From a8b4c26b41e06d11e3e2e1fcb55401bf4c27c577 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no> Date: Wed, 27 Feb 2008 18:22:36 +0000 Subject: [PATCH] Adding support for full paths outside the simplesamlphp installation. This patch was provided by Kenneth Svee! Thanks! git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@327 44740490-163a-0410-bde0-09ae8108e29a --- config/config-template.php | 2 +- lib/SimpleSAML/Bindings/SAML20/HTTPPost.php | 7 ++-- .../Bindings/SAML20/HTTPRedirect.php | 4 +- lib/SimpleSAML/Bindings/Shib13/HTTPPost.php | 6 +-- lib/SimpleSAML/Configuration.php | 40 +++++++++++++++++++ lib/SimpleSAML/Logger/LoggingHandlerFile.php | 2 +- .../MetaDataStorageHandlerFlatfile.php | 4 +- .../MetaDataStorageHandlerSAML2Meta.php | 3 +- lib/SimpleSAML/XHTML/Template.php | 12 +++--- lib/SimpleSAML/XML/AttributeFilter.php | 2 +- www/aselect/handler.php | 10 ++--- www/shib13/idp/metadata.php | 2 +- 12 files changed, 65 insertions(+), 29 deletions(-) diff --git a/config/config-template.php b/config/config-template.php index 90a5bcf4a..5e31f2fe6 100644 --- a/config/config-template.php +++ b/config/config-template.php @@ -25,7 +25,7 @@ $config = array ( 'templatedir' => 'templates/default/', 'metadatadir' => 'metadata/', 'attributenamemapdir' => 'attributemap/', - 'certdir' => 'certs/', + 'certdir' => 'cert/', 'dictionarydir' => 'dictionaries/', 'loggingdir' => 'log/', diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php index 94af7f48f..6cc8aec2f 100644 --- a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php +++ b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php @@ -73,13 +73,12 @@ class SimpleSAML_Bindings_SAML20_HTTPPost { $privatekey = "/home/as/erlang/feide2/cert/edugain/server1Key.pem"; $publiccert = "/home/as/erlang/feide2/cert/edugain/server2chain.pem"; - $privatekey = "/home/as/erlang/feide2/cert/server.pem"; $publiccert = "/home/as/erlang/feide2/cert/server.crt"; - */ + */ - $privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey']; - $publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate']; + $privatekey = $this->configuration->getPathValue('certdir') . $idpmd['privatekey']; + $publiccert = $this->configuration->getPathValue('certdir') . $idpmd['certificate']; if (!file_exists($privatekey)) throw new Exception('Could not find private key file [' . $privatekey . '] which is needed to sign the authentication response'); diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php index 4fa8e7cbc..a92564a0f 100644 --- a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php +++ b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php @@ -34,7 +34,7 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { /* Load the private key. */ - $privatekey = $this->configuration->getBaseDir() . '/cert/' . $md['privatekey']; + $privatekey = $this->configuration->getPathValue('certdir') . $md['privatekey']; if (!file_exists($privatekey)) { throw new Exception('Could not find private key file [' . $privatekey . '] which is needed to sign the request.'); } @@ -96,7 +96,7 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { $query = $query . "&" . "SigAlg=" . urlencode($algURI); // check if public key of sp exists - $publickey = $this->configuration->getBaseDir() . '/cert/' . $md['certificate']; + $publickey = $this->configuration->getPathValue('certdir') . $md['certificate']; if (!file_exists($publickey)) { throw new Exception('Could not find private key file [' . $publickey . '] which is needed to verify the request.'); } diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php index caee28a72..aa3e00f49 100644 --- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php +++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php @@ -70,10 +70,10 @@ class SimpleSAML_Bindings_Shib13_HTTPPost { throw new Exception('Could not find AssertionConsumerService for SP entity ID [' . $spentityid. ']. ' . 'Claimed ACS is: ' . (isset($claimedacs) ? $claimedacs : 'N/A')); - $privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey']; - $publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate']; + $privatekey = $this->configuration->getPathValue('certdir') . $idpmd['privatekey']; + $publiccert = $this->configuration->getPathValue('certdir') . $idpmd['certificate']; $certchain_pem_file = isset($idpmd['certificatechain']) ? - $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain'] : null; + $this->configuration->getPathValue('certdir') . $idpmd['certificatechain'] : null; if (!file_exists($privatekey)) throw new Exception('Could not find private key file [' . $privatekey . ']'); diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php index 7178606ec..39f9e1b7b 100644 --- a/lib/SimpleSAML/Configuration.php +++ b/lib/SimpleSAML/Configuration.php @@ -67,6 +67,46 @@ class SimpleSAML_Configuration { } + /* Retrieve a path configuration option set in config.php. + * The function will always return an absolute path unless the + * option is not set. It will then return the default value. + * + * It checks if the value starts with a slash, and prefixes it + * with the value from getBaseDir if it doesn't. + * + * Parameters: + * $name Name of the configuration option. + * $default Default value of the configuration option. This + * parameter will default to NULL if not specified. + * + * Returns: + * The path configuration option with name $name, or $default if + * the option was not found. + */ + public function getPathValue($name, $default = NULL) { + if (!isset($this->configuration)) { + $this->loadConfig(); + } + + /* Return the default value if the option is unset. */ + if (!array_key_exists($name, $this->configuration)) { + return $default; + } + + $path = $this->configuration[$name]; + + /* Prepend path with basedir if it doesn't start with + * a slash. We assume getBaseDir ends with a slash. + */ + if ($path[0] !== '/') $path = $this->getBaseDir() . $path; + + /* Add trailing slash if it is missing to be consistent with getBaseDir */ + if (substr($path, -1) !== '/') $path .= '/'; + + return $path; + } + + /* Retrieve the base directory for this simpleSAMLphp installation. * This function first checks the 'basedir' configuration option. If * this option is undefined or NULL, then we fall back to looking at diff --git a/lib/SimpleSAML/Logger/LoggingHandlerFile.php b/lib/SimpleSAML/Logger/LoggingHandlerFile.php index b0239ef88..a3b94937a 100644 --- a/lib/SimpleSAML/Logger/LoggingHandlerFile.php +++ b/lib/SimpleSAML/Logger/LoggingHandlerFile.php @@ -21,7 +21,7 @@ class SimpleSAML_Logger_LoggingHandlerFile implements SimpleSAML_Logger_LoggingH assert($config instanceof SimpleSAML_Configuration); /* Get the metadata handler option from the configuration. */ - $this->logFile = $config->getBaseDir().'/'.$config->getValue('loggingdir').'/'.$config->getValue('logging.logfile'); + $this->logFile = $config->getPathValue('loggingdir').$config->getValue('logging.logfile'); if (@file_exists($this->logFile)) { if (!@is_writeable($this->logFile)) throw new Exception("Could not write to logfile: ".$this->logFile); diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php index b9affb918..828ecc748 100644 --- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php +++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php @@ -41,9 +41,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerFlatFile extends SimpleSAML_Meta $config = SimpleSAML_Configuration::getInstance(); assert($config instanceof SimpleSAML_Configuration); - $metadatasetfile = $config->getBaseDir() . '/' . - $config->getValue('metadatadir') . '/' . $set . '.php'; - + $metadatasetfile = $config->getPathValue('metadatadir') . $set . '.php'; if (!file_exists($metadatasetfile)) { throw new Exception('Could not open file: ' . $metadatasetfile); diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php index 3e45a8218..f53622323 100644 --- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php +++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php @@ -64,8 +64,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerSAML2Meta extends SimpleSAML_Met // The metadata location is an URL $metadatasetfile = $metadatalocation; } else { - $metadatasetfile = $config->getBaseDir() . '' . - $config->getValue('metadatadir') . $metadatalocation; + $metadatasetfile = $config->getPathValue('metadatadir') . $metadatalocation; if (!file_exists($metadatasetfile)) throw new Exception('Could not find SAML 2.0 Metadata file :'. $metadatasetfile); if (preg_match('@\.php$@', $metadatalocation)) { $xml = false; diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php index d4acfa022..1ece44516 100644 --- a/lib/SimpleSAML/XHTML/Template.php +++ b/lib/SimpleSAML/XHTML/Template.php @@ -71,16 +71,16 @@ class SimpleSAML_XHTML_Template { private function includeAtTemplateBase($file) { $data = $this->data; - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir'); + $filebase = $this->configuration->getPathValue('templatedir'); include($filebase . $file); } private function includeAtLanguageBase($file) { $data = $this->data; - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . $this->getLanguage() . '/' ; + $filebase = $this->configuration->getPathValue('templatedir') . $this->getLanguage() . '/' ; if (!file_exists($filebase . $file)) { - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . + $filebase = $this->configuration->getPathValue('templatedir') . $this->configuration->getValue('language.default') . '/'; @@ -96,7 +96,7 @@ class SimpleSAML_XHTML_Template { * Include language file from the dictionaries directory. */ private function includeLanguageFile($file) { - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('dictionarydir'); + $filebase = $this->configuration->getPathValue('dictionarydir'); if (!file_exists($filebase . $file)) { SimpleSAML_Logger::error($_SERVER['PHP_SELF'].' - Template: Could not find template file [' . $this->template . '] at [' . $filebase . $file . ']'); @@ -122,12 +122,12 @@ class SimpleSAML_XHTML_Template { */ public function show() { $data = $this->data; - $filename = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . $this->getLanguage() . '/' . + $filename = $this->configuration->getPathValue('templatedir') . $this->getLanguage() . '/' . $this->template; if (!file_exists($filename)) { - $filename = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . + $filename = $this->configuration->getPathValue('templatedir') . $this->configuration->getValue('language.default') . '/' . $this->template; diff --git a/lib/SimpleSAML/XML/AttributeFilter.php b/lib/SimpleSAML/XML/AttributeFilter.php index 528ee5c96..b4cad0516 100644 --- a/lib/SimpleSAML/XML/AttributeFilter.php +++ b/lib/SimpleSAML/XML/AttributeFilter.php @@ -21,7 +21,7 @@ class SimpleSAML_XML_AttributeFilter { public function namemap($map) { - $mapfile = $this->configuration->getBaseDir() . $this->configuration->getValue('attributenamemapdir') . $map . '.php'; + $mapfile = $this->configuration->getPathValue('attributenamemapdir') . $map . '.php'; if (!file_exists($mapfile)) throw new Exception('Could not find attributemap file: ' . $mapfile); include($mapfile); diff --git a/www/aselect/handler.php b/www/aselect/handler.php index 448bec0d0..8ec9b4b2e 100644 --- a/www/aselect/handler.php +++ b/www/aselect/handler.php @@ -65,8 +65,8 @@ $as_metadata = array( 'hosted' => array( 'organization' => 'simpleSAMLphp', 'server_id' => 'default.aselect.org', - 'key' => $config->getBaseDir() . '/cert/server.pem', - 'cert' => $config->getBaseDir() . '/cert/server.crt', + 'key' => $config->getPathValue('certdir') . 'server.pem', + 'cert' => $config->getPathValue('certdir') . 'server.crt', 'authsp_level' => '10', 'authsp' => 'simpleSAMLphp', 'app_level' => '10', @@ -94,12 +94,12 @@ $as_metadata = array( 'hosted' => array( 'organization' => 'simpleSAMLphp', 'server_id' => 'default.aselect.org', - 'key' => $config->getBaseDir() . '/cert/agent.key', + 'key' => $config->getPathValue('certdir'). 'agent.key', ), 'remote' => array( 'testorg' => array( 'require_signing' => true, - 'cert' => $config->getBaseDir() . '/cert/aselect.crt', + 'cert' => $config->getPathValue('certdir'). 'aselect.crt', ), ), ), @@ -109,7 +109,7 @@ $as_metadata = array( ), 'federatiedemo' => array( 'require_signing' => true, - 'cert' => $config->getBaseDir() . '/cert/app.crt', + 'cert' => $config->getPathValue('certdir') . 'app.crt', ), ), ); diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php index acafbc889..d13013353 100644 --- a/www/shib13/idp/metadata.php +++ b/www/shib13/idp/metadata.php @@ -25,7 +25,7 @@ try { $idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('shib13-idp-hosted'); $idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted'); - $publiccert = $config->getBaseDir() . '/cert/' . $idpmeta['certificate']; + $publiccert = $config->getPathValue('certdir') . $idpmeta['certificate']; if (!file_exists($publiccert)) throw new Exception('Could not find certificate [' . $publiccert . '] to attach to the authentication resposne'); -- GitLab