From a8b4c26b41e06d11e3e2e1fcb55401bf4c27c577 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Wed, 27 Feb 2008 18:22:36 +0000
Subject: [PATCH] Adding support for full paths outside the simplesamlphp
 installation. This patch was provided by Kenneth Svee! Thanks!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@327 44740490-163a-0410-bde0-09ae8108e29a
---
 config/config-template.php                    |  2 +-
 lib/SimpleSAML/Bindings/SAML20/HTTPPost.php   |  7 ++--
 .../Bindings/SAML20/HTTPRedirect.php          |  4 +-
 lib/SimpleSAML/Bindings/Shib13/HTTPPost.php   |  6 +--
 lib/SimpleSAML/Configuration.php              | 40 +++++++++++++++++++
 lib/SimpleSAML/Logger/LoggingHandlerFile.php  |  2 +-
 .../MetaDataStorageHandlerFlatfile.php        |  4 +-
 .../MetaDataStorageHandlerSAML2Meta.php       |  3 +-
 lib/SimpleSAML/XHTML/Template.php             | 12 +++---
 lib/SimpleSAML/XML/AttributeFilter.php        |  2 +-
 www/aselect/handler.php                       | 10 ++---
 www/shib13/idp/metadata.php                   |  2 +-
 12 files changed, 65 insertions(+), 29 deletions(-)

diff --git a/config/config-template.php b/config/config-template.php
index 90a5bcf4a..5e31f2fe6 100644
--- a/config/config-template.php
+++ b/config/config-template.php
@@ -25,7 +25,7 @@ $config = array (
 	'templatedir'           => 'templates/default/',
 	'metadatadir'           => 'metadata/',
 	'attributenamemapdir'   => 'attributemap/',
-	'certdir'               => 'certs/',
+	'certdir'               => 'cert/',
 	'dictionarydir'         => 'dictionaries/',
 	'loggingdir'            => 'log/',
 	
diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
index 94af7f48f..6cc8aec2f 100644
--- a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
+++ b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
@@ -73,13 +73,12 @@ class SimpleSAML_Bindings_SAML20_HTTPPost {
 		$privatekey = "/home/as/erlang/feide2/cert/edugain/server1Key.pem";
 		$publiccert = "/home/as/erlang/feide2/cert/edugain/server2chain.pem";
 
-
 		$privatekey = "/home/as/erlang/feide2/cert/server.pem";
 		$publiccert = "/home/as/erlang/feide2/cert/server.crt";
-				*/
+		*/
 		
-		$privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey'];
-		$publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate'];
+		$privatekey = $this->configuration->getPathValue('certdir') . $idpmd['privatekey'];
+		$publiccert = $this->configuration->getPathValue('certdir') . $idpmd['certificate'];
 
 		if (!file_exists($privatekey))
 			throw new Exception('Could not find private key file [' . $privatekey . '] which is needed to sign the authentication response');
diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
index 4fa8e7cbc..a92564a0f 100644
--- a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
+++ b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
@@ -34,7 +34,7 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
 
 		/* Load the private key. */
 
-		$privatekey = $this->configuration->getBaseDir() . '/cert/' . $md['privatekey'];
+		$privatekey = $this->configuration->getPathValue('certdir') . $md['privatekey'];
 		if (!file_exists($privatekey)) {
 			throw new Exception('Could not find private key file [' . $privatekey . '] which is needed to sign the request.');
 		}
@@ -96,7 +96,7 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
 		$query = $query . "&" . "SigAlg=" . urlencode($algURI);
 				
 		// check if public key of sp exists
-		$publickey = $this->configuration->getBaseDir() . '/cert/' . $md['certificate'];
+		$publickey = $this->configuration->getPathValue('certdir') . $md['certificate'];
 		if (!file_exists($publickey)) {
 			throw new Exception('Could not find private key file [' . $publickey . '] which is needed to verify the request.');
 		}
diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
index caee28a72..aa3e00f49 100644
--- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
+++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
@@ -70,10 +70,10 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 			throw new Exception('Could not find AssertionConsumerService for SP entity ID [' . $spentityid. ']. ' . 
 				'Claimed ACS is: ' . (isset($claimedacs) ? $claimedacs : 'N/A'));
 	
-		$privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey'];
-		$publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate'];
+		$privatekey = $this->configuration->getPathValue('certdir') . $idpmd['privatekey'];
+		$publiccert = $this->configuration->getPathValue('certdir') . $idpmd['certificate'];
 		$certchain_pem_file = isset($idpmd['certificatechain']) ? 
-			$this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain'] : null;
+			$this->configuration->getPathValue('certdir') . $idpmd['certificatechain'] : null;
 
 
 		if (!file_exists($privatekey)) throw new Exception('Could not find private key file [' . $privatekey . ']');
diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php
index 7178606ec..39f9e1b7b 100644
--- a/lib/SimpleSAML/Configuration.php
+++ b/lib/SimpleSAML/Configuration.php
@@ -67,6 +67,46 @@ class SimpleSAML_Configuration {
 	}
 
 
+	/* Retrieve a path configuration option set in config.php.
+	 * The function will always return an absolute path unless the
+	 * option is not set. It will then return the default value.
+	 *
+	 * It checks if the value starts with a slash, and prefixes it
+	 * with the value from getBaseDir if it doesn't.
+	 *
+	 * Parameters:
+	 *  $name     Name of the configuration option.
+	 *  $default  Default value of the configuration option. This
+	 *            parameter will default to NULL if not specified.
+	 *
+	 * Returns:
+	 *  The path configuration option with name $name, or $default if
+	 *  the option was not found.
+	 */
+	public function getPathValue($name, $default = NULL) {
+		if (!isset($this->configuration)) {
+			$this->loadConfig();
+		}
+
+		/* Return the default value if the option is unset. */
+		if (!array_key_exists($name, $this->configuration)) {
+			return $default;
+		}
+
+		$path = $this->configuration[$name];
+
+		/* Prepend path with basedir if it doesn't start with
+                 * a slash. We assume getBaseDir ends with a slash.
+		 */
+		if ($path[0] !== '/') $path = $this->getBaseDir() . $path;
+		
+		/* Add trailing slash if it is missing to be consistent with getBaseDir */
+		if (substr($path, -1) !== '/') $path .= '/';
+		
+		return $path;
+	}
+
+
 	/* Retrieve the base directory for this simpleSAMLphp installation.
 	 * This function first checks the 'basedir' configuration option. If
 	 * this option is undefined or NULL, then we fall back to looking at
diff --git a/lib/SimpleSAML/Logger/LoggingHandlerFile.php b/lib/SimpleSAML/Logger/LoggingHandlerFile.php
index b0239ef88..a3b94937a 100644
--- a/lib/SimpleSAML/Logger/LoggingHandlerFile.php
+++ b/lib/SimpleSAML/Logger/LoggingHandlerFile.php
@@ -21,7 +21,7 @@ class SimpleSAML_Logger_LoggingHandlerFile implements SimpleSAML_Logger_LoggingH
         assert($config instanceof SimpleSAML_Configuration);
 
         /* Get the metadata handler option from the configuration. */
-        $this->logFile = $config->getBaseDir().'/'.$config->getValue('loggingdir').'/'.$config->getValue('logging.logfile');
+        $this->logFile = $config->getPathValue('loggingdir').$config->getValue('logging.logfile');
 
         if (@file_exists($this->logFile)) {
             if (!@is_writeable($this->logFile)) throw new Exception("Could not write to logfile: ".$this->logFile);
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php
index b9affb918..828ecc748 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php
@@ -41,9 +41,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerFlatFile extends SimpleSAML_Meta
 		$config = SimpleSAML_Configuration::getInstance();
 		assert($config instanceof SimpleSAML_Configuration);
 		
-		$metadatasetfile = $config->getBaseDir() . '/' . 
-			$config->getValue('metadatadir') . '/' . $set . '.php';
-		
+		$metadatasetfile = $config->getPathValue('metadatadir') . $set . '.php';
 		
 		if (!file_exists($metadatasetfile)) {
 			throw new Exception('Could not open file: ' . $metadatasetfile);
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php
index 3e45a8218..f53622323 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php
@@ -64,8 +64,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerSAML2Meta extends SimpleSAML_Met
 			// The metadata location is an URL
 			$metadatasetfile = $metadatalocation;
 		} else {
-			$metadatasetfile = $config->getBaseDir() . '' . 
-				$config->getValue('metadatadir') . $metadatalocation;
+			$metadatasetfile = $config->getPathValue('metadatadir') . $metadatalocation;
 			if (!file_exists($metadatasetfile)) throw new Exception('Could not find SAML 2.0 Metadata file :'. $metadatasetfile);
 			if (preg_match('@\.php$@', $metadatalocation)) {
 				$xml = false;
diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php
index d4acfa022..1ece44516 100644
--- a/lib/SimpleSAML/XHTML/Template.php
+++ b/lib/SimpleSAML/XHTML/Template.php
@@ -71,16 +71,16 @@ class SimpleSAML_XHTML_Template {
 	
 	private function includeAtTemplateBase($file) {
 		$data = $this->data;
-		$filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir');
+		$filebase = $this->configuration->getPathValue('templatedir');
 		include($filebase . $file);
 	}
 
 	private function includeAtLanguageBase($file) {
 		$data = $this->data;
-		$filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . $this->getLanguage() . '/' ;
+		$filebase = $this->configuration->getPathValue('templatedir') . $this->getLanguage() . '/' ;
 		
 		if (!file_exists($filebase . $file)) {
-			$filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . 
+			$filebase = $this->configuration->getPathValue('templatedir') . 
 				$this->configuration->getValue('language.default') . '/';
 				
 			
@@ -96,7 +96,7 @@ class SimpleSAML_XHTML_Template {
 	 * Include language file from the dictionaries directory.
 	 */
 	private function includeLanguageFile($file) {
-		$filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('dictionarydir');
+		$filebase = $this->configuration->getPathValue('dictionarydir');
 		
 		if (!file_exists($filebase . $file)) {
 			SimpleSAML_Logger::error($_SERVER['PHP_SELF'].' - Template: Could not find template file [' . $this->template . '] at [' . $filebase . $file . ']');
@@ -122,12 +122,12 @@ class SimpleSAML_XHTML_Template {
 	 */
 	public function show() {
 		$data = $this->data;
-		$filename = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . $this->getLanguage() . '/' . 
+		$filename = $this->configuration->getPathValue('templatedir') . $this->getLanguage() . '/' . 
 			$this->template;
 
 		if (!file_exists($filename)) {
 				
-			$filename = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') .  
+			$filename = $this->configuration->getPathValue('templatedir') .  
 				$this->configuration->getValue('language.default') . '/' . $this->template;
 
 
diff --git a/lib/SimpleSAML/XML/AttributeFilter.php b/lib/SimpleSAML/XML/AttributeFilter.php
index 528ee5c96..b4cad0516 100644
--- a/lib/SimpleSAML/XML/AttributeFilter.php
+++ b/lib/SimpleSAML/XML/AttributeFilter.php
@@ -21,7 +21,7 @@ class SimpleSAML_XML_AttributeFilter {
 
 	public function namemap($map) {
 		
-		$mapfile = $this->configuration->getBaseDir() . $this->configuration->getValue('attributenamemapdir') . $map . '.php';
+		$mapfile = $this->configuration->getPathValue('attributenamemapdir') . $map . '.php';
 		if (!file_exists($mapfile)) throw new Exception('Could not find attributemap file: ' . $mapfile);
 		
 		include($mapfile);
diff --git a/www/aselect/handler.php b/www/aselect/handler.php
index 448bec0d0..8ec9b4b2e 100644
--- a/www/aselect/handler.php
+++ b/www/aselect/handler.php
@@ -65,8 +65,8 @@ $as_metadata = array(
 		'hosted' => array(
 			'organization' => 'simpleSAMLphp',
 			'server_id' => 'default.aselect.org',
-			'key' => $config->getBaseDir() . '/cert/server.pem',
-			'cert' => $config->getBaseDir() . '/cert/server.crt',
+			'key' => $config->getPathValue('certdir') . 'server.pem',
+			'cert' => $config->getPathValue('certdir') . 'server.crt',
 			'authsp_level' => '10',
 			'authsp' => 'simpleSAMLphp',
 			'app_level' => '10',
@@ -94,12 +94,12 @@ $as_metadata = array(
 		'hosted' => array(
 			'organization' => 'simpleSAMLphp',
 			'server_id' => 'default.aselect.org',
-			'key' => $config->getBaseDir() . '/cert/agent.key',
+			'key' => $config->getPathValue('certdir'). 'agent.key',
 		),
 		'remote' => array(
 			'testorg' => array(
 				'require_signing' => true,
-				'cert' => $config->getBaseDir() . '/cert/aselect.crt',
+				'cert' => $config->getPathValue('certdir'). 'aselect.crt',
 			),
 		),
 	),
@@ -109,7 +109,7 @@ $as_metadata = array(
 		),
 		'federatiedemo' => array(
 			'require_signing' => true,
-			'cert' => $config->getBaseDir() . '/cert/app.crt',
+			'cert' => $config->getPathValue('certdir') . 'app.crt',
 		),
 	),
 );
diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php
index acafbc889..d13013353 100644
--- a/www/shib13/idp/metadata.php
+++ b/www/shib13/idp/metadata.php
@@ -25,7 +25,7 @@ try {
 	$idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('shib13-idp-hosted');
 	$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
 	
-	$publiccert = $config->getBaseDir() . '/cert/' . $idpmeta['certificate'];
+	$publiccert = $config->getPathValue('certdir') . $idpmeta['certificate'];
 
 	if (!file_exists($publiccert)) 
 		throw new Exception('Could not find certificate [' . $publiccert . '] to attach to the authentication resposne');
-- 
GitLab