diff --git a/lib/SimpleSAML/SessionHandler.php b/lib/SimpleSAML/SessionHandler.php
index 8ad3a135f82e09edbed67364370e5ac43599b008..9586d56e97a1d35f78d887a44b4dda1996e63cdb 100644
--- a/lib/SimpleSAML/SessionHandler.php
+++ b/lib/SimpleSAML/SessionHandler.php
@@ -155,7 +155,7 @@ abstract class SimpleSAML_SessionHandler {
$params = $this->getCookieParams();
}
- SimpleSAML_Utilities::setCookie($name, $value, $params);
+ \SimpleSAML\Utils\HTTP::setCookie($name, $value, $params);
}
}
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 410730202132e137e3541332817753acae6b8d74..b8717e82f4f555506a458c8a621c4c7f1e1f9911 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -1060,62 +1060,10 @@ class SimpleSAML_Utilities {
/**
- * Set a cookie.
- *
- * @param string $name The name of the session cookie.
- * @param string|NULL $value The value of the cookie. Set to NULL to delete the cookie.
- * @param array|NULL $params Cookie parameters.
- * @param bool $throw Whether to throw exception if setcookie fails.
+ * @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\HTTP::setCookie() instead.
*/
public static function setCookie($name, $value, array $params = NULL, $throw = TRUE) {
- assert('is_string($name)');
- assert('is_string($value) || is_null($value)');
-
- $default_params = array(
- 'lifetime' => 0,
- 'expire' => NULL,
- 'path' => '/',
- 'domain' => NULL,
- 'secure' => FALSE,
- 'httponly' => TRUE,
- 'raw' => FALSE,
- );
-
- if ($params !== NULL) {
- $params = array_merge($default_params, $params);
- } else {
- $params = $default_params;
- }
-
- // Do not set secure cookie if not on HTTPS
- if ($params['secure'] && !self::isHTTPS()) {
- SimpleSAML_Logger::warning('Setting secure cookie on http not allowed.');
- return;
- }
-
- if ($value === NULL) {
- $expire = time() - 365*24*60*60;
- } elseif (isset($params['expire'])) {
- $expire = $params['expire'];
- } elseif ($params['lifetime'] === 0) {
- $expire = 0;
- } else {
- $expire = time() + $params['lifetime'];
- }
-
- if ($params['raw']) {
- $success = setrawcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
- } else {
- $success = setcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
- }
-
- if (!$success) {
- if ($throw) {
- throw new SimpleSAML_Error_Exception('Error setting cookie - headers already sent.');
- } else {
- SimpleSAML_Logger::warning('Error setting cookie - headers already sent.');
- }
- }
+ return \SimpleSAML\Utils\HTTP::setCookie($name, $value, $params, $throw);
}
}
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 59be933008ca450259b3b428d084e45129a4370d..bffe910a0d4aa7343c09a6cb5dc1cdf50e13595b 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -194,8 +194,8 @@ class HTTP
* Save the given HTTP POST data and the destination where it should be posted to a given session.
*
* @param \SimpleSAML_Session $session The session where to temporarily store the data.
- * @param string $destination The destination URL where the form should be posted.
- * @param array $data An associative array with the data to be posted to $destination.
+ * @param string $destination The destination URL where the form should be posted.
+ * @param array $data An associative array with the data to be posted to $destination.
*
* @return string A random identifier that can be used to retrieve the data from the current session.
*
@@ -822,6 +822,80 @@ class HTTP
}
+ /**
+ * Set a cookie.
+ *
+ * @param string $name The name of the cookie.
+ * @param string|NULL $value The value of the cookie. Set to NULL to delete the cookie.
+ * @param array|NULL $params Cookie parameters.
+ * @param bool $throw Whether to throw exception if setcookie() fails.
+ *
+ * @throws \SimpleSAML_Error_Exception If any parameter has an incorrect type or the if the headers were already
+ * sent and the cookie cannot be set.
+ *
+ * @author Andjelko Horvat
+ * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
+ */
+ public static function setCookie($name, $value, $params = null, $throw = true)
+ {
+ if (!(is_string($name) && // $name must be a string
+ (is_string($value) || is_null($value)) && // $value can be a string or null
+ (is_array($params) || is_null($params)) && // $params can be an array or null
+ is_bool($throw)) // $throw must be boolean
+ ) {
+ throw new \SimpleSAML_Error_Exception('Invalid input parameters.');
+ }
+
+ $default_params = array(
+ 'lifetime' => 0,
+ 'expire' => null,
+ 'path' => '/',
+ 'domain' => null,
+ 'secure' => false,
+ 'httponly' => true,
+ 'raw' => false,
+ );
+
+ if ($params !== null) {
+ $params = array_merge($default_params, $params);
+ } else {
+ $params = $default_params;
+ }
+
+ // Do not set secure cookie if not on HTTPS
+ if ($params['secure'] && !self::isHTTPS()) {
+ \SimpleSAML_Logger::warning('Setting secure cookie on plain HTTP is not allowed.');
+ return;
+ }
+
+ if ($value === null) {
+ $expire = time() - 365 * 24 * 60 * 60;
+ } elseif (isset($params['expire'])) {
+ $expire = $params['expire'];
+ } elseif ($params['lifetime'] === 0) {
+ $expire = 0;
+ } else {
+ $expire = time() + $params['lifetime'];
+ }
+
+ if ($params['raw']) {
+ $success = setrawcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'],
+ $params['httponly']);
+ } else {
+ $success = setcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'],
+ $params['httponly']);
+ }
+
+ if (!$success) {
+ if ($throw) {
+ throw new \SimpleSAML_Error_Exception('Error setting cookie: headers already sent.');
+ } else {
+ \SimpleSAML_Logger::warning('Error setting cookie: headers already sent.');
+ }
+ }
+ }
+
+
/**
* Submit a POST form to a specific destination.
*
diff --git a/lib/SimpleSAML/XHTML/IdPDisco.php b/lib/SimpleSAML/XHTML/IdPDisco.php
index f423ca7100fdc10cbdffa62985ab22245c3dce1b..f64dac92b431e7ac4c51da2dacf7eb4e2886f27b 100644
--- a/lib/SimpleSAML/XHTML/IdPDisco.php
+++ b/lib/SimpleSAML/XHTML/IdPDisco.php
@@ -197,7 +197,7 @@ class SimpleSAML_XHTML_IdPDisco {
'httponly' => FALSE,
);
- SimpleSAML_Utilities::setCookie($prefixedName, $value, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($prefixedName, $value, $params, FALSE);
}
diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php
index b47cc772c6da9369732c8e6b1803d38f8c202ca7..68275de8b5d52d5446d58f9d3741eadf24463ff1 100644
--- a/lib/SimpleSAML/XHTML/Template.php
+++ b/lib/SimpleSAML/XHTML/Template.php
@@ -711,7 +711,7 @@ class SimpleSAML_XHTML_Template {
'httponly' => FALSE,
);
- SimpleSAML_Utilities::setCookie($name, $language, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($name, $language, $params, FALSE);
}
}
diff --git a/modules/cdc/lib/Server.php b/modules/cdc/lib/Server.php
index 41cffb927ebc51d274c1801bdacd989d6b2932ce..890e4376ed95ca244135fde74135b6cc894383ee 100644
--- a/modules/cdc/lib/Server.php
+++ b/modules/cdc/lib/Server.php
@@ -211,7 +211,7 @@ class sspmod_cdc_Server {
'httponly' => FALSE,
);
- SimpleSAML_Utilities::setCookie('_saml_idp', NULL, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', NULL, $params, FALSE);
return 'ok';
}
@@ -407,7 +407,7 @@ class sspmod_cdc_Server {
'httponly' => FALSE,
);
- SimpleSAML_Utilities::setCookie('_saml_idp', $cookie, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', $cookie, $params, FALSE);
}
}
diff --git a/modules/consent/lib/Consent/Store/Cookie.php b/modules/consent/lib/Consent/Store/Cookie.php
index 5790fa684d26746beca3814bb3065f654f2dc8b7..7eb153e8e4ee097fccef0334fa279ebbb1bb85e1 100644
--- a/modules/consent/lib/Consent/Store/Cookie.php
+++ b/modules/consent/lib/Consent/Store/Cookie.php
@@ -279,7 +279,7 @@ class sspmod_consent_Consent_Store_Cookie extends sspmod_consent_Store
$params['secure'] = false;
}
- SimpleSAML_Utilities::setCookie($name, $value, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($name, $value, $params, FALSE);
}
}
diff --git a/modules/core/www/cleardiscochoices.php b/modules/core/www/cleardiscochoices.php
index afd72997fea12bd52d4ea6987401adf59cc6694d..6a1b0729147d4952d5950284ea3b469f5e719098 100644
--- a/modules/core/www/cleardiscochoices.php
+++ b/modules/core/www/cleardiscochoices.php
@@ -20,7 +20,7 @@ foreach($_COOKIE as $cookieName => $value) {
/* Delete the cookie. We delete it once without the secure flag and once with the secure flag. This
* ensures that the cookie will be deleted in any case.
*/
- SimpleSAML_Utilities::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE);
}
diff --git a/modules/core/www/loginuserpass.php b/modules/core/www/loginuserpass.php
index 4ce0f93e66dca80463268a4d82b83c8bbb584778..f253ac53232e1b86fc95014e79dcdc8a06243de5 100644
--- a/modules/core/www/loginuserpass.php
+++ b/modules/core/www/loginuserpass.php
@@ -53,7 +53,7 @@ if (!empty($_REQUEST['username']) || !empty($password)) {
$params = $sessionHandler->getCookieParams();
$params['expire'] = time();
$params['expire'] += (isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300);
- SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
}
if ($source->isRememberMeEnabled()) {
diff --git a/modules/core/www/loginuserpassorg.php b/modules/core/www/loginuserpassorg.php
index ad4ba44b04b2bf7c2ace3de4cf47e10c57e05d95..441f046aa320c4b42fc31a1d66de9ea5e3d0c303 100644
--- a/modules/core/www/loginuserpassorg.php
+++ b/modules/core/www/loginuserpassorg.php
@@ -57,7 +57,7 @@ if ($organizations === NULL || !empty($organization)) {
$params = $sessionHandler->getCookieParams();
$params['expire'] = time();
$params['expire'] += (isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300);
- SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
}
try {
diff --git a/modules/discopower/lib/PowerIdPDisco.php b/modules/discopower/lib/PowerIdPDisco.php
index aaed123b69c9eabcb45e2231f66fd6f847d1f909..cf673c4c9f1b0053224fcfffe7361a36190e19f0 100644
--- a/modules/discopower/lib/PowerIdPDisco.php
+++ b/modules/discopower/lib/PowerIdPDisco.php
@@ -306,7 +306,7 @@ class sspmod_discopower_PowerIdPDisco extends SimpleSAML_XHTML_IdPDisco {
'secure' => TRUE,
'httponly' => FALSE,
);
- SimpleSAML_Utilities::setCookie('_saml_idp', $newCookie, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', $newCookie, $params, FALSE);
}
diff --git a/modules/multiauth/lib/Auth/Source/MultiAuth.php b/modules/multiauth/lib/Auth/Source/MultiAuth.php
index de7fcd4b006f5201a810715c0f4c41dc3c550e39..3e5b853a78eecceec1bb80ae10c5680369c72cc9 100644
--- a/modules/multiauth/lib/Auth/Source/MultiAuth.php
+++ b/modules/multiauth/lib/Auth/Source/MultiAuth.php
@@ -208,7 +208,7 @@ class sspmod_multiauth_Auth_Source_MultiAuth extends SimpleSAML_Auth_Source {
'httponly' => FALSE,
);
- SimpleSAML_Utilities::setCookie($cookieName, $source, $params, FALSE);
+ \SimpleSAML\Utils\HTTP::setCookie($cookieName, $source, $params, FALSE);
}
/**
diff --git a/modules/negotiate/www/disable.php b/modules/negotiate/www/disable.php
index 1cda47ee96d1ee2cad03d399e37dbdb1939868ed..52620042d162bcf9d41d3a3d07869dd9a2aa670f 100644
--- a/modules/negotiate/www/disable.php
+++ b/modules/negotiate/www/disable.php
@@ -13,7 +13,7 @@ $params = array(
'secure' => FALSE,
'httponly' => TRUE,
);
-SimpleSAML_Utilities::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', 'True', $params, FALSE);
+\SimpleSAML\Utils\HTTP::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', 'True', $params, FALSE);
$globalConfig = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getSessionFromRequest();
diff --git a/modules/negotiate/www/enable.php b/modules/negotiate/www/enable.php
index 0eda57367bc22ef9b356a2c1f52feec1ec64a823..56d66a865e83a6fa6113629f8a2a9ff062a1f41f 100644
--- a/modules/negotiate/www/enable.php
+++ b/modules/negotiate/www/enable.php
@@ -12,7 +12,7 @@ $params = array(
'secure' => FALSE,
'httponly' => TRUE,
);
-SimpleSAML_Utilities::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', NULL, $params, FALSE);
+\SimpleSAML\Utils\HTTP::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', NULL, $params, FALSE);
$globalConfig = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getSessionFromRequest();