From cf86ce2678f37d3e18e6a4e3f1f3873e8d6d98b6 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Mon, 13 Aug 2018 22:36:51 +0200
Subject: [PATCH] base:  PSR-2/whitespace/indentation

---
 config-templates/acl.php                      | 106 ++--
 config-templates/authmemcookie.php            | 122 +++--
 lib/SimpleSAML/Auth/Default.php               |   2 +-
 lib/SimpleSAML/Auth/LDAP.php                  |   3 +-
 lib/SimpleSAML/Auth/ProcessingFilter.php      |   2 +-
 lib/SimpleSAML/Auth/Simple.php                |  14 +-
 lib/SimpleSAML/Auth/Source.php                |   3 +-
 lib/SimpleSAML/Bindings/Shib13/Artifact.php   |  26 +-
 lib/SimpleSAML/Configuration.php              |   6 +-
 lib/SimpleSAML/Error/Assertion.php            |   2 +-
 lib/SimpleSAML/Error/Exception.php            |   7 +-
 lib/SimpleSAML/IdP/IFrameLogoutHandler.php    |   2 +-
 lib/SimpleSAML/Locale/Localization.php        |   4 +-
 lib/SimpleSAML/Locale/Translate.php           |   2 +-
 lib/SimpleSAML/Memcache.php                   |  10 +-
 .../Metadata/MetaDataStorageHandlerPdo.php    |   4 +-
 .../Metadata/MetaDataStorageHandlerXML.php    |   4 +-
 lib/SimpleSAML/Metadata/SAMLParser.php        |   4 +-
 lib/SimpleSAML/Module.php                     |   6 +-
 lib/SimpleSAML/Session.php                    |   9 +-
 lib/SimpleSAML/Store/Memcache.php             |   6 +-
 lib/SimpleSAML/Store/SQL.php                  |   8 +-
 lib/SimpleSAML/Utils/Config.php               |   7 +-
 lib/SimpleSAML/Utils/Config/Metadata.php      |   3 +-
 lib/SimpleSAML/Utils/Crypto.php               |   7 +-
 lib/SimpleSAML/Utils/HTTP.php                 |   6 +-
 lib/SimpleSAML/Utils/Random.php               |   2 +-
 lib/SimpleSAML/Utils/XML.php                  |  14 +-
 lib/SimpleSAML/XHTML/EMail.php                |  20 +-
 lib/SimpleSAML/XHTML/Template.php             |   6 +-
 lib/SimpleSAML/XML/Errors.php                 |   7 +-
 lib/SimpleSAML/XML/Parser.php                 |   4 +-
 lib/SimpleSAML/XML/Shib13/AuthnRequest.php    |   8 +-
 lib/SimpleSAML/XML/Shib13/AuthnResponse.php   |  64 +--
 lib/SimpleSAML/XML/Signer.php                 |  12 +-
 lib/SimpleSAML/XML/Validator.php              |  31 +-
 lib/_autoload.php                             |   3 +-
 lib/_autoload_modules.php                     |   3 +-
 metadata-templates/adfs-idp-hosted.php        |  16 +-
 metadata-templates/adfs-sp-remote.php         |  16 +-
 metadata-templates/saml20-idp-hosted.php      |  74 +--
 metadata-templates/saml20-sp-remote.php       |  34 +-
 metadata-templates/shib13-idp-hosted.php      |  29 +-
 metadata-templates/shib13-idp-remote.php      |   4 +-
 metadata-templates/shib13-sp-hosted.php       |   2 +-
 metadata-templates/shib13-sp-remote.php       |   6 +-
 metadata-templates/wsfed-idp-remote.php       |   4 +-
 metadata-templates/wsfed-sp-hosted.php        |   2 +-
 modules/consent/www/noconsent.php             |   6 +-
 .../exampleauth/lib/Auth/Source/External.php  | 496 +++++++++---------
 .../lib/Auth/Source/StaticSource.php          |  80 ++-
 modules/ldap/lib/Auth/Source/LDAPMulti.php    |  14 +-
 modules/metarefresh/lib/MetaLoader.php        |   2 +-
 templates/attributequery.php                  |  24 +-
 templates/errorreport.php                     |   8 +-
 templates/hostnames.php                       |   2 +-
 templates/includes/attributes.php             |   2 +-
 templates/includes/footer.php                 |  29 +-
 templates/includes/header-embed.php           |  27 +-
 templates/login-ldapmulti.php                 | 126 ++---
 templates/login.php                           | 121 ++---
 templates/logout.php                          |  14 +-
 templates/metadata-converter.php              |   2 +-
 templates/metadata.php                        |   4 +-
 templates/post.php                            |  12 +-
 templates/selectidp-dropdown.php              |   2 +-
 templates/selectidp-links.php                 |   6 +-
 templates/status.php                          |  31 +-
 www/_include.php                              |   4 +-
 www/admin/hostnames.php                       |   2 +-
 www/admin/sandbox.php                         |   2 +-
 www/saml2/idp/ArtifactResolutionService.php   |   3 +-
 www/saml2/idp/SSOService.php                  |   2 +-
 www/saml2/idp/SingleLogoutService.php         |   3 +-
 www/saml2/idp/initSLO.php                     |   2 +-
 www/shib13/idp/SSOService.php                 |   2 +-
 www/shib13/idp/metadata.php                   |   3 +-
 77 files changed, 868 insertions(+), 899 deletions(-)

diff --git a/config-templates/acl.php b/config-templates/acl.php
index 7dcca1653..e208952eb 100644
--- a/config-templates/acl.php
+++ b/config-templates/acl.php
@@ -5,57 +5,55 @@
  * be reused in several places.
  */
 $config = array(
-
-	'adminlist' => array(
-		//array('allow', 'equals', 'mail', 'admin1@example.org'),
-		//array('allow', 'has', 'groups', 'admin'),
-		// The default action is to deny access.
-	),
-
-	'example-simple' => array(
-		array('allow', 'equals', 'mail', 'admin1@example.org'),
-		array('allow', 'equals', 'mail', 'admin2@example.org'),
-		// The default action is to deny access.
-	),
-
-	'example-deny-some' => array(
-		array('deny', 'equals', 'mail', 'eviluser@example.org'),
-		array('allow'), // Allow everybody else.
-	),
-
-	'example-maildomain' => array(
-		array('allow', 'equals-preg', 'mail', '/@example\.org$/'),
-		// The default action is to deny access.
-	),
-
-	'example-allow-employees' => array(
-		array('allow', 'has', 'eduPersonAffiliation', 'employee'),
-		// The default action is to deny access.
-	),
-
-	'example-allow-employees-not-students' => array(
-		array('deny', 'has', 'eduPersonAffiliation', 'student'),
-		array('allow', 'has', 'eduPersonAffiliation', 'employee'),
-		// The default action is to deny access.
-	),
-
-	'example-deny-student-except-one' => array(
-		array('deny', 'and',
-			array('has', 'eduPersonAffiliation', 'student'),
-			array('not', 'equals', 'mail', 'user@example.org'),
-		),
-		array('allow'),
-	),
-
-	'example-allow-or' => array(
-		array('allow', 'or',
-			array('equals', 'eduPersonAffiliation', 'student', 'member'),
-			array('equals', 'mail', 'someuser@example2.org'),
-		),
-	),
-
-	'example-allow-all' => array(
-		array('allow'),
-	),
-
-);
\ No newline at end of file
+    'adminlist' => array(
+        //array('allow', 'equals', 'mail', 'admin1@example.org'),
+        //array('allow', 'has', 'groups', 'admin'),
+        // The default action is to deny access.
+    ),
+
+    'example-simple' => array(
+        array('allow', 'equals', 'mail', 'admin1@example.org'),
+        array('allow', 'equals', 'mail', 'admin2@example.org'),
+        // The default action is to deny access.
+    ),
+
+    'example-deny-some' => array(
+        array('deny', 'equals', 'mail', 'eviluser@example.org'),
+        array('allow'), // Allow everybody else.
+    ),
+
+    'example-maildomain' => array(
+        array('allow', 'equals-preg', 'mail', '/@example\.org$/'),
+        // The default action is to deny access.
+    ),
+
+    'example-allow-employees' => array(
+        array('allow', 'has', 'eduPersonAffiliation', 'employee'),
+        // The default action is to deny access.
+    ),
+
+    'example-allow-employees-not-students' => array(
+        array('deny', 'has', 'eduPersonAffiliation', 'student'),
+        array('allow', 'has', 'eduPersonAffiliation', 'employee'),
+        // The default action is to deny access.
+    ),
+
+    'example-deny-student-except-one' => array(
+        array('deny', 'and',
+            array('has', 'eduPersonAffiliation', 'student'),
+            array('not', 'equals', 'mail', 'user@example.org'),
+        ),
+        array('allow'),
+    ),
+
+    'example-allow-or' => array(
+        array('allow', 'or',
+            array('equals', 'eduPersonAffiliation', 'student', 'member'),
+            array('equals', 'mail', 'someuser@example2.org'),
+        ),
+    ),
+
+    'example-allow-all' => array(
+        array('allow'),
+    ),
+);
diff --git a/config-templates/authmemcookie.php b/config-templates/authmemcookie.php
index 6fa872061..cf2031add 100644
--- a/config-templates/authmemcookie.php
+++ b/config-templates/authmemcookie.php
@@ -5,71 +5,69 @@
  */
 
 $config = array(
+    /*
+     * The authentication source that should be used.
+     *
+     * This must be one of the authentication sources configured in config/authsources.php.
+     */
+    'authsource' => 'default-sp',
 
-	/*
-	 * The authentication source that should be used.
-	 *
-	 * This must be one of the authentication sources configured in config/authsources.php.
-	 */
-	'authsource' => 'default-sp',
+    /*
+     * This is the name of the cookie we should save the session id in. The value of this option must match the
+     * Auth_memCookie_CookieName option in the Auth MemCookie configuration. The default value is 'AuthMemCookie'.
+     *
+     * Default:
+     *  'cookiename' => 'AuthMemCookie',
+     */
+    'cookiename' => 'AuthMemCookie',
 
-	/*
-	 * This is the name of the cookie we should save the session id in. The value of this option must match the
-	 * Auth_memCookie_CookieName option in the Auth MemCookie configuration. The default value is 'AuthMemCookie'.
-	 *
-	 * Default:
-	 *  'cookiename' => 'AuthMemCookie',
-	 */
-	'cookiename' => 'AuthMemCookie',
+    /*
+     * This option specifies the name of the attribute which contains the username of the user. It must be set to
+     * a valid attribute name.
+     *
+     * Examples:
+     *  'username' => 'uid', // LDAP attribute for user id.
+     *  'username' => 'mail', // LDAP attribute for email address.
+     *
+     * Default:
+     *  No default value.
+     */
+    'username' => null,
 
-	/*
-	 * This option specifies the name of the attribute which contains the username of the user. It must be set to
-	 * a valid attribute name.
-	 *
-	 * Examples:
-	 *  'username' => 'uid', // LDAP attribute for user id.
-	 *  'username' => 'mail', // LDAP attribute for email address.
-	 *
-	 * Default:
-	 *  No default value.
-	 */
-	'username' => null,
+    /*
+     * This option specifies the name of the attribute which contains the groups of the user. Set this option to
+     * NULL if you don't want to include any groups.
+     *
+     * Example:
+     *  'groups' => 'edupersonaffiliation',
+     *
+     * Default:
+     *  'groups' => null,
+     */
+    'groups' => null,
 
-	/*
-	 * This option specifies the name of the attribute which contains the groups of the user. Set this option to
-	 * NULL if you don't want to include any groups.
-	 *
-	 * Example:
-	 *  'groups' => 'edupersonaffiliation',
-	 *
-	 * Default:
-	 *  'groups' => null,
-	 */
-	'groups' => null,
-
-	/*
-	 * This option contains the hostnames or IP addresses of the memcache servers where we should store the
-	 * authentication information. Separator is a comma. This option should match the address part of the
-	 * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
-	 *
-	 * Examples:
-	 *  'memcache.host' => '192.168.93.52',
-	 *  'memcache.host' => 'memcache.example.org',
-	 *  'memcache.host' => 'memcache1.example.org,memcache2.example.org'
-	 *
-	 * Default:
-	 *  'memcache.host' => '127.0.0.1',
-	 */
-	'memcache.host' => '127.0.0.1',
-
-	/*
-	 * This option contains the port number of the memcache server where we should store the
-	 * authentication information. This option should match the port part of the
-	 * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
-	 *
-	 * Default:
-	 *  'memcache.port' => 11211,
-	 */
-	'memcache.port' => 11211,
+    /*
+     * This option contains the hostnames or IP addresses of the memcache servers where we should store the
+     * authentication information. Separator is a comma. This option should match the address part of the
+     * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
+     *
+     * Examples:
+     *  'memcache.host' => '192.168.93.52',
+     *  'memcache.host' => 'memcache.example.org',
+     *  'memcache.host' => 'memcache1.example.org,memcache2.example.org'
+     *
+     * Default:
+     *  'memcache.host' => '127.0.0.1',
+     */
+    'memcache.host' => '127.0.0.1',
 
+    /*
+     * This option contains the port number of the memcache server where we should store the
+     * authentication information. This option should match the port part of the
+     * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
+     *
+     * Default:
+     *  'memcache.port' => 11211,
+     */
+    'memcache.port' => 11211,
 );
diff --git a/lib/SimpleSAML/Auth/Default.php b/lib/SimpleSAML/Auth/Default.php
index 486d3eaa1..234f97f6e 100644
--- a/lib/SimpleSAML/Auth/Default.php
+++ b/lib/SimpleSAML/Auth/Default.php
@@ -132,7 +132,7 @@ class DefaultAuth
     {
         $as = Source::getById($id);
         if ($as === null) {
-            throw new \Exception('Invalid authentication source: ' . $id);
+            throw new \Exception('Invalid authentication source: '.$id);
         }
         return $as;
     }
diff --git a/lib/SimpleSAML/Auth/LDAP.php b/lib/SimpleSAML/Auth/LDAP.php
index 0f8ad1467..2e7bae494 100644
--- a/lib/SimpleSAML/Auth/LDAP.php
+++ b/lib/SimpleSAML/Auth/LDAP.php
@@ -641,7 +641,8 @@ class LDAP
             $dn = $this->searchfordn($config['searchbase'], $config['searchattributes'], $username);
         }
 
-        if ($password !== null) { // checking users credentials ... assuming below that she may read her own attributes ...
+        if ($password !== null) {
+            // checking users credentials ... assuming below that she may read her own attributes ...
             // escape characters with a special meaning, also in the password
             $password = addcslashes($password, ',+"\\<>;*');
             if (!$this->bind($dn, $password)) {
diff --git a/lib/SimpleSAML/Auth/ProcessingFilter.php b/lib/SimpleSAML/Auth/ProcessingFilter.php
index baeb5834b..8c01b1d7b 100644
--- a/lib/SimpleSAML/Auth/ProcessingFilter.php
+++ b/lib/SimpleSAML/Auth/ProcessingFilter.php
@@ -50,7 +50,7 @@ abstract class ProcessingFilter
         if (array_key_exists('%priority', $config)) {
             $this->priority = $config['%priority'];
             if (!is_int($this->priority)) {
-                throw new \Exception('Invalid priority: ' . var_export($this->priority, true));
+                throw new \Exception('Invalid priority: '.var_export($this->priority, true));
             }
             unset($config['%priority']);
         }
diff --git a/lib/SimpleSAML/Auth/Simple.php b/lib/SimpleSAML/Auth/Simple.php
index a7efadca9..f952ae2c3 100644
--- a/lib/SimpleSAML/Auth/Simple.php
+++ b/lib/SimpleSAML/Auth/Simple.php
@@ -367,14 +367,14 @@ class Simple
         }
 
         $scheme = parse_url($url, PHP_URL_SCHEME);
-        $host = parse_url($url, PHP_URL_HOST) ?: HTTP::getSelfHost();
-        $port = parse_url($url, PHP_URL_PORT) ?: (
+        $host = parse_url($url, PHP_URL_HOST) ? : HTTP::getSelfHost();
+        $port = parse_url($url, PHP_URL_PORT) ? : (
             $scheme ? '' : trim(HTTP::getServerPort(), ':')
         );
-        $scheme = $scheme ?: (HTTP::getServerHTTPS() ? 'https' : 'http');
-        $path = parse_url($url, PHP_URL_PATH) ?: '/';
-        $query = parse_url($url, PHP_URL_QUERY) ?: '';
-        $fragment = parse_url($url, PHP_URL_FRAGMENT) ?: '';
+        $scheme = $scheme ? : (HTTP::getServerHTTPS() ? 'https' : 'http');
+        $path = parse_url($url, PHP_URL_PATH) ? : '/';
+        $query = parse_url($url, PHP_URL_QUERY) ? : '';
+        $fragment = parse_url($url, PHP_URL_FRAGMENT) ? : '';
 
         $port = !empty($port) ? ':'.$port : '';
         if (($scheme === 'http' && $port === ':80') || ($scheme === 'https' && $port === ':443')) {
@@ -386,7 +386,7 @@ class Simple
             return $scheme.'://'.$host.$port.$path.($query ? '?'.$query : '').($fragment ? '#'.$fragment : '');
         }
 
-        $base =  trim($this->app_config->getString(
+        $base = trim($this->app_config->getString(
             'baseURL',
             $scheme.'://'.$host.$port
         ), '/');
diff --git a/lib/SimpleSAML/Auth/Source.php b/lib/SimpleSAML/Auth/Source.php
index 9f18a0af3..4569eae3c 100644
--- a/lib/SimpleSAML/Auth/Source.php
+++ b/lib/SimpleSAML/Auth/Source.php
@@ -223,7 +223,8 @@ abstract class Source
         $authId = $state['\SimpleSAML\Auth\Source.id'];
         $session->doLogin($authId, State::getPersistentAuthData($state));
 
-        if (is_string($return)) { // redirect...
+        if (is_string($return)) {
+            // redirect...
             \SimpleSAML\Utils\HTTP::redirectTrustedURL($return);
         } else {
             call_user_func($return, $state);
diff --git a/lib/SimpleSAML/Bindings/Shib13/Artifact.php b/lib/SimpleSAML/Bindings/Shib13/Artifact.php
index 844f08181..de15f364d 100644
--- a/lib/SimpleSAML/Bindings/Shib13/Artifact.php
+++ b/lib/SimpleSAML/Bindings/Shib13/Artifact.php
@@ -58,20 +58,20 @@ class Artifact
      */
     private static function buildRequest(array $artifacts)
     {
-        $msg = '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">' .
-            '<SOAP-ENV:Body>' .
-            '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"' .
-            ' RequestID="' . Random::generateID() . '"' .
-            ' MajorVersion="1" MinorVersion="1"' .
-            ' IssueInstant="' . Time::generateTimestamp() . '"' .
+        $msg = '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">'.
+            '<SOAP-ENV:Body>'.
+            '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"'.
+            ' RequestID="'.Random::generateID().'"'.
+            ' MajorVersion="1" MinorVersion="1"'.
+            ' IssueInstant="'.Time::generateTimestamp().'"'.
             '>';
 
         foreach ($artifacts as $a) {
-            $msg .= '<samlp:AssertionArtifact>' . htmlspecialchars($a) . '</samlp:AssertionArtifact>';
+            $msg .= '<samlp:AssertionArtifact>'.htmlspecialchars($a).'</samlp:AssertionArtifact>';
         }
 
-        $msg .= '</samlp:Request>' .
-            '</SOAP-ENV:Body>' .
+        $msg .= '</samlp:Request>'.
+            '</SOAP-ENV:Body>'.
             '</SOAP-ENV:Envelope>';
 
         return $msg;
@@ -149,12 +149,12 @@ class Artifact
             if ($key['type'] !== 'X509Certificate') {
                 continue;
             }
-            $certData .= "-----BEGIN CERTIFICATE-----\n" .
-                chunk_split($key['X509Certificate'], 64) .
+            $certData .= "-----BEGIN CERTIFICATE-----\n".
+                chunk_split($key['X509Certificate'], 64).
                 "-----END CERTIFICATE-----\n";
         }
 
-        $file = System::getTempDir() . DIRECTORY_SEPARATOR . sha1($certData) . '.crt';
+        $file = System::getTempDir().DIRECTORY_SEPARATOR.sha1($certData).'.crt';
         if (!file_exists($file)) {
             System::writeFile($file, $certData);
         }
@@ -172,7 +172,7 @@ class Artifact
             'http' => array(
                 'method' => 'POST',
                 'content' => $request,
-                'header' => 'SOAPAction: http://www.oasis-open.org/committees/security' . "\r\n" .
+                'header' => 'SOAPAction: http://www.oasis-open.org/committees/security'."\r\n".
                     'Content-Type: text/xml',
             ),
         );
diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php
index 9b6fb9710..7b0ad4543 100644
--- a/lib/SimpleSAML/Configuration.php
+++ b/lib/SimpleSAML/Configuration.php
@@ -214,14 +214,14 @@ class Configuration implements Utils\ClearableState
 
         if (!array_key_exists($configSet, self::$configDirs)) {
             if ($configSet !== 'simplesaml') {
-                throw new \Exception('Configuration set \'' . $configSet . '\' not initialized.');
+                throw new \Exception('Configuration set \''.$configSet.'\' not initialized.');
             } else {
-                self::$configDirs['simplesaml'] = dirname(dirname(dirname(__FILE__))) . '/config';
+                self::$configDirs['simplesaml'] = dirname(dirname(dirname(__FILE__))).'/config';
             }
         }
 
         $dir = self::$configDirs[$configSet];
-        $filePath = $dir . '/' . $filename;
+        $filePath = $dir.'/'.$filename;
 
         self::$loadedConfigs[$filePath] = $config;
     }
diff --git a/lib/SimpleSAML/Error/Assertion.php b/lib/SimpleSAML/Error/Assertion.php
index e70281385..7a5cb2dfa 100644
--- a/lib/SimpleSAML/Error/Assertion.php
+++ b/lib/SimpleSAML/Error/Assertion.php
@@ -30,7 +30,7 @@ class Assertion extends Exception
     {
         assert($assertion === null || is_string($assertion));
 
-        $msg = 'Assertion failed: ' . var_export($assertion, true);
+        $msg = 'Assertion failed: '.var_export($assertion, true);
         parent::__construct($msg);
 
         $this->assertion = $assertion;
diff --git a/lib/SimpleSAML/Error/Exception.php b/lib/SimpleSAML/Error/Exception.php
index 4131c993d..8a3b199aa 100644
--- a/lib/SimpleSAML/Error/Exception.php
+++ b/lib/SimpleSAML/Error/Exception.php
@@ -200,9 +200,10 @@ class Exception extends \Exception
         $debug = \SimpleSAML\Configuration::getInstance()->getArrayize('debug', array('backtraces' => false));
 
         if (!(in_array('backtraces', $debug, true) // implicitly enabled
-              || (array_key_exists('backtraces', $debug) && $debug['backtraces'] === true) // explicitly set
-              // TODO: deprecate the old style and remove it in 2.0
-              || (array_key_exists(0, $debug) && $debug[0] === true) // old style 'debug' configuration option
+            || (array_key_exists('backtraces', $debug) && $debug['backtraces'] === true)
+            // explicitly set
+            // TODO: deprecate the old style and remove it in 2.0
+            || (array_key_exists(0, $debug) && $debug[0] === true) // old style 'debug' configuration option
         )) {
             return;
         }
diff --git a/lib/SimpleSAML/IdP/IFrameLogoutHandler.php b/lib/SimpleSAML/IdP/IFrameLogoutHandler.php
index cc9a20582..bc75aeab4 100644
--- a/lib/SimpleSAML/IdP/IFrameLogoutHandler.php
+++ b/lib/SimpleSAML/IdP/IFrameLogoutHandler.php
@@ -94,7 +94,7 @@ class IFrameLogoutHandler implements LogoutHandlerInterface
 
         $t = new \SimpleSAML\XHTML\Template($config, 'IFrameLogoutHandler.twig');
         $t->data['assocId'] = var_export($assocId, true);
-        $t->data['spId'] = sha($assocId);
+        $t->data['spId'] = sha1($assocId);
         $t->data['errorMsg'] = $error->getMessage();
         $t->show();
         exit(0);
diff --git a/lib/SimpleSAML/Locale/Localization.php b/lib/SimpleSAML/Locale/Localization.php
index 355d9594a..faf545184 100644
--- a/lib/SimpleSAML/Locale/Localization.php
+++ b/lib/SimpleSAML/Locale/Localization.php
@@ -99,7 +99,7 @@ class Localization
      */
     public function getDomainLocaleDir($domain)
     {
-        $localeDir = $this->configuration->resolvePath('modules') . '/' . $domain . '/locales';
+        $localeDir = $this->configuration->resolvePath('modules').'/'.$domain.'/locales';
         return $localeDir;
     }
 
@@ -167,7 +167,7 @@ class Localization
         if (is_dir($langPath) && is_readable($langPath)) {
             // Report that the localization for the preferred language is missing
             $error = "Localization not found for langcode '$langcode' at '$langPath', falling back to langcode '".
-                     $defLangcode."'";
+                $defLangcode."'";
             \SimpleSAML\Logger::error($_SERVER['PHP_SELF'].' - '.$error);
             return $langPath;
         }
diff --git a/lib/SimpleSAML/Locale/Translate.php b/lib/SimpleSAML/Locale/Translate.php
index 423ef4cc5..9f20168fa 100644
--- a/lib/SimpleSAML/Locale/Translate.php
+++ b/lib/SimpleSAML/Locale/Translate.php
@@ -270,7 +270,7 @@ class Translate
         if (!$fallbackdefault) {
             \SimpleSAML\Logger::warning(
                 'Deprecated use of new SimpleSAML\Locale\Translate::t(...) at '.$where.
-                '. This parameter will go away, the fallback will become' .
+                '. This parameter will go away, the fallback will become'.
                 ' identical to the $tag in 2.0.'
             );
         }
diff --git a/lib/SimpleSAML/Memcache.php b/lib/SimpleSAML/Memcache.php
index 711319b46..1752e149e 100644
--- a/lib/SimpleSAML/Memcache.php
+++ b/lib/SimpleSAML/Memcache.php
@@ -29,11 +29,11 @@ class Memcache
     private static $serverGroups = null;
 
 
-   /**
-    * The flavor of memcache PHP extension we are using.
-    *
-    * @var string
-    */
+    /**
+     * The flavor of memcache PHP extension we are using.
+     *
+     * @var string
+     */
     private static $extension = '';
 
 
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php
index 91b4d32a8..f6f5cdb46 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php
@@ -151,8 +151,8 @@ class MetaDataStorageHandlerPdo extends MetaDataStorageSource
      * @return array An associative array with metadata for the given entity, or NULL if we are unable to
      *         locate the entity.
      */
-    public function getMetaData($entityId, $set)      
-    {       
+    public function getMetaData($entityId, $set)
+    {
         assert(is_string($entityId));
         assert(is_string($set));
 
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerXML.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerXML.php
index 11852e706..56ea35515 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerXML.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerXML.php
@@ -54,9 +54,9 @@ class MetaDataStorageHandlerXML extends MetaDataStorageSource
         $IdP20 = array();
         $AAD = array();
 
-        if(isset($src)) {
+        if (isset($src)) {
             $entities = SAMLParser::parseDescriptorsFile($src);
-        } elseif(isset($srcXml)) {
+        } elseif (isset($srcXml)) {
             $entities = SAMLParser::parseDescriptorsString($srcXml);
         } else {
             throw new \Exception("Neither source file path/URI nor string data provided");
diff --git a/lib/SimpleSAML/Metadata/SAMLParser.php b/lib/SimpleSAML/Metadata/SAMLParser.php
index 0ff8fb95e..e1acd3cfc 100644
--- a/lib/SimpleSAML/Metadata/SAMLParser.php
+++ b/lib/SimpleSAML/Metadata/SAMLParser.php
@@ -1029,8 +1029,8 @@ class SAMLParser
                     // Registration Authority cannot be overridden (warn only if override attempts to change the value)
                     if (isset($ret['RegistrationInfo']['registrationAuthority'])
                         && $ret['RegistrationInfo']['registrationAuthority'] !== $e->registrationAuthority) {
-                        \SimpleSAML\Logger::warning('Invalid attempt to override registrationAuthority \''
-                          . $ret['RegistrationInfo']['registrationAuthority'] . "' with '{$e->registrationAuthority}'");
+                        \SimpleSAML\Logger::warning('Invalid attempt to override registrationAuthority \''.
+                            $ret['RegistrationInfo']['registrationAuthority']."' with '{$e->registrationAuthority}'");
                     } else {
                         $ret['RegistrationInfo']['registrationAuthority'] = $e->registrationAuthority;
                     }
diff --git a/lib/SimpleSAML/Module.php b/lib/SimpleSAML/Module.php
index 675a2d9d0..e3e018c7b 100644
--- a/lib/SimpleSAML/Module.php
+++ b/lib/SimpleSAML/Module.php
@@ -173,12 +173,14 @@ class Module
         assert(is_string($subclass) || $subclass === null);
 
         $tmp = explode(':', $id, 2);
-        if (count($tmp) === 1) { // no module involved
+        if (count($tmp) === 1) {
+            // no module involved
             $className = $tmp[0];
             if (!class_exists($className)) {
                 throw new \Exception("Could not resolve '$id': no class named '$className'.");
             }
-        } else { // should be a module
+        } else {
+            // should be a module
             // make sure empty types are handled correctly
             $type = (empty($type)) ? '_' : '_'.$type.'_';
 
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index cf227a737..2abb45c96 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -154,7 +154,8 @@ class Session implements \Serializable
             return;
         }
 
-        if ($transient) { // transient session
+        if ($transient) {
+            // transient session
             $sh = SessionHandler::getSessionHandler();
             $this->trackid = 'TR'.bin2hex(openssl_random_pseudo_bytes(4));
             Logger::setTrackId($this->trackid);
@@ -168,7 +169,8 @@ class Session implements \Serializable
             if ($this->sessionId === null) {
                 $this->sessionId = $sh->newSessionId();
             }
-        } else { // regular session
+        } else {
+            // regular session
             $sh = SessionHandler::getSessionHandler();
             $this->sessionId = $sh->newSessionId();
             $sh->setCookie($sh->getSessionCookieName(), $this->sessionId, $sh->getCookieParams());
@@ -228,7 +230,8 @@ class Session implements \Serializable
             }
 
             foreach ($parameters['RawAttributes'] as $attribute => $values) {
-                foreach ($values as $idx => $value) { // this should be originally a DOMNodeList
+                foreach ($values as $idx => $value) {
+                    // this should be originally a DOMNodeList
                     /* @var \SAML2\XML\saml\AttributeValue $value */
                     $this->authData[$authority]['Attributes'][$attribute][$idx] = $value->element->childNodes;
                 }
diff --git a/lib/SimpleSAML/Store/Memcache.php b/lib/SimpleSAML/Store/Memcache.php
index f865d462d..209ae762f 100644
--- a/lib/SimpleSAML/Store/Memcache.php
+++ b/lib/SimpleSAML/Store/Memcache.php
@@ -42,7 +42,7 @@ class Memcache extends Store
         assert(is_string($type));
         assert(is_string($key));
 
-        return \SimpleSAML\Memcache::get($this->prefix . '.' . $type . '.' . $key);
+        return \SimpleSAML\Memcache::get($this->prefix.'.'.$type.'.'.$key);
     }
 
 
@@ -64,7 +64,7 @@ class Memcache extends Store
             $expire = 0;
         }
 
-        \SimpleSAML\Memcache::set($this->prefix . '.' . $type . '.' . $key, $value, $expire);
+        \SimpleSAML\Memcache::set($this->prefix.'.'.$type.'.'.$key, $value, $expire);
     }
 
 
@@ -79,6 +79,6 @@ class Memcache extends Store
         assert(is_string($type));
         assert(is_string($key));
 
-        \SimpleSAML\Memcache::delete($this->prefix . '.' . $type . '.' . $key);
+        \SimpleSAML\Memcache::delete($this->prefix.'.'.$type.'.'.$key);
     }
 }
diff --git a/lib/SimpleSAML/Store/SQL.php b/lib/SimpleSAML/Store/SQL.php
index 593db0142..50d23f5d4 100644
--- a/lib/SimpleSAML/Store/SQL.php
+++ b/lib/SimpleSAML/Store/SQL.php
@@ -60,7 +60,7 @@ class SQL extends Store
         try {
             $this->pdo = new \PDO($dsn, $username, $password, $options);
         } catch (\PDOException $e) {
-            throw new \Exception("Database error: " . $e->getMessage());
+            throw new \Exception("Database error: ".$e->getMessage());
         }
         $this->pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
 
@@ -135,9 +135,9 @@ class SQL extends Store
                 'CREATE TABLE '.$this->prefix.
                 '_kvstore_new (_type VARCHAR(30) NOT NULL, _key VARCHAR(50) NOT NULL, _value '.$text_t.
                 ' NOT NULL, _expire TIMESTAMP NULL, PRIMARY KEY (_key, _type))',
-                'INSERT INTO '.$this->prefix.'_kvstore_new SELECT * FROM ' . $this->prefix.'_kvstore',
+                'INSERT INTO '.$this->prefix.'_kvstore_new SELECT * FROM '.$this->prefix.'_kvstore',
                 'DROP TABLE '.$this->prefix.'_kvstore',
-                'ALTER TABLE '.$this->prefix.'_kvstore_new RENAME TO ' . $this->prefix . '_kvstore',
+                'ALTER TABLE '.$this->prefix.'_kvstore_new RENAME TO '.$this->prefix.'_kvstore',
                 'CREATE INDEX '.$this->prefix.'_kvstore_expire ON '.$this->prefix.'_kvstore (_expire)'
             )
         );
@@ -297,7 +297,7 @@ class SQL extends Store
         }
 
         $query = 'SELECT _value FROM '.$this->prefix.
-                 '_kvstore WHERE _type = :type AND _key = :key AND (_expire IS NULL OR _expire > :now)';
+            '_kvstore WHERE _type = :type AND _key = :key AND (_expire IS NULL OR _expire > :now)';
         $params = array('type' => $type, 'key' => $key, 'now' => gmdate('Y-m-d H:i:s'));
 
         $query = $this->pdo->prepare($query);
diff --git a/lib/SimpleSAML/Utils/Config.php b/lib/SimpleSAML/Utils/Config.php
index 77cdd0b25..5f25f8a0d 100644
--- a/lib/SimpleSAML/Utils/Config.php
+++ b/lib/SimpleSAML/Utils/Config.php
@@ -8,7 +8,6 @@ namespace SimpleSAML\Utils;
  */
 class Config
 {
-
     /**
      * Resolves a path that may be relative to the cert-directory.
      *
@@ -66,11 +65,11 @@ class Config
      */
     public static function getConfigDir()
     {
-        $configDir    = dirname(dirname(dirname(__DIR__))) . '/config';
+        $configDir = dirname(dirname(dirname(__DIR__))).'/config';
         /** @var string|false $configDirEnv */
         $configDirEnv = getenv('SIMPLESAMLPHP_CONFIG_DIR');
         
-        if($configDirEnv === false) {
+        if ($configDirEnv === false) {
             $configDirEnv = getenv('REDIRECT_SIMPLESAMLPHP_CONFIG_DIR');
         }
         
@@ -78,7 +77,7 @@ class Config
             if (!is_dir($configDirEnv)) {
                 throw new \InvalidArgumentException(
                     sprintf(
-                        'Config directory specified by environment variable SIMPLESAMLPHP_CONFIG_DIR is not a ' .
+                        'Config directory specified by environment variable SIMPLESAMLPHP_CONFIG_DIR is not a '.
                         'directory.  Given: "%s"',
                         $configDirEnv
                     )
diff --git a/lib/SimpleSAML/Utils/Config/Metadata.php b/lib/SimpleSAML/Utils/Config/Metadata.php
index d1974308f..88704151d 100644
--- a/lib/SimpleSAML/Utils/Config/Metadata.php
+++ b/lib/SimpleSAML/Utils/Config/Metadata.php
@@ -9,7 +9,6 @@ namespace SimpleSAML\Utils\Config;
  */
 class Metadata
 {
-
     /**
      * The string that identities Entity Categories.
      *
@@ -107,7 +106,7 @@ class Metadata
         // check the type
         if (!isset($contact['contactType']) || !in_array($contact['contactType'], self::$VALID_CONTACT_TYPES, true)) {
             $types = join(', ', array_map(
-                function ($t) {
+                function($t) {
                     return '"'.$t.'"';
                 },
                 self::$VALID_CONTACT_TYPES
diff --git a/lib/SimpleSAML/Utils/Crypto.php b/lib/SimpleSAML/Utils/Crypto.php
index d689b1f06..7a6ea922e 100644
--- a/lib/SimpleSAML/Utils/Crypto.php
+++ b/lib/SimpleSAML/Utils/Crypto.php
@@ -163,8 +163,8 @@ class Crypto
     public static function der2pem($der, $type = 'CERTIFICATE')
     {
         return "-----BEGIN ".$type."-----\n".
-               chunk_split(base64_encode($der), 64, "\n").
-               "-----END ".$type."-----\n";
+            chunk_split(base64_encode($der), 64, "\n").
+            "-----END ".$type."-----\n";
     }
 
 
@@ -379,7 +379,8 @@ class Crypto
         }
 
         // hash w/ salt
-        if ($salt === null) { // no salt provided, generate one
+        if ($salt === null) {
+            // no salt provided, generate one
             // default 8 byte salt, but 4 byte for LDAP SHA1 hashes
             $bytes = ($algorithm == 'SSHA1') ? 4 : 8;
             $salt = openssl_random_pseudo_bytes($bytes);
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 0b1170066..dc7a19289 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -677,7 +677,8 @@ class HTTP
         if ($allowed && preg_match("#^http:#", $destination) && self::isHTTPS()) {
             // we need to post the data to HTTP
             $url = self::getSecurePOSTRedirectURL($destination, $data);
-        } else { // post the data directly
+        } else {
+            // post the data directly
             $session = Session::getSessionFromRequest();
             $id = self::savePOSTData($session, $destination, $data);
             $url = Module::getModuleURL('core/postredirect.php', array('RedirId' => $id));
@@ -800,7 +801,8 @@ class HTTP
                 $hostname = parse_url($appurl, PHP_URL_HOST);
                 $port = parse_url($appurl, PHP_URL_PORT);
                 $port = !empty($port) ? ':'.$port : '';
-            } else { // no base URL specified for app, just use the current URL
+            } else {
+                // no base URL specified for app, just use the current URL
                 $protocol = 'http';
                 $protocol .= (self::getServerHTTPS()) ? 's' : '';
                 $hostname = self::getServerHost();
diff --git a/lib/SimpleSAML/Utils/Random.php b/lib/SimpleSAML/Utils/Random.php
index 86937294e..f3db05154 100644
--- a/lib/SimpleSAML/Utils/Random.php
+++ b/lib/SimpleSAML/Utils/Random.php
@@ -25,6 +25,6 @@ class Random
      */
     public static function generateID()
     {
-        return '_'.bin2hex(openssl_random_pseudo_bytes((int)((self::ID_LENGTH - 1)/2)));
+        return '_'.bin2hex(openssl_random_pseudo_bytes((int) ((self::ID_LENGTH - 1) / 2)));
     }
 }
diff --git a/lib/SimpleSAML/Utils/XML.php b/lib/SimpleSAML/Utils/XML.php
index 8d1a5f12b..96be4c3de 100644
--- a/lib/SimpleSAML/Utils/XML.php
+++ b/lib/SimpleSAML/Utils/XML.php
@@ -49,9 +49,10 @@ class XML
         $enabled = \SimpleSAML\Configuration::getInstance()->getBoolean('debug.validatexml', false);
 
         if (!(in_array('validatexml', $debug, true) // implicitly enabled
-              || (array_key_exists('validatexml', $debug) && $debug['validatexml'] === true) // explicitly enabled
-              // TODO: deprecate this option and remove it in 2.0
-              || $enabled // old 'debug.validatexml' configuration option
+            || (array_key_exists('validatexml', $debug) && $debug['validatexml'] === true)
+            // explicitly enabled
+            // TODO: deprecate this option and remove it in 2.0
+            || $enabled // old 'debug.validatexml' configuration option
         )) {
             // XML validation is disabled
             return;
@@ -101,9 +102,10 @@ class XML
         $debug = \SimpleSAML\Configuration::getInstance()->getArrayize('debug', array('saml' => false));
 
         if (!(in_array('saml', $debug, true) // implicitly enabled
-              || (array_key_exists('saml', $debug) && $debug['saml'] === true) // explicitly enabled
-              // TODO: deprecate the old style and remove it in 2.0
-              || (array_key_exists(0, $debug) && $debug[0] === true) // old style 'debug'
+            || (array_key_exists('saml', $debug) && $debug['saml'] === true)
+            // explicitly enabled
+            // TODO: deprecate the old style and remove it in 2.0
+            || (array_key_exists(0, $debug) && $debug[0] === true) // old style 'debug'
         )) {
             // debugging messages is disabled
             return;
diff --git a/lib/SimpleSAML/XHTML/EMail.php b/lib/SimpleSAML/XHTML/EMail.php
index 14d67c9df..3e880f1a8 100644
--- a/lib/SimpleSAML/XHTML/EMail.php
+++ b/lib/SimpleSAML/XHTML/EMail.php
@@ -68,7 +68,7 @@ pre {
 </head>
 <body>
 <div class="container" style="background: #fafafa; border: 1px solid #eee; margin: 2em; padding: .6em;">
-' . $body . '
+'.$body.'
 </div>
 </body>
 </html>';
@@ -91,33 +91,33 @@ pre {
         $random_hash = bin2hex(openssl_random_pseudo_bytes(16));
 
         if (isset($this->from)) {
-            $this->headers[]= 'From: ' . $this->from;
+            $this->headers[] = 'From: '.$this->from;
         }
         if (isset($this->replyto)) {
-            $this->headers[]= 'Reply-To: ' . $this->replyto;
+            $this->headers[] = 'Reply-To: '.$this->replyto;
         }
 
-        $this->headers[] = 'Content-Type: multipart/alternative; boundary="simplesamlphp-' . $random_hash . '"';
+        $this->headers[] = 'Content-Type: multipart/alternative; boundary="simplesamlphp-'.$random_hash.'"';
 
         $message = '
---simplesamlphp-' . $random_hash . '
+--simplesamlphp-'.$random_hash.'
 Content-Type: text/plain; charset="utf-8" 
 Content-Transfer-Encoding: 8bit
 
-' . strip_tags(html_entity_decode($this->body)) . '
+'.strip_tags(html_entity_decode($this->body)).'
 
---simplesamlphp-' . $random_hash . '
+--simplesamlphp-'.$random_hash.'
 Content-Type: text/html; charset="utf-8" 
 Content-Transfer-Encoding: 8bit
 
-' . $this->getHTML($this->body) . '
+'.$this->getHTML($this->body).'
 
---simplesamlphp-' . $random_hash . '--
+--simplesamlphp-'.$random_hash.'--
 ';
         $headers = implode("\n", $this->headers);
 
         $mail_sent = @mail($this->to, $this->subject, $message, $headers);
-        \SimpleSAML\Logger::debug('Email: Sending e-mail to [' . $this->to . '] : ' . ($mail_sent ? 'OK' : 'Failed'));
+        \SimpleSAML\Logger::debug('Email: Sending e-mail to ['.$this->to.'] : '.($mail_sent ? 'OK' : 'Failed'));
         if (!$mail_sent) {
             throw new \Exception('Error when sending e-mail');
         }
diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php
index 4686fdbb5..b20cac571 100644
--- a/lib/SimpleSAML/XHTML/Template.php
+++ b/lib/SimpleSAML/XHTML/Template.php
@@ -272,14 +272,16 @@ class Template
      */
     private function findThemeTemplateDirs()
     {
-        if ($this->theme['module'] === null) { // no module involved
+        if ($this->theme['module'] === null) {
+            // no module involved
             return array();
         }
 
         // setup directories & namespaces
         $themeDir = \SimpleSAML\Module::getModuleDir($this->theme['module']).'/themes/'.$this->theme['name'];
         $subdirs = scandir($themeDir);
-        if (empty($subdirs)) { // no subdirectories in the theme directory, nothing to do here
+        if (empty($subdirs)) {
+            // no subdirectories in the theme directory, nothing to do here
             // this is probably wrong, log a message
             \SimpleSAML\Logger::warning('Empty theme directory for theme "'.$this->theme['name'].'".');
             return array();
diff --git a/lib/SimpleSAML/XML/Errors.php b/lib/SimpleSAML/XML/Errors.php
index 4b4f167a8..351ca009f 100644
--- a/lib/SimpleSAML/XML/Errors.php
+++ b/lib/SimpleSAML/XML/Errors.php
@@ -16,7 +16,6 @@ use LibXMLError;
 
 class Errors
 {
-
     /**
      * @var array This is an stack of error logs. The topmost element is the one we are currently working on.
      */
@@ -111,8 +110,8 @@ class Errors
     public static function formatError($error)
     {
         assert($error instanceof LibXMLError);
-        return 'level=' . $error->level . ',code='  . $error->code . ',line=' . $error->line . ',col=' . $error->column .
-            ',msg=' . trim($error->message);
+        return 'level='.$error->level.',code='.$error->code.',line='.$error->line.',col='.$error->column.
+            ',msg='.trim($error->message);
     }
 
 
@@ -132,7 +131,7 @@ class Errors
 
         $ret = '';
         foreach ($errors as $error) {
-            $ret .= self::formatError($error) . "\n";
+            $ret .= self::formatError($error)."\n";
         }
 
         return $ret;
diff --git a/lib/SimpleSAML/XML/Parser.php b/lib/SimpleSAML/XML/Parser.php
index b8dda8522..b71a87362 100644
--- a/lib/SimpleSAML/XML/Parser.php
+++ b/lib/SimpleSAML/XML/Parser.php
@@ -28,7 +28,7 @@ class Parser
         // Traverse all existing namespaces in element
         $namespaces = $element->getNamespaces();
         foreach ($namespaces as $prefix => $ns) {
-            $element[(($prefix === '') ? 'xmlns' : 'xmlns:' . $prefix)] = $ns;
+            $element[(($prefix === '') ? 'xmlns' : 'xmlns:'.$prefix)] = $ns;
         }
         
         /* Create a new parser with the xml document where the namespace definitions
@@ -52,7 +52,7 @@ class Parser
         $result = $this->simplexml->xpath($xpath);
         if (!is_array($result) || empty($result)) {
             if ($required) {
-                throw new \Exception('Could not get value from XML document using the following XPath expression: ' . $xpath);
+                throw new \Exception('Could not get value from XML document using the following XPath expression: '.$xpath);
             } else {
                 return null;
             }
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnRequest.php b/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
index e1c83c02f..717e2ff6a 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
@@ -44,10 +44,10 @@ class AuthnRequest
 
         $target = $this->getRelayState();
         
-        $url = $desturl . '?' .
-            'providerId=' . urlencode($this->getIssuer()) .
-            '&shire=' . urlencode($shire) .
-            (isset($target) ? '&target=' . urlencode($target) : '');
+        $url = $desturl.'?'.
+            'providerId='.urlencode($this->getIssuer()).
+            '&shire='.urlencode($shire).
+            (isset($target) ? '&target='.urlencode($target) : '');
         return $url;
     }
 }
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
index c380fa172..d10c91fc9 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
@@ -119,7 +119,7 @@ class AuthnResponse
             // Validate against CA
             $this->validator->validateCA(Config::getCertPath($md->getString('caFile')));
         } else {
-            throw new \SimpleSAML\Error\Exception('Missing certificate in Shibboleth 1.3 IdP Remote metadata for identity provider [' . $issuer . '].');
+            throw new \SimpleSAML\Error\Exception('Missing certificate in Shibboleth 1.3 IdP Remote metadata for identity provider ['.$issuer.'].');
         }
 
         return true;
@@ -205,7 +205,7 @@ class AuthnResponse
         $md = $metadata->getMetadata($this->getIssuer(), 'shib13-idp-remote');
         $base64 = isset($md['base64attributes']) ? $md['base64attributes'] : false;
 
-        if (! ($this->dom instanceof \DOMDocument)) {
+        if (!($this->dom instanceof \DOMDocument)) {
             return array();
         }
 
@@ -227,7 +227,7 @@ class AuthnResponse
 
                 if ($start && $end) {
                     if (!self::checkDateConditions($start, $end)) {
-                        error_log('Date check failed ... (from ' . $start . ' to ' . $end . ')');
+                        error_log('Date check failed ... (from '.$start.' to '.$end.')');
                         continue;
                     }
                 }
@@ -240,7 +240,7 @@ class AuthnResponse
                 $name = $attribute->parentNode->getAttribute('AttributeName');
 
                 if ($attribute->hasAttribute('Scope')) {
-                    $scopePart = '@' . $attribute->getAttribute('Scope');
+                    $scopePart = '@'.$attribute->getAttribute('Scope');
                 } else {
                     $scopePart = '';
                 }
@@ -256,10 +256,10 @@ class AuthnResponse
                 if ($base64) {
                     $encodedvalues = explode('_', $value);
                     foreach ($encodedvalues as $v) {
-                        $attributes[$name][] = base64_decode($v) . $scopePart;
+                        $attributes[$name][] = base64_decode($v).$scopePart;
                     }
                 } else {
-                    $attributes[$name][] = $value . $scopePart;
+                    $attributes[$name][] = $value.$scopePart;
                 }
             }
         }
@@ -326,7 +326,7 @@ class AuthnResponse
         $notBefore = Time::generateTimestamp(time() - 30);
         
         
-        $assertionExpire = Time::generateTimestamp(time() + 60 * 5);# 5 minutes
+        $assertionExpire = Time::generateTimestamp(time() + 300); // 5 minutes
         $assertionid = Random::generateID();
 
         $spEntityId = $sp->getString('entityid');
@@ -337,18 +337,18 @@ class AuthnResponse
         $namequalifier = $sp->getString('NameQualifier', $spEntityId);
         $nameid = Random::generateID();
         $subjectNode =
-            '<Subject>' .
-            '<NameIdentifier' .
-            ' Format="urn:mace:shibboleth:1.0:nameIdentifier"' .
-            ' NameQualifier="' . htmlspecialchars($namequalifier) . '"' .
-            '>' .
-            htmlspecialchars($nameid) .
-            '</NameIdentifier>' .
-            '<SubjectConfirmation>' .
-            '<ConfirmationMethod>' .
-            'urn:oasis:names:tc:SAML:1.0:cm:bearer' .
-            '</ConfirmationMethod>' .
-            '</SubjectConfirmation>' .
+            '<Subject>'.
+            '<NameIdentifier'.
+            ' Format="urn:mace:shibboleth:1.0:nameIdentifier"'.
+            ' NameQualifier="'.htmlspecialchars($namequalifier).'"'.
+            '>'.
+            htmlspecialchars($nameid).
+            '</NameIdentifier>'.
+            '<SubjectConfirmation>'.
+            '<ConfirmationMethod>'.
+            'urn:oasis:names:tc:SAML:1.0:cm:bearer'.
+            '</ConfirmationMethod>'.
+            '</SubjectConfirmation>'.
             '</Subject>';
 
         $encodedattributes = '';
@@ -370,25 +370,25 @@ class AuthnResponse
         $response = '<Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
     xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
     xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="' . $issueInstant. '"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="'.$issueInstant.'"
     MajorVersion="1" MinorVersion="1"
-    Recipient="' . htmlspecialchars($shire) . '" ResponseID="' . $id . '">
+    Recipient="'.htmlspecialchars($shire).'" ResponseID="'.$id.'">
     <Status>
         <StatusCode Value="samlp:Success" />
     </Status>
     <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
-        AssertionID="' . $assertionid . '" IssueInstant="' . $issueInstant. '"
-        Issuer="' . htmlspecialchars($idp->getString('entityid')) . '" MajorVersion="1" MinorVersion="1">
-        <Conditions NotBefore="' . $notBefore. '" NotOnOrAfter="'. $assertionExpire . '">
+        AssertionID="'.$assertionid.'" IssueInstant="'.$issueInstant.'"
+        Issuer="'.htmlspecialchars($idp->getString('entityid')).'" MajorVersion="1" MinorVersion="1">
+        <Conditions NotBefore="'.$notBefore.'" NotOnOrAfter="'.$assertionExpire.'">
             <AudienceRestrictionCondition>
-                <Audience>' . htmlspecialchars($audience) . '</Audience>
+                <Audience>'.htmlspecialchars($audience).'</Audience>
             </AudienceRestrictionCondition>
         </Conditions>
-        <AuthenticationStatement AuthenticationInstant="' . $issueInstant. '"
-            AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">' .
-            $subjectNode . '
+        <AuthenticationStatement AuthenticationInstant="'.$issueInstant.'"
+            AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">'.
+            $subjectNode.'
         </AuthenticationStatement>
-        ' . $encodedattributes . '
+        '.$encodedattributes.'
     </Assertion>
 </Response>';
 
@@ -418,14 +418,14 @@ class AuthnResponse
             $scoped = false;
         }
 
-        $attr = '<Attribute AttributeName="' . htmlspecialchars($name) . '" AttributeNamespace="urn:mace:shibboleth:1.0:attributeNamespace:uri">';
+        $attr = '<Attribute AttributeName="'.htmlspecialchars($name).'" AttributeNamespace="urn:mace:shibboleth:1.0:attributeNamespace:uri">';
         foreach ($values as $value) {
             $scopePart = '';
             if ($scoped) {
                 $tmp = explode('@', $value, 2);
                 if (count($tmp) === 2) {
                     $value = $tmp[0];
-                    $scopePart = ' Scope="' . htmlspecialchars($tmp[1]) . '"';
+                    $scopePart = ' Scope="'.htmlspecialchars($tmp[1]).'"';
                 }
             }
 
@@ -433,7 +433,7 @@ class AuthnResponse
                 $value = base64_encode($value);
             }
 
-            $attr .= '<AttributeValue' . $scopePart . '>' . htmlspecialchars($value) . '</AttributeValue>';
+            $attr .= '<AttributeValue'.$scopePart.'>'.htmlspecialchars($value).'</AttributeValue>';
         }
         $attr .= '</Attribute>';
 
diff --git a/lib/SimpleSAML/XML/Signer.php b/lib/SimpleSAML/XML/Signer.php
index 70d856cd3..ae79c8a1d 100644
--- a/lib/SimpleSAML/XML/Signer.php
+++ b/lib/SimpleSAML/XML/Signer.php
@@ -136,11 +136,11 @@ class Signer
         }
 
         if (!file_exists($keyFile)) {
-            throw new \Exception('Could not find private key file "' . $keyFile . '".');
+            throw new \Exception('Could not find private key file "'.$keyFile.'".');
         }
         $keyData = file_get_contents($keyFile);
         if ($keyData === false) {
-            throw new \Exception('Unable to read private key file "' . $keyFile . '".');
+            throw new \Exception('Unable to read private key file "'.$keyFile.'".');
         }
 
         $privatekey = array('PEM' => $keyData);
@@ -198,12 +198,12 @@ class Signer
         }
 
         if (!file_exists($certFile)) {
-            throw new \Exception('Could not find certificate file "' . $certFile . '".');
+            throw new \Exception('Could not find certificate file "'.$certFile.'".');
         }
 
         $cert = file_get_contents($certFile);
         if ($cert === false) {
-            throw new \Exception('Unable to read certificate file "' . $certFile . '".');
+            throw new \Exception('Unable to read certificate file "'.$certFile.'".');
         }
         $this->certificate = $cert;
     }
@@ -245,12 +245,12 @@ class Signer
         }
 
         if (!file_exists($certFile)) {
-            throw new \Exception('Could not find extra certificate file "' . $certFile . '".');
+            throw new \Exception('Could not find extra certificate file "'.$certFile.'".');
         }
 
         $certificate = file_get_contents($certFile);
         if ($certificate === false) {
-            throw new \Exception('Unable to read extra certificate file "' . $certFile . '".');
+            throw new \Exception('Unable to read extra certificate file "'.$certFile.'".');
         }
 
         $this->extraCertificates[] = $certificate;
diff --git a/lib/SimpleSAML/XML/Validator.php b/lib/SimpleSAML/XML/Validator.php
index 00eaf11cd..bbf6acdf3 100644
--- a/lib/SimpleSAML/XML/Validator.php
+++ b/lib/SimpleSAML/XML/Validator.php
@@ -15,7 +15,6 @@ use SimpleSAML\Logger;
 
 class Validator
 {
-
     /**
      * @var string This variable contains the X509 certificate the XML document
      *             was signed with, or NULL if it wasn't signed with an X509 certificate.
@@ -116,7 +115,7 @@ class Validator
                 $certificate = $objKey->getX509Certificate();
                 if ($certificate === null) {
                     // Wasn't signed with an X509 certificate
-                    throw new \Exception('Message wasn\'t signed with an X509 certificate,' .
+                    throw new \Exception('Message wasn\'t signed with an X509 certificate,'.
                         ' and no public key was provided in the metadata.');
                 }
 
@@ -211,7 +210,7 @@ class Validator
         $certFingerprint = self::calculateX509Fingerprint($certificate);
         if ($certFingerprint === null) {
             // Couldn't calculate fingerprint from X509 certificate. Should not happen.
-            throw new \Exception('Unable to calculate fingerprint from X509' .
+            throw new \Exception('Unable to calculate fingerprint from X509'.
                 ' certificate. Maybe it isn\'t an X509 certificate?');
         }
 
@@ -225,8 +224,8 @@ class Validator
         }
 
         // None of the fingerprints matched. Throw an exception describing the error.
-        throw new \Exception('Invalid fingerprint of certificate. Expected one of [' .
-            implode('], [', $fingerprints) . '], but got [' . $certFingerprint . ']');
+        throw new \Exception('Invalid fingerprint of certificate. Expected one of ['.
+            implode('], [', $fingerprints).'], but got ['.$certFingerprint.']');
     }
 
 
@@ -333,7 +332,7 @@ class Validator
         $errors = '';
         // Log errors
         while (($error = openssl_error_string()) !== false) {
-            $errors .= ' [' . $error . ']';
+            $errors .= ' ['.$error.']';
         }
 
         if ($res !== true) {
@@ -370,7 +369,7 @@ class Validator
 
         $cmdline = '';
         foreach ($command as $c) {
-            $cmdline .= escapeshellarg($c) . ' ';
+            $cmdline .= escapeshellarg($c).' ';
         }
 
         $cmdline .= '2>&1';
@@ -380,7 +379,7 @@ class Validator
         );
         $process = proc_open($cmdline, $descSpec, $pipes);
         if (!is_resource($process)) {
-            throw new \Exception('Failed to execute verification command: ' . $cmdline);
+            throw new \Exception('Failed to execute verification command: '.$cmdline);
         }
 
         if (fwrite($pipes[0], $certificate) === false) {
@@ -392,7 +391,7 @@ class Validator
         while (!feof($pipes[1])) {
             $line = trim(fgets($pipes[1]));
             if (strlen($line) > 0) {
-                $out .= ' [' . $line . ']';
+                $out .= ' ['.$line.']';
             }
         }
         fclose($pipes[1]);
@@ -422,21 +421,21 @@ class Validator
         assert(is_string($caFile));
 
         if (!file_exists($caFile)) {
-            throw new \Exception('Could not load CA file: ' . $caFile);
+            throw new \Exception('Could not load CA file: '.$caFile);
         }
 
-        Logger::debug('Validating certificate against CA file: ' . var_export($caFile, true));
+        Logger::debug('Validating certificate against CA file: '.var_export($caFile, true));
 
         $resBuiltin = self::validateCABuiltIn($certificate, $caFile);
         if ($resBuiltin !== true) {
-            Logger::debug('Failed to validate with internal function: ' . var_export($resBuiltin, true));
+            Logger::debug('Failed to validate with internal function: '.var_export($resBuiltin, true));
 
             $resExternal = self::validateCAExec($certificate, $caFile);
             if ($resExternal !== true) {
-                Logger::debug('Failed to validate with external function: ' . var_export($resExternal, true));
-                throw new \Exception('Could not verify certificate against CA file "'
-                    . $caFile . '". Internal result:' . $resBuiltin .
-                    ' External result:' . $resExternal);
+                Logger::debug('Failed to validate with external function: '.var_export($resExternal, true));
+                throw new \Exception('Could not verify certificate against CA file "'.
+                    $caFile.'". Internal result:'.$resBuiltin.
+                    ' External result:'.$resExternal);
             }
         }
 
diff --git a/lib/_autoload.php b/lib/_autoload.php
index 018468b55..245acd1e5 100644
--- a/lib/_autoload.php
+++ b/lib/_autoload.php
@@ -11,7 +11,8 @@
 // SSP is loaded as a separate project
 if (file_exists(dirname(dirname(__FILE__)).'/vendor/autoload.php')) {
     require_once dirname(dirname(__FILE__)).'/vendor/autoload.php';
-} else {  // SSP is loaded as a library
+} else {
+    // SSP is loaded as a library
     if (file_exists(dirname(dirname(__FILE__)).'/../../autoload.php')) {
         require_once dirname(dirname(__FILE__)).'/../../autoload.php';
     } else {
diff --git a/lib/_autoload_modules.php b/lib/_autoload_modules.php
index 9a2c753f7..1df2e4acc 100644
--- a/lib/_autoload_modules.php
+++ b/lib/_autoload_modules.php
@@ -126,7 +126,8 @@ function sspmodAutoloadPSR0($className)
 function sspmodAutoloadPSR4($className)
 {
     $elements = explode('\\', $className);
-    if ($elements[0] === '') { // class name starting with /, ignore
+    if ($elements[0] === '') {
+        // class name starting with /, ignore
         array_shift($elements);
     }
     if (count($elements) < 4) {
diff --git a/metadata-templates/adfs-idp-hosted.php b/metadata-templates/adfs-idp-hosted.php
index cace17d0c..895dd23c4 100644
--- a/metadata-templates/adfs-idp-hosted.php
+++ b/metadata-templates/adfs-idp-hosted.php
@@ -1,12 +1,12 @@
 <?php
 
 $metadata['__DYNAMIC:1__'] = array(
-	'host' => '__DEFAULT__',
-	'privatekey' => 'server.pem',
-	'certificate' => 'server.crt',
-	'auth' => 'example-userpass',
-	'authproc' => array(
-		// Convert LDAP names to WS-Fed Claims.
-		100 => array('class' => 'core:AttributeMap', 'name2claim'),
-	),
+    'host' => '__DEFAULT__',
+    'privatekey' => 'server.pem',
+    'certificate' => 'server.crt',
+    'auth' => 'example-userpass',
+    'authproc' => array(
+        // Convert LDAP names to WS-Fed Claims.
+        100 => array('class' => 'core:AttributeMap', 'name2claim'),
+    ),
 );
diff --git a/metadata-templates/adfs-sp-remote.php b/metadata-templates/adfs-sp-remote.php
index 8b627ee4b..c72f51442 100644
--- a/metadata-templates/adfs-sp-remote.php
+++ b/metadata-templates/adfs-sp-remote.php
@@ -1,12 +1,12 @@
 <?php
 
 $metadata['urn:federation:localhost'] = array(
-	'prp' => 'https://localhost/adfs/ls/',
-	'simplesaml.nameidattribute' => 'uid',
-	'authproc' => array(
-		50 => array(
-			'class' => 'core:AttributeLimit',
-			'cn', 'mail', 'uid', 'eduPersonAffiliation',
-		),
-	),
+    'prp' => 'https://localhost/adfs/ls/',
+    'simplesaml.nameidattribute' => 'uid',
+    'authproc' => array(
+        50 => array(
+            'class' => 'core:AttributeLimit',
+            'cn', 'mail', 'uid', 'eduPersonAffiliation',
+        ),
+    ),
 );
diff --git a/metadata-templates/saml20-idp-hosted.php b/metadata-templates/saml20-idp-hosted.php
index 7acd40373..431e6e909 100644
--- a/metadata-templates/saml20-idp-hosted.php
+++ b/metadata-templates/saml20-idp-hosted.php
@@ -6,46 +6,46 @@
  */
 
 $metadata['__DYNAMIC:1__'] = array(
-	/*
-	 * The hostname of the server (VHOST) that will use this SAML entity.
-	 *
-	 * Can be '__DEFAULT__', to use this entry by default.
-	 */
-	'host' => '__DEFAULT__',
+    /*
+     * The hostname of the server (VHOST) that will use this SAML entity.
+     *
+     * Can be '__DEFAULT__', to use this entry by default.
+     */
+    'host' => '__DEFAULT__',
 
-	// X.509 key and certificate. Relative to the cert directory.
-	'privatekey' => 'server.pem',
-	'certificate' => 'server.crt',
+    // X.509 key and certificate. Relative to the cert directory.
+    'privatekey' => 'server.pem',
+    'certificate' => 'server.crt',
 
-	/*
-	 * Authentication source to use. Must be one that is configured in
-	 * 'config/authsources.php'.
-	 */
-	'auth' => 'example-userpass',
+    /*
+     * Authentication source to use. Must be one that is configured in
+     * 'config/authsources.php'.
+     */
+    'auth' => 'example-userpass',
 
-	/* Uncomment the following to use the uri NameFormat on attributes. */
-	/*
-	'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
-	'authproc' => array(
-		// Convert LDAP names to oids.
-		100 => array('class' => 'core:AttributeMap', 'name2oid'),
-	),
-	*/
+    /* Uncomment the following to use the uri NameFormat on attributes. */
+    /*
+    'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+    'authproc' => array(
+        // Convert LDAP names to oids.
+        100 => array('class' => 'core:AttributeMap', 'name2oid'),
+    ),
+    */
 
-	/*
-	 * Uncomment the following to specify the registration information in the
-	 * exported metadata. Refer to:
+    /*
+     * Uncomment the following to specify the registration information in the
+     * exported metadata. Refer to:
      * http://docs.oasis-open.org/security/saml/Post2.0/saml-metadata-rpi/v1.0/cs01/saml-metadata-rpi-v1.0-cs01.html
-	 * for more information.
-	 */
-	/*
-	'RegistrationInfo' => array(
-		'authority' => 'urn:mace:example.org',
-		'instant' => '2008-01-17T11:28:03Z',
-		'policies' => array(
-			'en' => 'http://example.org/policy',
-			'es' => 'http://example.org/politica',
-		),
-	),
-	*/
+     * for more information.
+     */
+    /*
+    'RegistrationInfo' => array(
+        'authority' => 'urn:mace:example.org',
+        'instant' => '2008-01-17T11:28:03Z',
+        'policies' => array(
+            'en' => 'http://example.org/policy',
+            'es' => 'http://example.org/politica',
+        ),
+    ),
+    */
 );
diff --git a/metadata-templates/saml20-sp-remote.php b/metadata-templates/saml20-sp-remote.php
index b74e90492..5095f2c22 100644
--- a/metadata-templates/saml20-sp-remote.php
+++ b/metadata-templates/saml20-sp-remote.php
@@ -9,8 +9,8 @@
  * Example SimpleSAMLphp SAML 2.0 SP
  */
 $metadata['https://saml2sp.example.org'] = array(
-	'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
-	'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp',
+    'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
+    'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp',
 );
 
 /*
@@ -20,22 +20,22 @@ $metadata['https://saml2sp.example.org'] = array(
  * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
  */
 $metadata['google.com'] = array(
-	'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
-	'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
-	'simplesaml.nameidattribute' => 'uid',
-	'simplesaml.attributes' => FALSE,
+    'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
+    'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
+    'simplesaml.nameidattribute' => 'uid',
+    'simplesaml.attributes' => false,
 );
 
 $metadata['https://legacy.example.edu'] = array(
-	'AssertionConsumerService' => 'https://legacy.example.edu/saml/acs',
-        /*
-         * Currently, SimpleSAMLphp defaults to the SHA-256 hashing algorithm.
-	 * Uncomment the following option to use SHA-1 for signatures directed
-	 * at this specific service provider if it does not support SHA-256 yet.
-         *
-         * WARNING: SHA-1 is disallowed starting January the 1st, 2014.
-         * Please refer to the following document for more information:
-         * http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
-         */
-        //'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha1',
+    'AssertionConsumerService' => 'https://legacy.example.edu/saml/acs',
+    /*
+     * Currently, SimpleSAMLphp defaults to the SHA-256 hashing algorithm.
+     * Uncomment the following option to use SHA-1 for signatures directed
+     * at this specific service provider if it does not support SHA-256 yet.
+     *
+     * WARNING: SHA-1 is disallowed starting January the 1st, 2014.
+     * Please refer to the following document for more information:
+     * http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
+     */
+    //'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha1',
 );
diff --git a/metadata-templates/shib13-idp-hosted.php b/metadata-templates/shib13-idp-hosted.php
index 7617fd685..56b048284 100644
--- a/metadata-templates/shib13-idp-hosted.php
+++ b/metadata-templates/shib13-idp-hosted.php
@@ -6,21 +6,20 @@
  */
 
 $metadata['__DYNAMIC:1__'] = array(
+    /*
+     * The hostname of the server (VHOST) that will use this SAML entity.
+     *
+     * Can be '__DEFAULT__', to use this entry by default.
+     */
+    'host' => '__DEFAULT__',
 
-	/*
-	 * The hostname of the server (VHOST) that will use this SAML entity.
-	 *
-	 * Can be '__DEFAULT__', to use this entry by default.
-	 */
-	'host' => '__DEFAULT__',
+    // X.509 key and certificate. Relative to the cert directory.
+    'privatekey' => 'server.pem',
+    'certificate' => 'server.crt',
 
-	// X.509 key and certificate. Relative to the cert directory.
-	'privatekey' => 'server.pem',
-	'certificate' => 'server.crt',
-
-	/*
-	 * Authentication source to use. Must be one that is configured in
-	 * 'config/authsources.php'.
-	 */
-	'auth' => 'example-userpass',
+    /*
+     * Authentication source to use. Must be one that is configured in
+     * 'config/authsources.php'.
+     */
+    'auth' => 'example-userpass',
 );
diff --git a/metadata-templates/shib13-idp-remote.php b/metadata-templates/shib13-idp-remote.php
index b48b6f9f9..0757aa83b 100644
--- a/metadata-templates/shib13-idp-remote.php
+++ b/metadata-templates/shib13-idp-remote.php
@@ -9,7 +9,7 @@
 
 /*
 $metadata['theproviderid-of-the-idp'] = array(
-	'SingleSignOnService'  => 'https://idp.example.org/shibboleth-idp/SSO',
-	'certificate'          => 'example.pem',
+    'SingleSignOnService' => 'https://idp.example.org/shibboleth-idp/SSO',
+    'certificate' => 'example.pem',
 );
 */
diff --git a/metadata-templates/shib13-sp-hosted.php b/metadata-templates/shib13-sp-hosted.php
index f15cc910e..38536ceb0 100644
--- a/metadata-templates/shib13-sp-hosted.php
+++ b/metadata-templates/shib13-sp-hosted.php
@@ -9,5 +9,5 @@
  * Example of hosted Shibboleth 1.3 SP.
  */
 $metadata['__DYNAMIC:1__'] = array(
-	'host' => '__DEFAULT__',
+    'host' => '__DEFAULT__',
 );
diff --git a/metadata-templates/shib13-sp-remote.php b/metadata-templates/shib13-sp-remote.php
index 5d0f3100a..73df2dae9 100644
--- a/metadata-templates/shib13-sp-remote.php
+++ b/metadata-templates/shib13-sp-remote.php
@@ -9,8 +9,8 @@
  * This is just an example:
  */
 $metadata['https://sp.shiblab.feide.no'] = array(
-	'AssertionConsumerService' => 'http://sp.shiblab.feide.no/Shibboleth.sso/SAML/POST',
-	'audience'                 => 'urn:mace:feide:shiblab',
-	'base64attributes'         => FALSE,
+    'AssertionConsumerService' => 'http://sp.shiblab.feide.no/Shibboleth.sso/SAML/POST',
+    'audience' => 'urn:mace:feide:shiblab',
+    'base64attributes' => false,
 );
 
diff --git a/metadata-templates/wsfed-idp-remote.php b/metadata-templates/wsfed-idp-remote.php
index 215fb0cd2..a6d20ef4a 100644
--- a/metadata-templates/wsfed-idp-remote.php
+++ b/metadata-templates/wsfed-idp-remote.php
@@ -4,6 +4,6 @@
  */
 
 $metadata['urn:federation:pingfederate:localhost'] = array(
-	'prp' => 'https://localhost:9031/idp/prp.wsf',
-	'certificate' => 'pingfed-localhost.pem',
+    'prp' => 'https://localhost:9031/idp/prp.wsf',
+    'certificate' => 'pingfed-localhost.pem',
 );
diff --git a/metadata-templates/wsfed-sp-hosted.php b/metadata-templates/wsfed-sp-hosted.php
index 3a68b7a6b..17e3e1252 100644
--- a/metadata-templates/wsfed-sp-hosted.php
+++ b/metadata-templates/wsfed-sp-hosted.php
@@ -7,5 +7,5 @@
  */
 
 $metadata['__DYNAMIC:1__'] = array(
-	'host' => '__DEFAULT__',
+    'host' => '__DEFAULT__',
 );
diff --git a/modules/consent/www/noconsent.php b/modules/consent/www/noconsent.php
index 0c48fb0b0..544f8bd8c 100644
--- a/modules/consent/www/noconsent.php
+++ b/modules/consent/www/noconsent.php
@@ -27,9 +27,9 @@ $logoutLink = \SimpleSAML\Module::getModuleURL(
 
 $aboutService = null;
 if (!isset($state['consent:showNoConsentAboutService']) || $state['consent:showNoConsentAboutService']) {
-	if (isset($state['Destination']['url.about'])) {
-		$aboutService = $state['Destination']['url.about'];
-	}
+    if (isset($state['Destination']['url.about'])) {
+        $aboutService = $state['Destination']['url.about'];
+    }
 }
 
 $statsInfo = array();
diff --git a/modules/exampleauth/lib/Auth/Source/External.php b/modules/exampleauth/lib/Auth/Source/External.php
index 453d0da3a..c349ba155 100644
--- a/modules/exampleauth/lib/Auth/Source/External.php
+++ b/modules/exampleauth/lib/Auth/Source/External.php
@@ -25,256 +25,252 @@ namespace SimpleSAML\Module\exampleauth\Auth\Source;
 
 class External extends \SimpleSAML\Auth\Source
 {
-        /**
-         * The key of the AuthId field in the state.
+    /**
+     * The key of the AuthId field in the state.
+     */
+    const AUTHID = 'SimpleSAML\Module\exampleautth\Auth\Sourc\External.AuthId';
+
+    /**
+     * Constructor for this authentication source.
+     *
+     * @param array $info  Information about this authentication source.
+     * @param array $config  Configuration.
+     */
+    public function __construct($info, $config)
+    {
+        assert(is_array($info));
+        assert(is_array($config));
+
+        // Call the parent constructor first, as required by the interface
+        parent::__construct($info, $config);
+
+        // Do any other configuration we need here
+    }
+
+    /**
+     * Retrieve attributes for the user.
+     *
+     * @return array|NULL  The user's attributes, or NULL if the user isn't authenticated.
+     */
+    private function getUser()
+    {
+        /*
+         * In this example we assume that the attributes are
+         * stored in the users PHP session, but this could be replaced
+         * with anything.
          */
-        const AUTHID = 'SimpleSAML\Module\exampleautth\Auth\Sourc\External.AuthId';
-
-	/**
-	 * Constructor for this authentication source.
-	 *
-	 * @param array $info  Information about this authentication source.
-	 * @param array $config  Configuration.
-	 */
-	public function __construct($info, $config) {
-		assert(is_array($info));
-		assert(is_array($config));
-
-		// Call the parent constructor first, as required by the interface
-		parent::__construct($info, $config);
-
-		// Do any other configuration we need here
-	}
-
-
-	/**
-	 * Retrieve attributes for the user.
-	 *
-	 * @return array|NULL  The user's attributes, or NULL if the user isn't authenticated.
-	 */
-	private function getUser() {
-
-		/*
-		 * In this example we assume that the attributes are
-		 * stored in the users PHP session, but this could be replaced
-		 * with anything.
-		 */
-
-		if (!session_id()) {
-			/* session_start not called before. Do it here. */
-			session_start();
-		}
-
-		if (!isset($_SESSION['uid'])) {
-			/* The user isn't authenticated. */
-			return NULL;
-		}
-
-		/*
-		 * Find the attributes for the user.
-		 * Note that all attributes in SimpleSAMLphp are multivalued, so we need
-		 * to store them as arrays.
-		 */
-
-		$attributes = array(
-			'uid' => array($_SESSION['uid']),
-			'displayName' => array($_SESSION['name']),
-			'mail' => array($_SESSION['mail']),
-		);
-
-		/* Here we generate a multivalued attribute based on the account type. */
-		$attributes['eduPersonAffiliation'] = array(
-			$_SESSION['type'], /* In this example, either 'student' or 'employee'. */
-			'member',
-		);
-
-		return $attributes;
-	}
-
-
-	/**
-	 * Log in using an external authentication helper.
-	 *
-	 * @param array &$state  Information about the current authentication.
-	 */
-	public function authenticate(&$state) {
-		assert(is_array($state));
-
-		$attributes = $this->getUser();
-		if ($attributes !== NULL) {
-			/*
-			 * The user is already authenticated.
-			 *
-			 * Add the users attributes to the $state-array, and return control
-			 * to the authentication process.
-			 */
-			$state['Attributes'] = $attributes;
-			return;
-		}
-
-		/*
-		 * The user isn't authenticated. We therefore need to
-		 * send the user to the login page.
-		 */
-
-		/*
-		 * First we add the identifier of this authentication source
-		 * to the state array, so that we know where to resume.
-		 */
-		$state['exampleauth:AuthID'] = self::AUTHID;
-
-
-		/*
-		 * We need to save the $state-array, so that we can resume the
-		 * login process after authentication.
-		 *
-		 * Note the second parameter to the saveState-function. This is a
-		 * unique identifier for where the state was saved, and must be used
-		 * again when we retrieve the state.
-		 *
-		 * The reason for it is to prevent
-		 * attacks where the user takes a $state-array saved in one location
-		 * and restores it in another location, and thus bypasses steps in
-		 * the authentication process.
-		 */
-		$stateId = \SimpleSAML\Auth\State::saveState($state, 'exampleauth:External');
-
-		/*
-		 * Now we generate a URL the user should return to after authentication.
-		 * We assume that whatever authentication page we send the user to has an
-		 * option to return the user to a specific page afterwards.
-		 */
-		$returnTo = \SimpleSAML\Module::getModuleURL('exampleauth/resume.php', array(
-			'State' => $stateId,
-		));
-
-		/*
-		 * Get the URL of the authentication page.
-		 *
-		 * Here we use the getModuleURL function again, since the authentication page
-		 * is also part of this module, but in a real example, this would likely be
-		 * the absolute URL of the login page for the site.
-		 */
-		$authPage = \SimpleSAML\Module::getModuleURL('exampleauth/authpage.php');
-
-		/*
-		 * The redirect to the authentication page.
-		 *
-		 * Note the 'ReturnTo' parameter. This must most likely be replaced with
-		 * the real name of the parameter for the login page.
-		 */
-		\SimpleSAML\Utils\HTTP::redirectTrustedURL($authPage, array(
-			'ReturnTo' => $returnTo,
-		));
-
-		/*
-		 * The redirect function never returns, so we never get this far.
-		 */
-		assert(false);
-	}
-
-
-	/**
-	 * Resume authentication process.
-	 *
-	 * This function resumes the authentication process after the user has
-	 * entered his or her credentials.
-	 *
-	 * @param array &$state  The authentication state.
-	 */
-	public static function resume() {
-
-		/*
-		 * First we need to restore the $state-array. We should have the identifier for
-		 * it in the 'State' request parameter.
-		 */
-		if (!isset($_REQUEST['State'])) {
-			throw new \SimpleSAML\Error\BadRequest('Missing "State" parameter.');
-		}
-
-		/*
-		 * Once again, note the second parameter to the loadState function. This must
-		 * match the string we used in the saveState-call above.
-		 */
-		$state = \SimpleSAML\Auth\State::loadState($_REQUEST['State'], 'exampleauth:External');
-
-		/*
-		 * Now we have the $state-array, and can use it to locate the authentication
-		 * source.
-		 */
-		$source = \SimpleSAML\Auth\Source::getById($state['exampleauth:AuthID']);
-		if ($source === NULL) {
-			/*
-			 * The only way this should fail is if we remove or rename the authentication source
-			 * while the user is at the login page.
-			 */
-			throw new \SimpleSAML\Error\Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
-		}
-
-		/*
-		 * Make sure that we haven't switched the source type while the
-		 * user was at the authentication page. This can only happen if we
-		 * change config/authsources.php while an user is logging in.
-		 */
-		if (! ($source instanceof self)) {
-			throw new \SimpleSAML\Error\Exception('Authentication source type changed.');
-		}
-
-
-		/*
-		 * OK, now we know that our current state is sane. Time to actually log the user in.
-		 *
-		 * First we check that the user is acutally logged in, and didn't simply skip the login page.
-		 */
-		$attributes = $source->getUser();
-		if ($attributes === NULL) {
-			/*
-			 * The user isn't authenticated.
-			 *
-			 * Here we simply throw an exception, but we could also redirect the user back to the
-			 * login page.
-			 */
-			throw new \SimpleSAML\Error\Exception('User not authenticated after login page.');
-		}
-
-		/*
-		 * So, we have a valid user. Time to resume the authentication process where we
-		 * paused it in the authenticate()-function above.
-		 */
-
-		$state['Attributes'] = $attributes;
-		\SimpleSAML\Auth\Source::completeAuth($state);
-
-		/*
-		 * The completeAuth-function never returns, so we never get this far.
-		 */
-		assert(false);
-	}
-
-
-	/**
-	 * This function is called when the user start a logout operation, for example
-	 * by logging out of a SP that supports single logout.
-	 *
-	 * @param array &$state  The logout state array.
-	 */
-	public function logout(&$state) {
-		assert(is_array($state));
-
-		if (!session_id()) {
-			/* session_start not called before. Do it here. */
-			session_start();
-		}
-
-		/*
-		 * In this example we simply remove the 'uid' from the session.
-		 */
-		unset($_SESSION['uid']);
-
-		/*
-		 * If we need to do a redirect to a different page, we could do this
-		 * here, but in this example we don't need to do this.
-		 */
-	}
 
+        if (!session_id()) {
+            // session_start not called before. Do it here
+            session_start();
+        }
+
+        if (!isset($_SESSION['uid'])) {
+            // The user isn't authenticated
+            return null;
+        }
+
+        /*
+         * Find the attributes for the user.
+         * Note that all attributes in SimpleSAMLphp are multivalued, so we need
+         * to store them as arrays.
+         */
+
+        $attributes = array(
+            'uid' => array($_SESSION['uid']),
+            'displayName' => array($_SESSION['name']),
+            'mail' => array($_SESSION['mail']),
+        );
+
+        // Here we generate a multivalued attribute based on the account type
+        $attributes['eduPersonAffiliation'] = array(
+            $_SESSION['type'], /* In this example, either 'student' or 'employee'. */
+            'member',
+        );
+
+        return $attributes;
+    }
+
+    /**
+     * Log in using an external authentication helper.
+     *
+     * @param array &$state  Information about the current authentication.
+     */
+    public function authenticate(&$state)
+    {
+        assert(is_array($state));
+
+        $attributes = $this->getUser();
+        if ($attributes !== null) {
+            /*
+             * The user is already authenticated.
+             *
+             * Add the users attributes to the $state-array, and return control
+             * to the authentication process.
+             */
+            $state['Attributes'] = $attributes;
+            return;
+        }
+
+        /*
+         * The user isn't authenticated. We therefore need to
+         * send the user to the login page.
+         */
+
+        /*
+         * First we add the identifier of this authentication source
+         * to the state array, so that we know where to resume.
+         */
+        $state['exampleauth:AuthID'] = self::AUTHID;
+
+        /*
+         * We need to save the $state-array, so that we can resume the
+         * login process after authentication.
+         *
+         * Note the second parameter to the saveState-function. This is a
+         * unique identifier for where the state was saved, and must be used
+         * again when we retrieve the state.
+         *
+         * The reason for it is to prevent
+         * attacks where the user takes a $state-array saved in one location
+         * and restores it in another location, and thus bypasses steps in
+         * the authentication process.
+         */
+        $stateId = \SimpleSAML\Auth\State::saveState($state, 'exampleauth:External');
+
+        /*
+         * Now we generate a URL the user should return to after authentication.
+         * We assume that whatever authentication page we send the user to has an
+         * option to return the user to a specific page afterwards.
+         */
+        $returnTo = \SimpleSAML\Module::getModuleURL('exampleauth/resume.php', array(
+            'State' => $stateId,
+        ));
+
+        /*
+         * Get the URL of the authentication page.
+         *
+         * Here we use the getModuleURL function again, since the authentication page
+         * is also part of this module, but in a real example, this would likely be
+         * the absolute URL of the login page for the site.
+         */
+        $authPage = \SimpleSAML\Module::getModuleURL('exampleauth/authpage.php');
+
+        /*
+         * The redirect to the authentication page.
+         *
+         * Note the 'ReturnTo' parameter. This must most likely be replaced with
+         * the real name of the parameter for the login page.
+         */
+        \SimpleSAML\Utils\HTTP::redirectTrustedURL($authPage, array(
+            'ReturnTo' => $returnTo,
+        ));
+
+        /*
+         * The redirect function never returns, so we never get this far.
+         */
+        assert(false);
+    }
+
+    /**
+     * Resume authentication process.
+     *
+     * This function resumes the authentication process after the user has
+     * entered his or her credentials.
+     *
+     * @param array &$state  The authentication state.
+     */
+    public static function resume()
+    {
+        /*
+         * First we need to restore the $state-array. We should have the identifier for
+         * it in the 'State' request parameter.
+         */
+        if (!isset($_REQUEST['State'])) {
+            throw new \SimpleSAML\Error\BadRequest('Missing "State" parameter.');
+        }
+
+        /*
+         * Once again, note the second parameter to the loadState function. This must
+         * match the string we used in the saveState-call above.
+         */
+        $state = \SimpleSAML\Auth\State::loadState($_REQUEST['State'], 'exampleauth:External');
+
+        /*
+         * Now we have the $state-array, and can use it to locate the authentication
+         * source.
+         */
+        $source = \SimpleSAML\Auth\Source::getById($state['exampleauth:AuthID']);
+        if ($source === null) {
+            /*
+             * The only way this should fail is if we remove or rename the authentication source
+             * while the user is at the login page.
+             */
+            throw new \SimpleSAML\Error\Exception('Could not find authentication source with id '.$state[self::AUTHID]);
+        }
+
+        /*
+         * Make sure that we haven't switched the source type while the
+         * user was at the authentication page. This can only happen if we
+         * change config/authsources.php while an user is logging in.
+         */
+        if (!($source instanceof self)) {
+            throw new \SimpleSAML\Error\Exception('Authentication source type changed.');
+        }
+
+        /*
+         * OK, now we know that our current state is sane. Time to actually log the user in.
+         *
+         * First we check that the user is acutally logged in, and didn't simply skip the login page.
+         */
+        $attributes = $source->getUser();
+        if ($attributes === null) {
+            /*
+             * The user isn't authenticated.
+             *
+             * Here we simply throw an exception, but we could also redirect the user back to the
+             * login page.
+             */
+            throw new \SimpleSAML\Error\Exception('User not authenticated after login page.');
+        }
+
+        /*
+         * So, we have a valid user. Time to resume the authentication process where we
+         * paused it in the authenticate()-function above.
+         */
+
+        $state['Attributes'] = $attributes;
+        \SimpleSAML\Auth\Source::completeAuth($state);
+
+        /*
+         * The completeAuth-function never returns, so we never get this far.
+         */
+        assert(false);
+    }
+
+    /**
+     * This function is called when the user start a logout operation, for example
+     * by logging out of a SP that supports single logout.
+     *
+     * @param array &$state  The logout state array.
+     */
+    public function logout(&$state)
+    {
+        assert(is_array($state));
+
+        if (!session_id()) {
+            // session_start not called before. Do it here
+            session_start();
+        }
+
+        /*
+         * In this example we simply remove the 'uid' from the session.
+         */
+        unset($_SESSION['uid']);
+
+        /*
+         * If we need to do a redirect to a different page, we could do this
+         * here, but in this example we don't need to do this.
+         */
+    }
 }
diff --git a/modules/exampleauth/lib/Auth/Source/StaticSource.php b/modules/exampleauth/lib/Auth/Source/StaticSource.php
index ca17a378c..d81dd3256 100644
--- a/modules/exampleauth/lib/Auth/Source/StaticSource.php
+++ b/modules/exampleauth/lib/Auth/Source/StaticSource.php
@@ -14,46 +14,42 @@ namespace SimpleSAML\Module\exampleauth\Auth\Source;
 
 class StaticSource extends \SimpleSAML\Auth\Source
 {
-	/**
-	 * The attributes we return.
-	 */
-	private $attributes;
-
-
-	/**
-	 * Constructor for this authentication source.
-	 *
-	 * @param array $info  Information about this authentication source.
-	 * @param array $config  Configuration.
-	 */
-	public function __construct($info, $config) {
-		assert(is_array($info));
-		assert(is_array($config));
-
-		// Call the parent constructor first, as required by the interface
-		parent::__construct($info, $config);
-
-
-		// Parse attributes
-		try {
-			$this->attributes = \SimpleSAML\Utils\Attributes::normalizeAttributesArray($config);
-		} catch (\Exception $e) {
-			throw new \Exception('Invalid attributes for authentication source ' .
-				$this->authId . ': ' . $e->getMessage());
-		}
-
-	}
-
-
-	/**
-	 * Log in using static attributes.
-	 *
-	 * @param array &$state  Information about the current authentication.
-	 */
-	public function authenticate(&$state) {
-		assert(is_array($state));
-
-		$state['Attributes'] = $this->attributes;
-	}
-
+    /**
+     * The attributes we return.
+     */
+    private $attributes;
+
+    /**
+     * Constructor for this authentication source.
+     *
+     * @param array $info  Information about this authentication source.
+     * @param array $config  Configuration.
+     */
+    public function __construct($info, $config)
+    {
+        assert(is_array($info));
+        assert(is_array($config));
+
+        // Call the parent constructor first, as required by the interface
+        parent::__construct($info, $config);
+
+        // Parse attributes
+        try {
+            $this->attributes = \SimpleSAML\Utils\Attributes::normalizeAttributesArray($config);
+        } catch (\Exception $e) {
+            throw new \Exception('Invalid attributes for authentication source '.
+                $this->authId.': '.$e->getMessage());
+        }
+    }
+
+    /**
+     * Log in using static attributes.
+     *
+     * @param array &$state  Information about the current authentication.
+     */
+    public function authenticate(&$state)
+    {
+        assert(is_array($state));
+        $state['Attributes'] = $this->attributes;
+    }
 }
diff --git a/modules/ldap/lib/Auth/Source/LDAPMulti.php b/modules/ldap/lib/Auth/Source/LDAPMulti.php
index ff6e3e42b..8025d4471 100644
--- a/modules/ldap/lib/Auth/Source/LDAPMulti.php
+++ b/modules/ldap/lib/Auth/Source/LDAPMulti.php
@@ -46,7 +46,7 @@ class LDAPMulti extends \SimpleSAML\Module\core\Auth\UserPassOrgBase
         parent::__construct($info, $config);
 
         $cfgHelper = \SimpleSAML\Configuration::loadFromArray($config,
-            'Authentication source ' . var_export($this->authId, true));
+            'Authentication source '.var_export($this->authId, true));
 
 
         $this->orgs = array();
@@ -77,8 +77,8 @@ class LDAPMulti extends \SimpleSAML\Module\core\Auth\UserPassOrgBase
             }
 
             $orgCfg = new \SimpleSAML\Module\ldap\ConfigHelper($orgCfg,
-                'Authentication source ' . var_export($this->authId, true) .
-                ', organization ' . var_export($orgId, true));
+                'Authentication source '.var_export($this->authId, true).
+                ', organization '.var_export($orgId, true));
             $this->ldapOrgs[$orgId] = $orgCfg;
         }
     }
@@ -100,14 +100,14 @@ class LDAPMulti extends \SimpleSAML\Module\core\Auth\UserPassOrgBase
 
         if (!array_key_exists($org, $this->ldapOrgs)) {
             // The user has selected an organization which doesn't exist anymore.
-            \SimpleSAML\Logger::warning('Authentication source ' . var_export($this->authId, true) .
-                ': Organization seems to have disappeared while the user logged in.' .
-                ' Organization was ' . var_export($org, true));
+            \SimpleSAML\Logger::warning('Authentication source '.var_export($this->authId, true).
+                ': Organization seems to have disappeared while the user logged in.'.
+                ' Organization was '.var_export($org, true));
             throw new \SimpleSAML\Error\Error('WRONGUSERPASS');
         }
 
         if ($this->includeOrgInUsername) {
-            $username = $username . '@' . $org;
+            $username = $username.'@'.$org;
         }
 
         return $this->ldapOrgs[$org]->login($username, $password, $sasl_args);
diff --git a/modules/metarefresh/lib/MetaLoader.php b/modules/metarefresh/lib/MetaLoader.php
index 0c53c472e..abdc37160 100644
--- a/modules/metarefresh/lib/MetaLoader.php
+++ b/modules/metarefresh/lib/MetaLoader.php
@@ -180,7 +180,7 @@ class MetaLoader
             if (in_array('attributeauthority-remote', $this->types, true)) {
                 $attributeAuthorities = $entity->getAttributeAuthorities();
                 if (!empty($attributeAuthorities)) {
-                     $this->addMetadata($source['src'], $attributeAuthorities[0], 'attributeauthority-remote', $template);
+                    $this->addMetadata($source['src'], $attributeAuthorities[0], 'attributeauthority-remote', $template);
                 }
             }
         }
diff --git a/templates/attributequery.php b/templates/attributequery.php
index cdad3a86c..996d59edb 100644
--- a/templates/attributequery.php
+++ b/templates/attributequery.php
@@ -19,11 +19,8 @@ assert(is_string($nameIdQualifier));
 $nameIdSPQualifier = $this->data['nameIdSPQualifier'];
 assert(is_string($nameIdSPQualifier));
 
-
 $attributes = $this->data['attributes'];
 assert($attributes === null || is_array($attributes));
-
-
 ?>
 
 <h2>Attribute query test</h2>
@@ -64,17 +61,16 @@ assert($attributes === null || is_array($attributes));
 </form>
 
 <?php
-if ($attributes !== NULL) {
-
-	echo('<h3>Attributes received</h3><dl>');
-	foreach ($attributes as $name => $values) {
-		echo('<dt>' . htmlspecialchars($name) . '</dt><dd><ul>');
-		foreach ($values as $value) {
-			echo('<li>' . htmlspecialchars($value) . '</li>');
-		}
-		echo('</dd>');
-	}
-	echo('</dl>');
+if ($attributes !== null) {
+    echo '<h3>Attributes received</h3><dl>';
+    foreach ($attributes as $name => $values) {
+        echo '<dt>'.htmlspecialchars($name).'</dt><dd><ul>';
+        foreach ($values as $value) {
+            echo '<li>'.htmlspecialchars($value).'</li>';
+        }
+        echo '</dd>';
+    }
+    echo '</dl>';
 }
 ?>
 
diff --git a/templates/errorreport.php b/templates/errorreport.php
index 278d48385..e1154fa8d 100644
--- a/templates/errorreport.php
+++ b/templates/errorreport.php
@@ -1,9 +1,9 @@
 <?php
-	$this->data['header'] = $this->t('errorreport_header');
-	$this->includeAtTemplateBase('includes/header.php');
+    $this->data['header'] = $this->t('errorreport_header');
+    $this->includeAtTemplateBase('includes/header.php');
 ?>
 
-
 <h2><?php echo $this->t('errorreport_header'); ?></h2>
 <p><?php echo $this->t('errorreport_text'); ?></p>
-<?php $this->includeAtTemplateBase('includes/footer.php');
+<?php
+    $this->includeAtTemplateBase('includes/footer.php');
diff --git a/templates/hostnames.php b/templates/hostnames.php
index 45ea32f7f..2404638ac 100644
--- a/templates/hostnames.php
+++ b/templates/hostnames.php
@@ -3,7 +3,7 @@ $this->data['header'] = $this->t('{status:header_diagnostics}');
 $this->includeAtTemplateBase('includes/header.php');
 $this->includeAtTemplateBase('includes/attributes.php');
 
-echo "<h2>" . $this->t('{core:frontpage:link_diagnostics}') . "</h2>";
+echo "<h2>".$this->t('{core:frontpage:link_diagnostics}')."</h2>";
 
 $attributes = $this->data['attributes'];
 
diff --git a/templates/includes/attributes.php b/templates/includes/attributes.php
index 98e6abe31..3d80a035a 100644
--- a/templates/includes/attributes.php
+++ b/templates/includes/attributes.php
@@ -58,7 +58,7 @@ function present_attributes(\SimpleSAML\XHTML\Template $t, $attributes, $namePar
 
     $parentStr = (strlen($nameParent) > 0) ? strtolower($nameParent).'_' : '';
     $str = (strlen($nameParent) > 0) ? '<table class="attributes" summary="attribute overview">' :
-        '<table id="table_with_attributes"  class="attributes" summary="attribute overview">';
+        '<table id="table_with_attributes" class="attributes" summary="attribute overview">';
 
     foreach ($attributes as $name => $value) {
         $nameraw = $name;
diff --git a/templates/includes/footer.php b/templates/includes/footer.php
index 94e62f7c0..75e8e0018 100644
--- a/templates/includes/footer.php
+++ b/templates/includes/footer.php
@@ -1,22 +1,19 @@
 <?php
-if(!empty($this->data['htmlinject']['htmlContentPost'])) {
-	foreach($this->data['htmlinject']['htmlContentPost'] AS $c) {
-		echo $c;
-	}
+if (!empty($this->data['htmlinject']['htmlContentPost'])) {
+    foreach ($this->data['htmlinject']['htmlContentPost'] as $c) {
+        echo $c;
+    }
 }
 ?>
-	</div><!-- #content -->
-	<div id="footer">
-		<hr />
+            </div><!-- #content -->
+            <div id="footer">
+                <hr />
+                <img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/ssplogo-fish-small.png" alt="Small fish logo" style="float: right" />		
+                    Copyright &copy; 2007-2018 <a href="http://uninett.no/">UNINETT AS</a>
 
-		<img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/ssplogo-fish-small.png" alt="Small fish logo" style="float: right" />		
-		Copyright &copy; 2007-2018 <a href="http://uninett.no/">UNINETT AS</a>
-		
-		<br style="clear: right" />
-	
-	</div><!-- #footer -->
+                <br style="clear: right" />
 
-</div><!-- #wrap -->
-
-</body>
+            </div><!-- #footer -->
+        </div><!-- #wrap -->
+    </body>
 </html>
diff --git a/templates/includes/header-embed.php b/templates/includes/header-embed.php
index 874932502..5b83cbf7d 100644
--- a/templates/includes/header-embed.php
+++ b/templates/includes/header-embed.php
@@ -1,23 +1,24 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-<title><?php
-if(array_key_exists('header', $this->data)) {
-	echo $this->data['header'];
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>
+<?php
+if (array_key_exists('header', $this->data)) {
+    echo $this->data['header'];
 } else {
-	echo 'SimpleSAMLphp';
+    echo 'SimpleSAMLphp';
 }
-?></title>
-
-	<link rel="stylesheet" type="text/css" href="/<?php echo $this->data['baseurlpath']; ?>resources/default.css" />
-	<meta name="robots" content="noindex, nofollow" />
+?>
+    </title>
+    <link rel="stylesheet" type="text/css" href="/<?php echo $this->data['baseurlpath']; ?>resources/default.css" />
+    <meta name="robots" content="noindex, nofollow" />
 
 <?php
-if(array_key_exists('head', $this->data)) {
-	echo '<!-- head -->' . $this->data['head'] . '<!-- /head -->';
+if (array_key_exists('head', $this->data)) {
+    echo '<!-- head -->'.$this->data['head'].'<!-- /head -->';
 }
 ?>
-</head>
-<body class="body-embed">
+    </head>
+    <body class="body-embed">
 
diff --git a/templates/login-ldapmulti.php b/templates/login-ldapmulti.php
index 6f73d5a5d..a53da3ebe 100644
--- a/templates/login-ldapmulti.php
+++ b/templates/login-ldapmulti.php
@@ -1,74 +1,64 @@
 <?php 
-	$this->includeAtTemplateBase('includes/header.php'); 
+    $this->includeAtTemplateBase('includes/header.php'); 
 ?>
 
+<?php
+if (isset($this->data['error'])) {
+?>
+    <div style="border-left: 1px solid #e8e8e8; border-bottom: 1px solid #e8e8e8; background: #f5f5f5">
+        <img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-error.48x48.png" class="float-l erroricon" style="margin: 15px" alt="" />
+        <h2><?php echo $this->t('error_header'); ?></h2>
+
+        <p class="logintext"><?php echo htmlspecialchars($this->data['error']); ?> </p>
+    </div>
+<?php
+}
+?>
+    <h2 style="break: both"><?php echo $this->t('user_pass_header'); ?></h2>
+
+    <p><?php echo $this->t('user_pass_text'); ?></p>
 
-		<?php if (isset($this->data['error'])) { ?>
-		<div style="border-left: 1px solid #e8e8e8; border-bottom: 1px solid #e8e8e8; background: #f5f5f5">
-		<img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-error.48x48.png" class="float-l erroricon" style="margin: 15px" alt="" />
-		<h2><?php echo $this->t('error_header'); ?></h2>
-		
-		<p class="logintext"><?php echo htmlspecialchars($this->data['error']); ?> </p>
-		</div>
-		<?php } ?>
-	
-		<h2 style="break: both"><?php echo $this->t('user_pass_header'); ?></h2>
-		
-		<p>
-			<?php echo $this->t('user_pass_text'); ?>
-		</p>
-		
-		<form action="?" method="post" name="f">
+    <form action="?" method="post" name="f">
 
-		<table>
-			<tr>
-				<td rowspan="3"><img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-authentication.48x48.png" id="loginicon" alt="" /></td>
-				<td style="padding: .3em;"><?php echo $this->t('username'); ?></td>
-				<td><input type="text" tabindex="1" name="username" 
-					<?php if (isset($this->data['username'])) {
-						echo 'value="' . htmlspecialchars($this->data['username']) . '"';
-					} ?> /></td>
+        <table>
+            <tr>
+                <td rowspan="3"><img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-authentication.48x48.png" id="loginicon" alt="" /></td>
+                <td style="padding: .3em;"><?php echo $this->t('username'); ?></td>
+                <td><input type="text" tabindex="1" name="username"
+<?php
+if (isset($this->data['username'])) {
+    echo 'value="'.htmlspecialchars($this->data['username']).'"';
+}
+?>
+ /></td>
+
+                <td style="padding: .4em;" rowspan="3">
+                    <button type="submit" tabindex="3" id="regularsubmit" class="btn"><?php echo $this->t('login_button'); ?></button>
+                    <input type="hidden" name="RelayState" value="<?php echo htmlspecialchars($this->data['relaystate']); ?>" />
+                </td>
+            </tr>
+            <tr>
+                <td style="padding: .3em;"><?php echo $this->t('organization'); ?></td>
+                <td><select name="org" tabindex="2">
+<?php
+foreach ($this->data['ldapconfig'] as $key => $entry) {
+    echo '<option '.($key == $this->data['org'] ? 'selected="selected" ' : '').
+        'value="'.htmlspecialchars($key).'">'.htmlspecialchars($entry['description']).'</option>';
+}
+?>
+                </select></td>
+            </tr>
 
-					
-				<td style="padding: .4em;" rowspan="3">
-					<button type="submit" tabindex="3" id="regularsubmit" class="btn"><?php echo $this->t('login_button'); ?></button>
-					<input type="hidden" name="RelayState" value="<?php echo htmlspecialchars($this->data['relaystate']); ?>" />
-				</td>
-			</tr>
-			
-			<tr>
-				<td style="padding: .3em;"><?php echo $this->t('organization'); ?></td>
-				<td><select name="org" tabindex="2">
-					<?php
-					
-					foreach ($this->data['ldapconfig'] AS $key => $entry) {
-						echo '<option ' .
-							($key == $this->data['org'] ? 'selected="selected" ' : '')
-							. 'value="' . htmlspecialchars($key) . '">' . htmlspecialchars($entry['description']) . '</option>';
-					}
-					
-					?>
-				</select></td>
-			</tr>
-			
-			<tr>
-				<td style="padding: .3em;"><?php echo $this->t('password'); ?></td>
-				<td><input type="password" tabindex="2" name="password" /></td>
-			</tr>
-		<tr><td></td><td>
-		<button type="submit" tabindex="5" id="mobilesubmit" class="btn"><?php echo $this->t('login_button'); ?></button>
-		</td></tr>
-		</table>
-		
-		
-		</form>
-		
-		
-		<h2 class="logintext"><?php echo $this->t('help_header'); ?>.</h2>
-		
-		
-		<p class="logintext"><?php echo $this->t('help_text'); ?>!</p>
-		
-		
-		
-<?php $this->includeAtTemplateBase('includes/footer.php'); ?>
+            <tr>
+                <td style="padding: .3em;"><?php echo $this->t('password'); ?></td>
+                <td><input type="password" tabindex="2" name="password" /></td>
+            </tr>
+            <tr><td></td><td>
+                <button type="submit" tabindex="5" id="mobilesubmit" class="btn"><?php echo $this->t('login_button'); ?></button>
+            </td></tr>
+        </table>
+    </form>
+    <h2 class="logintext"><?php echo $this->t('help_header'); ?>.</h2>
+    <p class="logintext"><?php echo $this->t('help_text'); ?>!</p>
+<?php
+    $this->includeAtTemplateBase('includes/footer.php');
diff --git a/templates/login.php b/templates/login.php
index fc4e8b28d..fd0755db9 100644
--- a/templates/login.php
+++ b/templates/login.php
@@ -1,71 +1,60 @@
 <?php 
-	if (!isset($this->data['autofocus'])) {
-		$this->data['autofocus'] = 'username';
-	}
-	$this->includeAtTemplateBase('includes/header.php'); 
+    if (!isset($this->data['autofocus'])) {
+        $this->data['autofocus'] = 'username';
+    }
+    $this->includeAtTemplateBase('includes/header.php'); 
+    if (isset($this->data['error'])) {
 ?>
+    <div style="border-left: 1px solid #e8e8e8; border-bottom: 1px solid #e8e8e8; background: #f5f5f5">
+        <img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-error.48x48.png" class="float-l erroricon" style="margin: 15px" alt="" />
+        <h2><?php echo $this->t('error_header'); ?></h2>
 
-	<?php if (isset($this->data['error'])) { ?>
-		<div style="border-left: 1px solid #e8e8e8; border-bottom: 1px solid #e8e8e8; background: #f5f5f5">
-		<img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-error.48x48.png" class="float-l erroricon" style="margin: 15px" alt="" />
-		<h2><?php echo $this->t('error_header'); ?></h2>
-		
-		<p><?php echo $this->t($this->data['error']); ?> </p>
-		</div>
-	<?php } ?>
-
-	<h2 style="break: both"><?php echo $this->t('user_pass_header'); ?></h2>
-	
-	<p class="logintext"><?php echo $this->t('user_pass_text'); ?></p>
-	
-	<form action="?" method="post" name="f">
-
-	<table>
-		<tr>
-			<td rowspan="2"><img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-authentication.48x48.png" id="loginicon" alt="" /></td>
-			<td style="padding: .3em;"><?php echo $this->t('username'); ?></td>
-			
-			
-			<td>
-			<?php
-			
-				if (array_key_exists('admin', $this->data)) {
-					echo '<strong style="font-size: medium">Administrator</strong>';
-				} else {
-				
-					echo '<input type="text" id="username" tabindex="1" name="username" ';
-					if (isset($this->data['username'])) {
-						echo 'value="' . htmlspecialchars($this->data['username']) . '"';
-					}
-					echo '/>';
-				}
-			
-			
-			?>
-			</td>
+        <p><?php echo $this->t($this->data['error']); ?> </p>
+    </div>
+<?php
+}
+?>
+    <h2 style="break: both"><?php echo $this->t('user_pass_header'); ?></h2>
+    <p class="logintext"><?php echo $this->t('user_pass_text'); ?></p>
 
-			<td style="padding: .4em;" rowspan="2">
-				<button type="submit" class="regularsubmit" tabindex="3" class="btn"><?php echo $this->t('login_button'); ?></button>
-				<input type="hidden" name="RelayState" value="<?php echo htmlspecialchars($this->data['relaystate']); ?>" />
-			</td>
-		</tr>
-		<tr>
-			<td style="padding: .3em;"><?php echo $this->t('password'); ?></td>
-			<td><input id="password" type="password" tabindex="2" name="password" /></td>
-		</tr>
-        <tr><td></td><td></td><td>
-	        <button type="submit" tabindex="5" id="mobilesubmit" class="btn"><?php echo $this->t('login_button'); ?></button>
-	    </td></tr>
-	</table>
-	
-	
-	</form>
-	
-	
-	<h2 class="logintext"><?php echo $this->t('help_header'); ?></h2>
-	
-	
-	<p class="logintext"><?php echo $this->t('help_text'); ?></p>
-	
+    <form action="?" method="post" name="f">
 
-<?php $this->includeAtTemplateBase('includes/footer.php');
+        <table>
+            <tr>
+                <td rowspan="2"><img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/experience/gtk-dialog-authentication.48x48.png" id="loginicon" alt="" /></td>
+                <td style="padding: .3em;"><?php echo $this->t('username'); ?></td>
+                <td>
+<?php
+if (array_key_exists('admin', $this->data)) {
+    echo '<strong style="font-size: medium">Administrator</strong>';
+} else {
+    echo '<input type="text" id="username" tabindex="1" name="username" ';
+    if (isset($this->data['username'])) {
+        echo 'value="'.htmlspecialchars($this->data['username']).'"';
+    }
+    echo '/>';
+}
+?>
+                </td>
+                <td style="padding: .4em;" rowspan="2">
+                    <button type="submit" class="regularsubmit" tabindex="3" class="btn"><?php echo $this->t('login_button'); ?></button>
+                    <input type="hidden" name="RelayState" value="<?php echo htmlspecialchars($this->data['relaystate']); ?>" />
+                </td>
+            </tr>
+            <tr>
+                <td style="padding: .3em;"><?php echo $this->t('password'); ?></td>
+                <td><input id="password" type="password" tabindex="2" name="password" /></td>
+            </tr>
+            <tr>
+                <td></td>
+                <td></td>
+                <td>
+                    <button type="submit" tabindex="5" id="mobilesubmit" class="btn"><?php echo $this->t('login_button'); ?></button>
+                </td>
+            </tr>
+        </table>
+    </form>
+        <h2 class="logintext"><?php echo $this->t('help_header'); ?></h2>
+        <p class="logintext"><?php echo $this->t('help_text'); ?></p>
+<?php
+    $this->includeAtTemplateBase('includes/footer.php');
diff --git a/templates/logout.php b/templates/logout.php
index 0672ce725..92ecd7ae4 100644
--- a/templates/logout.php
+++ b/templates/logout.php
@@ -4,15 +4,13 @@ $this->data['header'] = $this->t('{logout:title}');
 
 $this->includeAtTemplateBase('includes/header.php');
 
+echo '<h2>'.$this->data['header'].'</h2>';
+echo '<p>'.$this->t('{logout:logged_out_text}').'</p>';
 
-
-echo('<h2>' . $this->data['header'] . '</h2>');
-echo('<p>' . $this->t('{logout:logged_out_text}') . '</p>');
-
-if($this->getTranslator()->getTag($this->data['text']) !== NULL) {
-	$this->data['text'] = $this->t($this->data['text']);
+if ($this->getTranslator()->getTag($this->data['text']) !== null) {
+    $this->data['text'] = $this->t($this->data['text']);
 }
-echo('<p>[ <a href="' . htmlspecialchars($this->data['link']) . '">' .
-	htmlspecialchars($this->data['text']) . '</a> ]</p>');
+echo '<p>[ <a href="'.htmlspecialchars($this->data['link']).'">'.
+    htmlspecialchars($this->data['text']).'</a> ]</p>';
 
 $this->includeAtTemplateBase('includes/footer.php');
diff --git a/templates/metadata-converter.php b/templates/metadata-converter.php
index 1ff3ac72d..bc46d3a94 100644
--- a/templates/metadata-converter.php
+++ b/templates/metadata-converter.php
@@ -51,7 +51,7 @@ if (!empty($output)) {
         var clipboard<?php echo $j; ?> = new ClipboardJS('#btn<?php echo $j; ?>');
 <?php
     }
- ?>
+?>
     </script>
 <?php
 }
diff --git a/templates/metadata.php b/templates/metadata.php
index 621fd08e3..cda59b566 100644
--- a/templates/metadata.php
+++ b/templates/metadata.php
@@ -50,8 +50,8 @@ if (array_key_exists('available_certs', $this->data)) { ?>
         if ($this->data['available_certs'][$certName]['certFingerprint'][0] ===
             'afe71c28ef740bc87425be13a2263d37971da1f9') {
             echo '&nbsp; <img style="display: inline;" src="/'.$this->data['baseurlpath'].
-                 'resources/icons/silk/exclamation.png" alt="default certificate" />'.
-                 'This is the default certificate. Generate a new certificate if this is a production system.';
+                'resources/icons/silk/exclamation.png" alt="default certificate" />'.
+                'This is the default certificate. Generate a new certificate if this is a production system.';
         }
         echo '</li>';
     } ?>
diff --git a/templates/post.php b/templates/post.php
index 353a24a38..8995523dd 100644
--- a/templates/post.php
+++ b/templates/post.php
@@ -47,18 +47,19 @@ if (array_key_exists('post', $this->data)) {
  * @param string $name  The name of the element.
  * @param string|array $value  The value of the element.
  */
-function printItem($name, $value) {
+function printItem($name, $value)
+{
     assert(is_string($name));
     assert(is_string($value) || is_array($value));
     if (is_string($value)) {
-        echo '<input type="hidden" name="' . 
-            htmlspecialchars($name) . '" value="' . 
-            htmlspecialchars($value) . '" />';
+        echo '<input type="hidden" name="'.
+            htmlspecialchars($name).'" value="'.
+            htmlspecialchars($value).'" />';
         return;
     }
     // This is an array...
     foreach ($value as $index => $item) {
-        printItem($name . '[' . $index . ']', $item);
+        printItem($name.'['.$index.']', $item);
     }
 }
 
@@ -66,7 +67,6 @@ foreach ($post as $name => $value) {
     printItem($name, $value);
 }
 ?>
-
         <noscript>
             <button type="submit" class="btn">Submit</button>
         </noscript>
diff --git a/templates/selectidp-dropdown.php b/templates/selectidp-dropdown.php
index 2a2c51103..4fa03d6ff 100644
--- a/templates/selectidp-dropdown.php
+++ b/templates/selectidp-dropdown.php
@@ -34,7 +34,7 @@ foreach ($this->data['idplist'] as $idpentry) {
                value="<?php echo htmlspecialchars($this->data['returnIDParam']); ?>"/>
         <select id="dropdownlist" name="idpentityid">
             <?php
-            usort($this->data['idplist'], function ($idpentry1, $idpentry2) {
+            usort($this->data['idplist'], function($idpentry1, $idpentry2) {
                 return strcasecmp(
                     $this->t('idpname_'.$idpentry1['entityid']),
                     $this->t('idpname_'.$idpentry2['entityid'])
diff --git a/templates/selectidp-links.php b/templates/selectidp-links.php
index 5a6b0c359..979188291 100644
--- a/templates/selectidp-links.php
+++ b/templates/selectidp-links.php
@@ -34,7 +34,7 @@ foreach ($this->data['idplist'] as $idpentry) {
             }
             ?></p>
 <?php
-        usort($this->data['idplist'], function ($idpentry1, $idpentry2) {
+        usort($this->data['idplist'], function($idpentry1, $idpentry2) {
             return strcasecmp(
                 $this->t('idpname_'.$idpentry1['entityid']),
                 $this->t('idpname_'.$idpentry2['entityid'])
@@ -46,7 +46,7 @@ foreach ($this->data['idplist'] as $idpentry) {
             $idpentry = $this->data['idplist'][$this->data['preferredidp']];
             echo '<div class="preferredidp">';
             echo '	<img src="/'.$this->data['baseurlpath'].
-                 'resources/icons/experience/gtk-about.64x64.png" class="float-r" alt="'.
+                'resources/icons/experience/gtk-about.64x64.png" class="float-r" alt="'.
                 $this->t('icon_prefered_idp').'" />';
 
             if (array_key_exists('icon', $idpentry) && $idpentry['icon'] !== null) {
@@ -71,7 +71,7 @@ foreach ($this->data['idplist'] as $idpentry) {
                 if (array_key_exists('icon', $idpentry) && $idpentry['icon'] !== null) {
                     $iconUrl = \SimpleSAML\Utils\HTTP::resolveURL($idpentry['icon']);
                     echo '<img class="float-l" style="clear: both; margin: 1em; padding: 3px; border: 1px solid #999"'.
-                         ' src="'.htmlspecialchars($iconUrl).'" />';
+                        ' src="'.htmlspecialchars($iconUrl).'" />';
                 }
                 echo "\n".'	<h3 style="margin-top: 8px">'.htmlspecialchars($this->t('idpname_'.$idpentry['entityid']));
                 echo '</h3>';
diff --git a/templates/status.php b/templates/status.php
index 7fb5ba09f..7732cbc90 100644
--- a/templates/status.php
+++ b/templates/status.php
@@ -8,30 +8,27 @@ if (array_key_exists('header', $this->data)) {
 $this->includeAtTemplateBase('includes/header.php');
 $this->includeAtTemplateBase('includes/attributes.php');
 ?>
-
     <h2><?php if (isset($this->data['header'])) {
-            echo($this->data['header']);
+            echo $this->data['header'];
         } else {
-            echo($this->t('{status:some_error_occurred}'));
+            echo $this->t('{status:some_error_occurred}');
         } ?></h2>
 
-    <p><?php echo($this->t('{status:intro}')); ?></p>
+    <p><?php echo $this->t('{status:intro}'); ?></p>
 
 <?php
 if (isset($this->data['remaining'])) {
-    echo('<p>'.$this->t('{status:validfor}', array('%SECONDS%' => $this->data['remaining'])).'</p>');
+    echo '<p>'.$this->t('{status:validfor}', array('%SECONDS%' => $this->data['remaining'])).'</p>';
 }
 
 if (isset($this->data['sessionsize'])) {
-    echo('<p>'.$this->t('{status:sessionsize}', array('%SIZE%' => $this->data['sessionsize'])).'</p>');
+    echo '<p>'.$this->t('{status:sessionsize}', array('%SIZE%' => $this->data['sessionsize'])).'</p>';
 }
 ?>
-    <h2><?php echo($this->t('{status:attributes_header}')); ?></h2>
-
+    <h2><?php echo $this->t('{status:attributes_header}'); ?></h2>
 <?php
-
 $attributes = $this->data['attributes'];
-echo(present_attributes($this, $attributes, ''));
+echo present_attributes($this, $attributes, '');
 
 $nameid = $this->data['nameid'];
 if ($nameid !== false) {
@@ -42,7 +39,7 @@ if ($nameid !== false) {
         echo "<p>NameID: <span class=\"notset\">".$this->t('{status:subject_notset}')."</span></p>";
     } else {
         $list = array(
-            "NameId"                            => array($nameid->value),
+            "NameId" => array($nameid->value),
         );
         if (!is_null($nameid->Format)) {
             $list[$this->t('{status:subject_format}')] = array($nameid->Format);
@@ -57,23 +54,23 @@ if ($nameid !== false) {
             $list['SPProvidedID'] = array($nameid->SPProvidedID);
         }
     }
-    echo(present_attributes($this, $list, ''));
+    echo present_attributes($this, $list, '');
 }
 
 $authData = $this->data['authData'];
 if (!empty($authData)) {
     echo "<h2>".$this->t('{status:authData_header}')."</h2>";
-    echo '<details><summary>' . $this->t('{status:authData_summary}') . '</summary>'; 
-    echo('<pre>' . htmlspecialchars(json_encode($this->data['authData'], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)) . '</pre>');
+    echo '<details><summary>'.$this->t('{status:authData_summary}').'</summary>'; 
+    echo '<pre>'.htmlspecialchars(json_encode($this->data['authData'], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)).'</pre>';
     echo '</details>';
 }
 if (isset($this->data['logout'])) {
-    echo('<h2>'.$this->t('{status:logout}').'</h2>');
-    echo('<p>'.$this->data['logout'].'</p>');
+    echo '<h2>'.$this->t('{status:logout}').'</h2>';
+    echo '<p>'.$this->data['logout'].'</p>';
 }
 
 if (isset($this->data['logouturl'])) {
-    echo('<a href="'.htmlspecialchars($this->data['logouturl']).'">'.$this->t('{status:logout}').'</a>');
+    echo '<a href="'.htmlspecialchars($this->data['logouturl']).'">'.$this->t('{status:logout}').'</a>';
 }
 
 $this->includeAtTemplateBase('includes/footer.php');
diff --git a/www/_include.php b/www/_include.php
index d3e6852ba..74eb6b219 100644
--- a/www/_include.php
+++ b/www/_include.php
@@ -53,8 +53,8 @@ function SimpleSAML_error_handler($errno, $errstr, $errfile = null, $errline = 0
     }
 
     // show an error with a full backtrace
-    $context = (is_null($errfile)?'':" at $errfile:$errline");
-    $e = new \SimpleSAML\Error\Exception('Error '.$errno.' - '.$errstr . $context);
+    $context = (is_null($errfile) ? '' : " at $errfile:$errline");
+    $e = new \SimpleSAML\Error\Exception('Error '.$errno.' - '.$errstr.$context);
     $e->logError();
 
     // resume normal error processing
diff --git a/www/admin/hostnames.php b/www/admin/hostnames.php
index 3b24bf531..fa93ab5d8 100644
--- a/www/admin/hostnames.php
+++ b/www/admin/hostnames.php
@@ -12,7 +12,7 @@ $session = \SimpleSAML\Session::getSessionFromRequest();
 $attributes = array();
 
 $attributes['HTTP_HOST'] = array($_SERVER['HTTP_HOST']);
-$attributes['HTTPS'] = isset($_SERVER['HTTPS'])? array($_SERVER['HTTPS']) : array();
+$attributes['HTTPS'] = isset($_SERVER['HTTPS']) ? array($_SERVER['HTTPS']) : array();
 $attributes['SERVER_PROTOCOL'] = array($_SERVER['SERVER_PROTOCOL']);
 $attributes['SERVER_PORT'] = array($_SERVER['SERVER_PORT']);
 
diff --git a/www/admin/sandbox.php b/www/admin/sandbox.php
index e15d02fd7..d7cf29365 100644
--- a/www/admin/sandbox.php
+++ b/www/admin/sandbox.php
@@ -13,7 +13,7 @@ $template = new \SimpleSAML\XHTML\Template($config, 'sandbox.php');
 
 $template->data['pagetitle'] = 'Sandbox';
 $template->data['sometext'] = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec a diam lectus. Sed sit amet ipsum mauris. Maecenas congue ligula ac quam viverra nec consectetur ante hendrerit. Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur.';
-$template->data['remaining']  = $session->getAuthData('admin', 'Expire') - time();
+$template->data['remaining'] = $session->getAuthData('admin', 'Expire') - time();
 $template->data['logout'] = null;
 
 $template->show();
diff --git a/www/saml2/idp/ArtifactResolutionService.php b/www/saml2/idp/ArtifactResolutionService.php
index 26a4b48ff..975e8d826 100644
--- a/www/saml2/idp/ArtifactResolutionService.php
+++ b/www/saml2/idp/ArtifactResolutionService.php
@@ -31,7 +31,8 @@ if ($store === false) {
 $binding = new \SAML2\SOAP();
 try {
     $request = $binding->receive();
-} catch (Exception $e) { // TODO: look for a specific exception
+} catch (Exception $e) {
+    // TODO: look for a specific exception
     // This is dirty. Instead of checking the message of the exception, \SAML2\Binding::getCurrentBinding() should throw
     // an specific exception when the binding is unknown, and we should capture that here. Also note that the exception
     // message here is bogus!
diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index 5a400b854..c3e491684 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -15,7 +15,7 @@ require_once('../../_include.php');
 
 $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler();
 $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
-$idp = \SimpleSAML\IdP::getById('saml2:' . $idpEntityId);
+$idp = \SimpleSAML\IdP::getById('saml2:'.$idpEntityId);
 
 try {
     \SimpleSAML\Module\saml\IdP\SAML2::receiveAuthnRequest($idp);
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index 402e8d5e2..6e6e9a5f8 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -21,7 +21,8 @@ if (isset($_REQUEST['ReturnTo'])) {
 } else {
     try {
         \SimpleSAML\Module\saml\IdP\SAML2::receiveLogoutMessage($idp);
-    } catch (\Exception $e) { // TODO: look for a specific exception
+    } catch (\Exception $e) {
+        // TODO: look for a specific exception
         /*
          * This is dirty. Instead of checking the message of the exception, \SAML2\Binding::getCurrentBinding() should
          * throw an specific exception when the binding is unknown, and we should capture that here
diff --git a/www/saml2/idp/initSLO.php b/www/saml2/idp/initSLO.php
index 526c7cd86..21576797d 100644
--- a/www/saml2/idp/initSLO.php
+++ b/www/saml2/idp/initSLO.php
@@ -13,4 +13,4 @@ if (!isset($_GET['RelayState'])) {
 }
 
 $idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed((string) $_GET['RelayState']));
-assert(FALSE);
+assert(false);
diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php
index 2237091b8..14a014fcd 100644
--- a/www/shib13/idp/SSOService.php
+++ b/www/shib13/idp/SSOService.php
@@ -15,7 +15,7 @@ require_once '../../_include.php';
 
 $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler();
 $idpEntityId = $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
-$idp = \SimpleSAML\IdP::getById('saml1:' . $idpEntityId);
+$idp = \SimpleSAML\IdP::getById('saml1:'.$idpEntityId);
 \SimpleSAML\Module\saml\IdP\SAML1::receiveAuthnRequest($idp);
 
 assert(false);
diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php
index 628a7f1d6..edb474eed 100644
--- a/www/shib13/idp/metadata.php
+++ b/www/shib13/idp/metadata.php
@@ -17,8 +17,7 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
 
 try {
     $idpentityid = isset($_GET['idpentityid']) ?
-        $_GET['idpentityid'] :
-        $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
+        $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
     $idpmeta = $metadata->getMetaDataConfig($idpentityid, 'shib13-idp-hosted');
 
     $keys = array();
-- 
GitLab