Skip to content
Snippets Groups Projects
Commit c7919f20 authored by Jaime Pérez Crespo's avatar Jaime Pérez Crespo
Browse files

Add the configuration as a dependency to SimpleSAML\Session.

parent a4bca9e4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Session.php
+ 33
17
View file @ c7919f20
...@@ -48,6 +48,13 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -48,6 +48,13 @@ class Session implements \Serializable, Utils\ClearableState
*/ */
private static $instance = null; private static $instance = null;
/**
* The global configuration.
*
* @var \SimpleSAML\Configuration
*/
private static $config;
/** /**
* The session ID of this session. * The session ID of this session.
* *
...@@ -131,6 +138,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -131,6 +138,7 @@ class Session implements \Serializable, Utils\ClearableState
*/ */
private $authData = array(); private $authData = array();
/** /**
* Private constructor that restricts instantiation to either getSessionFromRequest() for the current session or * Private constructor that restricts instantiation to either getSessionFromRequest() for the current session or
* getSession() for a specific one. * getSession() for a specific one.
...@@ -139,6 +147,8 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -139,6 +147,8 @@ class Session implements \Serializable, Utils\ClearableState
*/ */
private function __construct($transient = false) private function __construct($transient = false)
{ {
$this->setConfiguration(Configuration::getInstance());
if (php_sapi_name() === 'cli' || defined('STDIN')) { if (php_sapi_name() === 'cli' || defined('STDIN')) {
$this->trackid = 'CL'.bin2hex(openssl_random_pseudo_bytes(4)); $this->trackid = 'CL'.bin2hex(openssl_random_pseudo_bytes(4));
Logger::setTrackId($this->trackid); Logger::setTrackId($this->trackid);
...@@ -174,8 +184,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -174,8 +184,7 @@ class Session implements \Serializable, Utils\ClearableState
$this->markDirty(); $this->markDirty();
// initialize data for session check function if defined // initialize data for session check function if defined
$globalConfig = Configuration::getInstance(); $checkFunction = self::$config->getArray('session.check_function', null);
$checkFunction = $globalConfig->getArray('session.check_function', null);
if (isset($checkFunction)) { if (isset($checkFunction)) {
assert(is_callable($checkFunction)); assert(is_callable($checkFunction));
call_user_func($checkFunction, $this, true); call_user_func($checkFunction, $this, true);
...@@ -183,6 +192,18 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -183,6 +192,18 @@ class Session implements \Serializable, Utils\ClearableState
} }
} }
/**
* Set the configuration we should use.
*
* @param Configuration $config
*/
public function setConfiguration(Configuration $config)
{
self::$config = $config;
}
/** /**
* Serialize this session object. * Serialize this session object.
* *
...@@ -192,8 +213,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -192,8 +213,7 @@ class Session implements \Serializable, Utils\ClearableState
*/ */
public function serialize() public function serialize()
{ {
$serialized = serialize(get_object_vars($this)); return serialize(get_object_vars($this));
return $serialized;
} }
/** /**
...@@ -212,6 +232,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -212,6 +232,7 @@ class Session implements \Serializable, Utils\ClearableState
$this->$k = $v; $this->$k = $v;
} }
} }
self::$config = Configuration::getInstance();
// look for any raw attributes and load them in the 'Attributes' array // look for any raw attributes and load them in the 'Attributes' array
foreach ($this->authData as $authority => $parameters) { foreach ($this->authData as $authority => $parameters) {
...@@ -542,8 +563,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -542,8 +563,7 @@ class Session implements \Serializable, Utils\ClearableState
assert(is_int($expire) || $expire === null); assert(is_int($expire) || $expire === null);
if ($expire === null) { if ($expire === null) {
$globalConfig = Configuration::getInstance(); $expire = time() + self::$config->getInteger('session.rememberme.lifetime', 14 * 86400);
$expire = time() + $globalConfig->getInteger('session.rememberme.lifetime', 14 * 86400);
} }
$this->rememberMeExpire = $expire; $this->rememberMeExpire = $expire;
...@@ -581,12 +601,11 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -581,12 +601,11 @@ class Session implements \Serializable, Utils\ClearableState
$data['Authority'] = $authority; $data['Authority'] = $authority;
$globalConfig = Configuration::getInstance();
if (!isset($data['AuthnInstant'])) { if (!isset($data['AuthnInstant'])) {
$data['AuthnInstant'] = time(); $data['AuthnInstant'] = time();
} }
$maxSessionExpire = time() + $globalConfig->getInteger('session.duration', 8 * 60 * 60); $maxSessionExpire = time() + self::$config->getInteger('session.duration', 8 * 60 * 60);
if (!isset($data['Expire']) || $data['Expire'] > $maxSessionExpire) { if (!isset($data['Expire']) || $data['Expire'] > $maxSessionExpire) {
// unset, or beyond our session lifetime. Clamp it to our maximum session lifetime // unset, or beyond our session lifetime. Clamp it to our maximum session lifetime
$data['Expire'] = $maxSessionExpire; $data['Expire'] = $maxSessionExpire;
...@@ -621,13 +640,13 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -621,13 +640,13 @@ class Session implements \Serializable, Utils\ClearableState
$sessionHandler = SessionHandler::getSessionHandler(); $sessionHandler = SessionHandler::getSessionHandler();
if (!$this->transient && (!empty($data['RememberMe']) || $this->rememberMeExpire) && if (!$this->transient && (!empty($data['RememberMe']) || $this->rememberMeExpire) &&
$globalConfig->getBoolean('session.rememberme.enable', false) self::$config->getBoolean('session.rememberme.enable', false)
) { ) {
$this->setRememberMeExpire(); $this->setRememberMeExpire();
} else { } else {
try { try {
Utils\HTTP::setCookie( Utils\HTTP::setCookie(
$globalConfig->getString('session.authtoken.cookiename', 'SimpleSAMLAuthToken'), self::$config->getString('session.authtoken.cookiename', 'SimpleSAMLAuthToken'),
$this->authToken, $this->authToken,
$sessionHandler->getCookieParams() $sessionHandler->getCookieParams()
); );
...@@ -755,9 +774,8 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -755,9 +774,8 @@ class Session implements \Serializable, Utils\ClearableState
$params = array_merge($sessionHandler->getCookieParams(), is_array($params) ? $params : array()); $params = array_merge($sessionHandler->getCookieParams(), is_array($params) ? $params : array());
if ($this->authToken !== null) { if ($this->authToken !== null) {
$globalConfig = Configuration::getInstance();
Utils\HTTP::setCookie( Utils\HTTP::setCookie(
$globalConfig->getString('session.authtoken.cookiename', 'SimpleSAMLAuthToken'), self::$config->getString('session.authtoken.cookiename', 'SimpleSAMLAuthToken'),
$this->authToken, $this->authToken,
$params $params
); );
...@@ -778,8 +796,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -778,8 +796,7 @@ class Session implements \Serializable, Utils\ClearableState
$this->markDirty(); $this->markDirty();
if ($expire === null) { if ($expire === null) {
$globalConfig = Configuration::getInstance(); $expire = time() + self::$config->getInteger('session.duration', 8 * 60 * 60);
$expire = time() + $globalConfig->getInteger('session.duration', 8 * 60 * 60);
} }
$this->authData[$authority]['Expire'] = $expire; $this->authData[$authority]['Expire'] = $expire;
...@@ -859,9 +876,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -859,9 +876,7 @@ class Session implements \Serializable, Utils\ClearableState
if ($timeout === null) { if ($timeout === null) {
// use the default timeout // use the default timeout
$configuration = Configuration::getInstance(); $timeout = self::$config->getInteger('session.datastore.timeout', null);
$timeout = $configuration->getInteger('session.datastore.timeout', null);
if ($timeout !== null) { if ($timeout !== null) {
if ($timeout <= 0) { if ($timeout <= 0) {
throw new \Exception( throw new \Exception(
...@@ -1141,6 +1156,7 @@ class Session implements \Serializable, Utils\ClearableState ...@@ -1141,6 +1156,7 @@ class Session implements \Serializable, Utils\ClearableState
*/ */
public static function clearInternalState() public static function clearInternalState()
{ {
self::$config = null;
self::$instance = null; self::$instance = null;
self::$sessions = null; self::$sessions = null;
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment