/metarefresh/www/fetch.php | 2 +- .../multiauth/lib/Auth/Source/MultiAuth.php | 8 +- modules/multiauth/www/selectsource.php | 2 +- .../negotiate/lib/Auth/Source/Negotiate.php | 22 ++-- modules/negotiate/www/retry.php | 27 ++--- modules/oauth/lib/Consumer.php | 8 +- modules/preprodwarning/www/showwarning.php | 10 +- modules/radius/lib/Auth/Source/Radius.php | 6 +- .../saml/lib/Auth/Process/AttributeNameID.php | 7 +- .../lib/Auth/Process/AuthnContextClassRef.php | 5 +- .../Process/ExpectedAuthnContextClassRef.php | 6 +- .../saml/lib/Auth/Process/FilterScopes.php | 1 - .../saml/lib/Auth/Process/NameIDAttribute.php | 5 +- .../lib/Auth/Process/PersistentNameID.php | 6 +- .../Process/PersistentNameID2TargetedID.php | 3 +- .../lib/Auth/Process/SQLPersistentNameID.php | 7 +- .../saml/lib/Auth/Process/TransientNameID.php | 3 +- modules/saml/lib/Auth/Source/SP.php | 10 +- modules/saml/lib/Error.php | 12 +-- modules/saml/lib/IdP/SAML1.php | 4 +- modules/saml/lib/IdP/SAML2.php | 50 ++++----- modules/saml/lib/IdP/SQLNameID.php | 2 +- modules/saml/lib/Message.php | 102 +++++++++--------- modules/saml/www/idp/certs.php | 4 +- modules/saml/www/proxy/invalid_session.php | 2 +- modules/saml/www/sp/discoresp.php | 6 +- modules/saml/www/sp/metadata.php | 8 +- modules/saml/www/sp/saml1-acs.php | 12 +-- modules/saml/www/sp/saml2-acs.php | 16 +-- modules/saml/www/sp/saml2-logout.php | 16 +-- .../lib/Auth/Process/SmartID.php | 2 +- modules/sqlauth/lib/Auth/Source/SQL.php | 4 +- modules/statistics/lib/AccessCheck.php | 4 +- tests/lib/SimpleSAML/Utils/ArraysTest.php | 1 - tests/lib/SimpleSAML/Utils/AttributesTest.php | 6 +- tests/lib/SimpleSAML/Utils/CryptoTest.php | 14 +-- tests/lib/SimpleSAML/Utils/HTTPTest.php | 6 +- tests/lib/SimpleSAML/Utils/NetTest.php | 2 - tests/lib/SimpleSAML/Utils/RandomTest.php | 1 - tests/lib/SimpleSAML/Utils/SystemTest.php | 2 +- tests/lib/SimpleSAML/Utils/TimeTest.php | 2 +- tests/lib/SimpleSAML/Utils/XMLTest.php | 2 +- .../core/lib/Auth/Process/CardinalityTest.php | 11 +- .../modules/core/lib/Auth/Process/PHPTest.php | 3 +- tests/modules/saml/lib/IdP/SAML2Test.php | 4 +- www/_include.php | 8 +- www/authmemcookie.php | 4 +- www/module.php | 15 +-- www/saml2/idp/ArtifactResolutionService.php | 6 +- www/saml2/idp/SSOService.php | 10 +- www/saml2/idp/SingleLogoutService.php | 8 +- www/saml2/idp/initSLO.php | 9 +- www/saml2/idp/metadata.php | 6 +- www/shib13/idp/metadata.php | 6 +- 158 files changed, 763 insertions(+), 766 deletions(-) diff --git a/config-templates/config.php b/config-templates/config.php index a147f2e5f..6f0061b63 100644 --- a/config-templates/config.php +++ b/config-templates/config.php @@ -231,11 +231,11 @@ $config = array( 'errorreporting' => true, /* - * Custom error show function called from SimpleSAML_Error_Error::show. + * Custom error show function called from SimpleSAML\Error\Error::show. * See docs/simplesamlphp-errorhandling.txt for function code example. * * Example: - * 'errors.show_function' => array('sspmod_example_Error_Show', 'show'), + * 'errors.show_function' => array('SimpleSAML\Module\example\Error', 'show'), */ diff --git a/lib/SimpleSAML/Auth/LDAP.php b/lib/SimpleSAML/Auth/LDAP.php index f5d47f5fe..40affecb2 100644 --- a/lib/SimpleSAML/Auth/LDAP.php +++ b/lib/SimpleSAML/Auth/LDAP.php @@ -3,6 +3,7 @@ /** * Constants defining possible errors */ + define('ERR_INTERNAL', 1); define('ERR_NO_USER', 2); define('ERR_WRONG_PW', 3); @@ -143,15 +144,15 @@ class SimpleSAML_Auth_LDAP switch ($type) { case ERR_INTERNAL:// 1 - ExInternal - return new SimpleSAML_Error_Exception($description, $errNo); + return new \SimpleSAML\Error\Exception($description, $errNo); case ERR_NO_USER:// 2 - ExUserNotFound - return new SimpleSAML_Error_UserNotFound($description, $errNo); + return new \SimpleSAML\Error\UserNotFound($description, $errNo); case ERR_WRONG_PW:// 3 - ExInvalidCredential - return new SimpleSAML_Error_InvalidCredential($description, $errNo); + return new \SimpleSAML\Error\InvalidCredential($description, $errNo); case ERR_AS_DATA_INCONSIST:// 4 - ExAsDataInconsist - return new SimpleSAML_Error_AuthSource('ldap', $description); + return new \SimpleSAML\Error\AuthSource('ldap', $description); case ERR_AS_INTERNAL:// 5 - ExAsInternal - return new SimpleSAML_Error_AuthSource('ldap', $description); + return new \SimpleSAML\Error\AuthSource('ldap', $description); } } else { if ($errNo !== 0) { @@ -163,16 +164,16 @@ class SimpleSAML_Auth_LDAP switch ($errNo) { case 0x20://LDAP_NO_SUCH_OBJECT SimpleSAML\Logger::warning($description); - return new SimpleSAML_Error_UserNotFound($description, $errNo); + return new \SimpleSAML\Error\UserNotFound($description, $errNo); case 0x31://LDAP_INVALID_CREDENTIALS SimpleSAML\Logger::info($description); - return new SimpleSAML_Error_InvalidCredential($description, $errNo); + return new \SimpleSAML\Error\InvalidCredential($description, $errNo); case -1://NO_SERVER_CONNECTION SimpleSAML\Logger::error($description); - return new SimpleSAML_Error_AuthSource('ldap', $description); + return new \SimpleSAML\Error\AuthSource('ldap', $description); default: SimpleSAML\Logger::error($description); - return new SimpleSAML_Error_AuthSource('ldap', $description); + return new \SimpleSAML\Error\AuthSource('ldap', $description); } } } @@ -193,16 +194,16 @@ class SimpleSAML_Auth_LDAP * @param string $scope * @return string * The DN of the resulting found element. - * @throws SimpleSAML_Error_Exception if: + * @throws \SimpleSAML\Error\Exception if: * - Attribute parameter is wrong type - * @throws SimpleSAML_Error_AuthSource if: + * @throws \SimpleSAML\Error\AuthSource if: * - Not able to connect to LDAP server * - False search result * - Count return false * - Searche found more than one result * - Failed to get first entry from result * - Failed to get DN for entry - * @throws SimpleSAML_Error_UserNotFound if: + * @throws \SimpleSAML\Error\UserNotFound if: * - Zero entries were found */ private function search($base, $attribute, $value, $searchFilter = null, $scope = "subtree") @@ -281,10 +282,10 @@ class SimpleSAML_Auth_LDAP * The DN of the matching element, if found. If no element was found and * $allowZeroHits is set to FALSE, an exception will be thrown; otherwise * NULL will be returned. - * @throws SimpleSAML_Error_AuthSource if: + * @throws \SimpleSAML\Error\AuthSource if: * - LDAP search encounter some problems when searching cataloge * - Not able to connect to LDAP server - * @throws SimpleSAML_Error_UserNotFound if: + * @throws \SimpleSAML\Error\UserNotFound if: * - $allowZeroHits is FALSE and no result is found * */ @@ -302,7 +303,7 @@ class SimpleSAML_Auth_LDAP return $result; } // If search failed, attempt the other base DNs - } catch (SimpleSAML_Error_UserNotFound $e) { + } catch (\SimpleSAML\Error\UserNotFound $e) { // Just continue searching } } @@ -441,7 +442,7 @@ class SimpleSAML_Auth_LDAP * Returns TRUE if successful, FALSE if * LDAP_INVALID_CREDENTIALS, LDAP_X_PROXY_AUTHZ_FAILURE, * LDAP_INAPPROPRIATE_AUTH, LDAP_INSUFFICIENT_ACCESS - * @throws SimpleSAML_Error_Exception on other errors + * @throws \SimpleSAML\Error\Exception on other errors */ public function bind($dn, $password, array $sasl_args = null) { diff --git a/lib/SimpleSAML/Auth/ProcessingChain.php b/lib/SimpleSAML/Auth/ProcessingChain.php index bd6ce6267..a20663517 100644 --- a/lib/SimpleSAML/Auth/ProcessingChain.php +++ b/lib/SimpleSAML/Auth/ProcessingChain.php @@ -195,7 +195,7 @@ class SimpleSAML_Auth_ProcessingChain $filter = array_shift($state[self::FILTERS_INDEX]); $filter->process($state); } - } catch (SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { // No need to convert the exception throw $e; } catch (Exception $e) { @@ -203,7 +203,7 @@ class SimpleSAML_Auth_ProcessingChain * To be consistent with the exception we return after an redirect, * we convert this exception before returning it. */ - throw new SimpleSAML_Error_UnserializableException($e); + throw new \SimpleSAML\Error\UnserializableException($e); } // Completed @@ -229,10 +229,10 @@ class SimpleSAML_Auth_ProcessingChain $filter = array_shift($state[self::FILTERS_INDEX]); try { $filter->process($state); - } catch (SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { SimpleSAML_Auth_State::throwException($state, $e); } catch (Exception $e) { - $e = new SimpleSAML_Error_UnserializableException($e); + $e = new \SimpleSAML\Error\UnserializableException($e); SimpleSAML_Auth_State::throwException($state, $e); } } @@ -268,7 +268,7 @@ class SimpleSAML_Auth_ProcessingChain /** * Process the given state passivly. * - * Modules with user interaction are expected to throw an SimpleSAML_Error_NoPassive exception + * Modules with user interaction are expected to throw an \SimpleSAML\Error\NoPassive exception * which are silently ignored. Exceptions of other types are passed further up the call stack. * * This function will only return if processing completes. @@ -297,8 +297,8 @@ class SimpleSAML_Auth_ProcessingChain try { $filter->process($state); - // Ignore SimpleSAML_Error_NoPassive exceptions - } catch (SimpleSAML_Error_NoPassive $e) { + // Ignore \SimpleSAML\Error\NoPassive exceptions + } catch (\SimpleSAML\Error\NoPassive $e) { } } } diff --git a/lib/SimpleSAML/Auth/Simple.php b/lib/SimpleSAML/Auth/Simple.php index 8c464778a..314e48b6b 100644 --- a/lib/SimpleSAML/Auth/Simple.php +++ b/lib/SimpleSAML/Auth/Simple.php @@ -5,7 +5,7 @@ namespace SimpleSAML\Auth; use \SimpleSAML_Auth_Source as Source; use \SimpleSAML_Auth_State as State; use \SimpleSAML\Configuration; -use \SimpleSAML_Error_AuthSource as AuthSourceError; +use \SimpleSAML\Error\AuthSource as AuthSourceError; use \SimpleSAML\Module; use \SimpleSAML\Session; use \SimpleSAML\Utils\HTTP; @@ -49,7 +49,7 @@ class Simple * * @return \SimpleSAML_Auth_Source The authentication source. * - * @throws \SimpleSAML_Error_AuthSource If the requested auth source is unknown. + * @throws \SimpleSAML\Error\AuthSource If the requested auth source is unknown. */ public function getAuthSource() { diff --git a/lib/SimpleSAML/Auth/Source.php b/lib/SimpleSAML/Auth/Source.php index e1f4043d2..8e1be0243 100644 --- a/lib/SimpleSAML/Auth/Source.php +++ b/lib/SimpleSAML/Auth/Source.php @@ -191,10 +191,10 @@ abstract class SimpleSAML_Auth_Source try { $this->authenticate($state); - } catch (SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { SimpleSAML_Auth_State::throwException($state, $e); } catch (Exception $e) { - $e = new SimpleSAML_Error_UnserializableException($e); + $e = new \SimpleSAML\Error\UnserializableException($e); SimpleSAML_Auth_State::throwException($state, $e); } self::loginCompleted($state); @@ -334,7 +334,7 @@ abstract class SimpleSAML_Auth_Source * * @return SimpleSAML_Auth_Source|NULL The AuthSource object, or NULL if no authentication * source with the given identifier is found. - * @throws SimpleSAML_Error_Exception If no such authentication source is found or it is invalid. + * @throws \SimpleSAML\Error\Exception If no such authentication source is found or it is invalid. */ public static function getById($authId, $type = null) { @@ -347,7 +347,7 @@ abstract class SimpleSAML_Auth_Source $authConfig = $config->getArray($authId, null); if ($authConfig === null) { if ($type !== null) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'No authentication source with id '. var_export($authId, true).' found.' ); @@ -362,7 +362,7 @@ abstract class SimpleSAML_Auth_Source } // the authentication source doesn't have the correct type - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Invalid type of authentication source '. var_export($authId, true).'. Was '.var_export(get_class($ret), true). ', should be '.var_export($type, true).'.' diff --git a/lib/SimpleSAML/Auth/State.php b/lib/SimpleSAML/Auth/State.php index ff9014815..f91769871 100644 --- a/lib/SimpleSAML/Auth/State.php +++ b/lib/SimpleSAML/Auth/State.php @@ -248,7 +248,7 @@ class SimpleSAML_Auth_State * @param string $stage The stage the state should have been saved in. * @param bool $allowMissing Whether to allow the state to be missing. * - * @throws SimpleSAML_Error_NoState If we couldn't find the state and there's no URL defined to redirect to. + * @throws \SimpleSAML\Error\NoState If we couldn't find the state and there's no URL defined to redirect to. * @throws Exception If the stage of the state is invalid and there's no URL defined to redirect to. * * @return array|NULL State information, or null if the state is missing and $allowMissing is true. @@ -272,7 +272,7 @@ class SimpleSAML_Auth_State } if ($sid['url'] === null) { - throw new SimpleSAML_Error_NoState(); + throw new \SimpleSAML\Error\NoState(); } \SimpleSAML\Utils\HTTP::redirectUntrustedURL($sid['url']); @@ -333,11 +333,11 @@ class SimpleSAML_Auth_State * Throw exception to the state exception handler. * * @param array $state The state array. - * @param SimpleSAML_Error_Exception $exception The exception. + * @param \SimpleSAML\Error\Exception $exception The exception. * - * @throws SimpleSAML_Error_Exception If there is no exception handler defined, it will just throw the $exception. + * @throws \SimpleSAML\Error\Exception If there is no exception handler defined, it will just throw the $exception. */ - public static function throwException($state, SimpleSAML_Error_Exception $exception) + public static function throwException($state, \SimpleSAML\Error\Exception $exception) { assert(is_array($state)); diff --git a/lib/SimpleSAML/Bindings/Shib13/Artifact.php b/lib/SimpleSAML/Bindings/Shib13/Artifact.php index 32d6fc5d3..844f08181 100644 --- a/lib/SimpleSAML/Bindings/Shib13/Artifact.php +++ b/lib/SimpleSAML/Bindings/Shib13/Artifact.php @@ -9,6 +9,7 @@ namespace SimpleSAML\Bindings\Shib13; use SAML2\DOMDocumentFactory; +use SimpleSAML\Error; use SimpleSAML\Utils\Config; use SimpleSAML\Utils\HTTP; use SimpleSAML\Utils\Random; @@ -18,7 +19,6 @@ use SimpleSAML\Utils\XML; class Artifact { - /** * Parse the query string, and extract the SAMLart parameters. * @@ -83,7 +83,7 @@ class Artifact * * @param string $soapResponse The SOAP response. * @return string The <saml1p:Response> element, as a string. - * @throws \SimpleSAML_Error_Exception + * @throws Error\Exception */ private static function extractResponse($soapResponse) { @@ -92,24 +92,24 @@ class Artifact try { $doc = DOMDocumentFactory::fromString($soapResponse); } catch (\Exception $e) { - throw new \SimpleSAML_Error_Exception('Error parsing SAML 1 artifact response.'); + throw new Error\Exception('Error parsing SAML 1 artifact response.'); } $soapEnvelope = $doc->firstChild; if (!XML::isDOMNodeOfType($soapEnvelope, 'Envelope', 'http://schemas.xmlsoap.org/soap/envelope/')) { - throw new \SimpleSAML_Error_Exception('Expected artifact response to contain a <soap:Envelope> element.'); + throw new Error\Exception('Expected artifact response to contain a <soap:Envelope> element.'); } $soapBody = XML::getDOMChildren($soapEnvelope, 'Body', 'http://schemas.xmlsoap.org/soap/envelope/'); if (count($soapBody) === 0) { - throw new \SimpleSAML_Error_Exception('Couldn\'t find <soap:Body> in <soap:Envelope>.'); + throw new Error\Exception('Couldn\'t find <soap:Body> in <soap:Envelope>.'); } $soapBody = $soapBody[0]; $responseElement = XML::getDOMChildren($soapBody, 'Response', 'urn:oasis:names:tc:SAML:1.0:protocol'); if (count($responseElement) === 0) { - throw new \SimpleSAML_Error_Exception('Couldn\'t find <saml1p:Response> in <soap:Body>.'); + throw new Error\Exception('Couldn\'t find <saml1p:Response> in <soap:Body>.'); } $responseElement = $responseElement[0]; @@ -131,7 +131,7 @@ class Artifact * @param \SimpleSAML\Configuration $spMetadata The metadata of the SP. * @param \SimpleSAML\Configuration $idpMetadata The metadata of the IdP. * @return string The <saml1p:Response> element, as an XML string. - * @throws \SimpleSAML_Error_Exception + * @throws Error\Exception */ public static function receive(\SimpleSAML\Configuration $spMetadata, \SimpleSAML\Configuration $idpMetadata) { diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php index 35ff63c2a..9b6fb9710 100644 --- a/lib/SimpleSAML/Configuration.php +++ b/lib/SimpleSAML/Configuration.php @@ -1315,7 +1315,7 @@ class Configuration implements Utils\ClearableState * @return array Public key data, or empty array if no public key or was found. * * @throws \Exception If the certificate or public key cannot be loaded from a file. - * @throws \SimpleSAML_Error_Exception If the file does not contain a valid PEM-encoded certificate, or there is no + * @throws \SimpleSAML\Error\Exception If the file does not contain a valid PEM-encoded certificate, or there is no * certificate in the metadata. */ public function getPublicKeys($use = null, $required = false, $prefix = '') @@ -1359,7 +1359,7 @@ class Configuration implements Utils\ClearableState // extract certificate data (if this is a certificate) $pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m'; if (!preg_match($pattern, $data, $matches)) { - throw new \SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->location.': Could not find PEM encoded certificate in "'.$file.'".' ); } @@ -1374,7 +1374,7 @@ class Configuration implements Utils\ClearableState ), ); } elseif ($required === true) { - throw new \SimpleSAML_Error_Exception($this->location.': Missing certificate in metadata.'); + throw new \SimpleSAML\Error\Exception($this->location.': Missing certificate in metadata.'); } else { return array(); } diff --git a/lib/SimpleSAML/Error/Assertion.php b/lib/SimpleSAML/Error/Assertion.php index d9a607a97..e70281385 100644 --- a/lib/SimpleSAML/Error/Assertion.php +++ b/lib/SimpleSAML/Error/Assertion.php @@ -1,15 +1,16 @@ <?php +namespace SimpleSAML\Error; + /** * Class for creating exceptions from assertion failures. * * @author Olav Morken, UNINETT AS. * @package SimpleSAMLphp */ -class SimpleSAML_Error_Assertion extends SimpleSAML_Error_Exception -{ - +class Assertion extends Exception +{ /** * The assertion which failed, or null if only an expression was passed to the * assert-function. @@ -58,7 +59,7 @@ class SimpleSAML_Error_Assertion extends SimpleSAML_Error_Exception assert_options(ASSERT_WARNING, 0); assert_options(ASSERT_QUIET_EVAL, 0); - assert_options(ASSERT_CALLBACK, array('SimpleSAML_Error_Assertion', 'onAssertion')); + assert_options(ASSERT_CALLBACK, array('\SimpleSAML\Error\Assertion', 'onAssertion')); } diff --git a/lib/SimpleSAML/Error/AuthSource.php b/lib/SimpleSAML/Error/AuthSource.php index 107083eae..6db188121 100644 --- a/lib/SimpleSAML/Error/AuthSource.php +++ b/lib/SimpleSAML/Error/AuthSource.php @@ -1,14 +1,16 @@ <?php + +namespace SimpleSAML\Error; + /** * Baseclass for auth source exceptions. * * @package SimpleSAMLphp_base * */ -class SimpleSAML_Error_AuthSource extends SimpleSAML_Error_Error -{ - +class AuthSource extends Error +{ /** * Authsource module name. */ diff --git a/lib/SimpleSAML/Error/BadRequest.php b/lib/SimpleSAML/Error/BadRequest.php index 79710cce3..41bf65c1f 100644 --- a/lib/SimpleSAML/Error/BadRequest.php +++ b/lib/SimpleSAML/Error/BadRequest.php @@ -1,5 +1,7 @@ <?php +namespace SimpleSAML\Error; + /** * Exception which will show a 400 Bad Request error page. * @@ -9,10 +11,9 @@ * @author Olav Morken, UNINETT AS. * @package SimpleSAMLphp */ -class SimpleSAML_Error_BadRequest extends SimpleSAML_Error_Error -{ - +class BadRequest extends Error +{ /** * Reason why this request was invalid. */ diff --git a/lib/SimpleSAML/Error/BadUserInput.php b/lib/SimpleSAML/Error/BadUserInput.php index 0e4d721da..5f94dcc04 100644 --- a/lib/SimpleSAML/Error/BadUserInput.php +++ b/lib/SimpleSAML/Error/BadUserInput.php @@ -1,4 +1,7 @@ <?php + +namespace SimpleSAML\Error; + /** * Exception indicating illegal innput from user. * @@ -6,7 +9,7 @@ * @package SimpleSAMLphp_base * */ -class SimpleSAML_Error_BadUserInput extends SimpleSAML_Error_User -{ +class BadUserInput extends User +{ } diff --git a/lib/SimpleSAML/Error/CannotSetCookie.php b/lib/SimpleSAML/Error/CannotSetCookie.php index c4e7fee2a..70287404f 100644 --- a/lib/SimpleSAML/Error/CannotSetCookie.php +++ b/lib/SimpleSAML/Error/CannotSetCookie.php @@ -1,4 +1,7 @@ <?php + +namespace SimpleSAML\Error; + /** * Exception to indicate that we cannot set a cookie. * @@ -6,11 +9,8 @@ * @package SimpleSAMLphp */ -namespace SimpleSAML\Error; - -class CannotSetCookie extends \SimpleSAML_Error_Exception +class CannotSetCookie extends Exception { - /** * The exception was thrown for unknown reasons. * diff --git a/lib/SimpleSAML/Error/ConfigurationError.php b/lib/SimpleSAML/Error/ConfigurationError.php index 574ef6284..47dd0ccc9 100644 --- a/lib/SimpleSAML/Error/ConfigurationError.php +++ b/lib/SimpleSAML/Error/ConfigurationError.php @@ -1,4 +1,7 @@ <?php + +namespace SimpleSAML\Error; + /** * This exception represents a configuration error. * @@ -6,11 +9,8 @@ * @package SimpleSAMLphp */ -namespace SimpleSAML\Error; - -class ConfigurationError extends \SimpleSAML_Error_Error +class ConfigurationError extends Error { - /** * The reason for this exception. * diff --git a/lib/SimpleSAML/Error/CriticalConfigurationError.php b/lib/SimpleSAML/Error/CriticalConfigurationError.php index d8662c0e8..de8bd0c3c 100644 --- a/lib/SimpleSAML/Error/CriticalConfigurationError.php +++ b/lib/SimpleSAML/Error/CriticalConfigurationError.php @@ -1,5 +1,7 @@ <?php +namespace SimpleSAML\Error; + /** * This exception represents a configuration error that we cannot recover from. * @@ -19,11 +21,8 @@ * @package SimpleSAMLphp */ -namespace SimpleSAML\Error; - class CriticalConfigurationError extends ConfigurationError { - /** * This is the bare minimum configuration that we can use. * @@ -61,11 +60,11 @@ class CriticalConfigurationError extends ConfigurationError /** - * @param \Exception $exception + * @param ConfigurationError $exception * * @return CriticalConfigurationError */ - public static function fromException(\Exception $exception) + public static function fromException(Exception $exception) { $reason = null; $file = null; diff --git a/lib/SimpleSAML/Error/Error.php b/lib/SimpleSAML/Error/Error.php index f02b4be1c..9632df87d 100644 --- a/lib/SimpleSAML/Error/Error.php +++ b/lib/SimpleSAML/Error/Error.php @@ -1,5 +1,6 @@ <?php +namespace SimpleSAML\Error; /** * Class that wraps SimpleSAMLphp errors in exceptions. @@ -7,7 +8,8 @@ * @author Olav Morken, UNINETT AS. * @package SimpleSAMLphp */ -class SimpleSAML_Error_Error extends SimpleSAML_Error_Exception + +class Error extends Exception { /** * The error code. @@ -65,10 +67,10 @@ class SimpleSAML_Error_Error extends SimpleSAML_Error_Exception * (with index 0), is the error code, while the other elements are replacements for the error text. * * @param mixed $errorCode One of the error codes defined in the errors dictionary. - * @param Exception $cause The exception which caused this fatal error (if any). Optional. + * @param \Exception $cause The exception which caused this fatal error (if any). Optional. * @param int|null $httpCode The HTTP response code to use. Optional. */ - public function __construct($errorCode, Exception $cause = null, $httpCode = null) + public function __construct($errorCode, \Exception $cause = null, $httpCode = null) { assert(is_string($errorCode) || is_array($errorCode)); @@ -91,8 +93,8 @@ class SimpleSAML_Error_Error extends SimpleSAML_Error_Exception $this->dictTitle = '{'.$this->module.':errors:title_'.$moduleCode[1].'}'; $this->dictDescr = '{'.$this->module.':errors:descr_'.$moduleCode[1].'}'; } else { - $this->dictTitle = SimpleSAML\Error\ErrorCodes::getErrorCodeTitle($this->errorCode); - $this->dictDescr = SimpleSAML\Error\ErrorCodes::getErrorCodeDescription($this->errorCode); + $this->dictTitle = ErrorCodes::getErrorCodeTitle($this->errorCode); + $this->dictDescr = ErrorCodes::getErrorCodeDescription($this->errorCode); } if (!empty($this->parameters)) { @@ -183,7 +185,7 @@ class SimpleSAML_Error_Error extends SimpleSAML_Error_Exception if (!array_key_exists($this->httpCode, $httpCodesMap)) { $httpCode = 500; - SimpleSAML\Logger::warning('HTTP response code not defined: '.var_export($this->httpCode, true)); + \SimpleSAML\Logger::warning('HTTP response code not defined: '.var_export($this->httpCode, true)); } header($httpCodesMap[$httpCode]); @@ -202,7 +204,7 @@ class SimpleSAML_Error_Error extends SimpleSAML_Error_Exception $etrace = implode("\n", $data); $reportId = bin2hex(openssl_random_pseudo_bytes(4)); - SimpleSAML\Logger::error('Error report with id '.$reportId.' generated.'); + \SimpleSAML\Logger::error('Error report with id '.$reportId.' generated.'); $config = \SimpleSAML\Configuration::getInstance(); $session = \SimpleSAML\Session::getSessionFromRequest(); diff --git a/lib/SimpleSAML/Error/ErrorCodes.php b/lib/SimpleSAML/Error/ErrorCodes.php index 3563a2d3d..803f1acea 100644 --- a/lib/SimpleSAML/Error/ErrorCodes.php +++ b/lib/SimpleSAML/Error/ErrorCodes.php @@ -1,4 +1,7 @@ <?php + +namespace SimpleSAML\Error; + /** * Class that maps SimpleSAMLphp error codes to translateable strings. * @@ -6,8 +9,6 @@ * @package SimpleSAMLphp */ -namespace SimpleSAML\Error; - class ErrorCodes { /** diff --git a/lib/SimpleSAML/Error/Exception.php b/lib/SimpleSAML/Error/Exception.php index 844068cec..cc3c40880 100644 --- a/lib/SimpleSAML/Error/Exception.php +++ b/lib/SimpleSAML/Error/Exception.php @@ -1,5 +1,6 @@ <?php +namespace SimpleSAML\Error; /** * Base class for SimpleSAMLphp Exceptions @@ -9,9 +10,9 @@ * @author Thomas Graff <thomas.graff@uninett.no> * @package SimpleSAMLphp */ -class SimpleSAML_Error_Exception extends Exception -{ +class Exception extends \Exception +{ /** * The backtrace for this exception. * @@ -26,7 +27,7 @@ class SimpleSAML_Error_Exception extends Exception /** * The cause of this exception. * - * @var SimpleSAML_Error_Exception + * @var Exception */ private $cause; @@ -34,8 +35,8 @@ class SimpleSAML_Error_Exception extends Exception /** * Constructor for this error. * - * Note that the cause will be converted to a SimpleSAML_Error_UnserializableException unless it is a subclass of - * SimpleSAML_Error_Exception. + * Note that the cause will be converted to a SimpleSAML\Error\UnserializableException unless it is a subclass of + * SimpleSAML\Error\Exception. * * @param string $message Exception message * @param int $code Error code @@ -51,25 +52,24 @@ class SimpleSAML_Error_Exception extends Exception $this->initBacktrace($this); if ($cause !== null) { - $this->cause = SimpleSAML_Error_Exception::fromException($cause); + $this->cause = Exception::fromException($cause); } } /** - * Convert any exception into a SimpleSAML_Error_Exception. + * Convert any exception into a \SimpleSAML\Error\Exception. * * @param Exception $e The exception. * - * @return SimpleSAML_Error_Exception The new exception. + * @return Exception The new exception. */ public static function fromException(Exception $e) { - - if ($e instanceof SimpleSAML_Error_Exception) { + if ($e instanceof Exception) { return $e; } - return new SimpleSAML_Error_UnserializableException($e); + return new UnserializableException($e); } @@ -80,7 +80,6 @@ class SimpleSAML_Error_Exception extends Exception */ protected function initBacktrace(Exception $exception) { - $this->backtrace = array(); // position in the top function on the stack @@ -119,7 +118,7 @@ class SimpleSAML_Error_Exception extends Exception /** * Retrieve the cause of this exception. * - * @return SimpleSAML_Error_Exception|null The cause of this exception. + * @return Exception|null The cause of this exception. */ public function getCause() { @@ -235,10 +234,10 @@ class SimpleSAML_Error_Exception extends Exception public function log($default_level) { $fn = array( - SimpleSAML\Logger::ERR => 'logError', - SimpleSAML\Logger::WARNING => 'logWarning', - SimpleSAML\Logger::INFO => 'logInfo', - SimpleSAML\Logger::DEBUG => 'logDebug', + \SimpleSAML\Logger::ERR => 'logError', + \SimpleSAML\Logger::WARNING => 'logWarning', + \SimpleSAML\Logger::INFO => 'logInfo', + \SimpleSAML\Logger::DEBUG => 'logDebug', ); call_user_func(array($this, $fn[$default_level]), $default_level); } @@ -251,7 +250,7 @@ class SimpleSAML_Error_Exception extends Exception */ public function logError() { - SimpleSAML\Logger::error($this->getClass().': '.$this->getMessage()); + \SimpleSAML\Logger::error($this->getClass().': '.$this->getMessage()); $this->logBacktrace(\SimpleSAML\Logger::ERR); } @@ -263,7 +262,7 @@ class SimpleSAML_Error_Exception extends Exception */ public function logWarning() { - SimpleSAML\Logger::warning($this->getClass().': '.$this->getMessage()); + \SimpleSAML\Logger::warning($this->getClass().': '.$this->getMessage()); $this->logBacktrace(\SimpleSAML\Logger::WARNING); } @@ -275,7 +274,7 @@ class SimpleSAML_Error_Exception extends Exception */ public function logInfo() { - SimpleSAML\Logger::info($this->getClass().': '.$this->getMessage()); + \SimpleSAML\Logger::info($this->getClass().': '.$this->getMessage()); $this->logBacktrace(\SimpleSAML\Logger::INFO); } @@ -287,7 +286,7 @@ class SimpleSAML_Error_Exception extends Exception */ public function logDebug() { - SimpleSAML\Logger::debug($this->getClass().': '.$this->getMessage()); + \SimpleSAML\Logger::debug($this->getClass().': '.$this->getMessage()); $this->logBacktrace(\SimpleSAML\Logger::DEBUG); } @@ -302,7 +301,6 @@ class SimpleSAML_Error_Exception extends Exception */ public function __sleep() { - $ret = array_keys((array) $this); foreach ($ret as $i => $e) { diff --git a/lib/SimpleSAML/Error/InvalidCredential.php b/lib/SimpleSAML/Error/InvalidCredential.php index d0bbff145..98d3b85d7 100644 --- a/lib/SimpleSAML/Error/InvalidCredential.php +++ b/lib/SimpleSAML/Error/InvalidCredential.php @@ -1,4 +1,7 @@ <?php + +namespace SimpleSAML\Error; + /** * Exception indicating wrong password given by user. * @@ -6,7 +9,7 @@ * @package SimpleSAMLphp_base * */ -class SimpleSAML_Error_InvalidCredential extends SimpleSAML_Error_User -{ +class InvalidCredential extends User +{ } diff --git a/lib/SimpleSAML/Error/MetadataNotFound.php b/lib/SimpleSAML/Error/MetadataNotFound.php index 3aef36584..93e086c14 100644 --- a/lib/SimpleSAML/Error/MetadataNotFound.php +++ b/lib/SimpleSAML/Error/MetadataNotFound.php @@ -1,14 +1,15 @@ <?php +namespace SimpleSAML\Error; + /** * Error for missing metadata. * * @package SimpleSAMLphp */ -class SimpleSAML_Error_MetadataNotFound extends SimpleSAML_Error_Error -{ - +class MetadataNotFound extends Error +{ /** * Create the error * diff --git a/lib/SimpleSAML/Error/NoPassive.php b/lib/SimpleSAML/Error/NoPassive.php index 2f5343345..43b42cf46 100644 --- a/lib/SimpleSAML/Error/NoPassive.php +++ b/lib/SimpleSAML/Error/NoPassive.php @@ -1,15 +1,16 @@ <?php +namespace SimpleSAML\Error; /** - * Class SimpleSAML_Error_NoPassive + * Class NoPassive * * @deprecated This class has been deprecated and will be removed in SimpleSAMLphp 2.0. Please use - * SimpleSAML\Module\saml\Error\NoPassive instead. + * \SimpleSAML\Module\saml\Error\NoPassive instead. * * @see \SimpleSAML\Module\saml\Error\NoPassive */ -class SimpleSAML_Error_NoPassive extends SimpleSAML_Error_Exception -{ +class NoPassive extends Exception +{ } diff --git a/lib/SimpleSAML/Error/NoState.php b/lib/SimpleSAML/Error/NoState.php index 7b4adb196..d0281beb0 100644 --- a/lib/SimpleSAML/Error/NoState.php +++ b/lib/SimpleSAML/Error/NoState.php @@ -1,15 +1,16 @@ <?php +namespace SimpleSAML\Error; + /** * Exception which will show a page telling the user * that we don't know what to do. * * @package SimpleSAMLphp */ -class SimpleSAML_Error_NoState extends SimpleSAML_Error_Error -{ - +class NoState extends Error +{ /** * Create the error */ diff --git a/lib/SimpleSAML/Error/NotFound.php b/lib/SimpleSAML/Error/NotFound.php index 7a64ec31f..79f604922 100644 --- a/lib/SimpleSAML/Error/NotFound.php +++ b/lib/SimpleSAML/Error/NotFound.php @@ -1,5 +1,7 @@ <?php +namespace SimpleSAML\Error; + /** * Exception which will show a 404 Not Found error page. * @@ -9,10 +11,9 @@ * @author Olav Morken, UNINETT AS. * @package SimpleSAMLphp */ -class SimpleSAML_Error_NotFound extends SimpleSAML_Error_Error -{ - +class NotFound extends Error +{ /** * Reason why the given page could not be found. */ @@ -26,7 +27,6 @@ class SimpleSAML_Error_NotFound extends SimpleSAML_Error_Error */ public function __construct($reason = null) { - assert($reason === null || is_string($reason)); $url = \SimpleSAML\Utils\HTTP::getSelfURL(); diff --git a/lib/SimpleSAML/Error/ProxyCountExceeded.php b/lib/SimpleSAML/Error/ProxyCountExceeded.php index 1462d371a..6b325f3b6 100644 --- a/lib/SimpleSAML/Error/ProxyCountExceeded.php +++ b/lib/SimpleSAML/Error/ProxyCountExceeded.php @@ -1,15 +1,16 @@ <?php +namespace SimpleSAML\Error; /** - * Class SimpleSAML_Error_ProxyCountExceeded + * Class ProxyCountExceeded * * @deprecated This class has been deprecated and will be removed in SimpleSAMLphp 2.0. Please use - * SimpleSAML\Module\saml\Error\ProxyCountExceeded instead. + * \SimpleSAML\Module\saml\Error\ProxyCountExceeded instead. * * @see \SimpleSAML\Module\saml\Error\ProxyCountExceeded */ -class SimpleSAML_Error_ProxyCountExceeded extends SimpleSAML_Error_Exception -{ +class ProxyCountExceeded extends Exception +{ } diff --git a/lib/SimpleSAML/Error/UnserializableException.php b/lib/SimpleSAML/Error/UnserializableException.php index c13493953..38cf79e94 100644 --- a/lib/SimpleSAML/Error/UnserializableException.php +++ b/lib/SimpleSAML/Error/UnserializableException.php @@ -1,20 +1,22 @@ <?php +namespace SimpleSAML\Error; + /** * Class for saving normal exceptions for serialization. * * This class is used by the SimpleSAML_Auth_State class when it needs * to serialize an exception which doesn't subclass the - * SimpleSAML_Error_Exception class. + * \SimpleSAML\Error\Exception class. * * It creates a new exception which contains the backtrace and message * of the original exception. * * @package SimpleSAMLphp */ -class SimpleSAML_Error_UnserializableException extends SimpleSAML_Error_Exception -{ +class UnserializableException extends Exception +{ /** * The classname of the original exception. * diff --git a/lib/SimpleSAML/Error/User.php b/lib/SimpleSAML/Error/User.php index 4e70db01f..b2da0e47e 100644 --- a/lib/SimpleSAML/Error/User.php +++ b/lib/SimpleSAML/Error/User.php @@ -1,5 +1,7 @@ <?php +namespace SimpleSAML\Error; + /** * Baseclass for user error exceptions * @@ -8,7 +10,7 @@ * @package SimpleSAMLphp_base * */ -class SimpleSAML_Error_User extends SimpleSAML_Error_Exception -{ +class User extends Exception +{ } diff --git a/lib/SimpleSAML/Error/UserAborted.php b/lib/SimpleSAML/Error/UserAborted.php index 9ddcb0fac..7be00d20e 100644 --- a/lib/SimpleSAML/Error/UserAborted.php +++ b/lib/SimpleSAML/Error/UserAborted.php @@ -1,19 +1,21 @@ <?php +namespace SimpleSAML\Error; + /** * Exception indicating user aborting the authentication process. * * @package SimpleSAMLphp */ -class SimpleSAML_Error_UserAborted extends SimpleSAML_Error_Error -{ +class UserAborted extends Error +{ /** * Create the error * - * @param Exception|null $cause The exception that caused this error. + * @param \Exception|null $cause The exception that caused this error. */ - public function __construct(Exception $cause = null) + public function __construct(\Exception $cause = null) { parent::__construct('USERABORTED', $cause); } diff --git a/lib/SimpleSAML/Error/UserNotFound.php b/lib/SimpleSAML/Error/UserNotFound.php index cc782dd79..14e550786 100644 --- a/lib/SimpleSAML/Error/UserNotFound.php +++ b/lib/SimpleSAML/Error/UserNotFound.php @@ -1,5 +1,7 @@ <?php +namespace SimpleSAML\Error; + /** * Exception indicating user not found by authsource. * @@ -7,7 +9,7 @@ * @package SimpleSAMLphp_base * */ -class SimpleSAML_Error_UserNotFound extends SimpleSAML_Error_User -{ +class UserNotFound extends User +{ } diff --git a/lib/SimpleSAML/IdP.php b/lib/SimpleSAML/IdP.php index 5fd3f41d9..633ef83fe 100644 --- a/lib/SimpleSAML/IdP.php +++ b/lib/SimpleSAML/IdP.php @@ -52,7 +52,7 @@ class SimpleSAML_IdP * * @param string $id The identifier of this IdP. * - * @throws SimpleSAML_Error_Exception If the IdP is disabled or no such auth source was found. + * @throws \SimpleSAML\Error\Exception If the IdP is disabled or no such auth source was found. */ private function __construct($id) { @@ -65,17 +65,17 @@ class SimpleSAML_IdP if (substr($id, 0, 6) === 'saml2:') { if (!$globalConfig->getBoolean('enable.saml20-idp', false)) { - throw new SimpleSAML_Error_Exception('enable.saml20-idp disabled in config.php.'); + throw new \SimpleSAML\Error\Exception('enable.saml20-idp disabled in config.php.'); } $this->config = $metadata->getMetaDataConfig(substr($id, 6), 'saml20-idp-hosted'); } elseif (substr($id, 0, 6) === 'saml1:') { if (!$globalConfig->getBoolean('enable.shib13-idp', false)) { - throw new SimpleSAML_Error_Exception('enable.shib13-idp disabled in config.php.'); + throw new \SimpleSAML\Error\Exception('enable.shib13-idp disabled in config.php.'); } $this->config = $metadata->getMetaDataConfig(substr($id, 6), 'shib13-idp-hosted'); } elseif (substr($id, 0, 5) === 'adfs:') { if (!$globalConfig->getBoolean('enable.adfs-idp', false)) { - throw new SimpleSAML_Error_Exception('enable.adfs-idp disabled in config.php.'); + throw new \SimpleSAML\Error\Exception('enable.adfs-idp disabled in config.php.'); } $this->config = $metadata->getMetaDataConfig(substr($id, 5), 'adfs-idp-hosted'); @@ -98,7 +98,7 @@ class SimpleSAML_IdP if (SimpleSAML_Auth_Source::getById($auth) !== null) { $this->authSource = new \SimpleSAML\Auth\Simple($auth); } else { - throw new SimpleSAML_Error_Exception('No such "'.$auth.'" auth source found.'); + throw new \SimpleSAML\Error\Exception('No such "'.$auth.'" auth source found.'); } } @@ -287,14 +287,14 @@ class SimpleSAML_IdP * * @param array $state The authentication request state array. * - * @throws SimpleSAML_Error_Exception If we are not authenticated. + * @throws \SimpleSAML\Error\Exception If we are not authenticated. */ public static function postAuth(array $state) { $idp = SimpleSAML_IdP::getByState($state); if (!$idp->isAuthenticated()) { - throw new SimpleSAML_Error_Exception('Not authenticated.'); + throw new \SimpleSAML\Error\Exception('Not authenticated.'); } $state['Attributes'] = $idp->authSource->getAttributes(); @@ -356,13 +356,13 @@ class SimpleSAML_IdP * * @param array &$state The authentication request state. * - * @throws SimpleSAML_Error_Exception If there is no auth source defined for this IdP. + * @throws \SimpleSAML\Error\Exception If there is no auth source defined for this IdP. */ private function reauthenticate(array &$state) { $sourceImpl = $this->authSource->getAuthSource(); if ($sourceImpl === null) { - throw new SimpleSAML_Error_Exception('No such auth source defined.'); + throw new \SimpleSAML\Error\Exception('No such auth source defined.'); } $sourceImpl->reauthenticate($state); @@ -408,10 +408,10 @@ class SimpleSAML_IdP $this->reauthenticate($state); } $this->postAuth($state); - } catch (SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { SimpleSAML_Auth_State::throwException($state, $e); } catch (Exception $e) { - $e = new SimpleSAML_Error_UnserializableException($e); + $e = new \SimpleSAML\Error\UnserializableException($e); SimpleSAML_Auth_State::throwException($state, $e); } } @@ -422,7 +422,7 @@ class SimpleSAML_IdP * * @return \SimpleSAML\IdP\LogoutHandlerInterface The logout handler class. * - * @throws SimpleSAML_Error_Exception If we cannot find a logout handler. + * @throws \SimpleSAML\Error\Exception If we cannot find a logout handler. */ public function getLogoutHandler() { @@ -436,7 +436,7 @@ class SimpleSAML_IdP $handler = 'SimpleSAML\IdP\IFrameLogoutHandler'; break; default: - throw new SimpleSAML_Error_Exception('Unknown logout handler: '.var_export($logouttype, true)); + throw new \SimpleSAML\Error\Exception('Unknown logout handler: '.var_export($logouttype, true)); } return new $handler($this); @@ -502,9 +502,9 @@ class SimpleSAML_IdP * * @param string $assocId The association that is terminated. * @param string|null $relayState The RelayState from the start of the logout. - * @param SimpleSAML_Error_Exception|null $error The error that occurred during session termination (if any). + * @param \SimpleSAML\Error\Exception|null $error The error that occurred during session termination (if any). */ - public function handleLogoutResponse($assocId, $relayState, SimpleSAML_Error_Exception $error = null) + public function handleLogoutResponse($assocId, $relayState, \SimpleSAML\Error\Exception $error = null) { assert(is_string($assocId)); assert(is_string($relayState) || $relayState === null); diff --git a/lib/SimpleSAML/IdP/IFrameLogoutHandler.php b/lib/SimpleSAML/IdP/IFrameLogoutHandler.php index b08440343..2761214f8 100644 --- a/lib/SimpleSAML/IdP/IFrameLogoutHandler.php +++ b/lib/SimpleSAML/IdP/IFrameLogoutHandler.php @@ -10,9 +10,9 @@ use SimpleSAML\Utils\HTTP; * * @package SimpleSAMLphp */ + class IFrameLogoutHandler implements LogoutHandlerInterface { - /** * The IdP we are logging out from. * @@ -84,9 +84,9 @@ class IFrameLogoutHandler implements LogoutHandlerInterface * * @param string $assocId The association that is terminated. * @param string|null $relayState The RelayState from the start of the logout. - * @param \SimpleSAML_Error_Exception|null $error The error that occurred during session termination (if any). + * @param \SimpleSAML\Error\Exception|null $error The error that occurred during session termination (if any). */ - public function onResponse($assocId, $relayState, \SimpleSAML_Error_Exception $error = null) + public function onResponse($assocId, $relayState, \SimpleSAML\Error\Exception $error = null) { assert(is_string($assocId)); diff --git a/lib/SimpleSAML/IdP/LogoutHandlerInterface.php b/lib/SimpleSAML/IdP/LogoutHandlerInterface.php index 011dd63c6..cda28721f 100644 --- a/lib/SimpleSAML/IdP/LogoutHandlerInterface.php +++ b/lib/SimpleSAML/IdP/LogoutHandlerInterface.php @@ -7,10 +7,9 @@ namespace SimpleSAML\IdP; * * @package SimpleSAMLphp */ + interface LogoutHandlerInterface { - - /** * Initialize this logout handler. * @@ -37,7 +36,7 @@ interface LogoutHandlerInterface * * @param string $assocId The association that is terminated. * @param string|null $relayState The RelayState from the start of the logout. - * @param \SimpleSAML_Error_Exception|null $error The error that occurred during session termination (if any). + * @param \SimpleSAML\Error\Exception|null $error The error that occurred during session termination (if any). */ - public function onResponse($assocId, $relayState, \SimpleSAML_Error_Exception $error = null); + public function onResponse($assocId, $relayState, \SimpleSAML\Error\Exception $error = null); } diff --git a/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php b/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php index 105ac2796..f8f5cc8ea 100644 --- a/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php +++ b/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php @@ -10,9 +10,9 @@ use SimpleSAML\Utils\HTTP; * * @package SimpleSAMLphp */ + class TraditionalLogoutHandler implements LogoutHandlerInterface { - /** * The IdP we are logging out from. * @@ -90,17 +90,17 @@ class TraditionalLogoutHandler implements LogoutHandlerInterface * * @param string $assocId The association that is terminated. * @param string|null $relayState The RelayState from the start of the logout. - * @param \SimpleSAML_Error_Exception|null $error The error that occurred during session termination (if any). + * @param \SimpleSAML\Error\Exception|null $error The error that occurred during session termination (if any). * - * @throws \SimpleSAML_Error_Exception If the RelayState was lost during logout. + * @throws \SimpleSAML\Error\Exception If the RelayState was lost during logout. */ - public function onResponse($assocId, $relayState, \SimpleSAML_Error_Exception $error = null) + public function onResponse($assocId, $relayState, \SimpleSAML\Error\Exception $error = null) { assert(is_string($assocId)); assert(is_string($relayState) || $relayState === null); if ($relayState === null) { - throw new \SimpleSAML_Error_Exception('RelayState lost during logout.'); + throw new \SimpleSAML\Error\Exception('RelayState lost during logout.'); } $state = \SimpleSAML_Auth_State::loadState($relayState, 'core:LogoutTraditional'); diff --git a/lib/SimpleSAML/Memcache.php b/lib/SimpleSAML/Memcache.php index 46933304c..60c48c83a 100644 --- a/lib/SimpleSAML/Memcache.php +++ b/lib/SimpleSAML/Memcache.php @@ -1,6 +1,5 @@ <?php - /** * This file implements functions to read and write to a group of memcache * servers. @@ -19,7 +18,6 @@ */ class SimpleSAML_Memcache { - /** * Cache of the memcache servers we are using. * @@ -28,11 +26,11 @@ class SimpleSAML_Memcache private static $serverGroups = null; - /** - * The flavor of memcache PHP extension we are using. - * - * @var string - */ + /** + * The flavor of memcache PHP extension we are using. + * + * @var string + */ private static $extension = ''; @@ -76,19 +74,19 @@ class SimpleSAML_Memcache * - 'data': The data. */ if (!is_array($info)) { - SimpleSAML\Logger::warning( + \SimpleSAML\Logger::warning( 'Retrieved invalid data from a memcache server. Data was not an array.' ); continue; } if (!array_key_exists('timestamp', $info)) { - SimpleSAML\Logger::warning( + \SimpleSAML\Logger::warning( 'Retrieved invalid data from a memcache server. Missing timestamp.' ); continue; } if (!array_key_exists('data', $info)) { - SimpleSAML\Logger::warning( + \SimpleSAML\Logger::warning( 'Retrieved invalid data from a memcache server. Missing data.' ); continue; @@ -121,17 +119,17 @@ class SimpleSAML_Memcache if ($latestData === null) { if ($allDown) { // all servers are down, panic! - $e = new SimpleSAML_Error_Error('MEMCACHEDOWN', null, 503); - throw new SimpleSAML_Error_Exception('All memcache servers are down', 503, $e); + $e = new \SimpleSAML\Error\Error('MEMCACHEDOWN', null, 503); + throw new \SimpleSAML\Error\Exception('All memcache servers are down', 503, $e); } // we didn't find any data matching the key - SimpleSAML\Logger::debug("key $key not found in memcache"); + \SimpleSAML\Logger::debug("key $key not found in memcache"); return null; } if ($mustUpdate) { // we found data matching the key, but some of the servers need updating - SimpleSAML\Logger::debug("Memcache servers out of sync for $key, forcing sync"); + \SimpleSAML\Logger::debug("Memcache servers out of sync for $key, forcing sync"); self::set($key, $latestData); } diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php index d5fdc6de2..e1595a8eb 100644 --- a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php +++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php @@ -1,16 +1,14 @@ <?php - /** * This file defines a class for metadata handling. * * @author Andreas Ă…kre Solberg, UNINETT AS. <andreas.solberg@uninett.no> * @package SimpleSAMLphp */ + class SimpleSAML_Metadata_MetaDataStorageHandler { - - /** * This static variable contains a reference to the current * instance of the metadata handler. This variable will be null if @@ -264,7 +262,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandler * * @return array The metadata array describing the specified entity. * @throws Exception If metadata for the specified entity is expired. - * @throws SimpleSAML_Error_MetadataNotFound If no metadata for the entity specified can be found. + * @throws \SimpleSAML\Error\MetadataNotFound If no metadata for the entity specified can be found. */ public function getMetaData($index, $set) { @@ -296,7 +294,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandler } } - throw new SimpleSAML_Error_MetadataNotFound($index); + throw new \SimpleSAML\Error\MetadataNotFound($index); } @@ -309,7 +307,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandler * @param string $set The metadata set we are searching. * * @return \SimpleSAML\Configuration The configuration object representing the metadata. - * @throws SimpleSAML_Error_MetadataNotFound If no metadata for the entity specified can be found. + * @throws \SimpleSAML\Error\MetadataNotFound If no metadata for the entity specified can be found. */ public function getMetaDataConfig($entityId, $set) { diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php index 8fd0a07b6..7ba227589 100644 --- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php +++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php @@ -1,6 +1,5 @@ <?php - /** * Class for handling metadata files stored in a database. * @@ -10,9 +9,9 @@ * * @package SimpleSAMLphp */ + class SimpleSAML_Metadata_MetaDataStorageHandlerPdo extends SimpleSAML_Metadata_MetaDataStorageSource { - /** * The PDO object */ @@ -75,7 +74,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerPdo extends SimpleSAML_Metadata_ * given file. * * @throws Exception If a database error occurs. - * @throws SimpleSAML_Error_Exception If the metadata can be retrieved from the database, but cannot be decoded. + * @throws \SimpleSAML\Error\Exception If the metadata can be retrieved from the database, but cannot be decoded. */ private function load($set) { @@ -94,7 +93,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerPdo extends SimpleSAML_Metadata_ while ($d = $stmt->fetch()) { $data = json_decode($d['entity_data'], true); if ($data === null) { - throw new SimpleSAML_Error_Exception("Cannot decode metadata for entity '${d['entity_id']}'"); + throw new \SimpleSAML\Error\Exception("Cannot decode metadata for entity '${d['entity_id']}'"); } if (!array_key_exists('entityid', $data)) { $data['entityid'] = $d['entity_id']; diff --git a/lib/SimpleSAML/Module.php b/lib/SimpleSAML/Module.php index a921fa739..3f3a2261a 100644 --- a/lib/SimpleSAML/Module.php +++ b/lib/SimpleSAML/Module.php @@ -12,7 +12,6 @@ namespace SimpleSAML; */ class Module { - /** * A list containing the modules currently installed. * @@ -277,7 +276,7 @@ class Module * @param string $hook The name of the hook. * @param mixed &$data The data which should be passed to each hook. Will be passed as a reference. * - * @throws \SimpleSAML_Error_Exception If an invalid hook is found in a module. + * @throws \SimpleSAML\Error\Exception If an invalid hook is found in a module. */ public static function callHooks($hook, &$data = null) { @@ -302,7 +301,7 @@ class Module require_once(self::$module_info[$module]['hooks'][$hook]['file']); if (!is_callable(self::$module_info[$module]['hooks'][$hook]['func'])) { - throw new \SimpleSAML_Error_Exception('Invalid hook \''.$hook.'\' for module \''.$module.'\'.'); + throw new \SimpleSAML\Error\Exception('Invalid hook \''.$hook.'\' for module \''.$module.'\'.'); } $fn = self::$module_info[$module]['hooks'][$hook]['func']; diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php index 0f33aaaad..15dc2ff33 100644 --- a/lib/SimpleSAML/Session.php +++ b/lib/SimpleSAML/Session.php @@ -2,6 +2,8 @@ namespace SimpleSAML; +use SimpleSAML\Error; + /** * The Session class holds information about a user session, and everything attached to it. * @@ -42,7 +44,7 @@ class Session implements \Serializable /** * This variable holds the instance of the session - Singleton approach. * - * Warning: do not set the instance manually, call \SimpleSAML\Session::load() instead. + * Warning: do not set the instance manually, call Session::load() instead. */ private static $instance = null; @@ -238,7 +240,7 @@ class Session implements \Serializable /** * Retrieves the current session. Creates a new session if there's not one. * - * @return \SimpleSAML\Session The current session. + * @return Session The current session. * @throws \Exception When session couldn't be initialized and the session fallback is disabled by configuration. */ public static function getSessionFromRequest() @@ -261,7 +263,7 @@ class Session implements \Serializable */ Logger::error('Error loading session: '.$e->getMessage()); self::useTransientSession(); - if ($e instanceof \SimpleSAML_Error_Exception) { + if ($e instanceof Error\Exception) { $cause = $e->getCause(); if ($cause instanceof \Exception) { throw $cause; @@ -312,7 +314,7 @@ class Session implements \Serializable * * @param string|null $sessionId The session we should get, or null to get the current session. * - * @return \SimpleSAML\Session|null The session that is stored in the session handler, or null if the session wasn't + * @return Session|null The session that is stored in the session handler, or null if the session wasn't * found. */ public static function getSession($sessionId = null) @@ -385,8 +387,8 @@ class Session implements \Serializable * * Warning: never set self::$instance yourself, call this method instead. * - * @param \SimpleSAML\Session $session The session to load. - * @return \SimpleSAML\Session The session we just loaded, just for convenience. + * @param Session $session The session to load. + * @return Session The session we just loaded, just for convenience. */ private static function load(Session $session) { @@ -445,8 +447,8 @@ class Session implements \Serializable try { $sh->saveSession($this); } catch (\Exception $e) { - if (!($e instanceof \SimpleSAML_Error_Exception)) { - $e = new \SimpleSAML_Error_UnserializableException($e); + if (!($e instanceof Error\Exception)) { + $e = new Error\UnserializableException($e); } Logger::error('Unable to save session.'); $e->logError(); @@ -570,7 +572,7 @@ class Session implements \Serializable * @param string $authority The authority the user logged in with. * @param array|null $data The authentication data for this authority. * - * @throws \SimpleSAML\Error\CannotSetCookie If the authentication token cannot be set for some reason. + * @throws Error\CannotSetCookie If the authentication token cannot be set for some reason. */ public function doLogin($authority, array $data = null) { @@ -850,7 +852,7 @@ class Session implements \Serializable /** * This function stores data in the data store. * - * The timeout value can be \SimpleSAML\Session::DATA_TIMEOUT_SESSION_END, which indicates + * The timeout value can be Session::DATA_TIMEOUT_SESSION_END, which indicates * that the data should never be deleted. * * @param string $type The type of the data. This is checked when retrieving data from the store. diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php index b17796caf..dbcd10062 100644 --- a/lib/SimpleSAML/SessionHandlerPHP.php +++ b/lib/SimpleSAML/SessionHandlerPHP.php @@ -179,7 +179,7 @@ class SessionHandlerPHP extends SessionHandler * * @return string|null The session id saved in the cookie or null if no session cookie was set. * - * @throws \SimpleSAML_Error_Exception If the cookie is marked as secure but we are not using HTTPS. + * @throws \SimpleSAML\Error\Exception If the cookie is marked as secure but we are not using HTTPS. */ public function getCookieSessionId() { @@ -193,7 +193,7 @@ class SessionHandlerPHP extends SessionHandler $session_cookie_params = session_get_cookie_params(); if ($session_cookie_params['secure'] && !HTTP::isHTTPS()) { - throw new \SimpleSAML_Error_Exception('Session start with secure cookie not allowed on http.'); + throw new \SimpleSAML\Error\Exception('Session start with secure cookie not allowed on http.'); } $this->sessionStart(); @@ -230,7 +230,7 @@ class SessionHandlerPHP extends SessionHandler * * @return \SimpleSAML\Session|null The session object, or null if it doesn't exist. * - * @throws \SimpleSAML_Error_Exception If it wasn't possible to disable session cookies or we are trying to load a + * @throws \SimpleSAML\Error\Exception If it wasn't possible to disable session cookies or we are trying to load a * PHP session with a specific identifier and it doesn't match with the current session identifier. */ public function loadSession($sessionId = null) @@ -242,13 +242,13 @@ class SessionHandlerPHP extends SessionHandler // session not initiated with getCookieSessionId(), start session without setting cookie $ret = ini_set('session.use_cookies', '0'); if ($ret === false) { - throw new \SimpleSAML_Error_Exception('Disabling PHP option session.use_cookies failed.'); + throw new \SimpleSAML\Error\Exception('Disabling PHP option session.use_cookies failed.'); } session_id($sessionId); $this->sessionStart(); } elseif ($sessionId !== session_id()) { - throw new \SimpleSAML_Error_Exception('Cannot load PHP session with a specific ID.'); + throw new \SimpleSAML\Error\Exception('Cannot load PHP session with a specific ID.'); } } elseif (session_id() === '') { self::getCookieSessionId(); @@ -288,7 +288,7 @@ class SessionHandlerPHP extends SessionHandler * @return array The cookie parameters for our sessions. * @link http://www.php.net/manual/en/function.session-get-cookie-params.php * - * @throws \SimpleSAML_Error_Exception If both 'session.phpsession.limitedpath' and 'session.cookie.path' options + * @throws \SimpleSAML\Error\Exception If both 'session.phpsession.limitedpath' and 'session.cookie.path' options * are set at the same time in the configuration. */ public function getCookieParams() @@ -298,7 +298,7 @@ class SessionHandlerPHP extends SessionHandler $ret = parent::getCookieParams(); if ($config->hasValue('session.phpsession.limitedpath') && $config->hasValue('session.cookie.path')) { - throw new \SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'You cannot set both the session.phpsession.limitedpath and session.cookie.path options.' ); } elseif ($config->hasValue('session.phpsession.limitedpath')) { diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php index 03bd67ba2..e72ba1790 100644 --- a/lib/SimpleSAML/Utilities.php +++ b/lib/SimpleSAML/Utilities.php @@ -1,6 +1,5 @@ <?php - /** * Misc static functions that is used several places.in example parsing and id generation. * @@ -9,9 +8,9 @@ * * @deprecated This entire class will be removed in SimpleSAMLphp 2.0. */ + class SimpleSAML_Utilities { - /** * @deprecated This property will be removed in SSP 2.0. Please use SimpleSAML\Logger::isErrorMasked() instead. */ @@ -173,11 +172,11 @@ class SimpleSAML_Utilities /** - * @deprecated This method will be removed in SSP 2.0. Please raise a SimpleSAML_Error_Error exception instead. + * @deprecated This method will be removed in SSP 2.0. Please raise a SimpleSAML\Error\Error exception instead. */ public static function fatalError($trackId = 'na', $errorCode = null, Exception $e = null) { - throw new SimpleSAML_Error_Error($errorCode, $e); + throw new \SimpleSAML\Error\Error($errorCode, $e); } diff --git a/lib/SimpleSAML/Utils/Attributes.php b/lib/SimpleSAML/Utils/Attributes.php index 1f4941362..f06efbfd6 100644 --- a/lib/SimpleSAML/Utils/Attributes.php +++ b/lib/SimpleSAML/Utils/Attributes.php @@ -1,4 +1,5 @@ <?php + namespace SimpleSAML\Utils; /** @@ -7,9 +8,9 @@ namespace SimpleSAML\Utils; * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no> * @package SimpleSAML */ + class Attributes { - /** * Look for an attribute in a normalized attributes array, failing if it's not there. * @@ -21,7 +22,7 @@ class Attributes * $allow_multiple is set to true, the first value will be returned. * * @throws \InvalidArgumentException If $attributes is not an array or $expected is not a string. - * @throws \SimpleSAML_Error_Exception If the expected attribute was not found in the attributes array. + * @throws \SimpleSAML\Error\Exception If the expected attribute was not found in the attributes array. */ public static function getExpectedAttribute($attributes, $expected, $allow_multiple = false) { @@ -38,7 +39,7 @@ class Attributes } if (!array_key_exists($expected, $attributes)) { - throw new \SimpleSAML_Error_Exception("No such attribute '".$expected."' found."); + throw new \SimpleSAML\Error\Exception("No such attribute '".$expected."' found."); } $attribute = $attributes[$expected]; @@ -47,10 +48,10 @@ class Attributes } if (count($attribute) === 0) { - throw new \SimpleSAML_Error_Exception("Empty attribute '".$expected."'.'"); + throw new \SimpleSAML\Error\Exception("Empty attribute '".$expected."'.'"); } elseif (count($attribute) > 1) { if ($allow_multiple === false) { - throw new \SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'More than one value found for the attribute, multiple values not allowed.' ); } diff --git a/lib/SimpleSAML/Utils/Auth.php b/lib/SimpleSAML/Utils/Auth.php index adf348110..d938c3108 100644 --- a/lib/SimpleSAML/Utils/Auth.php +++ b/lib/SimpleSAML/Utils/Auth.php @@ -10,7 +10,6 @@ use SimpleSAML\Module; */ class Auth { - /** * Retrieve a admin login URL. * @@ -52,7 +51,7 @@ class Auth * a login page if the current user doesn't have admin access. * * @return void This function will only return if the user is admin. - * @throws \SimpleSAML_Error_Exception If no "admin" authentication source was configured. + * @throws \SimpleSAML\Error\Exception If no "admin" authentication source was configured. * * @author Olav Morken, UNINETT AS <olav.morken@uninett.no> * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no> @@ -68,7 +67,7 @@ class Auth $as = new \SimpleSAML\Auth\Simple('admin'); $as->login(); } else { - throw new \SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Cannot find "admin" auth source, and admin privileges are required.' ); } diff --git a/lib/SimpleSAML/Utils/Crypto.php b/lib/SimpleSAML/Utils/Crypto.php index a51bbad40..d689b1f06 100644 --- a/lib/SimpleSAML/Utils/Crypto.php +++ b/lib/SimpleSAML/Utils/Crypto.php @@ -3,15 +3,16 @@ namespace SimpleSAML\Utils; use SimpleSAML\Configuration; +use SimpleSAML\Error; /** * A class for cryptography-related functions. * * @package SimpleSAMLphp */ + class Crypto { - /** * Decrypt data using AES-256-CBC and the key provided as a parameter. * @@ -20,7 +21,7 @@ class Crypto * * @return string The decrypted data. * @throws \InvalidArgumentException If $ciphertext is not a string. - * @throws \SimpleSAML_Error_Exception If the openssl module is not loaded. + * @throws Error\Exception If the openssl module is not loaded. * * @see \SimpleSAML\Utils\Crypto::aesDecrypt() */ @@ -39,7 +40,7 @@ class Crypto ); } if (!function_exists("openssl_decrypt")) { - throw new \SimpleSAML_Error_Exception("The openssl PHP module is not loaded."); + throw new Error\Exception("The openssl PHP module is not loaded."); } // derive encryption and authentication keys from the secret @@ -64,7 +65,7 @@ class Crypto } } - throw new \SimpleSAML_Error_Exception("Failed to decrypt ciphertext."); + throw new Error\Exception("Failed to decrypt ciphertext."); } @@ -75,7 +76,7 @@ class Crypto * * @return string The decrypted data. * @throws \InvalidArgumentException If $ciphertext is not a string. - * @throws \SimpleSAML_Error_Exception If the openssl module is not loaded. + * @throws Error\Exception If the openssl module is not loaded. * * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no> @@ -94,7 +95,7 @@ class Crypto * * @return string An HMAC of the encrypted data, the IV and the encrypted data, concatenated. * @throws \InvalidArgumentException If $data is not a string. - * @throws \SimpleSAML_Error_Exception If the openssl module is not loaded. + * @throws Error\Exception If the openssl module is not loaded. * * @see \SimpleSAML\Utils\Crypto::aesEncrypt() */ @@ -105,7 +106,7 @@ class Crypto } if (!function_exists("openssl_encrypt")) { - throw new \SimpleSAML_Error_Exception('The openssl PHP module is not loaded.'); + throw new Error\Exception('The openssl PHP module is not loaded.'); } // derive encryption and authentication keys from the secret @@ -125,7 +126,7 @@ class Crypto ); if ($ciphertext === false) { - throw new \SimpleSAML_Error_Exception("Failed to encrypt plaintext."); + throw new Error\Exception("Failed to encrypt plaintext."); } // return the ciphertext with proper authentication @@ -140,7 +141,7 @@ class Crypto * * @return string An HMAC of the encrypted data, the IV and the encrypted data, concatenated. * @throws \InvalidArgumentException If $data is not a string. - * @throws \SimpleSAML_Error_Exception If the openssl module is not loaded. + * @throws Error\Exception If the openssl module is not loaded. * * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no> @@ -188,7 +189,7 @@ class Crypto * * @return array|NULL Extracted private key, or NULL if no private key is present. * @throws \InvalidArgumentException If $required is not boolean or $prefix is not a string. - * @throws \SimpleSAML_Error_Exception If no private key is found in the metadata, or it was not possible to load + * @throws Error\Exception If no private key is found in the metadata, or it was not possible to load * it. * * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> @@ -204,7 +205,7 @@ class Crypto if ($file === null) { // no private key found if ($required) { - throw new \SimpleSAML_Error_Exception('No private key found in metadata.'); + throw new Error\Exception('No private key found in metadata.'); } else { return null; } @@ -216,7 +217,7 @@ class Crypto $data = @file_get_contents($file); if ($data === false) { - throw new \SimpleSAML_Error_Exception('Unable to load private key from file "'.$file.'"'); + throw new Error\Exception('Unable to load private key from file "'.$file.'"'); } $ret = array( @@ -257,7 +258,7 @@ class Crypto * @return array|NULL Public key or certificate data, or NULL if no public key or certificate was found. * @throws \InvalidArgumentException If $metadata is not an instance of \SimpleSAML\Configuration, $required is not * boolean or $prefix is not a string. - * @throws \SimpleSAML_Error_Exception If no private key is found in the metadata, or it was not possible to load + * @throws Error\Exception If no private key is found in the metadata, or it was not possible to load * it. * * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> @@ -311,7 +312,7 @@ class Crypto // no public key/certificate available if ($required) { - throw new \SimpleSAML_Error_Exception('No public key / certificate found in metadata.'); + throw new Error\Exception('No public key / certificate found in metadata.'); } else { return null; } @@ -357,7 +358,7 @@ class Crypto * * @return string The hashed password. * @throws \InvalidArgumentException If the input parameters are not strings. - * @throws \SimpleSAML_Error_Exception If the algorithm specified is not supported. + * @throws Error\Exception If the algorithm specified is not supported. * * @see hash_algos() * @@ -391,7 +392,7 @@ class Crypto return $alg_str.base64_encode($hash.$salt); } - throw new \SimpleSAML_Error_Exception('Hashing algorithm \''.strtolower($algorithm).'\' is not supported'); + throw new Error\Exception('Hashing algorithm \''.strtolower($algorithm).'\' is not supported'); } @@ -435,7 +436,7 @@ class Crypto * * @return boolean True if the hash corresponds with the given password, false otherwise. * @throws \InvalidArgumentException If the input parameters are not strings. - * @throws \SimpleSAML_Error_Exception If the algorithm specified is not supported. + * @throws Error\Exception If the algorithm specified is not supported. * * @author Dyonisius Visser, TERENA <visser@terena.org> */ @@ -468,6 +469,6 @@ class Crypto return $hash === $password; } - throw new \SimpleSAML_Error_Exception('Hashing algorithm \''.strtolower($alg).'\' is not supported'); + throw new Error\Exception('Hashing algorithm \''.strtolower($alg).'\' is not supported'); } } diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php index c1bb1bbdf..f840450db 100644 --- a/lib/SimpleSAML/Utils/HTTP.php +++ b/lib/SimpleSAML/Utils/HTTP.php @@ -5,6 +5,7 @@ use SimpleSAML\Configuration; use SimpleSAML\Logger; use SimpleSAML\Module; use SimpleSAML\Session; +use SimpleSAML\Error; /** * HTTP-related utility methods. @@ -19,7 +20,7 @@ class HTTP * @param string $destination The destination URL. * @param array $data An associative array containing the data to be posted to $destination. * - * @throws \SimpleSAML_Error_Exception If the current session is transient. + * @throws Error\Exception If the current session is transient. * @return string A URL which allows to securely post a form to $destination. * * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no> @@ -33,7 +34,7 @@ class HTTP $session_id = $session->getSessionId(); if (is_null($session_id)) { // this is a transient session, it is pointless to continue - throw new \SimpleSAML_Error_Exception('Cannot save POST data to a transient session.'); + throw new Error\Exception('Cannot save POST data to a transient session.'); } // encrypt the session ID and the random ID @@ -315,7 +316,7 @@ class HTTP * @return string The normalized URL itself if it is allowed. An empty string if the $url parameter is empty as * defined by the empty() function. * @throws \InvalidArgumentException If the URL is malformed. - * @throws \SimpleSAML_Error_Exception If the URL is not allowed by configuration. + * @throws Error\Exception If the URL is not allowed by configuration. * * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no> */ @@ -327,7 +328,7 @@ class HTTP $url = self::normalizeURL($url); if (filter_var($url, FILTER_VALIDATE_URL) === false) { - throw new \SimpleSAML_Error_Exception('Invalid URL: '.$url); + throw new Error\Exception('Invalid URL: '.$url); } // get the white list of domains @@ -345,7 +346,7 @@ class HTTP if ((isset($components['user']) && strpos($components['user'], '\\') !== false) || (isset($components['pass']) && strpos($components['pass'], '\\') !== false) ) { - throw new \SimpleSAML_Error_Exception('Invalid URL: '.$url); + throw new Error\Exception('Invalid URL: '.$url); } // allow URLs with standard ports specified (non-standard ports must then be allowed explicitly) @@ -380,7 +381,7 @@ class HTTP // throw exception due to redirection to untrusted site if (!$trusted) { - throw new \SimpleSAML_Error_Exception('URL not allowed: '.$url); + throw new Error\Exception('URL not allowed: '.$url); } } return $url; @@ -400,7 +401,7 @@ class HTTP * @return string|array An array if $getHeaders is set, containing the data and the headers respectively; string * otherwise. * @throws \InvalidArgumentException If the input parameters are invalid. - * @throws \SimpleSAML_Error_Exception If the file or URL cannot be retrieved. + * @throws Error\Exception If the file or URL cannot be retrieved. * * @author Andjelko Horvat * @author Olav Morken, UNINETT AS <olav.morken@uninett.no> @@ -455,7 +456,7 @@ class HTTP $data = @file_get_contents($url, false, $context); if ($data === false) { $error = error_get_last(); - throw new \SimpleSAML_Error_Exception('Error fetching '.var_export($url, true).':'. + throw new Error\Exception('Error fetching '.var_export($url, true).':'. (is_array($error) ? $error['message'] : 'no error available')); } diff --git a/lib/SimpleSAML/Utils/System.php b/lib/SimpleSAML/Utils/System.php index 72aaa48e9..6769ae9b6 100644 --- a/lib/SimpleSAML/Utils/System.php +++ b/lib/SimpleSAML/Utils/System.php @@ -1,14 +1,17 @@ <?php + namespace SimpleSAML\Utils; +use SimpleSAML\Error; + /** * System-related utility methods. * * @package SimpleSAMLphp */ + class System { - const WINDOWS = 1; const LINUX = 2; const OSX = 3; @@ -60,7 +63,7 @@ class System * This function retrieves the path to a directory where temporary files can be saved. * * @return string Path to a temporary directory, without a trailing directory separator. - * @throws \SimpleSAML_Error_Exception If the temporary directory cannot be created or it exists and does not belong + * @throws Error\Exception If the temporary directory cannot be created or it exists and does not belong * to the current user. * * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> @@ -82,7 +85,7 @@ class System if (!is_dir($tempDir)) { if (!mkdir($tempDir, 0700, true)) { $error = error_get_last(); - throw new \SimpleSAML_Error_Exception( + throw new Error\Exception( 'Error creating temporary directory "'.$tempDir.'": '. (is_array($error) ? $error['message'] : 'no error available') ); @@ -91,7 +94,7 @@ class System // check that the owner of the temp directory is the current user $stat = lstat($tempDir); if ($stat['uid'] !== posix_getuid()) { - throw new \SimpleSAML_Error_Exception( + throw new Error\Exception( 'Temporary directory "'.$tempDir.'" does not belong to the current user.' ); } @@ -170,7 +173,7 @@ class System * @param int $mode The permissions to apply to the file. Defaults to 0600. * * @throws \InvalidArgumentException If any of the input parameters doesn't have the proper types. - * @throws \SimpleSAML_Error_Exception If the file cannot be saved, permissions cannot be changed or it is not + * @throws Error\Exception If the file cannot be saved, permissions cannot be changed or it is not * possible to write to the target file. * * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> @@ -191,7 +194,7 @@ class System $res = @file_put_contents($tmpFile, $data); if ($res === false) { $error = error_get_last(); - throw new \SimpleSAML_Error_Exception( + throw new Error\Exception( 'Error saving file "'.$tmpFile.'": '. (is_array($error) ? $error['message'] : 'no error available') ); @@ -202,7 +205,7 @@ class System unlink($tmpFile); $error = error_get_last(); //$error = (is_array($error) ? $error['message'] : 'no error available'); - throw new \SimpleSAML_Error_Exception( + throw new Error\Exception( 'Error changing file mode of "'.$tmpFile.'": '. (is_array($error) ? $error['message'] : 'no error available') ); @@ -212,7 +215,7 @@ class System if (!rename($tmpFile, $filename)) { unlink($tmpFile); $error = error_get_last(); - throw new \SimpleSAML_Error_Exception( + throw new Error\Exception( 'Error moving "'.$tmpFile.'" to "'.$filename.'": '. (is_array($error) ? $error['message'] : 'no error available') ); diff --git a/lib/SimpleSAML/Utils/Time.php b/lib/SimpleSAML/Utils/Time.php index 73b74255c..78246f941 100644 --- a/lib/SimpleSAML/Utils/Time.php +++ b/lib/SimpleSAML/Utils/Time.php @@ -1,4 +1,5 @@ <?php + /** * Time-related utility methods. * @@ -11,7 +12,6 @@ use SimpleSAML\Logger; class Time { - /** * Whether the timezone has been initialized or not. * @@ -44,7 +44,7 @@ class Time * * @author Olav Morken, UNINETT AS <olav.morken@uninett.no> * - * @throws \SimpleSAML_Error_Exception If the timezone set in the configuration is invalid. + * @throws \SimpleSAML\Error\Exception If the timezone set in the configuration is invalid. * * @return void */ @@ -59,7 +59,7 @@ class Time $timezone = $globalConfig->getString('timezone', null); if ($timezone !== null) { if (!date_default_timezone_set($timezone)) { - throw new \SimpleSAML_Error_Exception('Invalid timezone set in the "timezone" option in config.php.'); + throw new \SimpleSAML\Error\Exception('Invalid timezone set in the "timezone" option in config.php.'); } self::$tz_initialized = true; return; diff --git a/lib/SimpleSAML/Utils/XML.php b/lib/SimpleSAML/Utils/XML.php index c5ff545b6..002212e16 100644 --- a/lib/SimpleSAML/Utils/XML.php +++ b/lib/SimpleSAML/Utils/XML.php @@ -25,7 +25,7 @@ class XML * * @throws \InvalidArgumentException If $message is not a string or $type is not a string containing one of the * values allowed. - * @throws \SimpleSAML_Error_Exception If $message contains a doctype declaration. + * @throws \SimpleSAML\Error\Exception If $message contains a doctype declaration. * * @return void * @@ -41,7 +41,7 @@ class XML // a SAML message should not contain a doctype-declaration if (strpos($message, '<!DOCTYPE') !== false) { - throw new \SimpleSAML_Error_Exception('XML contained a doctype declaration.'); + throw new \SimpleSAML\Error\Exception('XML contained a doctype declaration.'); } // see if debugging is enabled for XML validation @@ -309,7 +309,7 @@ class XML * @param \DOMElement $element The element we should extract text from. * * @return string The text content of the element. - * @throws \SimpleSAML_Error_Exception If the element contains a non-text child node. + * @throws \SimpleSAML\Error\Exception If the element contains a non-text child node. * * @author Olav Morken, UNINETT AS <olav.morken@uninett.no> */ @@ -321,7 +321,7 @@ class XML /** @var \DOMElement $child */ $child = $element->childNodes->item($i); if (!($child instanceof \DOMText)) { - throw new \SimpleSAML_Error_Exception($element->localName.' contained a non-text child node.'); + throw new \SimpleSAML\Error\Exception($element->localName.' contained a non-text child node.'); } $txt .= $child->wholeText; diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php index 5d29eaf2d..6a58f149d 100644 --- a/lib/SimpleSAML/XHTML/Template.php +++ b/lib/SimpleSAML/XHTML/Template.php @@ -109,7 +109,7 @@ class Template list($this->module) = $this->findModuleAndTemplateName($template); // parse config to find theme and module theme is in, if any - list($this->theme['module'], $this->theme['name']) = self::findModuleAndTemplateName( + list($this->theme['module'], $this->theme['name']) = $this->findModuleAndTemplateName( $this->configuration->getString('theme.use', 'default') ); @@ -163,7 +163,7 @@ class Template $filename = $this->normalizeTemplateName($this->template); // get namespace if any - list($namespace, $filename) = self::findModuleAndTemplateName($filename); + list($namespace, $filename) = $this->findModuleAndTemplateName($filename); $this->twig_template = ($namespace !== null) ? '@'.$namespace.'/'.$filename : $filename; $loader = new \Twig_Loader_Filesystem(); $templateDirs = $this->findThemeTemplateDirs(); diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php index 4e446a24c..f499b7134 100644 --- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php +++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php @@ -20,7 +20,6 @@ use SimpleSAML\XML\Validator; class AuthnResponse { - /** * @var \SimpleSAML\XML\Validator This variable contains an XML validator for this message. */ @@ -120,7 +119,7 @@ class AuthnResponse // Validate against CA $this->validator->validateCA(Config::getCertPath($md->getString('caFile'))); } else { - throw new \SimpleSAML_Error_Exception('Missing certificate in Shibboleth 1.3 IdP Remote metadata for identity provider [' . $issuer . '].'); + throw new \SimpleSAML\Error\Exception('Missing certificate in Shibboleth 1.3 IdP Remote metadata for identity provider [' . $issuer . '].'); } return true; @@ -149,7 +148,7 @@ class AuthnResponse $node = dom_import_simplexml($node); } - assert($node instanceof DOMNode); + assert($node instanceof \DOMNode); return $this->validator->isNodeValidated($node); } @@ -166,13 +165,13 @@ class AuthnResponse private function doXPathQuery($query, $node = null) { assert(is_string($query)); - assert($this->dom instanceof DOMDocument); + assert($this->dom instanceof \DOMDocument); if ($node === null) { $node = $this->dom->documentElement; } - assert($node instanceof DOMNode); + assert($node instanceof \DOMNode); $xPath = new \DOMXpath($this->dom); $xPath->registerNamespace('shibp', self::SHIB_PROTOCOL_NS); diff --git a/modules/adfs/lib/IdP/ADFS.php b/modules/adfs/lib/IdP/ADFS.php index f6d511044..0f2d08406 100644 --- a/modules/adfs/lib/IdP/ADFS.php +++ b/modules/adfs/lib/IdP/ADFS.php @@ -13,12 +13,12 @@ class sspmod_adfs_IdP_ADFS $requestid = $query['wctx']; $issuer = $query['wtrealm']; - $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); + $metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $spMetadata = $metadata->getMetaDataConfig($issuer, 'adfs-sp-remote'); - SimpleSAML\Logger::info('ADFS - IdP.prp: Incoming Authentication request: '.$issuer.' id '.$requestid); + \SimpleSAML\Logger::info('ADFS - IdP.prp: Incoming Authentication request: '.$issuer.' id '.$requestid); } catch (Exception $exception) { - throw new SimpleSAML_Error_Error('PROCESSAUTHNREQUEST', $exception); + throw new \SimpleSAML\Error\Error('PROCESSAUTHNREQUEST', $exception); } $state = array( @@ -39,10 +39,10 @@ class sspmod_adfs_IdP_ADFS private static function generateResponse($issuer, $target, $nameid, $attributes, $assertionLifetime) { - $issueInstant = SimpleSAML\Utils\Time::generateTimestamp(); - $notBefore = SimpleSAML\Utils\Time::generateTimestamp(time() - 30); - $assertionExpire = SimpleSAML\Utils\Time::generateTimestamp(time() + $assertionLifetime); - $assertionID = SimpleSAML\Utils\Random::generateID(); + $issueInstant = \SimpleSAML\Utils\Time::generateTimestamp(); + $notBefore = \SimpleSAML\Utils\Time::generateTimestamp(time() - 30); + $assertionExpire = \SimpleSAML\Utils\Time::generateTimestamp(time() + $assertionLifetime); + $assertionID = \SimpleSAML\Utils\Random::generateID(); $nameidFormat = 'http://schemas.xmlsoap.org/claims/UPN'; $nameid = htmlspecialchars($nameid); @@ -71,7 +71,7 @@ MSG; continue; } - list($namespace, $name) = SimpleSAML\Utils\Attributes::getAttributeNamespace($name, 'http://schemas.xmlsoap.org/claims'); + list($namespace, $name) = \SimpleSAML\Utils\Attributes::getAttributeNamespace($name, 'http://schemas.xmlsoap.org/claims'); foreach ($values as $value) { if ((!isset($value)) || ($value === '')) { continue; @@ -160,14 +160,14 @@ MSG; $nameidattribute = $spMetadata->getValue('simplesaml.nameidattribute'); if (!empty($nameidattribute)) { if (!array_key_exists($nameidattribute, $attributes)) { - throw new Exception('simplesaml.nameidattribute does not exist in resulting attribute set'); + throw new \Exception('simplesaml.nameidattribute does not exist in resulting attribute set'); } $nameid = $attributes[$nameidattribute][0]; } else { $nameid = SimpleSAML\Utils\Random::generateID(); } - $idp = SimpleSAML_IdP::getByState($state); + $idp = \SimpleSAML_IdP::getByState($state); $idpMetadata = $idp->getConfig(); $idpEntityId = $idpMetadata->getString('entityid'); @@ -182,7 +182,7 @@ MSG; $assertionLifetime = $idpMetadata->getInteger('assertion.lifetime', 300); } - $response = sspmod_adfs_IdP_ADFS::generateResponse($idpEntityId, $spEntityId, $nameid, $attributes, $assertionLifetime); + $response = \sspmod_adfs_IdP_ADFS::generateResponse($idpEntityId, $spEntityId, $nameid, $attributes, $assertionLifetime); $privateKeyFile = \SimpleSAML\Utils\Config::getCertPath($idpMetadata->getString('privatekey')); $certificateFile = \SimpleSAML\Utils\Config::getCertPath($idpMetadata->getString('certificate')); @@ -191,11 +191,11 @@ MSG; if ($algo === null) { $algo = $idpMetadata->getString('signature.algorithm', XMLSecurityKey::RSA_SHA256); } - $wresult = sspmod_adfs_IdP_ADFS::signResponse($response, $privateKeyFile, $certificateFile, $algo); + $wresult = \sspmod_adfs_IdP_ADFS::signResponse($response, $privateKeyFile, $certificateFile, $algo); $wctx = $state['adfs:wctx']; $wreply = $state['adfs:wreply'] ? : $spMetadata->getValue('prp'); - sspmod_adfs_IdP_ADFS::postResponse($wreply, $wresult, $wctx); + \sspmod_adfs_IdP_ADFS::postResponse($wreply, $wresult, $wctx); } public static function sendLogoutResponse(SimpleSAML_IdP $idp, array $state) @@ -227,9 +227,9 @@ MSG; // accepts an association array, and returns a URL that can be accessed to terminate the association public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState) { - $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); + $metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $spMetadata = $metadata->getMetaDataConfig($association['adfs:entityID'], 'adfs-sp-remote'); - $returnTo = SimpleSAML\Module::getModuleURL('adfs/idp/prp.php?assocId='.urlencode($association["id"]).'&relayState='.urlencode($relayState)); + $returnTo = \SimpleSAML\Module::getModuleURL('adfs/idp/prp.php?assocId='.urlencode($association["id"]).'&relayState='.urlencode($relayState)); return $spMetadata->getValue('prp').'?wa=wsignoutcleanup1.0&wreply='.urlencode($returnTo); } } diff --git a/modules/adfs/www/idp/metadata.php b/modules/adfs/www/idp/metadata.php index 22f0a7b38..ecf822a3d 100644 --- a/modules/adfs/www/idp/metadata.php +++ b/modules/adfs/www/idp/metadata.php @@ -2,10 +2,10 @@ // load configuration and metadata $config = \SimpleSAML\Configuration::getInstance(); -$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); +$metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); if (!$config->getBoolean('enable.adfs-idp', false)) { - throw new SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } // check if valid local session exists @@ -94,7 +94,7 @@ try { ); if (!$idpmeta->hasValue('OrganizationURL')) { - throw new SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.'); + throw new \SimpleSAML\Error\Exception('If OrganizationName is set, OrganizationURL must also be set.'); } $metaArray['OrganizationURL'] = $idpmeta->getLocalizedString('OrganizationURL'); } @@ -167,5 +167,5 @@ try { exit(0); } } catch (Exception $exception) { - throw new SimpleSAML_Error_Error('METADATA', $exception); + throw new \SimpleSAML\Error\Error('METADATA', $exception); } diff --git a/modules/adfs/www/idp/prp.php b/modules/adfs/www/idp/prp.php index 99f8db825..6346b8d00 100644 --- a/modules/adfs/www/idp/prp.php +++ b/modules/adfs/www/idp/prp.php @@ -23,6 +23,6 @@ if (isset($_GET['wa'])) { // logout response from ADFS SP $assocId = $_GET['assocId']; // Association ID of the SP that sent the logout response $relayState = $_GET['relayState']; // Data that was sent in the logout request to the SP. Can be null - $logoutError = null; // null on success, or an instance of a SimpleSAML_Error_Exception on failure. + $logoutError = null; // null on success, or an instance of a \SimpleSAML\Error\Exception on failure. $idp->handleLogoutResponse($assocId, $relayState, $logoutError); } diff --git a/modules/authX509/www/expirywarning.php b/modules/authX509/www/expirywarning.php index 73b3f8658..d7861254e 100644 --- a/modules/authX509/www/expirywarning.php +++ b/modules/authX509/www/expirywarning.php @@ -9,7 +9,7 @@ \SimpleSAML\Logger::info('AuthX509 - Showing expiry warning to user'); if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $id = $_REQUEST['StateId']; $state = \SimpleSAML_Auth_State::loadState($id, 'warning:expire'); diff --git a/modules/authYubiKey/lib/Auth/Source/YubiKey.php b/modules/authYubiKey/lib/Auth/Source/YubiKey.php index 2d19aa507..1bdd98dd4 100644 --- a/modules/authYubiKey/lib/Auth/Source/YubiKey.php +++ b/modules/authYubiKey/lib/Auth/Source/YubiKey.php @@ -103,8 +103,8 @@ class sspmod_authYubiKey_Auth_Source_YubiKey extends SimpleSAML_Auth_Source // We are going to need the authId in order to retrieve this authentication source later $state[self::AUTHID] = $this->authId; - $id = SimpleSAML_Auth_State::saveState($state, self::STAGEID); - $url = SimpleSAML\Module::getModuleURL('authYubiKey/yubikeylogin.php'); + $id = \SimpleSAML_Auth_State::saveState($state, self::STAGEID); + $url = \SimpleSAML\Module::getModuleURL('authYubiKey/yubikeylogin.php'); \SimpleSAML\Utils\HTTP::redirectTrustedURL($url, array('AuthState' => $id)); } @@ -127,11 +127,11 @@ class sspmod_authYubiKey_Auth_Source_YubiKey extends SimpleSAML_Auth_Source assert(is_string($otp)); /* Retrieve the authentication state. */ - $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID); + $state = \SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID); /* Find authentication source. */ assert(array_key_exists(self::AUTHID, $state)); - $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]); + $source = \SimpleSAML_Auth_Source::getById($state[self::AUTHID]); if ($source === null) { throw new Exception('Could not find authentication source with id '.$state[self::AUTHID]); } @@ -139,7 +139,7 @@ class sspmod_authYubiKey_Auth_Source_YubiKey extends SimpleSAML_Auth_Source try { /* Attempt to log in. */ $attributes = $source->login($otp); - } catch (SimpleSAML_Error_Error $e) { + } catch (\SimpleSAML\Error\Error $e) { /* An error occurred during login. Check if it is because of the wrong * username/password - if it is, we pass that error up to the login form, * if not, we let the generic error handler deal with it. @@ -155,7 +155,7 @@ class sspmod_authYubiKey_Auth_Source_YubiKey extends SimpleSAML_Auth_Source } $state['Attributes'] = $attributes; - SimpleSAML_Auth_Source::completeAuth($state); + \SimpleSAML_Auth_Source::completeAuth($state); } /** @@ -172,7 +172,7 @@ class sspmod_authYubiKey_Auth_Source_YubiKey extends SimpleSAML_Auth_Source * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong - * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * @@ -191,11 +191,11 @@ class sspmod_authYubiKey_Auth_Source_YubiKey extends SimpleSAML_Auth_Source $uid = self::getYubiKeyPrefix($otp); $attributes = array('uid' => array($uid)); } catch (Exception $e) { - SimpleSAML\Logger::info('YubiKey:'.$this->authId.': Validation error (otp '.$otp.'), debug output: '.$yubi->getLastResponse()); - throw new SimpleSAML_Error_Error('WRONGUSERPASS', $e); + \SimpleSAML\Logger::info('YubiKey:'.$this->authId.': Validation error (otp '.$otp.'), debug output: '.$yubi->getLastResponse()); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS', $e); } - SimpleSAML\Logger::info('YubiKey:'.$this->authId.': YubiKey otp '.$otp.' validated successfully: '.$yubi->getLastResponse()); + \SimpleSAML\Logger::info('YubiKey:'.$this->authId.': YubiKey otp '.$otp.' validated successfully: '.$yubi->getLastResponse()); return $attributes; } } diff --git a/modules/authYubiKey/www/yubikeylogin.php b/modules/authYubiKey/www/yubikeylogin.php index 7b6c94f2f..c7c42ce95 100644 --- a/modules/authYubiKey/www/yubikeylogin.php +++ b/modules/authYubiKey/www/yubikeylogin.php @@ -10,21 +10,21 @@ */ if (!array_key_exists('AuthState', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing AuthState parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthState parameter.'); } $authStateId = $_REQUEST['AuthState']; if (array_key_exists('otp', $_REQUEST)) { - $otp = $_REQUEST['otp']; + $otp = $_REQUEST['otp']; } else { - $otp = ''; + $otp = ''; } if (!empty($otp)) { - // attempt to log in - $errorCode = \sspmod_authYubiKey_Auth_Source_YubiKey::handleLogin($authStateId, $otp); + // attempt to log in + $errorCode = \sspmod_authYubiKey_Auth_Source_YubiKey::handleLogin($authStateId, $otp); } else { - $errorCode = NULL; + $errorCode = NULL; } $globalConfig = \SimpleSAML\Configuration::getInstance(); diff --git a/modules/authcrypt/lib/Auth/Source/Hash.php b/modules/authcrypt/lib/Auth/Source/Hash.php index 1aca11574..3109a9bbe 100644 --- a/modules/authcrypt/lib/Auth/Source/Hash.php +++ b/modules/authcrypt/lib/Auth/Source/Hash.php @@ -1,6 +1,5 @@ <?php - /** * Authentication source for username & hashed password. * @@ -12,8 +11,6 @@ */ class sspmod_authcrypt_Auth_Source_Hash extends sspmod_core_Auth_UserPassBase { - - /** * Our users, stored in an associative array. The key of the array is "<username>:<passwordhash>", * while the value of each element is a new array with the attributes for each user. @@ -42,22 +39,22 @@ class sspmod_authcrypt_Auth_Source_Hash extends sspmod_core_Auth_UserPassBase // Validate and parse our configuration foreach ($config as $userpass => $attributes) { if (!is_string($userpass)) { - throw new Exception('Invalid <username>:<passwordhash> for authentication source '. + throw new \Exception('Invalid <username>:<passwordhash> for authentication source '. $this->authId.': '.$userpass); } $userpass = explode(':', $userpass, 2); if (count($userpass) !== 2) { - throw new Exception('Invalid <username>:<passwordhash> for authentication source '. + throw new \Exception('Invalid <username>:<passwordhash> for authentication source '. $this->authId.': '.$userpass[0]); } $username = $userpass[0]; $passwordhash = $userpass[1]; try { - $attributes = SimpleSAML\Utils\Attributes::normalizeAttributesArray($attributes); + $attributes = \SimpleSAML\Utils\Attributes::normalizeAttributesArray($attributes); } catch (Exception $e) { - throw new Exception('Invalid attributes for user '.$username. + throw new \Exception('Invalid attributes for user '.$username. ' in authentication source '.$this->authId.': '. $e->getMessage()); } @@ -72,7 +69,7 @@ class sspmod_authcrypt_Auth_Source_Hash extends sspmod_core_Auth_UserPassBase * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong - * username OR password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username OR password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * The username is UTF-8 encoded, and the hash is base64 encoded. * @@ -81,7 +78,7 @@ class sspmod_authcrypt_Auth_Source_Hash extends sspmod_core_Auth_UserPassBase * * @return array Associative array with the users attributes. * - * @throws SimpleSAML_Error_Error if authentication fails. + * @throws \SimpleSAML\Error\Error if authentication fails. */ protected function login($username, $password) { @@ -91,13 +88,13 @@ class sspmod_authcrypt_Auth_Source_Hash extends sspmod_core_Auth_UserPassBase foreach ($this->users as $userpass => $attrs) { $matches = explode(':', $userpass, 2); if ($matches[0] === $username) { - if (SimpleSAML\Utils\Crypto::pwValid($matches[1], $password)) { + if (\SimpleSAML\Utils\Crypto::pwValid($matches[1], $password)) { return $attrs; } else { - SimpleSAML\Logger::debug('Incorrect password "'.$password.'" for user '.$username); + \SimpleSAML\Logger::debug('Incorrect password "'.$password.'" for user '.$username); } } } - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } } diff --git a/modules/authcrypt/lib/Auth/Source/Htpasswd.php b/modules/authcrypt/lib/Auth/Source/Htpasswd.php index 84bc7ea3e..dd17bcb9f 100644 --- a/modules/authcrypt/lib/Auth/Source/Htpasswd.php +++ b/modules/authcrypt/lib/Auth/Source/Htpasswd.php @@ -11,8 +11,6 @@ use WhiteHat101\Crypt\APR1_MD5; class sspmod_authcrypt_Auth_Source_Htpasswd extends sspmod_core_Auth_UserPassBase { - - /** * Our users, stored in an array, where each value is "<username>:<passwordhash>". * @@ -66,7 +64,7 @@ class sspmod_authcrypt_Auth_Source_Htpasswd extends sspmod_core_Auth_UserPassBas * * On a successful login, this function should return the username as 'uid' attribute, * and merged attributes from the configuration file. - * On failure, it should throw an exception. A SimpleSAML_Error_Error('WRONGUSERPASS') + * On failure, it should throw an exception. A \SimpleSAML\Error\Error('WRONGUSERPASS') * should be thrown in case of a wrong username OR a wrong password, to prevent the * enumeration of usernames. * @@ -75,7 +73,7 @@ class sspmod_authcrypt_Auth_Source_Htpasswd extends sspmod_core_Auth_UserPassBas * * @return array Associative array with the users attributes. * - * @throws SimpleSAML_Error_Error if authentication fails. + * @throws \SimpleSAML\Error\Error if authentication fails. */ protected function login($username, $password) { @@ -113,9 +111,9 @@ class sspmod_authcrypt_Auth_Source_Htpasswd extends sspmod_core_Auth_UserPassBas ); return $attributes; } - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } } - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } } diff --git a/modules/authfacebook/lib/Auth/Source/Facebook.php b/modules/authfacebook/lib/Auth/Source/Facebook.php index 66f2a5f6e..179b3b269 100644 --- a/modules/authfacebook/lib/Auth/Source/Facebook.php +++ b/modules/authfacebook/lib/Auth/Source/Facebook.php @@ -109,12 +109,12 @@ class sspmod_authfacebook_Auth_Source_Facebook extends SimpleSAML_Auth_Source { try { $info = $facebook->api("/" . $uid . ($this->user_fields ? "?fields=" . $this->user_fields : "")); } catch (FacebookApiException $e) { - throw new SimpleSAML_Error_AuthSource($this->authId, 'Error getting user profile.', $e); + throw new \SimpleSAML\Error\AuthSource($this->authId, 'Error getting user profile.', $e); } } if (!isset($info)) { - throw new SimpleSAML_Error_AuthSource($this->authId, 'Error getting user profile.'); + throw new \SimpleSAML\Error\AuthSource($this->authId, 'Error getting user profile.'); } $attributes = array(); diff --git a/modules/authfacebook/www/linkback.php b/modules/authfacebook/www/linkback.php index 94adb1672..bf1ee49e1 100644 --- a/modules/authfacebook/www/linkback.php +++ b/modules/authfacebook/www/linkback.php @@ -10,30 +10,30 @@ if (array_key_exists('AuthState', $_REQUEST) && !empty($_REQUEST['AuthState'])) } elseif (array_key_exists('state', $_REQUEST) && !empty($_REQUEST['state'])) { $state = SimpleSAML_Auth_State::loadState($_REQUEST['state'], sspmod_authfacebook_Auth_Source_Facebook::STAGE_INIT); } else { - throw new SimpleSAML_Error_BadRequest('Missing state parameter on facebook linkback endpoint.'); + throw new \SimpleSAML\Error\BadRequest('Missing state parameter on facebook linkback endpoint.'); } // Find authentication source if (!array_key_exists(sspmod_authfacebook_Auth_Source_Facebook::AUTHID, $state)) { - throw new SimpleSAML_Error_BadRequest('No data in state for ' . sspmod_authfacebook_Auth_Source_Facebook::AUTHID); + throw new \SimpleSAML\Error\BadRequest('No data in state for ' . sspmod_authfacebook_Auth_Source_Facebook::AUTHID); } $sourceId = $state[sspmod_authfacebook_Auth_Source_Facebook::AUTHID]; $source = SimpleSAML_Auth_Source::getById($sourceId); if ($source === NULL) { - throw new SimpleSAML_Error_BadRequest('Could not find authentication source with id ' . var_export($sourceId, TRUE)); + throw new \SimpleSAML\Error\BadRequest('Could not find authentication source with id ' . var_export($sourceId, TRUE)); } try { if (isset($_REQUEST['error_reason']) && $_REQUEST['error_reason'] == 'user_denied') { - throw new SimpleSAML_Error_UserAborted(); + throw new \SimpleSAML\Error\UserAborted(); } $source->finalStep($state); -} catch (SimpleSAML_Error_Exception $e) { +} catch (\SimpleSAML\Error\Exception $e) { SimpleSAML_Auth_State::throwException($state, $e); } catch (Exception $e) { - SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_AuthSource($sourceId, 'Error on facebook linkback endpoint.', $e)); + SimpleSAML_Auth_State::throwException($state, new \SimpleSAML\Error\AuthSource($sourceId, 'Error on facebook linkback endpoint.', $e)); } SimpleSAML_Auth_Source::completeAuth($state); diff --git a/modules/authorize/www/authorize_403.php b/modules/authorize/www/authorize_403.php index a9ebc8362..cf352e77e 100644 --- a/modules/authorize/www/authorize_403.php +++ b/modules/authorize/www/authorize_403.php @@ -6,7 +6,7 @@ */ if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $state = \SimpleSAML_Auth_State::loadState($_REQUEST['StateId'], 'authorize:Authorize'); diff --git a/modules/authtwitter/lib/Auth/Source/Twitter.php b/modules/authtwitter/lib/Auth/Source/Twitter.php index 18a012371..9278f0eff 100644 --- a/modules/authtwitter/lib/Auth/Source/Twitter.php +++ b/modules/authtwitter/lib/Auth/Source/Twitter.php @@ -102,14 +102,14 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source $parameters = array(); if (!isset($_REQUEST['oauth_token'])) { - throw new SimpleSAML_Error_BadRequest("Missing oauth_token parameter."); + throw new \SimpleSAML\Error\BadRequest("Missing oauth_token parameter."); } if ($requestToken->key !== (string)$_REQUEST['oauth_token']) { - throw new SimpleSAML_Error_BadRequest("Invalid oauth_token parameter."); + throw new \SimpleSAML\Error\BadRequest("Invalid oauth_token parameter."); } if (!isset($_REQUEST['oauth_verifier'])) { - throw new SimpleSAML_Error_BadRequest("Missing oauth_verifier parameter."); + throw new \SimpleSAML\Error\BadRequest("Missing oauth_verifier parameter."); } $parameters['oauth_verifier'] = (string)$_REQUEST['oauth_verifier']; @@ -130,7 +130,7 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source $userdata = $consumer->getUserInfo($verify_credentials_url, $accessToken); if (!isset($userdata['id_str']) || !isset($userdata['screen_name'])) { - throw new SimpleSAML_Error_AuthSource($this->authId, 'Authentication error: id_str and screen_name not set.'); + throw new \SimpleSAML\Error\AuthSource($this->authId, 'Authentication error: id_str and screen_name not set.'); } $attributes = array(); diff --git a/modules/authtwitter/www/linkback.php b/modules/authtwitter/www/linkback.php index 2886f8d9a..a616e4a9d 100644 --- a/modules/authtwitter/www/linkback.php +++ b/modules/authtwitter/www/linkback.php @@ -5,31 +5,31 @@ */ if (!array_key_exists('AuthState', $_REQUEST) || empty($_REQUEST['AuthState'])) { - throw new SimpleSAML_Error_BadRequest('Missing state parameter on twitter linkback endpoint.'); + throw new \SimpleSAML\Error\BadRequest('Missing state parameter on twitter linkback endpoint.'); } $state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthState'], sspmod_authtwitter_Auth_Source_Twitter::STAGE_INIT); // Find authentication source if (!array_key_exists(sspmod_authtwitter_Auth_Source_Twitter::AUTHID, $state)) { - throw new SimpleSAML_Error_BadRequest('No data in state for ' . sspmod_authtwitter_Auth_Source_Twitter::AUTHID); + throw new \SimpleSAML\Error\BadRequest('No data in state for ' . sspmod_authtwitter_Auth_Source_Twitter::AUTHID); } $sourceId = $state[sspmod_authtwitter_Auth_Source_Twitter::AUTHID]; $source = SimpleSAML_Auth_Source::getById($sourceId); if ($source === NULL) { - throw new SimpleSAML_Error_BadRequest('Could not find authentication source with id ' . var_export($sourceId, TRUE)); + throw new \SimpleSAML\Error\BadRequest('Could not find authentication source with id ' . var_export($sourceId, TRUE)); } try { if (array_key_exists('denied', $_REQUEST)) { - throw new SimpleSAML_Error_UserAborted(); + throw new \SimpleSAML\Error\UserAborted(); } $source->finalStep($state); -} catch (SimpleSAML_Error_Exception $e) { +} catch (\SimpleSAML\Error\Exception $e) { SimpleSAML_Auth_State::throwException($state, $e); } catch (Exception $e) { - SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_AuthSource($sourceId, 'Error on authtwitter linkback endpoint.', $e)); + SimpleSAML_Auth_State::throwException($state, new \SimpleSAML\Error\AuthSource($sourceId, 'Error on authtwitter linkback endpoint.', $e)); } SimpleSAML_Auth_Source::completeAuth($state); diff --git a/modules/authwindowslive/www/linkback.php b/modules/authwindowslive/www/linkback.php index e6b1ea2c3..a002e22e4 100644 --- a/modules/authwindowslive/www/linkback.php +++ b/modules/authwindowslive/www/linkback.php @@ -24,7 +24,7 @@ if (array_key_exists('code', $_REQUEST)) { // to preserve support for this, so this is left in as a placeholder. // redirect them to their original page so they can choose another auth mechanism if ($_REQUEST['error'] === 'user_denied') { - $e = new SimpleSAML_Error_UserAborted(); + $e = new \SimpleSAML\Error\UserAborted(); SimpleSAML_Auth_State::throwException($state, $e); } diff --git a/modules/cas/www/linkback.php b/modules/cas/www/linkback.php index a6ffa4971..db7dc5d50 100644 --- a/modules/cas/www/linkback.php +++ b/modules/cas/www/linkback.php @@ -5,12 +5,12 @@ */ if (!isset($_GET['stateID'])) { - throw new SimpleSAML_Error_BadRequest('Missing stateID parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing stateID parameter.'); } $state = SimpleSAML_Auth_State::loadState($_GET['stateID'], sspmod_cas_Auth_Source_CAS::STAGE_INIT); if (!isset($_GET['ticket'])) { - throw new SimpleSAML_Error_BadRequest('Missing ticket parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing ticket parameter.'); } $state['cas:ticket'] = (string)$_GET['ticket']; @@ -19,8 +19,8 @@ assert(array_key_exists(sspmod_cas_Auth_Source_CAS::AUTHID, $state)); $sourceId = $state[sspmod_cas_Auth_Source_CAS::AUTHID]; $source = SimpleSAML_Auth_Source::getById($sourceId); -if ($source === NULL) { - throw new Exception('Could not find authentication source with id ' . $sourceId); +if ($source === null) { + throw new Exception('Could not find authentication source with id ' . $sourceId); } $source->finalStep($state); diff --git a/modules/casserver/www/cas.php b/modules/casserver/www/cas.php index 5b9d16bad..712b4f083 100644 --- a/modules/casserver/www/cas.php +++ b/modules/casserver/www/cas.php @@ -15,20 +15,20 @@ * Proxyed services (targetService) shall be present in the legal_service_urls config. * */ - + $validFunctions = array( - 'login' => 'login', - 'proxy' => 'proxy', - 'validate' => 'serviceValidate', - 'serviceValidate' => 'serviceValidate', - 'proxyValidate' => 'serviceValidate' + 'login' => 'login', + 'proxy' => 'proxy', + 'validate' => 'serviceValidate', + 'serviceValidate' => 'serviceValidate', + 'proxyValidate' => 'serviceValidate' ); $function = substr($_SERVER['PATH_INFO'], 1); if (!isset($validFunctions[$function])) { - throw new SimpleSAML_Error_NotFound('Not a valid function for cas.php.'); + throw new \SimpleSAML\Error\NotFound('Not a valid function for cas.php.'); } include($validFunctions[$function].".php"); diff --git a/modules/cdc/lib/Auth/Process/CDC.php b/modules/cdc/lib/Auth/Process/CDC.php index 9641da2ab..036267580 100644 --- a/modules/cdc/lib/Auth/Process/CDC.php +++ b/modules/cdc/lib/Auth/Process/CDC.php @@ -35,7 +35,7 @@ class sspmod_cdc_Auth_Process_CDC extends SimpleSAML_Auth_ProcessingFilter assert(is_array($config)); if (!isset($config['domain'])) { - throw new SimpleSAML_Error_Exception('Missing domain option in cdc:CDC filter.'); + throw new \SimpleSAML\Error\Exception('Missing domain option in cdc:CDC filter.'); } $this->domain = (string)$config['domain']; diff --git a/modules/cdc/lib/Server.php b/modules/cdc/lib/Server.php index d14b5fc10..11ba1b0c4 100644 --- a/modules/cdc/lib/Server.php +++ b/modules/cdc/lib/Server.php @@ -5,6 +5,7 @@ * * @package SimpleSAMLphp */ + class sspmod_cdc_Server { /** @@ -54,7 +55,7 @@ class sspmod_cdc_Server $config = $cdcConfig->getConfigItem($domain, null); if ($config === null) { - throw new SimpleSAML_Error_Exception('Unknown CDC domain: ' . var_export($domain, true)); + throw new \SimpleSAML\Error\Exception('Unknown CDC domain: ' . var_export($domain, true)); } $this->domain = $domain; @@ -63,7 +64,7 @@ class sspmod_cdc_Server $this->cookieLifetime = $config->getInteger('cookie.lifetime', 0); if ($this->key === 'ExampleSharedKey') { - throw new SimpleSAML_Error_Exception('Key for CDC domain ' . var_export($domain, true) . ' not changed from default.'); + throw new \SimpleSAML\Error\Exception('Key for CDC domain ' . var_export($domain, true) . ' not changed from default.'); } } @@ -96,7 +97,7 @@ class sspmod_cdc_Server } if ($response['domain'] !== $this->domain) { - throw new SimpleSAML_Error_Exception('Response received from wrong domain.'); + throw new \SimpleSAML\Error\Exception('Response received from wrong domain.'); } $this->validate('CDCResponse'); @@ -112,7 +113,7 @@ class sspmod_cdc_Server { $request = self::get('CDCRequest'); if ($request === null) { - throw new SimpleSAML_Error_BadRequest('Missing "CDCRequest" parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing "CDCRequest" parameter.'); } $domain = $request['domain']; @@ -131,14 +132,14 @@ class sspmod_cdc_Server private function handleRequest(array $request) { if (!isset($request['op'])) { - throw new SimpleSAML_Error_BadRequest('Missing "op" in CDC request.'); + throw new \SimpleSAML\Error\BadRequest('Missing "op" in CDC request.'); } $op = (string)$request['op']; SimpleSAML\Logger::info('Received CDC request with "op": ' . var_export($op, true)); if (!isset($request['return'])) { - throw new SimpleSAML_Error_BadRequest('Missing "return" in CDC request.'); + throw new \SimpleSAML\Error\BadRequest('Missing "return" in CDC request.'); } $return = (string)$request['return']; @@ -181,7 +182,7 @@ class sspmod_cdc_Server private function handleAppend(array $request) { if (!isset($request['entityID'])) { - throw new SimpleSAML_Error_BadRequest('Missing entityID in append request.'); + throw new \SimpleSAML\Error\BadRequest('Missing entityID in append request.'); } $entityID = (string)$request['entityID']; @@ -253,28 +254,28 @@ class sspmod_cdc_Server $message = @base64_decode($message); if ($message === false) { - throw new SimpleSAML_Error_BadRequest('Error base64-decoding CDC message.'); + throw new \SimpleSAML\Error\BadRequest('Error base64-decoding CDC message.'); } $message = @json_decode($message, true); if ($message === false) { - throw new SimpleSAML_Error_BadRequest('Error json-decoding CDC message.'); + throw new \SimpleSAML\Error\BadRequest('Error json-decoding CDC message.'); } if (!isset($message['timestamp'])) { - throw new SimpleSAML_Error_BadRequest('Missing timestamp in CDC message.'); + throw new \SimpleSAML\Error\BadRequest('Missing timestamp in CDC message.'); } $timestamp = (int)$message['timestamp']; if ($timestamp + 60 < time()) { - throw new SimpleSAML_Error_BadRequest('CDC signature has expired.'); + throw new \SimpleSAML\Error\BadRequest('CDC signature has expired.'); } if ($timestamp - 60 > time()) { - throw new SimpleSAML_Error_BadRequest('CDC signature from the future.'); + throw new \SimpleSAML\Error\BadRequest('CDC signature from the future.'); } if (!isset($message['domain'])) { - throw new SimpleSAML_Error_BadRequest('Missing domain in CDC message.'); + throw new \SimpleSAML\Error\BadRequest('Missing domain in CDC message.'); } return $message; @@ -296,13 +297,13 @@ class sspmod_cdc_Server $message = (string)$_REQUEST[$parameter]; if (!isset($_REQUEST['Signature'])) { - throw new SimpleSAML_Error_BadRequest('Missing Signature on CDC message.'); + throw new \SimpleSAML\Error\BadRequest('Missing Signature on CDC message.'); } $signature = (string)$_REQUEST['Signature']; $cSignature = $this->calcSignature($message); if ($signature !== $cSignature) { - throw new SimpleSAML_Error_BadRequest('Invalid signature on CDC message.'); + throw new \SimpleSAML\Error\BadRequest('Invalid signature on CDC message.'); } } diff --git a/modules/cdc/www/resume.php b/modules/cdc/www/resume.php index a7f821998..76da69dd7 100644 --- a/modules/cdc/www/resume.php +++ b/modules/cdc/www/resume.php @@ -2,19 +2,19 @@ if (!array_key_exists('domain', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing domain to CDC resume handler.'); + throw new \SimpleSAML\Error\BadRequest('Missing domain to CDC resume handler.'); } $domain = (string)$_REQUEST['domain']; $client = new sspmod_cdc_Client($domain); $response = $client->getResponse(); -if ($response === NULL) { - throw new SimpleSAML_Error_BadRequest('Missing CDC response to CDC resume handler.'); +if ($response === null) { + throw new \SimpleSAML\Error\BadRequest('Missing CDC response to CDC resume handler.'); } if (!isset($response['id'])) { - throw new SimpleSAML_Error_BadRequest('CDCResponse without id.'); + throw new \SimpleSAML\Error\BadRequest('CDCResponse without id.'); } $state = SimpleSAML_Auth_State::loadState($response['id'], 'cdc:resume'); diff --git a/modules/consent/lib/Auth/Process/Consent.php b/modules/consent/lib/Auth/Process/Consent.php index 8ae51c100..b4c644aaf 100644 --- a/modules/consent/lib/Auth/Process/Consent.php +++ b/modules/consent/lib/Auth/Process/Consent.php @@ -69,7 +69,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt * @param array $config Configuration information. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception if the configuration is not valid. + * @throws \SimpleSAML\Error\Exception if the configuration is not valid. */ public function __construct($config, $reserved) { @@ -78,7 +78,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt if (array_key_exists('includeValues', $config)) { if (!is_bool($config['includeValues'])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Consent: includeValues must be boolean. '. var_export($config['includeValues'], true).' given.' ); @@ -88,7 +88,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt if (array_key_exists('checked', $config)) { if (!is_bool($config['checked'])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Consent: checked must be boolean. '. var_export($config['checked'], true).' given.' ); @@ -98,7 +98,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt if (array_key_exists('focus', $config)) { if (!in_array($config['focus'], array('yes', 'no'), true)) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Consent: focus must be a string with values `yes` or `no`. '. var_export($config['focus'], true).' given.' ); @@ -108,7 +108,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt if (array_key_exists('hiddenAttributes', $config)) { if (!is_array($config['hiddenAttributes'])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Consent: hiddenAttributes must be an array. '. var_export($config['hiddenAttributes'], true).' given.' ); @@ -118,7 +118,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt if (array_key_exists('attributes.exclude', $config)) { if (!is_array($config['attributes.exclude'])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Consent: attributes.exclude must be an array. '. var_export($config['attributes.exclude'], true).' given.' ); @@ -127,7 +127,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt } elseif (array_key_exists('noconsentattributes', $config)) { SimpleSAML\Logger::warning("The 'noconsentattributes' option has been deprecated in favour of 'attributes.exclude'."); if (!is_array($config['noconsentattributes'])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Consent: noconsentattributes must be an array. '. var_export($config['noconsentattributes'], true).' given.' ); @@ -148,7 +148,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt if (array_key_exists('showNoConsentAboutService', $config)) { if (!is_bool($config['showNoConsentAboutService'])) { - throw new SimpleSAML_Error_Exception('Consent: showNoConsentAboutService must be a boolean.'); + throw new \SimpleSAML\Error\Exception('Consent: showNoConsentAboutService must be a boolean.'); } $this->_showNoConsentAboutService = $config['showNoConsentAboutService']; } @@ -222,7 +222,7 @@ class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilt * * @return void * - * @throws SimpleSAML_Error_NoPassive if the request was passive and consent is needed. + * @throws \SimpleSAML\Error\NoPassive if the request was passive and consent is needed. */ public function process(&$state) { diff --git a/modules/consent/www/getconsent.php b/modules/consent/www/getconsent.php index 652df202a..4c863a3b7 100644 --- a/modules/consent/www/getconsent.php +++ b/modules/consent/www/getconsent.php @@ -24,7 +24,7 @@ $globalConfig = \SimpleSAML\Configuration::getInstance(); SimpleSAML\Logger::info('Consent - getconsent: Accessing consent interface'); if (!array_key_exists('StateId', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest( + throw new \SimpleSAML\Error\BadRequest( 'Missing required StateId query parameter.' ); } diff --git a/modules/consent/www/noconsent.php b/modules/consent/www/noconsent.php index f6ae87528..225f8b215 100644 --- a/modules/consent/www/noconsent.php +++ b/modules/consent/www/noconsent.php @@ -7,7 +7,7 @@ */ if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest( + throw new \SimpleSAML\Error\BadRequest( 'Missing required StateId query parameter.' ); } diff --git a/modules/core/lib/ACL.php b/modules/core/lib/ACL.php index 6afdd7b78..4c020ebdf 100644 --- a/modules/core/lib/ACL.php +++ b/modules/core/lib/ACL.php @@ -29,15 +29,15 @@ class sspmod_core_ACL { foreach ($acl as $rule) { if (!is_array($rule)) { - throw new SimpleSAML_Error_Exception('Invalid rule in access control list: ' . var_export($rule, TRUE)); + throw new \SimpleSAML\Error\Exception('Invalid rule in access control list: ' . var_export($rule, TRUE)); } if (count($rule) === 0) { - throw new SimpleSAML_Error_Exception('Empty rule in access control list.'); + throw new \SimpleSAML\Error\Exception('Empty rule in access control list.'); } $action = array_shift($rule); if ($action !== 'allow' && $action !== 'deny') { - throw new SimpleSAML_Error_Exception('Invalid action in rule in access control list: ' . var_export($action, TRUE)); + throw new \SimpleSAML\Error\Exception('Invalid action in rule in access control list: ' . var_export($action, TRUE)); } } @@ -57,7 +57,7 @@ class sspmod_core_ACL { $config = \SimpleSAML\Configuration::getOptionalConfig('acl.php'); if (!$config->hasValue($id)) { - throw new SimpleSAML_Error_Exception('No ACL with id ' . var_export($id, TRUE) . ' in config/acl.php.'); + throw new \SimpleSAML\Error\Exception('No ACL with id ' . var_export($id, TRUE) . ' in config/acl.php.'); } return $config->getArray($id); @@ -119,7 +119,7 @@ class sspmod_core_ACL { case 'or': return self::opOr($attributes, $rule); default: - throw new SimpleSAML_Error_Exception('Invalid ACL operation: ' . var_export($op, TRUE)); + throw new \SimpleSAML\Error\Exception('Invalid ACL operation: ' . var_export($op, TRUE)); } } diff --git a/modules/core/lib/Auth/Process/AttributeAlter.php b/modules/core/lib/Auth/Process/AttributeAlter.php index c53625790..d6daf9623 100644 --- a/modules/core/lib/Auth/Process/AttributeAlter.php +++ b/modules/core/lib/Auth/Process/AttributeAlter.php @@ -1,4 +1,5 @@ <?php + /** * Filter to modify attributes using regular expressions * @@ -7,6 +8,7 @@ * @author Jacob Christiansen, WAYF * @package SimpleSAMLphp */ + class sspmod_core_Auth_Process_AttributeAlter extends SimpleSAML_Auth_ProcessingFilter { /** @@ -44,7 +46,7 @@ class sspmod_core_Auth_Process_AttributeAlter extends SimpleSAML_Auth_Processing * * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. - * @throws SimpleSAML_Error_Exception In case of invalid configuration. + * @throws \SimpleSAML\Error\Exception In case of invalid configuration. */ public function __construct($config, $reserved) { @@ -61,7 +63,7 @@ class sspmod_core_Auth_Process_AttributeAlter extends SimpleSAML_Auth_Processing } elseif ($value === '%remove') { $this->remove = true; } else { - throw new SimpleSAML_Error_Exception('Unknown flag : ' . var_export($value, true)); + throw new \SimpleSAML\Error\Exception('Unknown flag : ' . var_export($value, true)); } continue; } elseif ($name === 'pattern') { @@ -86,7 +88,7 @@ class sspmod_core_Auth_Process_AttributeAlter extends SimpleSAML_Auth_Processing * Modify existing attributes with the configured values. * * @param array &$request The current request. - * @throws SimpleSAML_Error_Exception In case of invalid configuration. + * @throws \SimpleSAML\Error\Exception In case of invalid configuration. */ public function process(&$request) { assert(is_array($request)); @@ -97,20 +99,20 @@ class sspmod_core_Auth_Process_AttributeAlter extends SimpleSAML_Auth_Processing // check that all required params are set in config if (empty($this->pattern) || empty($this->subject)) { - throw new SimpleSAML_Error_Exception("Not all params set in config."); + throw new \SimpleSAML\Error\Exception("Not all params set in config."); } if (!$this->replace && !$this->remove && $this->replacement === false) { - throw new SimpleSAML_Error_Exception("'replacement' must be set if neither '%replace' nor ". + throw new \SimpleSAML\Error\Exception("'replacement' must be set if neither '%replace' nor ". "'%remove' are set."); } if (!$this->replace && $this->replacement === null) { - throw new SimpleSAML_Error_Exception("'%replace' must be set if 'replacement' is null."); + throw new \SimpleSAML\Error\Exception("'%replace' must be set if 'replacement' is null."); } if ($this->replace && $this->remove) { - throw new SimpleSAML_Error_Exception("'%replace' and '%remove' cannot be used together."); + throw new \SimpleSAML\Error\Exception("'%replace' and '%remove' cannot be used together."); } if (empty($this->target)) { @@ -119,7 +121,7 @@ class sspmod_core_Auth_Process_AttributeAlter extends SimpleSAML_Auth_Processing } if ($this->subject !== $this->target && $this->remove) { - throw new SimpleSAML_Error_Exception("Cannot use '%remove' when 'target' is different than 'subject'."); + throw new \SimpleSAML\Error\Exception("Cannot use '%remove' when 'target' is different than 'subject'."); } if (!array_key_exists($this->subject, $attributes)) { diff --git a/modules/core/lib/Auth/Process/AttributeLimit.php b/modules/core/lib/Auth/Process/AttributeLimit.php index 0ae3a9277..865b38353 100644 --- a/modules/core/lib/Auth/Process/AttributeLimit.php +++ b/modules/core/lib/Auth/Process/AttributeLimit.php @@ -27,7 +27,7 @@ class sspmod_core_Auth_Process_AttributeLimit extends SimpleSAML_Auth_Processing * * @param array $config Configuration information about this filter. * @param mixed $reserved For future use - * @throws SimpleSAML_Error_Exception If invalid configuration is found. + * @throws \SimpleSAML\Error\Exception If invalid configuration is found. */ public function __construct($config, $reserved) { parent::__construct($config, $reserved); @@ -39,18 +39,18 @@ class sspmod_core_Auth_Process_AttributeLimit extends SimpleSAML_Auth_Processing $this->isDefault = (bool)$value; } elseif (is_int($index)) { if (!is_string($value)) { - throw new SimpleSAML_Error_Exception('AttributeLimit: Invalid attribute name: ' . + throw new \SimpleSAML\Error\Exception('AttributeLimit: Invalid attribute name: ' . var_export($value, TRUE)); } $this->allowedAttributes[] = $value; } elseif (is_string($index)) { if (!is_array($value)) { - throw new SimpleSAML_Error_Exception('AttributeLimit: Values for ' . var_export($index, TRUE) . + throw new \SimpleSAML\Error\Exception('AttributeLimit: Values for ' . var_export($index, TRUE) . ' must be specified in an array.'); } $this->allowedAttributes[$index] = $value; } else { - throw new SimpleSAML_Error_Exception('AttributeLimit: Invalid option: ' . var_export($index, TRUE)); + throw new \SimpleSAML\Error\Exception('AttributeLimit: Invalid option: ' . var_export($index, TRUE)); } } } @@ -82,7 +82,7 @@ class sspmod_core_Auth_Process_AttributeLimit extends SimpleSAML_Auth_Processing * Removes all attributes which aren't one of the allowed attributes. * * @param array &$request The current request - * @throws SimpleSAML_Error_Exception If invalid configuration is found. + * @throws \SimpleSAML\Error\Exception If invalid configuration is found. */ public function process(&$request) { assert(is_array($request)); @@ -110,7 +110,7 @@ class sspmod_core_Auth_Process_AttributeLimit extends SimpleSAML_Auth_Processing if (array_key_exists($name, $allowedAttributes)) { // but it is an index of the array if (!is_array($allowedAttributes[$name])) { - throw new SimpleSAML_Error_Exception('AttributeLimit: Values for ' . var_export($name, TRUE) . + throw new \SimpleSAML\Error\Exception('AttributeLimit: Values for ' . var_export($name, TRUE) . ' must be specified in an array.'); } $attributes[$name] = $this->filterAttributeValues($attributes[$name], $allowedAttributes[$name]); diff --git a/modules/core/lib/Auth/Process/AttributeValueMap.php b/modules/core/lib/Auth/Process/AttributeValueMap.php index 5c69048f6..a83fb582a 100644 --- a/modules/core/lib/Auth/Process/AttributeValueMap.php +++ b/modules/core/lib/Auth/Process/AttributeValueMap.php @@ -41,7 +41,7 @@ class AttributeValueMap extends \SimpleSAML_Auth_ProcessingFilter * * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. - * @throws \SimpleSAML_Error_Exception If the configuration is not valid. + * @throws \SimpleSAML\Error\Exception If the configuration is not valid. */ public function __construct($config, $reserved) { @@ -84,13 +84,13 @@ class AttributeValueMap extends \SimpleSAML_Auth_ProcessingFilter // now validate it if (!is_string($this->sourceattribute)) { - throw new \SimpleSAML_Error_Exception("AttributeValueMap: 'sourceattribute' configuration option not set."); + throw new \SimpleSAML\Error\Exception("AttributeValueMap: 'sourceattribute' configuration option not set."); } if (!is_string($this->targetattribute)) { - throw new \SimpleSAML_Error_Exception("AttributeValueMap: 'targetattribute' configuration option not set."); + throw new \SimpleSAML\Error\Exception("AttributeValueMap: 'targetattribute' configuration option not set."); } if (!is_array($this->values)) { - throw new \SimpleSAML_Error_Exception("AttributeValueMap: 'values' configuration option is not an array."); + throw new \SimpleSAML\Error\Exception("AttributeValueMap: 'values' configuration option is not an array."); } } diff --git a/modules/core/lib/Auth/Process/Cardinality.php b/modules/core/lib/Auth/Process/Cardinality.php index afc645cff..59fdc392b 100644 --- a/modules/core/lib/Auth/Process/Cardinality.php +++ b/modules/core/lib/Auth/Process/Cardinality.php @@ -25,7 +25,7 @@ class sspmod_core_Auth_Process_Cardinality extends SimpleSAML_Auth_ProcessingFil * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * @param HTTPAdapter $http HTTP utility service (handles redirects). - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Exception */ public function __construct($config, $reserved, HTTPAdapter $http = null) { @@ -41,7 +41,7 @@ class sspmod_core_Auth_Process_Cardinality extends SimpleSAML_Auth_ProcessingFil } if (!is_string($attribute)) { - throw new SimpleSAML_Error_Exception('Invalid attribute name: '.var_export($attribute, true)); + throw new \SimpleSAML\Error\Exception('Invalid attribute name: '.var_export($attribute, true)); } $this->cardinality[$attribute] = array('warn' => false); @@ -66,20 +66,20 @@ class sspmod_core_Auth_Process_Cardinality extends SimpleSAML_Auth_ProcessingFil } elseif (!is_int($this->cardinality[$attribute]['min']) || $this->cardinality[$attribute]['min'] < 0 ) { - throw new SimpleSAML_Error_Exception('Minimum cardinality must be a positive integer: '. + throw new \SimpleSAML\Error\Exception('Minimum cardinality must be a positive integer: '. var_export($attribute, true)); } if (array_key_exists('max', $this->cardinality[$attribute]) && !is_int($this->cardinality[$attribute]['max']) ) { - throw new SimpleSAML_Error_Exception('Maximum cardinality must be a positive integer: '. + throw new \SimpleSAML\Error\Exception('Maximum cardinality must be a positive integer: '. var_export($attribute, true)); } if (array_key_exists('min', $this->cardinality[$attribute]) && array_key_exists('max', $this->cardinality[$attribute]) && $this->cardinality[$attribute]['min'] > $this->cardinality[$attribute]['max'] ) { - throw new SimpleSAML_Error_Exception('Minimum cardinality must be less than maximium: '. + throw new \SimpleSAML\Error\Exception('Minimum cardinality must be less than maximium: '. var_export($attribute, true)); } diff --git a/modules/core/lib/Auth/Process/PHP.php b/modules/core/lib/Auth/Process/PHP.php index 5b7f11711..2fb3d5352 100644 --- a/modules/core/lib/Auth/Process/PHP.php +++ b/modules/core/lib/Auth/Process/PHP.php @@ -1,14 +1,13 @@ <?php - /** * Attribute filter for running arbitrary PHP code. * * @package SimpleSAMLphp */ + class sspmod_core_Auth_Process_PHP extends SimpleSAML_Auth_ProcessingFilter { - /** * The PHP code that should be run. * @@ -23,7 +22,7 @@ class sspmod_core_Auth_Process_PHP extends SimpleSAML_Auth_ProcessingFilter * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception if the 'code' option is not defined. + * @throws \SimpleSAML\Error\Exception if the 'code' option is not defined. */ public function __construct($config, $reserved) { @@ -32,7 +31,7 @@ class sspmod_core_Auth_Process_PHP extends SimpleSAML_Auth_ProcessingFilter assert(is_array($config)); if (!isset($config['code'])) { - throw new SimpleSAML_Error_Exception("core:PHP: missing mandatory configuration option 'code'."); + throw new \SimpleSAML\Error\Exception("core:PHP: missing mandatory configuration option 'code'."); } $this->code = (string) $config['code']; } diff --git a/modules/core/lib/Auth/Source/AdminPassword.php b/modules/core/lib/Auth/Source/AdminPassword.php index f955f8078..1e37d2539 100644 --- a/modules/core/lib/Auth/Source/AdminPassword.php +++ b/modules/core/lib/Auth/Source/AdminPassword.php @@ -6,9 +6,9 @@ * * @package SimpleSAMLphp */ -class sspmod_core_Auth_Source_AdminPassword extends sspmod_core_Auth_UserPassBase { - +class sspmod_core_Auth_Source_AdminPassword extends sspmod_core_Auth_UserPassBase +{ /** * Constructor for this authentication source. * @@ -31,7 +31,7 @@ class sspmod_core_Auth_Source_AdminPassword extends sspmod_core_Auth_UserPassBas * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong - * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * @@ -47,18 +47,17 @@ class sspmod_core_Auth_Source_AdminPassword extends sspmod_core_Auth_UserPassBas $adminPassword = $config->getString('auth.adminpassword', '123'); if ($adminPassword === '123') { // We require that the user changes the password - throw new SimpleSAML_Error_Error('NOTSET'); + throw new \SimpleSAML\Error\Error('NOTSET'); } if ($username !== "admin") { - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } - if (!SimpleSAML\Utils\Crypto::pwValid($adminPassword, $password)) { - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + if (!\SimpleSAML\Utils\Crypto::pwValid($adminPassword, $password)) { + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } return array('user' => array('admin')); } - } diff --git a/modules/core/lib/Auth/UserPassBase.php b/modules/core/lib/Auth/UserPassBase.php index 39b675232..47ce27467 100644 --- a/modules/core/lib/Auth/UserPassBase.php +++ b/modules/core/lib/Auth/UserPassBase.php @@ -9,9 +9,9 @@ * @author Olav Morken, UNINETT AS. * @package SimpleSAMLphp */ -abstract class sspmod_core_Auth_UserPassBase extends SimpleSAML_Auth_Source { - +abstract class sspmod_core_Auth_UserPassBase extends SimpleSAML_Auth_Source +{ /** * The string used to identify our states. */ @@ -223,7 +223,7 @@ abstract class sspmod_core_Auth_UserPassBase extends SimpleSAML_Auth_Source { * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception/error. If the error was caused by the user entering the wrong - * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * diff --git a/modules/core/lib/Auth/UserPassOrgBase.php b/modules/core/lib/Auth/UserPassOrgBase.php index ccdc1cda5..487cef1d7 100644 --- a/modules/core/lib/Auth/UserPassOrgBase.php +++ b/modules/core/lib/Auth/UserPassOrgBase.php @@ -11,9 +11,9 @@ * @author Olav Morken, UNINETT AS. * @package SimpleSAMLphp */ -abstract class sspmod_core_Auth_UserPassOrgBase extends SimpleSAML_Auth_Source { - +abstract class sspmod_core_Auth_UserPassOrgBase extends SimpleSAML_Auth_Source +{ /** * The string used to identify our states. */ @@ -165,7 +165,7 @@ abstract class sspmod_core_Auth_UserPassOrgBase extends SimpleSAML_Auth_Source { * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception/error. If the error was caused by the user entering the wrong - * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * @@ -227,7 +227,7 @@ abstract class sspmod_core_Auth_UserPassOrgBase extends SimpleSAML_Auth_Source { } else { if ($orgMethod === 'force') { /* The organization should be a part of the username, but isn't. */ - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } } } diff --git a/modules/core/lib/Stats/Output/File.php b/modules/core/lib/Stats/Output/File.php index ce690e251..f67fd5358 100644 --- a/modules/core/lib/Stats/Output/File.php +++ b/modules/core/lib/Stats/Output/File.php @@ -61,7 +61,7 @@ class sspmod_core_Stats_Output_File extends SimpleSAML_Stats_Output { $fileName = $this->logDir . '/' . $date . '.log'; $this->file = @fopen($fileName, 'a'); if ($this->file === FALSE) { - throw new SimpleSAML_Error_Exception('Error opening log file: ' . var_export($fileName, TRUE)); + throw new \SimpleSAML\Error\Exception('Error opening log file: ' . var_export($fileName, TRUE)); } // Disable output buffering diff --git a/modules/core/www/as_login.php b/modules/core/www/as_login.php index d8dd4382c..14d8b1dc9 100644 --- a/modules/core/www/as_login.php +++ b/modules/core/www/as_login.php @@ -7,18 +7,18 @@ */ if (!isset($_REQUEST['ReturnTo'])) { - throw new \SimpleSAML_Error_BadRequest('Missing ReturnTo parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing ReturnTo parameter.'); } if (!isset($_REQUEST['AuthId'])) { - throw new \SimpleSAML_Error_BadRequest('Missing AuthId parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthId parameter.'); } /* * Setting up the options for the requireAuth() call later.. */ $options = array( - 'ReturnTo' => \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']), + 'ReturnTo' => \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']), ); /* @@ -26,7 +26,7 @@ $options = array( * as used by the DiscoJuice embedded client. */ if (!empty($_REQUEST['saml:idp'])) { - $options['saml:idp'] = $_REQUEST['saml:idp']; + $options['saml:idp'] = $_REQUEST['saml:idp']; } $as = new \SimpleSAML\Auth\Simple($_REQUEST['AuthId']); diff --git a/modules/core/www/as_logout.php b/modules/core/www/as_logout.php index bac8b042d..6fe7c95ad 100644 --- a/modules/core/www/as_logout.php +++ b/modules/core/www/as_logout.php @@ -7,11 +7,11 @@ */ if (!isset($_REQUEST['ReturnTo']) || !is_string($_REQUEST['ReturnTo'])) { - throw new \SimpleSAML_Error_BadRequest('Missing ReturnTo parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing ReturnTo parameter.'); } if (!isset($_REQUEST['AuthId']) || !is_string($_REQUEST['AuthId'])) { - throw new \SimpleSAML_Error_BadRequest('Missing AuthId parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthId parameter.'); } $as = new \SimpleSAML\Auth\Simple($_REQUEST['AuthId']); diff --git a/modules/core/www/cardinality_error.php b/modules/core/www/cardinality_error.php index 5d364aaa3..9236c9452 100644 --- a/modules/core/www/cardinality_error.php +++ b/modules/core/www/cardinality_error.php @@ -1,4 +1,5 @@ <?php + /** * Show a 403 Forbidden page when an attribute violates a cardinality rule * @@ -6,7 +7,7 @@ */ if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $id = $_REQUEST['StateId']; $state = \SimpleSAML_Auth_State::loadState($id, 'core:cardinality'); diff --git a/modules/core/www/frontpage_welcome.php b/modules/core/www/frontpage_welcome.php index a9020fbe0..f96a61634 100644 --- a/modules/core/www/frontpage_welcome.php +++ b/modules/core/www/frontpage_welcome.php @@ -1,6 +1,5 @@ <?php - // Load SimpleSAMLphp configuration $config = \SimpleSAML\Configuration::getInstance(); $session = \SimpleSAML\Session::getSessionFromRequest(); diff --git a/modules/core/www/idp/logout-iframe-done.php b/modules/core/www/idp/logout-iframe-done.php index 6b00621b8..cefeb701a 100644 --- a/modules/core/www/idp/logout-iframe-done.php +++ b/modules/core/www/idp/logout-iframe-done.php @@ -1,7 +1,7 @@ <?php if (!isset($_REQUEST['id'])) { - throw new SimpleSAML_Error_BadRequest('Missing required parameter: id'); + throw new \SimpleSAML\Error\BadRequest('Missing required parameter: id'); } $state = SimpleSAML_Auth_State::loadState($_REQUEST['id'], 'core:Logout-IFrame'); $idp = SimpleSAML_IdP::getByState($state); diff --git a/modules/core/www/idp/logout-iframe-post.php b/modules/core/www/idp/logout-iframe-post.php index 7079e19aa..1e42d84cb 100644 --- a/modules/core/www/idp/logout-iframe-post.php +++ b/modules/core/www/idp/logout-iframe-post.php @@ -1,13 +1,13 @@ <?php if (!isset($_REQUEST['idp'])) { - throw new SimpleSAML_Error_BadRequest('Missing "idp" parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing "idp" parameter.'); } $idp = (string) $_REQUEST['idp']; $idp = SimpleSAML_IdP::getById($idp); if (!isset($_REQUEST['association'])) { - throw new SimpleSAML_Error_BadRequest('Missing "association" parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing "association" parameter.'); } $assocId = urldecode($_REQUEST['association']); @@ -18,7 +18,7 @@ if (isset($_REQUEST['RelayState'])) { $associations = $idp->getAssociations(); if (!isset($associations[$assocId])) { - throw new SimpleSAML_Error_BadRequest('Invalid association id.'); + throw new \SimpleSAML\Error\BadRequest('Invalid association id.'); } $association = $associations[$assocId]; diff --git a/modules/core/www/idp/logout-iframe.php b/modules/core/www/idp/logout-iframe.php index 2463b50be..4e9496720 100644 --- a/modules/core/www/idp/logout-iframe.php +++ b/modules/core/www/idp/logout-iframe.php @@ -1,13 +1,13 @@ <?php if (!isset($_REQUEST['id'])) { - throw new \SimpleSAML_Error_BadRequest('Missing required parameter: id'); + throw new \SimpleSAML\Error\BadRequest('Missing required parameter: id'); } if (isset($_REQUEST['type'])) { $type = (string) $_REQUEST['type']; if (!in_array($type, array('init', 'js', 'nojs', 'embed'), true)) { - throw new \SimpleSAML_Error_BadRequest('Invalid value for type.'); + throw new \SimpleSAML\Error\BadRequest('Invalid value for type.'); } } else { $type = 'init'; diff --git a/modules/core/www/idp/resumelogout.php b/modules/core/www/idp/resumelogout.php index 199dad3b6..6a142ad57 100644 --- a/modules/core/www/idp/resumelogout.php +++ b/modules/core/www/idp/resumelogout.php @@ -1,7 +1,7 @@ <?php if (!isset($_REQUEST['id'])) { - throw new SimpleSAML_Error_BadRequest('Missing id-parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing id-parameter.'); } $state = SimpleSAML_Auth_State::loadState($_REQUEST['id'], 'core:Logout:afterbridge'); $idp = SimpleSAML_IdP::getByState($state); diff --git a/modules/core/www/login-admin.php b/modules/core/www/login-admin.php index 4d8e6c851..2fc0c6623 100644 --- a/modules/core/www/login-admin.php +++ b/modules/core/www/login-admin.php @@ -1,10 +1,11 @@ <?php + /* * Helper page for starting a admin login. Can be used as a target for links. */ if (!array_key_exists('ReturnTo', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing ReturnTo parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing ReturnTo parameter.'); } \SimpleSAML\Utils\Auth::requireAdmin(); diff --git a/modules/core/www/loginuserpass.php b/modules/core/www/loginuserpass.php index 70dd0d150..169ef792e 100644 --- a/modules/core/www/loginuserpass.php +++ b/modules/core/www/loginuserpass.php @@ -11,7 +11,7 @@ // Retrieve the authentication state if (!array_key_exists('AuthState', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthState parameter.'); } $authStateId = $_REQUEST['AuthState']; $state = SimpleSAML_Auth_State::loadState($authStateId, sspmod_core_Auth_UserPassBase::STAGEID); @@ -65,7 +65,7 @@ if (!empty($_REQUEST['username']) || !empty($password)) { try { sspmod_core_Auth_UserPassBase::handleLogin($authStateId, $username, $password); - } catch (SimpleSAML_Error_Error $e) { + } catch (\SimpleSAML\Error\Error $e) { /* Login failed. Extract error code and parameters, to display the error. */ $errorCode = $e->getErrorCode(); $errorParams = $e->getParameters(); diff --git a/modules/core/www/loginuserpassorg.php b/modules/core/www/loginuserpassorg.php index 90f6e46af..172e61611 100644 --- a/modules/core/www/loginuserpassorg.php +++ b/modules/core/www/loginuserpassorg.php @@ -11,7 +11,7 @@ // Retrieve the authentication state if (!array_key_exists('AuthState', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing AuthState parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthState parameter.'); } $authStateId = $_REQUEST['AuthState']; $state = \SimpleSAML_Auth_State::loadState($authStateId, sspmod_core_Auth_UserPassOrgBase::STAGEID); @@ -62,7 +62,7 @@ if ($organizations === NULL || !empty($organization)) { try { \sspmod_core_Auth_UserPassOrgBase::handleLogin($authStateId, $username, $password, $organization); - } catch (SimpleSAML_Error_Error $e) { + } catch (\SimpleSAML\Error\Error $e) { // Login failed. Extract error code and parameters, to display the error $errorCode = $e->getErrorCode(); $errorParams = $e->getParameters(); diff --git a/modules/core/www/postredirect.php b/modules/core/www/postredirect.php index 00cb8a088..40441f198 100644 --- a/modules/core/www/postredirect.php +++ b/modules/core/www/postredirect.php @@ -13,18 +13,18 @@ if (array_key_exists('RedirId', $_REQUEST)) { $encData = base64_decode($_REQUEST['RedirInfo']); if (empty($encData)) { - throw new \SimpleSAML_Error_BadRequest('Invalid RedirInfo data.'); + throw new \SimpleSAML\Error\BadRequest('Invalid RedirInfo data.'); } list($sessionId, $postId) = explode(':', \SimpleSAML\Utils\Crypto::aesDecrypt($encData)); if (empty($sessionId) || empty($postId)) { - throw new \SimpleSAML_Error_BadRequest('Invalid session info data.'); + throw new \SimpleSAML\Error\BadRequest('Invalid session info data.'); } $session = \SimpleSAML\Session::getSession($sessionId); } else { - throw new \SimpleSAML_Error_BadRequest('Missing redirection info parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing redirection info parameter.'); } if ($session === NULL) { diff --git a/modules/core/www/short_sso_interval.php b/modules/core/www/short_sso_interval.php index 983a4d930..7c44447e8 100644 --- a/modules/core/www/short_sso_interval.php +++ b/modules/core/www/short_sso_interval.php @@ -7,7 +7,7 @@ */ if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $id = $_REQUEST['StateId']; $state = \SimpleSAML_Auth_State::loadState($id, 'core:short_sso_interval'); diff --git a/modules/discopower/www/disco.php b/modules/discopower/www/disco.php index bfadb7c98..a4e98408d 100644 --- a/modules/discopower/www/disco.php +++ b/modules/discopower/www/disco.php @@ -1,15 +1,15 @@ <?php try { - $discoHandler = new sspmod_discopower_PowerIdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'poweridpdisco'); -} catch (Exception $exception) { - // An error here should be caused by invalid query parameters - throw new SimpleSAML_Error_Error('DISCOPARAMS', $exception); + $discoHandler = new sspmod_discopower_PowerIdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'poweridpdisco'); +} catch (\Exception $exception) { + // An error here should be caused by invalid query parameters + throw new \SimpleSAML\Error\Error('DISCOPARAMS', $exception); } try { - $discoHandler->handleRequest(); -} catch(Exception $exception) { - // An error here should be caused by metadata - throw new SimpleSAML_Error_Error('METADATA', $exception); + $discoHandler->handleRequest(); +} catch(\Exception $exception) { + // An error here should be caused by metadata + throw new \SimpleSAML\Error\Error('METADATA', $exception); } diff --git a/modules/exampleattributeserver/www/attributeserver.php b/modules/exampleattributeserver/www/attributeserver.php index 8f257c2a4..9b568511e 100644 --- a/modules/exampleattributeserver/www/attributeserver.php +++ b/modules/exampleattributeserver/www/attributeserver.php @@ -5,7 +5,7 @@ $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $binding = \SAML2\Binding::getCurrentBinding(); $query = $binding->receive(); if (!($query instanceof \SAML2\AttributeQuery)) { - throw new SimpleSAML_Error_BadRequest('Invalid message received to AttributeQuery endpoint.'); + throw new \SimpleSAML\Error\BadRequest('Invalid message received to AttributeQuery endpoint.'); } $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); @@ -13,7 +13,7 @@ $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); $spEntityId = $query->getIssuer(); if ($spEntityId === NULL) { - throw new SimpleSAML_Error_BadRequest('Missing <saml:Issuer> in <samlp:AttributeQuery>.'); + throw new \SimpleSAML\Error\BadRequest('Missing <saml:Issuer> in <samlp:AttributeQuery>.'); } $idpMetadata = $metadata->getMetadataConfig($idpEntityId, 'saml20-idp-hosted'); diff --git a/modules/exampleauth/lib/Auth/Source/External.php b/modules/exampleauth/lib/Auth/Source/External.php index 6b37a541a..f4bec9cc3 100644 --- a/modules/exampleauth/lib/Auth/Source/External.php +++ b/modules/exampleauth/lib/Auth/Source/External.php @@ -181,7 +181,7 @@ class sspmod_exampleauth_Auth_Source_External extends SimpleSAML_Auth_Source { * it in the 'State' request parameter. */ if (!isset($_REQUEST['State'])) { - throw new SimpleSAML_Error_BadRequest('Missing "State" parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing "State" parameter.'); } /* @@ -200,7 +200,7 @@ class sspmod_exampleauth_Auth_Source_External extends SimpleSAML_Auth_Source { * The only way this should fail is if we remove or rename the authentication source * while the user is at the login page. */ - throw new SimpleSAML_Error_Exception('Could not find authentication source with id ' . $state[self::AUTHID]); + throw new \SimpleSAML\Error\Exception('Could not find authentication source with id ' . $state[self::AUTHID]); } /* @@ -209,7 +209,7 @@ class sspmod_exampleauth_Auth_Source_External extends SimpleSAML_Auth_Source { * change config/authsources.php while an user is logging in. */ if (! ($source instanceof self)) { - throw new SimpleSAML_Error_Exception('Authentication source type changed.'); + throw new \SimpleSAML\Error\Exception('Authentication source type changed.'); } @@ -226,7 +226,7 @@ class sspmod_exampleauth_Auth_Source_External extends SimpleSAML_Auth_Source { * Here we simply throw an exception, but we could also redirect the user back to the * login page. */ - throw new SimpleSAML_Error_Exception('User not authenticated after login page.'); + throw new \SimpleSAML\Error\Exception('User not authenticated after login page.'); } /* diff --git a/modules/exampleauth/lib/Auth/Source/UserPass.php b/modules/exampleauth/lib/Auth/Source/UserPass.php index 8582d1c7c..96d2abe2c 100644 --- a/modules/exampleauth/lib/Auth/Source/UserPass.php +++ b/modules/exampleauth/lib/Auth/Source/UserPass.php @@ -67,7 +67,7 @@ class sspmod_exampleauth_Auth_Source_UserPass extends sspmod_core_Auth_UserPassB * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong - * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * @@ -81,7 +81,7 @@ class sspmod_exampleauth_Auth_Source_UserPass extends sspmod_core_Auth_UserPassB $userpass = $username . ':' . $password; if (!array_key_exists($userpass, $this->users)) { - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } return $this->users[$userpass]; diff --git a/modules/exampleauth/www/redirecttest.php b/modules/exampleauth/www/redirecttest.php index 96ff9a50f..d56fa26a6 100644 --- a/modules/exampleauth/www/redirecttest.php +++ b/modules/exampleauth/www/redirecttest.php @@ -8,7 +8,7 @@ */ if (!array_key_exists('StateId', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $state = SimpleSAML_Auth_State::loadState($_REQUEST['StateId'], 'exampleauth:redirectfilter-test'); diff --git a/modules/expirycheck/www/about2expire.php b/modules/expirycheck/www/about2expire.php index ada7043c7..99c134614 100644 --- a/modules/expirycheck/www/about2expire.php +++ b/modules/expirycheck/www/about2expire.php @@ -9,14 +9,14 @@ \SimpleSAML\Logger::info('expirycheck - User has been warned that NetID is near to expirational date.'); if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $id = $_REQUEST['StateId']; $state = \SimpleSAML_Auth_State::loadState($id, 'expirywarning:about2expire'); if (array_key_exists('yes', $_REQUEST)) { - // The user has pressed the yes-button - \SimpleSAML_Auth_ProcessingChain::resumeProcessing($state); + // The user has pressed the yes-button + \SimpleSAML_Auth_ProcessingChain::resumeProcessing($state); } $globalConfig = \SimpleSAML\Configuration::getInstance(); diff --git a/modules/expirycheck/www/expired.php b/modules/expirycheck/www/expired.php index 33fe530c4..27470b7f0 100644 --- a/modules/expirycheck/www/expired.php +++ b/modules/expirycheck/www/expired.php @@ -9,7 +9,7 @@ \SimpleSAML\Logger::info('expirycheck - User has been warned that NetID is near to expirational date.'); if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $state = \SimpleSAML_Auth_State::loadState($_REQUEST['StateId'], 'expirywarning:expired'); diff --git a/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php b/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php index 8fa7c2ccf..14ff9041d 100644 --- a/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php +++ b/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php @@ -8,6 +8,7 @@ * @author Ryan Panning <panman@traileyes.com> * @package SimpleSAMLphp */ + class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_Process_BaseFilter { /** @@ -16,7 +17,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ * the best method possible for the LDAP product. The groups * are then added to the request attributes. * - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Exception * @param $request */ public function process(&$request) @@ -43,7 +44,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ // Must be an array, else cannot merge groups if (!is_array($attributes[$map['groups']])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title . 'The group attribute [' . $map['groups'] . '] is not an array of group DNs. ' . $this->var_export($attributes[$map['groups']]) ); @@ -69,7 +70,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ * using the required attribute values from the user to * get their group membership, recursively. * - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Exception * @param array $attributes * @return array */ @@ -100,14 +101,14 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ // Make sure the defined memberOf attribute exists if (!isset($attributes[$map['memberof']])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title . 'The memberof attribute [' . $map['memberof'] . '] is not defined in the user\'s Attributes: ' . implode(', ', array_keys($attributes))); } // MemberOf must be an array of group DN's if (!is_array($attributes[$map['memberof']])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title . 'The memberof attribute [' . $map['memberof'] . '] is not an array of group DNs. ' . $this->var_export($attributes[$map['memberof']]) ); @@ -130,7 +131,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ * using the required attribute values from the user to * get their group membership, recursively. * - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Exception * @param array $attributes * @return array */ @@ -154,7 +155,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ try { // Intention is to filter in 'ou=groups,dc=example,dc=com' for '(memberUid = <value of attribute.username>)' and take only the attributes 'cn' (=name of the group) $all_groups = $this->getLdap()->searchformultiple($openldap_base, array($map['memberof'] => $attributes[$map['username']][0]) , array($map['member'])); - } catch (SimpleSAML_Error_UserNotFound $e) { + } catch (\SimpleSAML\Error\UserNotFound $e) { return $groups; // if no groups found return with empty (still just initialized) groups array } @@ -172,7 +173,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ * using the required attribute values from the user to * get their group membership, recursively. * - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Exception * @param array $attributes * @return array */ @@ -188,14 +189,14 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ // Make sure the defined dn attribute exists if (!isset($attributes[$map['dn']])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title . 'The DN attribute [' . $map['dn'] . '] is not defined in the user\'s Attributes: ' . implode(', ', array_keys($attributes))); } // DN attribute must have a value if (!isset($attributes[$map['dn']][0]) || !$attributes[$map['dn']][0]) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title . 'The DN attribute [' . $map['dn'] . '] does not have a [0] value defined. ' . $this->var_export($attributes[$map['dn']]) ); @@ -258,7 +259,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ // Query LDAP for the attribute values for the DN try { $attributes = $this->getLdap()->getAttributes($dn, $get_attributes); - } catch (SimpleSAML_Error_AuthSource $e) { + } catch (\SimpleSAML\Error\AuthSource $e) { continue; // DN must not exist, just continue. Logged by the LDAP object } @@ -324,7 +325,7 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_ // The search may throw an exception if no entries // are found, unlikely but possible. - } catch (SimpleSAML_Error_UserNotFound $e) { + } catch (\SimpleSAML\Error\UserNotFound $e) { return array(); } diff --git a/modules/ldap/lib/Auth/Process/BaseFilter.php b/modules/ldap/lib/Auth/Process/BaseFilter.php index bfec4bb38..c0834ea0a 100644 --- a/modules/ldap/lib/Auth/Process/BaseFilter.php +++ b/modules/ldap/lib/Auth/Process/BaseFilter.php @@ -12,9 +12,9 @@ * @author Remy Blom <remy.blom@hku.nl> * @package SimpleSAMLphp */ + abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_ProcessingFilter { - /** * List of attribute "alias's" linked to the real attribute * name. Used for abstraction / configuration of the LDAP @@ -87,7 +87,7 @@ abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_Proce * to the LDAP server. Then sets up the LDAP connection for the * instance/object and stores everything in class members. * - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Exception * @param array $config * @param $reserved */ @@ -120,7 +120,7 @@ abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_Proce // Verify that the authsource config exists if (!$authsource->hasValue($config['authsource'])) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title.'Authsource ['.$config['authsource']. '] defined in filter parameters not found in authsources.php' ); @@ -133,7 +133,7 @@ abstract class sspmod_ldap_Auth_Process_BaseFilter extends SimpleSAML_Auth_Proce // Make sure it is an ldap source // TODO: Support ldap:LDAPMulti, if possible if (@$authsource[0] != 'ldap:LDAP') { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( $this->title.'Authsource ['.$config['authsource']. '] specified in filter parameters is not an ldap:LDAP type' ); diff --git a/modules/ldap/lib/Auth/Source/LDAPMulti.php b/modules/ldap/lib/Auth/Source/LDAPMulti.php index c900f8bba..eaf8716b5 100644 --- a/modules/ldap/lib/Auth/Source/LDAPMulti.php +++ b/modules/ldap/lib/Auth/Source/LDAPMulti.php @@ -12,7 +12,6 @@ */ class sspmod_ldap_Auth_Source_LDAPMulti extends sspmod_core_Auth_UserPassOrgBase { - /** * An array with descriptions for organizations. */ @@ -98,10 +97,10 @@ class sspmod_ldap_Auth_Source_LDAPMulti extends sspmod_core_Auth_UserPassOrgBase if (!array_key_exists($org, $this->ldapOrgs)) { // The user has selected an organization which doesn't exist anymore. - SimpleSAML\Logger::warning('Authentication source ' . var_export($this->authId, true) . + \SimpleSAML\Logger::warning('Authentication source ' . var_export($this->authId, true) . ': Organization seems to have disappeared while the user logged in.' . ' Organization was ' . var_export($org, true)); - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } if ($this->includeOrgInUsername) { diff --git a/modules/ldap/lib/ConfigHelper.php b/modules/ldap/lib/ConfigHelper.php index 6e0f60902..2d199a868 100644 --- a/modules/ldap/lib/ConfigHelper.php +++ b/modules/ldap/lib/ConfigHelper.php @@ -8,6 +8,7 @@ * * @package SimpleSAMLphp */ + class sspmod_ldap_ConfigHelper { /** @@ -170,7 +171,7 @@ class sspmod_ldap_ConfigHelper /** * Attempt to log in using the given username and password. * - * Will throw a SimpleSAML_Error_Error('WRONGUSERPASS') if the username or password is wrong. + * Will throw a \SimpleSAML\Error\Error('WRONGUSERPASS') if the username or password is wrong. * If there is a configuration problem, an Exception will be thrown. * * @param string $username The username the user wrote. @@ -185,7 +186,7 @@ class sspmod_ldap_ConfigHelper if (empty($password)) { SimpleSAML\Logger::info($this->location.': Login with empty password disallowed.'); - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } $ldap = new SimpleSAML_Auth_LDAP($this->hostname, $this->enableTLS, $this->debug, $this->timeout, $this->port, $this->referrals); @@ -204,13 +205,13 @@ class sspmod_ldap_ConfigHelper if ($dn === null) { /* User not found with search. */ SimpleSAML\Logger::info($this->location.': Unable to find users DN. username=\''.$username.'\''); - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } } if (!$ldap->bind($dn, $password, $sasl_args)) { - SimpleSAML\Logger::info($this->location.': '.$username.' failed to authenticate. DN='.$dn); - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + \SimpleSAML\Logger::info($this->location.': '.$username.' failed to authenticate. DN='.$dn); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } /* In case of SASL bind, authenticated and authorized DN may differ */ @@ -245,10 +246,10 @@ class sspmod_ldap_ConfigHelper * The DN of the matching element, if found. If no element was * found and $allowZeroHits is set to FALSE, an exception will * be thrown; otherwise NULL will be returned. - * @throws SimpleSAML_Error_AuthSource if: + * @throws \SimpleSAML\Error\AuthSource if: * - LDAP search encounter some problems when searching cataloge * - Not able to connect to LDAP server - * @throws SimpleSAML_Error_UserNotFound if: + * @throws \SimpleSAML\Error\UserNotFound if: * - $allowZeroHits is FALSE and no result is found * */ diff --git a/modules/metarefresh/www/fetch.php b/modules/metarefresh/www/fetch.php index ee7b85c87..94ea86546 100644 --- a/modules/metarefresh/www/fetch.php +++ b/modules/metarefresh/www/fetch.php @@ -78,7 +78,7 @@ foreach ($sets AS $setkey => $set) { break; } } catch (\Exception $e) { - $e = SimpleSAML_Error_Exception::fromException($e); + $e = \SimpleSAML\Error\Exception::fromException($e); $e->logWarning(); } } diff --git a/modules/multiauth/lib/Auth/Source/MultiAuth.php b/modules/multiauth/lib/Auth/Source/MultiAuth.php index 8d8283346..f026f8c5e 100644 --- a/modules/multiauth/lib/Auth/Source/MultiAuth.php +++ b/modules/multiauth/lib/Auth/Source/MultiAuth.php @@ -8,8 +8,8 @@ * @package SimpleSAMLphp */ -class sspmod_multiauth_Auth_Source_MultiAuth extends SimpleSAML_Auth_Source { - +class sspmod_multiauth_Auth_Source_MultiAuth extends SimpleSAML_Auth_Source +{ /** * The key of the AuthId field in the state. */ @@ -159,10 +159,10 @@ class sspmod_multiauth_Auth_Source_MultiAuth extends SimpleSAML_Auth_Source { try { $as->authenticate($state); - } catch (SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { SimpleSAML_Auth_State::throwException($state, $e); } catch (Exception $e) { - $e = new SimpleSAML_Error_UnserializableException($e); + $e = new \SimpleSAML\Error\UnserializableException($e); SimpleSAML_Auth_State::throwException($state, $e); } SimpleSAML_Auth_Source::completeAuth($state); diff --git a/modules/multiauth/www/selectsource.php b/modules/multiauth/www/selectsource.php index ff743d488..00ccff26b 100644 --- a/modules/multiauth/www/selectsource.php +++ b/modules/multiauth/www/selectsource.php @@ -12,7 +12,7 @@ // Retrieve the authentication state if (!array_key_exists('AuthState', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing AuthState parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthState parameter.'); } $authStateId = $_REQUEST['AuthState']; $state = \SimpleSAML_Auth_State::loadState($authStateId, sspmod_multiauth_Auth_Source_MultiAuth::STAGEID); diff --git a/modules/negotiate/lib/Auth/Source/Negotiate.php b/modules/negotiate/lib/Auth/Source/Negotiate.php index 77d81697b..37cdfc614 100644 --- a/modules/negotiate/lib/Auth/Source/Negotiate.php +++ b/modules/negotiate/lib/Auth/Source/Negotiate.php @@ -1,12 +1,12 @@ <?php - /** * The Negotiate module. Allows for password-less, secure login by Kerberos and Negotiate. * * @author Mathias Meisfjordskar, University of Oslo <mathias.meisfjordskar@usit.uio.no> * @package SimpleSAMLphp */ + class sspmod_negotiate_Auth_Source_Negotiate extends SimpleSAML_Auth_Source { // Constants used in the module @@ -260,8 +260,8 @@ EOF; * * @param array $state Information about the current authentication. * - * @throws SimpleSAML_Error_Error If couldn't determine the auth source. - * @throws SimpleSAML_Error_Exception + * @throws \SimpleSAML\Error\Error If couldn't determine the auth source. + * @throws \SimpleSAML\Error\Exception * @throws Exception */ public static function fallBack(&$state) @@ -269,16 +269,16 @@ EOF; $authId = $state['LogoutState']['negotiate:backend']; if ($authId === null) { - throw new SimpleSAML_Error_Error(array(500, "Unable to determine auth source.")); + throw new \SimpleSAML\Error\Error(array(500, "Unable to determine auth source.")); } - $source = SimpleSAML_Auth_Source::getById($authId); + $source = \SimpleSAML_Auth_Source::getById($authId); try { $source->authenticate($state); - } catch (SimpleSAML_Error_Exception $e) { - SimpleSAML_Auth_State::throwException($state, $e); - } catch (Exception $e) { - $e = new SimpleSAML_Error_UnserializableException($e); + } catch (\SimpleSAML\Error\Exception $e) { + \SimpleSAML_Auth_State::throwException($state, $e); + } catch (\Exception $e) { + $e = new \SimpleSAML\Error\UnserializableException($e); SimpleSAML_Auth_State::throwException($state, $e); } // fallBack never returns after loginCompleted() @@ -308,7 +308,7 @@ EOF; try { $dn = $this->ldap->searchfordn($this->base, $this->attr, $uid); return $this->ldap->getAttributes($dn, $this->attributes); - } catch (SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { SimpleSAML\Logger::debug('Negotiate - ldap lookup failed: '.$e); return null; } @@ -332,7 +332,7 @@ EOF; if (!$this->ldap->bind($this->admin_user, $this->admin_pw)) { $msg = 'Unable to authenticate system user (LDAP_INVALID_CREDENTIALS) '.var_export($this->admin_user, true); SimpleSAML\Logger::error('Negotiate - authenticate(): '.$msg); - throw new SimpleSAML_Error_AuthSource('negotiate', $msg); + throw new \SimpleSAML\Error\AuthSource('negotiate', $msg); } } diff --git a/modules/negotiate/www/retry.php b/modules/negotiate/www/retry.php index 5b76da0f0..7b0351b76 100644 --- a/modules/negotiate/www/retry.php +++ b/modules/negotiate/www/retry.php @@ -1,30 +1,31 @@ <?php /** - * * * @author Mathias Meisfjordskar, University of Oslo. * <mathias.meisfjordskar@usit.uio.no> * @package SimpleSAMLphp + * */ -$state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthState'], sspmod_negotiate_Auth_Source_Negotiate::STAGEID); +$state = \SimpleSAML_Auth_State::loadState($_REQUEST['AuthState'], sspmod_negotiate_Auth_Source_Negotiate::STAGEID); -$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); +$metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $idpid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted', 'metaindex'); $idpmeta = $metadata->getMetaData($idpid, 'saml20-idp-hosted'); if (isset($idpmeta['auth'])) { - $source = SimpleSAML_Auth_Source::getById($idpmeta['auth']); - if ($source === NULL) - throw new SimpleSAML_Error_BadRequest('Invalid AuthId "' . $idpmeta['auth'] . '" - not found.'); + $source = \SimpleSAML_Auth_Source::getById($idpmeta['auth']); + if ($source === null) { + throw new \SimpleSAML\Error\BadRequest('Invalid AuthId "' . $idpmeta['auth'] . '" - not found.'); + } - $session = \SimpleSAML\Session::getSessionFromRequest(); - $session->setData('negotiate:disable', 'session', FALSE, 24*60*60); - SimpleSAML\Logger::debug('Negotiate(retry) - session enabled, retrying.'); - $source->authenticate($state); - assert(false); + $session = \SimpleSAML\Session::getSessionFromRequest(); + $session->setData('negotiate:disable', 'session', FALSE, 24*60*60); + \SimpleSAML\Logger::debug('Negotiate(retry) - session enabled, retrying.'); + $source->authenticate($state); + assert(false); } else { - SimpleSAML\Logger::error('Negotiate - retry - no "auth" parameter found in IdP metadata.'); - assert(false); + \SimpleSAML\Logger::error('Negotiate - retry - no "auth" parameter found in IdP metadata.'); + assert(false); } diff --git a/modules/oauth/lib/Consumer.php b/modules/oauth/lib/Consumer.php index 62644f739..27550ccde 100644 --- a/modules/oauth/lib/Consumer.php +++ b/modules/oauth/lib/Consumer.php @@ -55,7 +55,7 @@ class sspmod_oauth_Consumer { try { $response = \SimpleSAML\Utils\HTTP::fetch($url); - } catch (\SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { $statuscode = 'unknown'; if (preg_match('/^HTTP.*\s([0-9]{3})/', $http_response_header[0], $matches)) { $statuscode = $matches[1]; @@ -117,7 +117,7 @@ class sspmod_oauth_Consumer try { $response_acc = \SimpleSAML\Utils\HTTP::fetch($acc_req->to_url()); - } catch (\SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { throw new Exception('Error contacting request_token endpoint on the OAuth Provider'); } @@ -156,8 +156,8 @@ class sspmod_oauth_Consumer try { $response = \SimpleSAML\Utils\HTTP::fetch($url, $opts); - } catch (\SimpleSAML_Error_Exception $e) { - throw new SimpleSAML_Error_Exception('Failed to push definition file to ' . $url); + } catch (\SimpleSAML\Error\Exception $e) { + throw new \SimpleSAML\Error\Exception('Failed to push definition file to ' . $url); } return $response; } diff --git a/modules/preprodwarning/www/showwarning.php b/modules/preprodwarning/www/showwarning.php index 77c5e98bc..47235c1d8 100644 --- a/modules/preprodwarning/www/showwarning.php +++ b/modules/preprodwarning/www/showwarning.php @@ -10,20 +10,16 @@ \SimpleSAML\Logger::info('PreProdWarning - Showing warning to user'); if (!array_key_exists('StateId', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing required StateId query parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing required StateId query parameter.'); } $id = $_REQUEST['StateId']; $state = \SimpleSAML_Auth_State::loadState($id, 'warning:request'); - if (array_key_exists('yes', $_REQUEST)) { - // The user has pressed the yes-button - - \SimpleSAML_Auth_ProcessingChain::resumeProcessing($state); + // The user has pressed the yes-button + \SimpleSAML_Auth_ProcessingChain::resumeProcessing($state); } - - $globalConfig = \SimpleSAML\Configuration::getInstance(); $t = new \SimpleSAML\XHTML\Template($globalConfig, 'preprodwarning:warning.php'); diff --git a/modules/radius/lib/Auth/Source/Radius.php b/modules/radius/lib/Auth/Source/Radius.php index ace5e01c3..514d60784 100644 --- a/modules/radius/lib/Auth/Source/Radius.php +++ b/modules/radius/lib/Auth/Source/Radius.php @@ -161,11 +161,11 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase switch ($res) { case RADIUS_ACCESS_REJECT: /* Invalid username or password. */ - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); case RADIUS_ACCESS_CHALLENGE: - throw new Exception('Radius authentication error: Challenge requested, but not supported.'); + throw new \Exception('Radius authentication error: Challenge requested, but not supported.'); default: - throw new Exception('Error during radius authentication: ' . + throw new \Exception('Error during radius authentication: ' . radius_strerror($radius)); } } diff --git a/modules/saml/lib/Auth/Process/AttributeNameID.php b/modules/saml/lib/Auth/Process/AttributeNameID.php index 1bb86a74e..1bddd2f2c 100644 --- a/modules/saml/lib/Auth/Process/AttributeNameID.php +++ b/modules/saml/lib/Auth/Process/AttributeNameID.php @@ -8,7 +8,6 @@ */ class sspmod_saml_Auth_Process_AttributeNameID extends sspmod_saml_BaseNameIDGenerator { - /** * The attribute we should use as the NameID. * @@ -23,7 +22,7 @@ class sspmod_saml_Auth_Process_AttributeNameID extends sspmod_saml_BaseNameIDGen * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception If the required options 'Format' or 'attribute' are missing. + * @throws \SimpleSAMLError\Exception If the required options 'Format' or 'attribute' are missing. */ public function __construct($config, $reserved) { @@ -31,12 +30,12 @@ class sspmod_saml_Auth_Process_AttributeNameID extends sspmod_saml_BaseNameIDGen assert(is_array($config)); if (!isset($config['Format'])) { - throw new SimpleSAML_Error_Exception("AttributeNameID: Missing required option 'Format'."); + throw new \SimpleSAML\Error\Exception("AttributeNameID: Missing required option 'Format'."); } $this->format = (string) $config['Format']; if (!isset($config['attribute'])) { - throw new SimpleSAML_Error_Exception("AttributeNameID: Missing required option 'attribute'."); + throw new \SimpleSAML\Error\Exception("AttributeNameID: Missing required option 'attribute'."); } $this->attribute = (string) $config['attribute']; } diff --git a/modules/saml/lib/Auth/Process/AuthnContextClassRef.php b/modules/saml/lib/Auth/Process/AuthnContextClassRef.php index d1ebbf0ef..371004b6a 100644 --- a/modules/saml/lib/Auth/Process/AuthnContextClassRef.php +++ b/modules/saml/lib/Auth/Process/AuthnContextClassRef.php @@ -8,7 +8,6 @@ */ class sspmod_saml_Auth_Process_AuthnContextClassRef extends SimpleSAML_Auth_ProcessingFilter { - /** * The URI we should set as the AuthnContextClassRef in the login response. * @@ -23,7 +22,7 @@ class sspmod_saml_Auth_Process_AuthnContextClassRef extends SimpleSAML_Auth_Proc * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception if the mandatory 'AuthnContextClassRef' option is missing. + * @throws \SimpleSAML\Error\_Exception if the mandatory 'AuthnContextClassRef' option is missing. */ public function __construct($config, $reserved) { @@ -31,7 +30,7 @@ class sspmod_saml_Auth_Process_AuthnContextClassRef extends SimpleSAML_Auth_Proc assert(is_array($config)); if (!isset($config['AuthnContextClassRef'])) { - throw new SimpleSAML_Error_Exception('Missing AuthnContextClassRef option in processing filter.'); + throw new \SimpleSAML\Error\Exception('Missing AuthnContextClassRef option in processing filter.'); } $this->authnContextClassRef = (string) $config['AuthnContextClassRef']; diff --git a/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php b/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php index b8e77dc70..be3ae00aa 100644 --- a/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php +++ b/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php @@ -1,6 +1,5 @@ <?php - /** * Attribute filter to validate AuthnContextClassRef values. * @@ -16,6 +15,7 @@ * * @package SimpleSAMLphp */ + class sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef extends SimpleSAML_Auth_ProcessingFilter { @@ -39,7 +39,7 @@ class sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef extends SimpleSAML_A * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception if the mandatory 'accepted' configuration option is missing. + * @throws \SimpleSAML\Error\Exception if the mandatory 'accepted' configuration option is missing. */ public function __construct($config, $reserved) { @@ -50,7 +50,7 @@ class sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef extends SimpleSAML_A SimpleSAML\Logger::error( 'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.' ); - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.' ); } diff --git a/modules/saml/lib/Auth/Process/FilterScopes.php b/modules/saml/lib/Auth/Process/FilterScopes.php index 3f497e1e9..15aa9fbb2 100644 --- a/modules/saml/lib/Auth/Process/FilterScopes.php +++ b/modules/saml/lib/Auth/Process/FilterScopes.php @@ -13,7 +13,6 @@ use SimpleSAML\Logger; */ class FilterScopes extends \SimpleSAML_Auth_ProcessingFilter { - /** * Stores any pre-configured scoped attributes which come from the filter configuration. */ diff --git a/modules/saml/lib/Auth/Process/NameIDAttribute.php b/modules/saml/lib/Auth/Process/NameIDAttribute.php index c3c6bf470..865456dcd 100644 --- a/modules/saml/lib/Auth/Process/NameIDAttribute.php +++ b/modules/saml/lib/Auth/Process/NameIDAttribute.php @@ -8,7 +8,6 @@ */ class sspmod_saml_Auth_Process_NameIDAttribute extends SimpleSAML_Auth_ProcessingFilter { - /** * The attribute we should save the NameID in. * @@ -58,7 +57,7 @@ class sspmod_saml_Auth_Process_NameIDAttribute extends SimpleSAML_Auth_Processin * @param string $format The format string. * @return array The format string broken into its individual components. * - * @throws SimpleSAML_Error_Exception if the replacement is invalid. + * @throws \SimpleSAML\Error\Exception if the replacement is invalid. */ private static function parseFormat($format) { @@ -87,7 +86,7 @@ class sspmod_saml_Auth_Process_NameIDAttribute extends SimpleSAML_Auth_Processin $ret[] = '%'; break; default: - throw new SimpleSAML_Error_Exception('NameIDAttribute: Invalid replacement: "%'.$replacement.'"'); + throw new \SimpleSAML\Error\Exception('NameIDAttribute: Invalid replacement: "%'.$replacement.'"'); } $pos = $next + 2; diff --git a/modules/saml/lib/Auth/Process/PersistentNameID.php b/modules/saml/lib/Auth/Process/PersistentNameID.php index 4d6d0bc22..e67148830 100644 --- a/modules/saml/lib/Auth/Process/PersistentNameID.php +++ b/modules/saml/lib/Auth/Process/PersistentNameID.php @@ -1,6 +1,5 @@ <?php - /** * Authentication processing filter to generate a persistent NameID. * @@ -8,7 +7,6 @@ */ class sspmod_saml_Auth_Process_PersistentNameID extends sspmod_saml_BaseNameIDGenerator { - /** * Which attribute contains the unique identifier of the user. * @@ -23,7 +21,7 @@ class sspmod_saml_Auth_Process_PersistentNameID extends sspmod_saml_BaseNameIDGe * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception If the required option 'attribute' is missing. + * @throws \SimpleSAML\Error\Exception If the required option 'attribute' is missing. */ public function __construct($config, $reserved) { @@ -33,7 +31,7 @@ class sspmod_saml_Auth_Process_PersistentNameID extends sspmod_saml_BaseNameIDGe $this->format = \SAML2\Constants::NAMEID_PERSISTENT; if (!isset($config['attribute'])) { - throw new SimpleSAML_Error_Exception("PersistentNameID: Missing required option 'attribute'."); + throw new \SimpleSAML\Error\Exception("PersistentNameID: Missing required option 'attribute'."); } $this->attribute = $config['attribute']; } diff --git a/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php b/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php index 604c22147..abc0590ae 100644 --- a/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php +++ b/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php @@ -1,14 +1,13 @@ <?php - /** * Authentication processing filter to create the eduPersonTargetedID attribute from the persistent NameID. * * @package SimpleSAMLphp */ + class sspmod_saml_Auth_Process_PersistentNameID2TargetedID extends SimpleSAML_Auth_ProcessingFilter { - /** * The attribute we should save the NameID in. * diff --git a/modules/saml/lib/Auth/Process/SQLPersistentNameID.php b/modules/saml/lib/Auth/Process/SQLPersistentNameID.php index 00891824a..91cb165de 100644 --- a/modules/saml/lib/Auth/Process/SQLPersistentNameID.php +++ b/modules/saml/lib/Auth/Process/SQLPersistentNameID.php @@ -1,14 +1,13 @@ <?php - /** * Authentication processing filter to generate a persistent NameID. * * @package SimpleSAMLphp */ + class sspmod_saml_Auth_Process_SQLPersistentNameID extends sspmod_saml_BaseNameIDGenerator { - /** * Which attribute contains the unique identifier of the user. * @@ -44,7 +43,7 @@ class sspmod_saml_Auth_Process_SQLPersistentNameID extends sspmod_saml_BaseNameI * @param array $config Configuration information about this filter. * @param mixed $reserved For future use. * - * @throws SimpleSAML_Error_Exception If the 'attribute' option is not specified. + * @throws \SimpleSAML\Error\Exception If the 'attribute' option is not specified. */ public function __construct($config, $reserved) { @@ -54,7 +53,7 @@ class sspmod_saml_Auth_Process_SQLPersistentNameID extends sspmod_saml_BaseNameI $this->format = \SAML2\Constants::NAMEID_PERSISTENT; if (!isset($config['attribute'])) { - throw new SimpleSAML_Error_Exception("PersistentNameID: Missing required option 'attribute'."); + throw new \SimpleSAML\Error\Exception("PersistentNameID: Missing required option 'attribute'."); } $this->attribute = $config['attribute']; diff --git a/modules/saml/lib/Auth/Process/TransientNameID.php b/modules/saml/lib/Auth/Process/TransientNameID.php index c43c19a00..e42e077a7 100644 --- a/modules/saml/lib/Auth/Process/TransientNameID.php +++ b/modules/saml/lib/Auth/Process/TransientNameID.php @@ -1,14 +1,13 @@ <?php - /** * Authentication processing filter to generate a transient NameID. * * @package SimpleSAMLphp */ + class sspmod_saml_Auth_Process_TransientNameID extends sspmod_saml_BaseNameIDGenerator { - /** * Initialize this filter, parse configuration * diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php index a93ed5df6..d38bbd172 100644 --- a/modules/saml/lib/Auth/Source/SP.php +++ b/modules/saml/lib/Auth/Source/SP.php @@ -104,7 +104,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source assert(is_string($entityId)); if ($this->idp !== null && $this->idp !== $entityId) { - throw new SimpleSAML_Error_Exception('Cannot retrieve metadata for IdP ' . + throw new \SimpleSAML\Error\Exception('Cannot retrieve metadata for IdP ' . var_export($entityId, true) . ' because it isn\'t a valid IdP for this SP.'); } @@ -128,7 +128,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source } /* Not found. */ - throw new SimpleSAML_Error_Exception('Could not find the metadata of an IdP with entity ID ' . + throw new \SimpleSAML\Error\Exception('Could not find the metadata of an IdP with entity ID ' . var_export($entityId, true)); } @@ -215,7 +215,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source if (isset($state['saml:NameID'])) { if (!is_array($state['saml:NameID']) && !is_a($state['saml:NameID'], '\SAML2\XML\saml\NameID')) { - throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameID\'].'); + throw new \SimpleSAML\Error\Exception('Invalid value of $state[\'saml:NameID\'].'); } $ar->setNameId($state['saml:NameID']); } @@ -229,7 +229,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source } elseif (is_array($state['saml:NameIDPolicy'])) { $policy = $state['saml:NameIDPolicy']; } else { - throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameIDPolicy\'].'); + throw new \SimpleSAML\Error\Exception('Invalid value of $state[\'saml:NameIDPolicy\'].'); } $ar->setNameIdPolicy($policy); } @@ -517,7 +517,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source * - 'core:IdP': the identifier of the local IdP. * - 'SPMetadata': an array with the metadata of this local SP. * - * @throws SimpleSAML_Error_NoPassive In case the authentication request was passive. + * @throws \SimpleSAML\Error\NoPassive In case the authentication request was passive. */ public static function askForIdPChange(array &$state) { diff --git a/modules/saml/lib/Error.php b/modules/saml/lib/Error.php index 74f9ce873..e0061a4ad 100644 --- a/modules/saml/lib/Error.php +++ b/modules/saml/lib/Error.php @@ -5,7 +5,7 @@ * * @package SimpleSAMLphp */ -class sspmod_saml_Error extends SimpleSAML_Error_Exception +class sspmod_saml_Error extends \SimpleSAML\Error\Exception { /** * The top-level status code. @@ -97,17 +97,17 @@ class sspmod_saml_Error extends SimpleSAML_Error_Exception * This function attempts to create a SAML2 error with the appropriate * status codes from an arbitrary exception. * - * @param Exception $exception The original exception. + * @param \SimpleSAML\Error\Exception $exception The original exception. * @return sspmod_saml_Error The new exception. */ - public static function fromException(Exception $exception) + public static function fromException(\SimpleSAML\Error\Exception $exception) { if ($exception instanceof sspmod_saml_Error) { // Return the original exception unchanged return $exception; // TODO: remove this branch in 2.0 - } elseif ($exception instanceof SimpleSAML_Error_NoPassive) { + } elseif ($exception instanceof \SimpleSAML\Error\NoPassive) { $e = new self( \SAML2\Constants::STATUS_RESPONDER, \SAML2\Constants::STATUS_NO_PASSIVE, @@ -115,7 +115,7 @@ class sspmod_saml_Error extends SimpleSAML_Error_Exception $exception ); // TODO: remove this branch in 2.0 - } elseif ($exception instanceof SimpleSAML_Error_ProxyCountExceeded) { + } elseif ($exception instanceof \SimpleSAML\Error\ProxyCountExceeded) { $e = new self( \SAML2\Constants::STATUS_RESPONDER, \SAML2\Constants::STATUS_PROXY_COUNT_EXCEEDED, @@ -144,7 +144,7 @@ class sspmod_saml_Error extends SimpleSAML_Error_Exception * * @see sspmod_saml_Error::fromException() * - * @return SimpleSAML_Error_Exception An exception representing this error. + * @return \SimpleSAML\Error\Exception An exception representing this error. */ public function toException() { diff --git a/modules/saml/lib/IdP/SAML1.php b/modules/saml/lib/IdP/SAML1.php index a35c62574..a1b688951 100644 --- a/modules/saml/lib/IdP/SAML1.php +++ b/modules/saml/lib/IdP/SAML1.php @@ -76,12 +76,12 @@ class sspmod_saml_IdP_SAML1 } if (!isset($_REQUEST['providerId'])) { - throw new SimpleSAML_Error_BadRequest('Missing providerId parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing providerId parameter.'); } $spEntityId = (string)$_REQUEST['providerId']; if (!isset($_REQUEST['shire'])) { - throw new SimpleSAML_Error_BadRequest('Missing shire parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing shire parameter.'); } $shire = (string)$_REQUEST['shire']; diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php index c450b2f36..0aa15b664 100644 --- a/modules/saml/lib/IdP/SAML2.php +++ b/modules/saml/lib/IdP/SAML2.php @@ -11,7 +11,6 @@ use SAML2\SOAP; */ class sspmod_saml_IdP_SAML2 { - /** * Send a response to the SP. * @@ -90,11 +89,11 @@ class sspmod_saml_IdP_SAML2 /** * Handle authentication error. * - * SimpleSAML_Error_Exception $exception The exception. + * \SimpleSAML\Error\Exception $exception The exception. * * @param array $state The error state. */ - public static function handleAuthError(SimpleSAML_Error_Exception $exception, array $state) + public static function handleAuthError(\SimpleSAML\Error\Exception $exception, array $state) { assert(isset($state['SPMetadata'])); assert(isset($state['saml:ConsumerURL'])); @@ -117,7 +116,7 @@ class sspmod_saml_IdP_SAML2 $idpMetadata = $idp->getConfig(); - $error = sspmod_saml_Error::fromException($exception); + $error = \sspmod_saml_Error::fromException($exception); SimpleSAML\Logger::warning("Returning error to SP with entity ID '".var_export($spEntityId, true)."'."); $exception->log(SimpleSAML\Logger::WARNING); @@ -244,11 +243,10 @@ class sspmod_saml_IdP_SAML2 * Receive an authentication request. * * @param SimpleSAML_IdP $idp The IdP we are receiving it for. - * @throws SimpleSAML_Error_BadRequest In case an error occurs when trying to receive the request. + * @throws \SimpleSAML\Error\BadRequest In case an error occurs when trying to receive the request. */ public static function receiveAuthnRequest(SimpleSAML_IdP $idp) { - $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $idpMetadata = $idp->getConfig(); @@ -321,14 +319,14 @@ class sspmod_saml_IdP_SAML2 $request = $binding->receive(); if (!($request instanceof \SAML2\AuthnRequest)) { - throw new SimpleSAML_Error_BadRequest( + throw new \SimpleSAML\Error\BadRequest( 'Message received on authentication request endpoint wasn\'t an authentication request.' ); } $spEntityId = $request->getIssuer(); if ($spEntityId === null) { - throw new SimpleSAML_Error_BadRequest( + throw new \SimpleSAML\Error\BadRequest( 'Received message on authentication request endpoint without issuer.' ); } @@ -446,7 +444,7 @@ class sspmod_saml_IdP_SAML2 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) { SimpleSAML\Logger::error("ECP AuthnRequest did not contain Basic Authentication header"); // TODO Throw some sort of ECP-specific exception / convert this to SOAP fault - throw new SimpleSAML_Error_Error("WRONGUSERPASS"); + throw new \SimpleSAML\Error\Error("WRONGUSERPASS"); } $state['core:auth:username'] = $_SERVER['PHP_AUTH_USER']; @@ -552,18 +550,17 @@ class sspmod_saml_IdP_SAML2 * Receive a logout message. * * @param SimpleSAML_IdP $idp The IdP we are receiving it for. - * @throws SimpleSAML_Error_BadRequest In case an error occurs while trying to receive the logout message. + * @throws \SimpleSAML\Error\BadRequest In case an error occurs while trying to receive the logout message. */ public static function receiveLogoutMessage(SimpleSAML_IdP $idp) { - $binding = \SAML2\Binding::getCurrentBinding(); $message = $binding->receive(); $spEntityId = $message->getIssuer(); if ($spEntityId === null) { /* Without an issuer we have no way to respond to the message. */ - throw new SimpleSAML_Error_BadRequest('Received message on logout endpoint without issuer.'); + throw new \SimpleSAML\Error\BadRequest('Received message on logout endpoint without issuer.'); } $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); @@ -615,7 +612,7 @@ class sspmod_saml_IdP_SAML2 $assocId = 'saml:'.$spEntityId; $idp->handleLogoutRequest($state, $assocId); } else { - throw new SimpleSAML_Error_BadRequest('Unknown message received on logout endpoint: '.get_class($message)); + throw new \SimpleSAML\Error\BadRequest('Unknown message received on logout endpoint: '.get_class($message)); } } @@ -739,14 +736,13 @@ class sspmod_saml_IdP_SAML2 * * @return array The encoded attributes. * - * @throws SimpleSAML_Error_Exception In case an unsupported encoding is specified by configuration. + * @throws \SimpleSAML\Error\Exception In case an unsupported encoding is specified by configuration. */ private static function encodeAttributes( Configuration $idpMetadata, Configuration $spMetadata, array $attributes ) { - $base64Attributes = $spMetadata->getBoolean('base64attributes', null); if ($base64Attributes === null) { $base64Attributes = $idpMetadata->getBoolean('base64attributes', false); @@ -803,7 +799,7 @@ class sspmod_saml_IdP_SAML2 assert($value instanceof DOMNodeList || $value instanceof \SAML2\XML\saml\NameID); break; default: - throw new SimpleSAML_Error_Exception('Invalid encoding for attribute '. + throw new \SimpleSAML\Error\Exception('Invalid encoding for attribute '. var_export($name, true).': '.var_export($encoding, true)); } $ret[$name][] = $value; @@ -826,7 +822,6 @@ class sspmod_saml_IdP_SAML2 Configuration $idpMetadata, Configuration $spMetadata ) { - // try SP metadata first $attributeNameFormat = $spMetadata->getString('attributes.NameFormat', null); if ($attributeNameFormat !== null) { @@ -861,7 +856,7 @@ class sspmod_saml_IdP_SAML2 * * @return \SAML2\Assertion The assertion. * - * @throws SimpleSAML_Error_Exception In case an error occurs when creating a holder-of-key assertion. + * @throws \SimpleSAML\Error\Exception In case an error occurs when creating a holder-of-key assertion. */ private static function buildAssertion( Configuration $idpMetadata, @@ -949,18 +944,18 @@ class sspmod_saml_IdP_SAML2 $sc->SubjectConfirmationData->info[] = $keyInfo; } else { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Error creating HoK assertion: No valid client certificate provided during TLS handshake '. 'with IdP' ); } } else { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Error creating HoK assertion: No client certificate provided during TLS handshake with IdP' ); } } else { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Error creating HoK assertion: No HTTPS connection to IdP, but required for Holder-of-Key SSO' ); } @@ -1050,14 +1045,13 @@ class sspmod_saml_IdP_SAML2 * * @return \SAML2\Assertion|\SAML2\EncryptedAssertion The assertion. * - * @throws \SimpleSAML_Error_Exception In case the encryption key type is not supported. + * @throws \SimpleSAML\Error\Exception In case the encryption key type is not supported. */ private static function encryptAssertion( Configuration $idpMetadata, Configuration $spMetadata, \SAML2\Assertion $assertion ) { - $encryptAssertion = $spMetadata->getBoolean('assertion.encryption', null); if ($encryptAssertion === null) { $encryptAssertion = $idpMetadata->getBoolean('assertion.encryption', false); @@ -1083,17 +1077,17 @@ class sspmod_saml_IdP_SAML2 "-----END CERTIFICATE-----\n"; break; default: - throw new SimpleSAML_Error_Exception('Unsupported encryption key type: '.$key['type']); + throw new \SimpleSAML\Error\Exception('Unsupported encryption key type: '.$key['type']); } // extract the public key from the certificate for encryption $key = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public')); $key->loadKey($pemKey); } else { - throw new \SimpleSAML_Error_ConfigurationError( + throw new \SimpleSAML\Error\ConfigurationError( 'Missing encryption key for entity `' . $spMetadata->getString('entityid') . '`', - null, - $spMetadata->getString('metadata-set') . '.php' + $spMetadata->getString('metadata-set') . '.php', + null ); } } @@ -1120,7 +1114,6 @@ class sspmod_saml_IdP_SAML2 array $association, $relayState ) { - $lr = sspmod_saml_Message::buildLogoutRequest($idpMetadata, $spMetadata); $lr->setRelayState($relayState); $lr->setSessionIndex($association['saml:SessionIndex']); @@ -1158,7 +1151,6 @@ class sspmod_saml_IdP_SAML2 Configuration $spMetadata, $consumerURL ) { - $signResponse = $spMetadata->getBoolean('saml20.sign.response', null); if ($signResponse === null) { $signResponse = $idpMetadata->getBoolean('saml20.sign.response', true); diff --git a/modules/saml/lib/IdP/SQLNameID.php b/modules/saml/lib/IdP/SQLNameID.php index 8111f5e23..e8d47b9b4 100644 --- a/modules/saml/lib/IdP/SQLNameID.php +++ b/modules/saml/lib/IdP/SQLNameID.php @@ -45,7 +45,7 @@ class sspmod_saml_IdP_SQLNameID { $store = \SimpleSAML\Store::getInstance(); if (!($store instanceof \SimpleSAML\Store\SQL)) { - throw new SimpleSAML_Error_Exception('SQL NameID store requires SimpleSAMLphp to be configured with a SQL datastore.'); + throw new \SimpleSAML\Error\Exception('SQL NameID store requires SimpleSAMLphp to be configured with a SQL datastore.'); } self::createTable($store); diff --git a/modules/saml/lib/Message.php b/modules/saml/lib/Message.php index cf5f5c6ef..8c96f474d 100644 --- a/modules/saml/lib/Message.php +++ b/modules/saml/lib/Message.php @@ -1,7 +1,6 @@ <?php use RobRichards\XMLSecLibs\XMLSecurityKey; -use SimpleSAML\Configuration; /** * Common code for building SAML 2 messages based on the available metadata. @@ -10,7 +9,6 @@ use SimpleSAML\Configuration; */ class sspmod_saml_Message { - /** * Add signature key and sender certificate to an element (Message or Assertion). * @@ -19,8 +17,8 @@ class sspmod_saml_Message * @param \SAML2\SignedElement $element The element we should add the data to. */ public static function addSign( - Configuration $srcMetadata, - Configuration $dstMetadata, + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata, \SAML2\SignedElement $element ) { $dstPrivateKey = $dstMetadata->getString('signature.privatekey', null); @@ -68,8 +66,8 @@ class sspmod_saml_Message * @param \SAML2\Message $message The message we should add the data to. */ private static function addRedirectSign( - Configuration $srcMetadata, - Configuration $dstMetadata, + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata, \SAML2\Message $message ) { @@ -110,7 +108,7 @@ class sspmod_saml_Message * * @return string Certificate, in PEM-format. * - * @throws SimpleSAML_Error_Exception if we cannot find the certificate matching the fingerprint. + * @throws \SimpleSAML\Error\Exception if we cannot find the certificate matching the fingerprint. */ private static function findCertificate(array $certFingerprints, array $certificates) { @@ -132,7 +130,7 @@ class sspmod_saml_Message $candidates = "'".implode("', '", $candidates)."'"; $fps = "'".implode("', '", $certFingerprints)."'"; - throw new SimpleSAML_Error_Exception('Unable to find a certificate matching the configured '. + throw new \SimpleSAML\Error\Exception('Unable to find a certificate matching the configured '. 'fingerprint. Candidates: '.$candidates.'; certFingerprint: '.$fps.'.'); } @@ -144,10 +142,10 @@ class sspmod_saml_Message * @param \SAML2\SignedElement $element Either a \SAML2\Response or a \SAML2\Assertion. * @return boolean True if the signature is correct, false otherwise. * - * @throws \SimpleSAML_Error_Exception if there is not certificate in the metadata for the entity. + * @throws \SimpleSAML\Error\Exception if there is not certificate in the metadata for the entity. * @throws \Exception if the signature validation fails with an exception. */ - public static function checkSign(Configuration $srcMetadata, \SAML2\SignedElement $element) + public static function checkSign(\SimpleSAML\Configuration $srcMetadata, \SAML2\SignedElement $element) { // find the public key that should verify signatures by this entity $keys = $srcMetadata->getPublicKeys('signing'); @@ -189,7 +187,7 @@ class sspmod_saml_Message $pemCert = self::findCertificate($certFingerprint, $certificates); $pemKeys = array($pemCert); } else { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Missing certificate in metadata for '. var_export($srcMetadata->getString('entityid'), true) ); @@ -232,11 +230,11 @@ class sspmod_saml_Message * @param \SimpleSAML\Configuration $dstMetadata The metadata of the recipient. * @param \SAML2\Message $message The message we should check the signature on. * - * @throws \SimpleSAML_Error_Exception if message validation is enabled, but there is no signature in the message. + * @throws \SimpleSAML\Error\Exception if message validation is enabled, but there is no signature in the message. */ public static function validateMessage( - Configuration $srcMetadata, - Configuration $dstMetadata, + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata, \SAML2\Message $message ) { $enabled = null; @@ -264,7 +262,7 @@ class sspmod_saml_Message } if (!self::checkSign($srcMetadata, $message)) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Validation of received messages enabled, but no signature found on message.' ); } @@ -280,8 +278,8 @@ class sspmod_saml_Message * @return array Array of decryption keys. */ public static function getDecryptionKeys( - Configuration $srcMetadata, - Configuration $dstMetadata + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata ) { $sharedKey = $srcMetadata->getString('sharedkey', null); if ($sharedKey !== null) { @@ -331,8 +329,8 @@ class sspmod_saml_Message * @return array Array of blacklisted algorithms. */ public static function getBlacklistedAlgorithms( - Configuration $srcMetadata, - Configuration $dstMetadata + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata ) { $blacklist = $srcMetadata->getArray('encryption.blacklisted-algorithms', null); if ($blacklist === null) { @@ -351,13 +349,13 @@ class sspmod_saml_Message * * @return \SAML2\Assertion The assertion. * - * @throws \SimpleSAML_Error_Exception if encryption is enabled but the assertion is not encrypted, or if we cannot + * @throws \SimpleSAML\Error\Exception if encryption is enabled but the assertion is not encrypted, or if we cannot * get the decryption keys. * @throws \Exception if decryption fails for whatever reason. */ private static function decryptAssertion( - Configuration $srcMetadata, - Configuration $dstMetadata, + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata, $assertion ) { assert($assertion instanceof \SAML2\Assertion || $assertion instanceof \SAML2\EncryptedAssertion); @@ -378,7 +376,7 @@ class sspmod_saml_Message try { $keys = self::getDecryptionKeys($srcMetadata, $dstMetadata); } catch (Exception $e) { - throw new SimpleSAML_Error_Exception('Error decrypting assertion: '.$e->getMessage()); + throw new \SimpleSAML\Error\Exception('Error decrypting assertion: '.$e->getMessage()); } $blacklist = self::getBlacklistedAlgorithms($srcMetadata, $dstMetadata); @@ -407,11 +405,11 @@ class sspmod_saml_Message * * @return void * - * @throws \SimpleSAML_Error_Exception if we cannot get the decryption keys or decryption fails. + * @throws \SimpleSAML\Error\Exception if we cannot get the decryption keys or decryption fails. */ private static function decryptAttributes( - Configuration $srcMetadata, - Configuration $dstMetadata, + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata, \SAML2\Assertion &$assertion ) { if (!$assertion->hasEncryptedAttributes()) { @@ -421,7 +419,7 @@ class sspmod_saml_Message try { $keys = self::getDecryptionKeys($srcMetadata, $dstMetadata); } catch (Exception $e) { - throw new SimpleSAML_Error_Exception('Error decrypting attributes: '.$e->getMessage()); + throw new \SimpleSAML\Error\Exception('Error decrypting attributes: '.$e->getMessage()); } $blacklist = self::getBlacklistedAlgorithms($srcMetadata, $dstMetadata); @@ -438,7 +436,7 @@ class sspmod_saml_Message } } if ($error) { - throw new SimpleSAML_Error_Exception('Could not decrypt the attributes'); + throw new \SimpleSAML\Error\Exception('Could not decrypt the attributes'); } } @@ -465,8 +463,8 @@ class sspmod_saml_Message * @return \SAML2\AuthnRequest An authentication request object. */ public static function buildAuthnRequest( - Configuration $spMetadata, - Configuration $idpMetadata + \SimpleSAML\Configuration $spMetadata, + \SimpleSAML\Configuration $idpMetadata ) { $ar = new \SAML2\AuthnRequest(); @@ -483,7 +481,7 @@ class sspmod_saml_Message $nameIdPolicy = array('Format' => $nameIdPolicy); } - $nameIdPolicy_cf = Configuration::loadFromArray($nameIdPolicy); + $nameIdPolicy_cf = \SimpleSAML\Configuration::loadFromArray($nameIdPolicy); $policy = array( 'Format' => $nameIdPolicy_cf->getString('Format', \SAML2\Constants::NAMEID_TRANSIENT), 'AllowCreate' => $nameIdPolicy_cf->getBoolean('AllowCreate', true), @@ -535,8 +533,8 @@ class sspmod_saml_Message * @return \SAML2\LogoutRequest A logout request object. */ public static function buildLogoutRequest( - Configuration $srcMetadata, - Configuration $dstMetadata + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata ) { $lr = new \SAML2\LogoutRequest(); $lr->setIssuer($srcMetadata->getString('entityid')); @@ -555,8 +553,8 @@ class sspmod_saml_Message * @return \SAML2\LogoutResponse A logout response object. */ public static function buildLogoutResponse( - Configuration $srcMetadata, - Configuration $dstMetadata + \SimpleSAML\Configuration $srcMetadata, + \SimpleSAML\Configuration $dstMetadata ) { $lr = new \SAML2\LogoutResponse(); $lr->setIssuer($srcMetadata->getString('entityid')); @@ -578,12 +576,12 @@ class sspmod_saml_Message * * @return array Array with \SAML2\Assertion objects, containing valid assertions from the response. * - * @throws \SimpleSAML_Error_Exception if there are no assertions in the response. + * @throws \SimpleSAML\Error\Exception if there are no assertions in the response. * @throws \Exception if the destination of the response does not match the current URL. */ public static function processResponse( - Configuration $spMetadata, - Configuration $idpMetadata, + \SimpleSAML\Configuration $spMetadata, + \SimpleSAML\Configuration $idpMetadata, \SAML2\Response $response ) { if (!$response->isSuccess()) { @@ -606,7 +604,7 @@ class sspmod_saml_Message */ $assertion = $response->getAssertions(); if (empty($assertion)) { - throw new SimpleSAML_Error_Exception('No assertions found in response from IdP.'); + throw new \SimpleSAML\Error\Exception('No assertions found in response from IdP.'); } $ret = array(); @@ -629,14 +627,14 @@ class sspmod_saml_Message * * @return \SAML2\Assertion The assertion, if it is valid. * - * @throws \SimpleSAML_Error_Exception if an error occurs while trying to validate the assertion, or if a assertion + * @throws \SimpleSAML\Error\Exception if an error occurs while trying to validate the assertion, or if a assertion * is not signed and it should be, or if we are unable to decrypt the NameID due to a local failure (missing or * invalid decryption key). * @throws \Exception if we couldn't decrypt the NameID for unexpected reasons. */ private static function processAssertion( - Configuration $spMetadata, - Configuration $idpMetadata, + \SimpleSAML\Configuration $spMetadata, + \SimpleSAML\Configuration $idpMetadata, \SAML2\Response $response, $assertion, $responseSigned @@ -649,7 +647,7 @@ class sspmod_saml_Message if (!self::checkSign($idpMetadata, $assertion)) { if (!$responseSigned) { - throw new SimpleSAML_Error_Exception('Neither the assertion nor the response was signed.'); + throw new \SimpleSAML\Error\Exception('Neither the assertion nor the response was signed.'); } } // at least one valid signature found @@ -658,19 +656,19 @@ class sspmod_saml_Message // check various properties of the assertion $notBefore = $assertion->getNotBefore(); if ($notBefore !== null && $notBefore > time() + 60) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Received an assertion that is valid in the future. Check clock synchronization on IdP and SP.' ); } $notOnOrAfter = $assertion->getNotOnOrAfter(); if ($notOnOrAfter !== null && $notOnOrAfter <= time() - 60) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Received an assertion that has expired. Check clock synchronization on IdP and SP.' ); } $sessionNotOnOrAfter = $assertion->getSessionNotOnOrAfter(); if ($sessionNotOnOrAfter !== null && $sessionNotOnOrAfter <= time() - 60) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.' ); } @@ -679,7 +677,7 @@ class sspmod_saml_Message $spEntityId = $spMetadata->getString('entityid'); if (!in_array($spEntityId, $validAudiences, true)) { $candidates = '['.implode('], [', $validAudiences).']'; - throw new SimpleSAML_Error_Exception('This SP ['.$spEntityId. + throw new \SimpleSAML\Error\Exception('This SP ['.$spEntityId. '] is not a valid audience for the assertion. Candidates were: '.$candidates); } } @@ -805,7 +803,7 @@ class sspmod_saml_Message break; } if (!$found) { - throw new SimpleSAML_Error_Exception('Error validating SubjectConfirmation in Assertion: '.$lastError); + throw new \SimpleSAML\Error\Exception('Error validating SubjectConfirmation in Assertion: '.$lastError); } // as far as we can tell, the assertion is valid // maybe we need to base64 decode the attributes in the assertion? @@ -828,7 +826,7 @@ class sspmod_saml_Message try { $keys = self::getDecryptionKeys($idpMetadata, $spMetadata); } catch (Exception $e) { - throw new SimpleSAML_Error_Exception('Error decrypting NameID: '.$e->getMessage()); + throw new \SimpleSAML\Error\Exception('Error decrypting NameID: '.$e->getMessage()); } $blacklist = self::getBlacklistedAlgorithms($idpMetadata, $spMetadata); @@ -861,9 +859,9 @@ class sspmod_saml_Message * * @return \RobRichards\XMLSecLibs\XMLSecurityKey The encryption key. * - * @throws \SimpleSAML_Error_Exception if there is no supported encryption key in the metadata of this entity. + * @throws \SimpleSAML\Error\Exception if there is no supported encryption key in the metadata of this entity. */ - public static function getEncryptionKey(Configuration $metadata) + public static function getEncryptionKey(\SimpleSAML\Configuration $metadata) { $sharedKey = $metadata->getString('sharedkey', null); @@ -886,7 +884,7 @@ class sspmod_saml_Message } } - throw new SimpleSAML_Error_Exception('No supported encryption key in '. + throw new \SimpleSAML\Error\Exception('No supported encryption key in '. var_export($metadata->getString('entityid'), true)); } } diff --git a/modules/saml/www/idp/certs.php b/modules/saml/www/idp/certs.php index b7646b679..d9385a8e9 100644 --- a/modules/saml/www/idp/certs.php +++ b/modules/saml/www/idp/certs.php @@ -5,7 +5,7 @@ $config = \SimpleSAML\Configuration::getInstance(); $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); if (!$config->getBoolean('enable.saml20-idp', false)) { - throw new SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } // Check if valid local session exists.. @@ -27,7 +27,7 @@ switch($_SERVER['PATH_INFO']) { $certInfo = SimpleSAML\Utils\Crypto::loadPublicKey($idpmeta, true, 'https.'); break; default: - throw new SimpleSAML_Error_NotFound('Unknown certificate.'); + throw new \SimpleSAML\Error\NotFound('Unknown certificate.'); } header('Content-Disposition: attachment; filename='.substr($_SERVER['PATH_INFO'], 1)); diff --git a/modules/saml/www/proxy/invalid_session.php b/modules/saml/www/proxy/invalid_session.php index 95ba63d9a..4ce213bdf 100644 --- a/modules/saml/www/proxy/invalid_session.php +++ b/modules/saml/www/proxy/invalid_session.php @@ -11,7 +11,7 @@ // retrieve the authentication state if (!array_key_exists('AuthState', $_REQUEST)) { - throw new \SimpleSAML_Error_BadRequest('Missing mandatory parameter: AuthState'); + throw new \SimpleSAML\Error\BadRequest('Missing mandatory parameter: AuthState'); } try { diff --git a/modules/saml/www/sp/discoresp.php b/modules/saml/www/sp/discoresp.php index cc55607b1..3c83ff167 100644 --- a/modules/saml/www/sp/discoresp.php +++ b/modules/saml/www/sp/discoresp.php @@ -5,11 +5,11 @@ */ if (!array_key_exists('AuthID', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing AuthID to discovery service response handler'); + throw new \SimpleSAML\Error\BadRequest('Missing AuthID to discovery service response handler'); } if (!array_key_exists('idpentityid', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing idpentityid to discovery service response handler'); + throw new \SimpleSAML\Error\BadRequest('Missing idpentityid to discovery service response handler'); } $state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthID'], 'saml:sp:sso'); @@ -22,7 +22,7 @@ if ($source === null) { throw new Exception('Could not find authentication source with id ' . $sourceId); } if (!($source instanceof sspmod_saml_Auth_Source_SP)) { - throw new SimpleSAML_Error_Exception('Source type changed?'); + throw new \SimpleSAML\Error\Exception('Source type changed?'); } $source->startSSO($_REQUEST['idpentityid'], $state); diff --git a/modules/saml/www/sp/metadata.php b/modules/saml/www/sp/metadata.php index 8fefb13d1..2df29bf91 100644 --- a/modules/saml/www/sp/metadata.php +++ b/modules/saml/www/sp/metadata.php @@ -1,7 +1,7 @@ <?php if (!array_key_exists('PATH_INFO', $_SERVER)) { - throw new \SimpleSAML_Error_BadRequest('Missing authentication source id in metadata URL'); + throw new \SimpleSAML\Error\BadRequest('Missing authentication source id in metadata URL'); } $config = \SimpleSAML\Configuration::getInstance(); @@ -11,11 +11,11 @@ if ($config->getBoolean('admin.protectmetadata', false)) { $sourceId = substr($_SERVER['PATH_INFO'], 1); $source = \SimpleSAML_Auth_Source::getById($sourceId); if ($source === null) { - throw new \SimpleSAML_Error_AuthSource($sourceId, 'Could not find authentication source.'); + throw new \SimpleSAML\Error\AuthSource($sourceId, 'Could not find authentication source.'); } if (!($source instanceof \sspmod_saml_Auth_Source_SP)) { - throw new \SimpleSAML_Error_AuthSource($sourceId, + throw new \SimpleSAML\Error\AuthSource($sourceId, 'The authentication source is not a SAML Service Provider.'); } @@ -186,7 +186,7 @@ if ($orgName !== null) { $metaArray20['OrganizationURL'] = $spconfig->getLocalizedString('OrganizationURL', null); if ($metaArray20['OrganizationURL'] === null) { - throw new SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.'); + throw new \SimpleSAML\Error\Exception('If OrganizationName is set, OrganizationURL must also be set.'); } } diff --git a/modules/saml/www/sp/saml1-acs.php b/modules/saml/www/sp/saml1-acs.php index 830eb53cc..9d8897441 100644 --- a/modules/saml/www/sp/saml1-acs.php +++ b/modules/saml/www/sp/saml1-acs.php @@ -3,15 +3,15 @@ use SimpleSAML\Bindings\Shib13\Artifact; if (!array_key_exists('SAMLResponse', $_REQUEST) && !array_key_exists('SAMLart', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing SAMLResponse or SAMLart parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing SAMLResponse or SAMLart parameter.'); } if (!array_key_exists('TARGET', $_REQUEST)) { - throw new SimpleSAML_Error_BadRequest('Missing TARGET parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing TARGET parameter.'); } if (!array_key_exists('PATH_INFO', $_SERVER)) { - throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in assertion consumer service URL'); + throw new \SimpleSAML\Error\BadRequest('Missing authentication source ID in assertion consumer service URL'); } $sourceId = $_SERVER['PATH_INFO']; @@ -40,7 +40,7 @@ if (preg_match('@^https?://@i', $target)) { // Check that the authentication source is correct. assert(array_key_exists('saml:sp:AuthId', $state)); if ($state['saml:sp:AuthId'] !== $sourceId) { - throw new SimpleSAML_Error_Exception('The authentication source id in the URL does not match the authentication source which sent the request.'); + throw new \SimpleSAML\Error\Exception('The authentication source id in the URL does not match the authentication source which sent the request.'); } assert(isset($state['saml:idp'])); @@ -51,7 +51,7 @@ $spMetadata = $source->getMetadata(); if (array_key_exists('SAMLart', $_REQUEST)) { if (!isset($state['saml:idp'])) { /* Unsolicited response. */ - throw new SimpleSAML_Error_Exception('IdP initiated authentication not supported with the SAML 1.1 SAMLart protocol.'); + throw new \SimpleSAML\Error\Exception('IdP initiated authentication not supported with the SAML 1.1 SAMLart protocol.'); } $idpMetadata = $source->getIdPMetadata($state['saml:idp']); @@ -75,7 +75,7 @@ $responseIssuer = $response->getIssuer(); $attributes = $response->getAttributes(); if (isset($state['saml:idp']) && $responseIssuer !== $state['saml:idp']) { - throw new SimpleSAML_Error_Exception('The issuer of the response wasn\'t the destination of the request.'); + throw new \SimpleSAML\Error\Exception('The issuer of the response wasn\'t the destination of the request.'); } $logoutState = array( diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php index 6fd5cee3f..4c8a328a1 100644 --- a/modules/saml/www/sp/saml2-acs.php +++ b/modules/saml/www/sp/saml2-acs.php @@ -5,7 +5,7 @@ */ if (!array_key_exists('PATH_INFO', $_SERVER)) { - throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in assertion consumer service URL'); + throw new \SimpleSAML\Error\BadRequest('Missing authentication source ID in assertion consumer service URL'); } $sourceId = substr($_SERVER['PATH_INFO'], 1); @@ -18,7 +18,7 @@ try { // This is dirty. Instead of checking the message of the exception, \SAML2\Binding::getCurrentBinding() should throw // an specific exception when the binding is unknown, and we should capture that here if ($e->getMessage() === 'Unable to find the current binding.') { - throw new SimpleSAML_Error_Error('ACSPARAMS', $e, 400); + throw new \SimpleSAML\Error\Error('ACSPARAMS', $e, 400); } else { throw $e; // do not ignore other exceptions! } @@ -30,7 +30,7 @@ if ($b instanceof \SAML2\HTTPArtifact) { $response = $b->receive(); if (!($response instanceof \SAML2\Response)) { - throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.'); + throw new \SimpleSAML\Error\BadRequest('Invalid message received to AssertionConsumerService endpoint.'); } $idp = $response->getIssuer(); @@ -67,7 +67,7 @@ if ($prevAuth !== null && $prevAuth['id'] === $response->getId() && $prevAuth['i } SimpleSAML\Logger::info('No RelayState or ReturnURL available, cannot redirect.'); - throw new SimpleSAML_Error_Exception('Duplicate assertion received.'); + throw new \SimpleSAML\Error\Exception('Duplicate assertion received.'); } $idpMetadata = array(); @@ -89,7 +89,7 @@ if ($state) { // check that the authentication source is correct assert(array_key_exists('saml:sp:AuthId', $state)); if ($state['saml:sp:AuthId'] !== $sourceId) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'The authentication source id in the URL does not match the authentication source which sent the request.' ); } @@ -100,7 +100,7 @@ if ($state) { $idpMetadata = $source->getIdPMetadata($idp); $idplist = $idpMetadata->getArrayize('IDPList', array()); if (!in_array($state['ExpectedIssuer'], $idplist, true)) { - throw new SimpleSAML_Error_Exception( + throw new \SimpleSAML\Error\Exception( 'The issuer of the response does not match to the identity provider we sent the request to.' ); } @@ -147,7 +147,7 @@ foreach ($assertions as $assertion) { if ($store !== false) { $aID = $assertion->getId(); if ($store->get('saml.AssertionReceived', $aID) !== null) { - $e = new SimpleSAML_Error_Exception('Received duplicate assertion.'); + $e = new \SimpleSAML\Error\Exception('Received duplicate assertion.'); SimpleSAML_Auth_State::throwException($state, $e); } @@ -184,7 +184,7 @@ foreach ($assertions as $assertion) { } if (!$foundAuthnStatement) { - $e = new SimpleSAML_Error_Exception('No AuthnStatement found in assertion(s).'); + $e = new \SimpleSAML\Error\Exception('No AuthnStatement found in assertion(s).'); SimpleSAML_Auth_State::throwException($state, $e); } diff --git a/modules/saml/www/sp/saml2-logout.php b/modules/saml/www/sp/saml2-logout.php index 88826f655..ceafd6c36 100644 --- a/modules/saml/www/sp/saml2-logout.php +++ b/modules/saml/www/sp/saml2-logout.php @@ -7,7 +7,7 @@ */ if (!array_key_exists('PATH_INFO', $_SERVER)) { - throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in logout URL'); + throw new \SimpleSAML\Error\BadRequest('Missing authentication source ID in logout URL'); } $sourceId = substr($_SERVER['PATH_INFO'], 1); @@ -17,7 +17,7 @@ if ($source === null) { throw new Exception('Could not find authentication source with id ' . $sourceId); } if (!($source instanceof sspmod_saml_Auth_Source_SP)) { - throw new SimpleSAML_Error_Exception('Source type changed?'); + throw new \SimpleSAML\Error\Exception('Source type changed?'); } try { @@ -26,7 +26,7 @@ try { // This is dirty. Instead of checking the message of the exception, \SAML2\Binding::getCurrentBinding() should throw // an specific exception when the binding is unknown, and we should capture that here if ($e->getMessage() === 'Unable to find the current binding.') { - throw new SimpleSAML_Error_Error('SLOSERVICEPARAMS', $e, 400); + throw new \SimpleSAML\Error\Error('SLOSERVICEPARAMS', $e, 400); } else { throw $e; // do not ignore other exceptions! } @@ -36,7 +36,7 @@ $message = $binding->receive(); $idpEntityId = $message->getIssuer(); if ($idpEntityId === null) { // Without an issuer we have no way to respond to the message. - throw new SimpleSAML_Error_BadRequest('Received message on logout endpoint without issuer.'); + throw new \SimpleSAML\Error\BadRequest('Received message on logout endpoint without issuer.'); } $spEntityId = $source->getEntityId(); @@ -49,7 +49,7 @@ sspmod_saml_Message::validateMessage($idpMetadata, $spMetadata, $message); $destination = $message->getDestination(); if ($destination !== null && $destination !== \SimpleSAML\Utils\HTTP::getSelfURLNoQuery()) { - throw new SimpleSAML_Error_Exception('Destination in logout message is wrong.'); + throw new \SimpleSAML\Error\Exception('Destination in logout message is wrong.'); } if ($message instanceof \SAML2\LogoutResponse) { @@ -57,7 +57,7 @@ if ($message instanceof \SAML2\LogoutResponse) { $relayState = $message->getRelayState(); if ($relayState === null) { // Somehow, our RelayState has been lost. - throw new SimpleSAML_Error_BadRequest('Missing RelayState in logout response.'); + throw new \SimpleSAML\Error\BadRequest('Missing RelayState in logout response.'); } if (!$message->isSuccess()) { @@ -77,7 +77,7 @@ if ($message instanceof \SAML2\LogoutResponse) { try { $keys = sspmod_saml_Message::getDecryptionKeys($idpMetadata, $spMetadata); } catch (Exception $e) { - throw new SimpleSAML_Error_Exception('Error decrypting NameID: ' . $e->getMessage()); + throw new \SimpleSAML\Error\Exception('Error decrypting NameID: ' . $e->getMessage()); } $blacklist = sspmod_saml_Message::getBlacklistedAlgorithms($idpMetadata, $spMetadata); @@ -136,5 +136,5 @@ if ($message instanceof \SAML2\LogoutResponse) { $binding->send($lr); } else { - throw new SimpleSAML_Error_BadRequest('Unknown message received on logout endpoint: ' . get_class($message)); + throw new \SimpleSAML\Error\BadRequest('Unknown message received on logout endpoint: ' . get_class($message)); } diff --git a/modules/smartattributes/lib/Auth/Process/SmartID.php b/modules/smartattributes/lib/Auth/Process/SmartID.php index 6c9e30a9b..4d3f0a30d 100644 --- a/modules/smartattributes/lib/Auth/Process/SmartID.php +++ b/modules/smartattributes/lib/Auth/Process/SmartID.php @@ -93,7 +93,7 @@ class sspmod_smartattributes_Auth_Process_SmartID extends SimpleSAML_Auth_Proces /* * At this stage no usable id_candidate has been detected. */ - throw new SimpleSAML_Error_Exception('This service needs at least one of the following + throw new \SimpleSAML\Error\Exception('This service needs at least one of the following attributes to identity users: '.implode(', ', $this->_candidates).'. Unfortunately not one of them was detected. Please ask your institution administrator to release one of them, or try using another identity provider.'); diff --git a/modules/sqlauth/lib/Auth/Source/SQL.php b/modules/sqlauth/lib/Auth/Source/SQL.php index 67995ab63..526f7aa15 100644 --- a/modules/sqlauth/lib/Auth/Source/SQL.php +++ b/modules/sqlauth/lib/Auth/Source/SQL.php @@ -117,7 +117,7 @@ class sspmod_sqlauth_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong - * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. + * username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * @@ -160,7 +160,7 @@ class sspmod_sqlauth_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase /* No rows returned - invalid username/password. */ SimpleSAML\Logger::error('sqlauth:' . $this->authId . ': No rows in result set. Probably wrong username/password.'); - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } /* Extract attributes. We allow the resultset to consist of multiple rows. Attributes diff --git a/modules/statistics/lib/AccessCheck.php b/modules/statistics/lib/AccessCheck.php index 65b1f42e3..7fd210330 100644 --- a/modules/statistics/lib/AccessCheck.php +++ b/modules/statistics/lib/AccessCheck.php @@ -21,7 +21,7 @@ class sspmod_statistics_AccessCheck $acl = $statconfig->getValue('acl', null); if ($acl !== null && !is_string($acl) && !is_array($acl)) { - throw new SimpleSAML_Error_Exception('Invalid value for \'acl\'-option. Should be an array or a string.'); + throw new \SimpleSAML\Error\Exception('Invalid value for \'acl\'-option. Should be an array or a string.'); } if (!$protected) { @@ -76,6 +76,6 @@ class sspmod_statistics_AccessCheck } else { SimpleSAML\Logger::debug('Statistics auth - no ACL configured.'); } - throw new SimpleSAML_Error_Exception('Access denied to the current user.'); + throw new \SimpleSAML\Error\Exception('Access denied to the current user.'); } } diff --git a/tests/lib/SimpleSAML/Utils/ArraysTest.php b/tests/lib/SimpleSAML/Utils/ArraysTest.php index 0ec3e29bd..5bed975d1 100644 --- a/tests/lib/SimpleSAML/Utils/ArraysTest.php +++ b/tests/lib/SimpleSAML/Utils/ArraysTest.php @@ -10,7 +10,6 @@ use SimpleSAML\Utils\Arrays; */ class ArraysTest extends TestCase { - /** * Test the arrayize() function. */ diff --git a/tests/lib/SimpleSAML/Utils/AttributesTest.php b/tests/lib/SimpleSAML/Utils/AttributesTest.php index 271b50684..0c1c8dba5 100644 --- a/tests/lib/SimpleSAML/Utils/AttributesTest.php +++ b/tests/lib/SimpleSAML/Utils/AttributesTest.php @@ -74,7 +74,7 @@ class AttributesTest extends TestCase ); $expected = 'missing'; $this->setExpectedException( - 'SimpleSAML_Error_Exception', + '\SimpleSAML\Error\Exception', "No such attribute '".$expected."' found." ); Attributes::getExpectedAttribute($attributes, $expected); @@ -92,7 +92,7 @@ class AttributesTest extends TestCase ); $expected = 'attribute'; $this->setExpectedException( - 'SimpleSAML_Error_Exception', + '\SimpleSAML\Error\Exception', "Empty attribute '".$expected."'.'" ); Attributes::getExpectedAttribute($attributes, $expected); @@ -113,7 +113,7 @@ class AttributesTest extends TestCase ); $expected = 'attribute'; $this->setExpectedException( - 'SimpleSAML_Error_Exception', + '\SimpleSAML\Error\Exception', 'More than one value found for the attribute, multiple values not allowed.' ); Attributes::getExpectedAttribute($attributes, $expected); diff --git a/tests/lib/SimpleSAML/Utils/CryptoTest.php b/tests/lib/SimpleSAML/Utils/CryptoTest.php index 32aa68292..b5a0b500a 100644 --- a/tests/lib/SimpleSAML/Utils/CryptoTest.php +++ b/tests/lib/SimpleSAML/Utils/CryptoTest.php @@ -70,7 +70,7 @@ class CryptoTest extends TestCase public function testAesDecrypt() { if (!extension_loaded('openssl')) { - $this->setExpectedException('\SimpleSAML_Error_Exception'); + $this->setExpectedException('\SimpleSAML\Error\Exception'); } $secret = 'SUPER_SECRET_SALT'; @@ -92,7 +92,7 @@ class CryptoTest extends TestCase public function testAesEncrypt() { if (!extension_loaded('openssl')) { - $this->setExpectedException('\SimpleSAML_Error_Exception'); + $this->setExpectedException('\SimpleSAML\Error\Exception'); } $secret = 'SUPER_SECRET_SALT'; @@ -195,7 +195,7 @@ PHP; } /** - * @expectedException \SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * * @covers \SimpleSAML\Utils\Crypto::pwHash */ @@ -237,7 +237,7 @@ PHP; } /** - * @expectedException \SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * * @covers \SimpleSAML\Utils\Crypto::pwValid */ @@ -271,7 +271,7 @@ PHP; } /** - * @expectedException \SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * * @covers \SimpleSAML\Utils\Crypto::loadPrivateKey */ @@ -297,7 +297,7 @@ PHP; } /** - * @expectedException \SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * * @covers \SimpleSAML\Utils\Crypto::loadPrivateKey */ @@ -378,7 +378,7 @@ PHP; } /** - * @expectedException \SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * * @covers \SimpleSAML\Utils\Crypto::loadPublicKey */ diff --git a/tests/lib/SimpleSAML/Utils/HTTPTest.php b/tests/lib/SimpleSAML/Utils/HTTPTest.php index b1a82effd..917a16290 100644 --- a/tests/lib/SimpleSAML/Utils/HTTPTest.php +++ b/tests/lib/SimpleSAML/Utils/HTTPTest.php @@ -313,7 +313,7 @@ class HTTPTest extends TestCase $this->assertEquals(HTTP::checkURLAllowed($url), $url); } - $this->setExpectedException('SimpleSAML_Error_Exception'); + $this->setExpectedException('\SimpleSAML\Error\Exception'); HTTP::checkURLAllowed('https://evil.com'); $_SERVER = $original; @@ -345,7 +345,7 @@ class HTTPTest extends TestCase $this->assertEquals(HTTP::checkURLAllowed($url), $url); } - $this->setExpectedException('SimpleSAML_Error_Exception'); + $this->setExpectedException('\SimpleSAML\Error\Exception'); HTTP::checkURLAllowed('https://evil.com'); $_SERVER = $original; @@ -410,7 +410,7 @@ class HTTPTest extends TestCase $_SERVER['REQUEST_URI'] = '/module.php'; - $this->setExpectedException('SimpleSAML_Error_Exception'); + $this->setExpectedException('\SimpleSAML\Error\Exception'); HTTP::checkURLAllowed('https://app.example.com.evil.com'); $_SERVER = $original; diff --git a/tests/lib/SimpleSAML/Utils/NetTest.php b/tests/lib/SimpleSAML/Utils/NetTest.php index 8e7e29e54..8b23bb44a 100644 --- a/tests/lib/SimpleSAML/Utils/NetTest.php +++ b/tests/lib/SimpleSAML/Utils/NetTest.php @@ -10,8 +10,6 @@ use SimpleSAML\Utils\Net; */ class NetTest extends TestCase { - - /** * Test the function that checks for IPs belonging to a CIDR. * diff --git a/tests/lib/SimpleSAML/Utils/RandomTest.php b/tests/lib/SimpleSAML/Utils/RandomTest.php index ff05ed024..6067faf07 100644 --- a/tests/lib/SimpleSAML/Utils/RandomTest.php +++ b/tests/lib/SimpleSAML/Utils/RandomTest.php @@ -10,7 +10,6 @@ use SimpleSAML\Utils\Random; */ class RandomTest extends TestCase { - /** * Test for SimpleSAML\Utils\Random::generateID(). * diff --git a/tests/lib/SimpleSAML/Utils/SystemTest.php b/tests/lib/SimpleSAML/Utils/SystemTest.php index c075922eb..e39370e94 100644 --- a/tests/lib/SimpleSAML/Utils/SystemTest.php +++ b/tests/lib/SimpleSAML/Utils/SystemTest.php @@ -221,7 +221,7 @@ class SystemTest extends TestCase chown($tempdir, $bad_uid); - $this->setExpectedException('\SimpleSAML_Error_Exception'); + $this->setExpectedException('\SimpleSAML\Error\Exception'); $res = System::getTempDir(); $this->clearInstance($config, '\SimpleSAML\Configuration'); diff --git a/tests/lib/SimpleSAML/Utils/TimeTest.php b/tests/lib/SimpleSAML/Utils/TimeTest.php index 16acc44ff..ebe99b9c8 100644 --- a/tests/lib/SimpleSAML/Utils/TimeTest.php +++ b/tests/lib/SimpleSAML/Utils/TimeTest.php @@ -50,7 +50,7 @@ class TimeTest extends TestCase try { @Time::initTimezone(); $this->fail('Failed to recognize an invalid timezone.'); - } catch (\SimpleSAML_Error_Exception $e) { + } catch (\SimpleSAML\Error\Exception $e) { $this->assertEquals('Invalid timezone set in the "timezone" option in config.php.', $e->getMessage()); } diff --git a/tests/lib/SimpleSAML/Utils/XMLTest.php b/tests/lib/SimpleSAML/Utils/XMLTest.php index adeb99739..4f820a9ef 100644 --- a/tests/lib/SimpleSAML/Utils/XMLTest.php +++ b/tests/lib/SimpleSAML/Utils/XMLTest.php @@ -141,7 +141,7 @@ class XMLTest extends TestCase } /** - * @expectedException \SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * * @covers \SimpleSAML\Utils\XML::getDOMText * @test diff --git a/tests/modules/core/lib/Auth/Process/CardinalityTest.php b/tests/modules/core/lib/Auth/Process/CardinalityTest.php index 1548815c0..30e28f953 100644 --- a/tests/modules/core/lib/Auth/Process/CardinalityTest.php +++ b/tests/modules/core/lib/Auth/Process/CardinalityTest.php @@ -1,4 +1,5 @@ <?php + // Alias the PHPUnit 6.0 ancestor if available, else fall back to legacy ancestor if (class_exists('\PHPUnit\Framework\TestCase', true) and !class_exists('\PHPUnit_Framework_TestCase', true)) { class_alias('\PHPUnit\Framework\TestCase', '\PHPUnit_Framework_TestCase', true); @@ -156,7 +157,7 @@ class Test_Core_Auth_Process_CardinalityTest extends \PHPUnit_Framework_TestCase /** * Test invalid minimum values - * @expectedException SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * @expectedExceptionMessageRegExp /Minimum/ */ public function testMinInvalid() @@ -174,7 +175,7 @@ class Test_Core_Auth_Process_CardinalityTest extends \PHPUnit_Framework_TestCase /** * Test invalid minimum values - * @expectedException SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * @expectedExceptionMessageRegExp /Minimum/ */ public function testMinNegative() @@ -192,7 +193,7 @@ class Test_Core_Auth_Process_CardinalityTest extends \PHPUnit_Framework_TestCase /** * Test invalid maximum values - * @expectedException SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * @expectedExceptionMessageRegExp /Maximum/ */ public function testMaxInvalid() @@ -210,7 +211,7 @@ class Test_Core_Auth_Process_CardinalityTest extends \PHPUnit_Framework_TestCase /** * Test maximum < minimum - * @expectedException SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * @expectedExceptionMessageRegExp /less than/ */ public function testMinGreaterThanMax() @@ -228,7 +229,7 @@ class Test_Core_Auth_Process_CardinalityTest extends \PHPUnit_Framework_TestCase /** * Test invalid attribute name - * @expectedException SimpleSAML_Error_Exception + * @expectedException \SimpleSAML\Error\Exception * @expectedExceptionMessageRegExp /Invalid attribute/ */ public function testInvalidAttributeName() diff --git a/tests/modules/core/lib/Auth/Process/PHPTest.php b/tests/modules/core/lib/Auth/Process/PHPTest.php index f4b0342e3..54f2bb290 100644 --- a/tests/modules/core/lib/Auth/Process/PHPTest.php +++ b/tests/modules/core/lib/Auth/Process/PHPTest.php @@ -7,7 +7,6 @@ use PHPUnit\Framework\TestCase; */ class Test_Core_Auth_Process_PHP extends TestCase { - /** * Helper function to run the filter with a given configuration. * @@ -31,7 +30,7 @@ class Test_Core_Auth_Process_PHP extends TestCase { $config = array(); $this->setExpectedException( - "SimpleSAML_Error_Exception", + "\SimpleSAML\Error\Exception", "core:PHP: missing mandatory configuration option 'code'." ); new sspmod_core_Auth_Process_PHP($config, null); diff --git a/tests/modules/saml/lib/IdP/SAML2Test.php b/tests/modules/saml/lib/IdP/SAML2Test.php index 4ca209592..e587f59e0 100644 --- a/tests/modules/saml/lib/IdP/SAML2Test.php +++ b/tests/modules/saml/lib/IdP/SAML2Test.php @@ -16,7 +16,7 @@ class sspmod_saml_IdP_SAML2Test extends \PHPUnit_Framework_TestCase public function testProcessSOAPAuthnRequestMissingUsername() { - $this->setExpectedException('SimpleSAML_Error_Error', 'WRONGUSERPASS'); + $this->setExpectedException('\SimpleSAML\Error\Error', 'WRONGUSERPASS'); $_SERVER['PHP_AUTH_PW'] = 'password'; unset($_SERVER['PHP_AUTH_USER']); @@ -27,7 +27,7 @@ class sspmod_saml_IdP_SAML2Test extends \PHPUnit_Framework_TestCase public function testProcessSOAPAuthnRequestMissingPassword() { - $this->setExpectedException('SimpleSAML_Error_Error', 'WRONGUSERPASS'); + $this->setExpectedException('\SimpleSAML\Error\Error', 'WRONGUSERPASS'); $_SERVER['PHP_AUTH_USER'] = 'username'; unset($_SERVER['PHP_AUTH_PW']); diff --git a/www/_include.php b/www/_include.php index 0f12ef741..092e50089 100644 --- a/www/_include.php +++ b/www/_include.php @@ -4,17 +4,17 @@ require_once(dirname(dirname(__FILE__)).'/lib/_autoload.php'); // enable assertion handler for all pages -SimpleSAML_Error_Assertion::installHandler(); +\SimpleSAML\Error\Assertion::installHandler(); // show error page on unhandled exceptions function SimpleSAML_exception_handler($exception) { SimpleSAML\Module::callHooks('exception_handler', $exception); - if ($exception instanceof SimpleSAML_Error_Error) { + if ($exception instanceof \SimpleSAML\Error\Error) { $exception->show(); } elseif ($exception instanceof Exception) { - $e = new SimpleSAML_Error_Error('UNHANDLEDEXCEPTION', $exception); + $e = new \SimpleSAML\Error\Error('UNHANDLEDEXCEPTION', $exception); $e->show(); } else { if (class_exists('Error') && $exception instanceof Error) { @@ -55,7 +55,7 @@ function SimpleSAML_error_handler($errno, $errstr, $errfile = null, $errline = 0 } // show an error with a full backtrace - $e = new SimpleSAML_Error_Exception('Error '.$errno.' - '.$errstr); + $e = new \SimpleSAML\Error\Exception('Error '.$errno.' - '.$errstr); $e->logError(); // resume normal error processing diff --git a/www/authmemcookie.php b/www/authmemcookie.php index cb18a0e0c..672b83762 100644 --- a/www/authmemcookie.php +++ b/www/authmemcookie.php @@ -20,7 +20,7 @@ try { // check if this module is enabled if (!$globalConfig->getBoolean('enable.authmemcookie', false)) { - throw new SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } // load Auth MemCookie configuration @@ -102,5 +102,5 @@ try { // redirect the user back to this page to signal that the login is completed \SimpleSAML\Utils\HTTP::redirectTrustedURL(\SimpleSAML\Utils\HTTP::getSelfURL()); } catch (Exception $e) { - throw new SimpleSAML_Error_Error('CONFIG', $e); + throw new \SimpleSAML\Error\Error('CONFIG', $e); } diff --git a/www/module.php b/www/module.php index 8e122f78e..d8a72013d 100644 --- a/www/module.php +++ b/www/module.php @@ -1,4 +1,5 @@ <?php + /** * Handler for module requests. * @@ -39,7 +40,7 @@ $mimeTypes = array( ); if (empty($_SERVER['PATH_INFO'])) { - throw new SimpleSAML_Error_NotFound('No PATH_INFO to module.php'); + throw new \SimpleSAML\Error\NotFound('No PATH_INFO to module.php'); } $url = $_SERVER['PATH_INFO']; @@ -53,7 +54,7 @@ unset($_SERVER['PATH_INFO']); $modEnd = strpos($url, '/', 1); if ($modEnd === false) { // the path must always be on the form /module/ - throw new SimpleSAML_Error_NotFound('The URL must at least contain a module name followed by a slash.'); + throw new \SimpleSAML\Error\NotFound('The URL must at least contain a module name followed by a slash.'); } $module = substr($url, 1, $modEnd - 1); @@ -63,7 +64,7 @@ if ($url === false) { } if (!SimpleSAML\Module::isModuleEnabled($module)) { - throw new SimpleSAML_Error_NotFound('The module \''.$module.'\' was either not found, or wasn\'t enabled.'); + throw new \SimpleSAML\Error\NotFound('The module \''.$module.'\' was either not found, or wasn\'t enabled.'); } /* Make sure that the request isn't suspicious (contains references to current directory or parent directory or @@ -71,9 +72,9 @@ if (!SimpleSAML\Module::isModuleEnabled($module)) { * attempts to use Windows-style paths. */ if (strpos($url, '\\') !== false) { - throw new SimpleSAML_Error_BadRequest('Requested URL contained a backslash.'); + throw new SimpleSAML\Error\BadRequest('Requested URL contained a backslash.'); } elseif (strpos($url, './') !== false) { - throw new SimpleSAML_Error_BadRequest('Requested URL contained \'./\'.'); + throw new \SimpleSAML\Error\BadRequest('Requested URL contained \'./\'.'); } $moduleDir = SimpleSAML\Module::getModuleDir($module).'/www/'; @@ -110,13 +111,13 @@ if (is_dir($path)) { /* Path is a directory - maybe no index file was found in the previous step, or maybe the path didn't end with * a slash. Either way, we don't do directory listings. */ - throw new SimpleSAML_Error_NotFound('Directory listing not available.'); + throw new \SimpleSAML\Error\NotFound('Directory listing not available.'); } if (!file_exists($path)) { // file not found SimpleSAML\Logger::info('Could not find file \''.$path.'\'.'); - throw new SimpleSAML_Error_NotFound('The URL wasn\'t found in the module.'); + throw new \SimpleSAML\Error\NotFound('The URL wasn\'t found in the module.'); } if (preg_match('#\.php$#D', $path)) { diff --git a/www/saml2/idp/ArtifactResolutionService.php b/www/saml2/idp/ArtifactResolutionService.php index 287dff319..65602126b 100644 --- a/www/saml2/idp/ArtifactResolutionService.php +++ b/www/saml2/idp/ArtifactResolutionService.php @@ -12,7 +12,7 @@ require_once('../../_include.php'); $config = \SimpleSAML\Configuration::getInstance(); if (!$config->getBoolean('enable.saml20-idp', false)) { - throw new SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); @@ -20,7 +20,7 @@ $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); $idpMetadata = $metadata->getMetaDataConfig($idpEntityId, 'saml20-idp-hosted'); if (!$idpMetadata->getBoolean('saml20.sendartifact', false)) { - throw new SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } $store = \SimpleSAML\Store::getInstance(); @@ -36,7 +36,7 @@ try { // an specific exception when the binding is unknown, and we should capture that here. Also note that the exception // message here is bogus! if ($e->getMessage() === 'Invalid message received to AssertionConsumerService endpoint.') { - throw new SimpleSAML_Error_Error('ARSPARAMS', $e, 400); + throw new \SimpleSAML\Error\Error('ARSPARAMS', $e, 400); } else { throw $e; // do not ignore other exceptions! } diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php index f05e34c9c..479e6557a 100644 --- a/www/saml2/idp/SSOService.php +++ b/www/saml2/idp/SSOService.php @@ -1,4 +1,5 @@ <?php + /** * The SSOService is part of the SAML 2.0 IdP code, and it receives incoming Authentication Requests * from a SAML 2.0 SP, parses, and process it, and then authenticates the user and sends the user back @@ -10,16 +11,17 @@ require_once('../../_include.php'); -SimpleSAML\Logger::info('SAML2.0 - IdP.SSOService: Accessing SAML 2.0 IdP endpoint SSOService'); +\SimpleSAML\Logger::info('SAML2.0 - IdP.SSOService: Accessing SAML 2.0 IdP endpoint SSOService'); -$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); +$metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); -$idp = SimpleSAML_IdP::getById('saml2:' . $idpEntityId); +$idp = \SimpleSAML_IdP::getById('saml2:' . $idpEntityId); + try { sspmod_saml_IdP_SAML2::receiveAuthnRequest($idp); } catch (Exception $e) { if ($e->getMessage() === "Unable to find the current binding.") { - throw new SimpleSAML_Error_Error('SSOPARAMS', $e, 400); + throw new \SimpleSAML\Error\Error('SSOPARAMS', $e, 400); } else { throw $e; // do not ignore other exceptions! } diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php index ab2a28022..15164f2ed 100644 --- a/www/saml2/idp/SingleLogoutService.php +++ b/www/saml2/idp/SingleLogoutService.php @@ -10,11 +10,11 @@ require_once('../../_include.php'); -SimpleSAML\Logger::info('SAML2.0 - IdP.SingleLogoutService: Accessing SAML 2.0 IdP endpoint SingleLogoutService'); +\SimpleSAML\Logger::info('SAML2.0 - IdP.SingleLogoutService: Accessing SAML 2.0 IdP endpoint SingleLogoutService'); -$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); +$metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); -$idp = SimpleSAML_IdP::getById('saml2:'.$idpEntityId); +$idp = \SimpleSAML_IdP::getById('saml2:'.$idpEntityId); if (isset($_REQUEST['ReturnTo'])) { $idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed((string) $_REQUEST['ReturnTo'])); @@ -27,7 +27,7 @@ if (isset($_REQUEST['ReturnTo'])) { * throw an specific exception when the binding is unknown, and we should capture that here */ if ($e->getMessage() === 'Unable to find the current binding.') { - throw new SimpleSAML_Error_Error('SLOSERVICEPARAMS', $e, 400); + throw new \SimpleSAML\Error\Error('SLOSERVICEPARAMS', $e, 400); } else { throw $e; // do not ignore other exceptions! } diff --git a/www/saml2/idp/initSLO.php b/www/saml2/idp/initSLO.php index 60b17fc5f..92ae9467a 100644 --- a/www/saml2/idp/initSLO.php +++ b/www/saml2/idp/initSLO.php @@ -1,14 +1,15 @@ <?php + require_once('../../_include.php'); -$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); +$metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); -$idp = SimpleSAML_IdP::getById('saml2:'.$idpEntityId); +$idp = \SimpleSAML_IdP::getById('saml2:'.$idpEntityId); -SimpleSAML\Logger::info('SAML2.0 - IdP.initSLO: Accessing SAML 2.0 IdP endpoint init Single Logout'); +\SimpleSAML\Logger::info('SAML2.0 - IdP.initSLO: Accessing SAML 2.0 IdP endpoint init Single Logout'); if (!isset($_GET['RelayState'])) { - throw new SimpleSAML_Error_Error('NORELAYSTATE'); + throw new \SimpleSAML\Error\Error('NORELAYSTATE'); } $idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed((string) $_GET['RelayState'])); diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php index 5b2c3d3be..783ea37c7 100644 --- a/www/saml2/idp/metadata.php +++ b/www/saml2/idp/metadata.php @@ -13,7 +13,7 @@ $config = \SimpleSAML\Configuration::getInstance(); $metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); if (!$config->getBoolean('enable.saml20-idp', false)) { - throw new SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } // check if valid local session exists @@ -148,7 +148,7 @@ try { ); if (!$idpmeta->hasValue('OrganizationURL')) { - throw new \SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.'); + throw new \SimpleSAML\Error\Exception('If OrganizationName is set, OrganizationURL must also be set.'); } $metaArray['OrganizationURL'] = $idpmeta->getLocalizedString('OrganizationURL'); } @@ -234,5 +234,5 @@ try { exit(0); } } catch (Exception $exception) { - throw new \SimpleSAML_Error_Error('METADATA', $exception); + throw new \SimpleSAML\Error\Error('METADATA', $exception); } diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php index 9b94da9ed..cc862557a 100644 --- a/www/shib13/idp/metadata.php +++ b/www/shib13/idp/metadata.php @@ -7,7 +7,7 @@ $config = \SimpleSAML\Configuration::getInstance(); $metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); if (!$config->getBoolean('enable.shib13-idp', false)) { - throw new \SimpleSAML_Error_Error('NOACCESS'); + throw new \SimpleSAML\Error\Error('NOACCESS'); } // check if valid local session exists @@ -62,7 +62,7 @@ try { ); if (!$idpmeta->hasValue('OrganizationURL')) { - throw new \SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.'); + throw new \SimpleSAML\Error\Exception('If OrganizationName is set, OrganizationURL must also be set.'); } $metaArray['OrganizationURL'] = $idpmeta->getLocalizedString('OrganizationURL'); } @@ -106,5 +106,5 @@ try { exit(0); } } catch (\Exception $exception) { - throw new \SimpleSAML_Error_Error('METADATA', $exception); + throw new \SimpleSAML\Error\Error('METADATA', $exception); } -- GitLab