From dba872e0c07eb87549f369b9254d4890bbef1473 Mon Sep 17 00:00:00 2001 From: Tim van Dijen <tvdijen@gmail.com> Date: Thu, 31 May 2018 18:32:05 +0200 Subject: [PATCH] Replace SimpleSAML_IdP* with namespaced version --- lib/SimpleSAML/IdP.php | 117 +++++++++--------- lib/SimpleSAML/IdP/IFrameLogoutHandler.php | 8 +- lib/SimpleSAML/IdP/LogoutHandlerInterface.php | 4 +- .../IdP/TraditionalLogoutHandler.php | 8 +- lib/SimpleSAML/Session.php | 6 +- modules/adfs/lib/IdP/ADFS.php | 10 +- modules/adfs/www/idp/prp.php | 2 +- modules/consent/lib/Logout.php | 7 +- modules/consent/www/logout.php | 2 +- modules/core/www/idp/logout-iframe-done.php | 2 +- modules/core/www/idp/logout-iframe-post.php | 2 +- modules/core/www/idp/logout-iframe.php | 6 +- modules/core/www/idp/resumelogout.php | 2 +- modules/saml/lib/Auth/Source/SP.php | 6 +- modules/saml/lib/IdP/SAML1.php | 15 ++- modules/saml/lib/IdP/SAML2.php | 40 +++--- modules/saml/www/proxy/invalid_session.php | 2 +- tests/lib/SimpleSAML/DatabaseTest.php | 6 +- .../Metadata/MetaDataStorageSourceTest.php | 4 +- .../SimpleSAML/Metadata/SAMLBuilderTest.php | 6 +- www/saml2/idp/SSOService.php | 2 +- www/saml2/idp/SingleLogoutService.php | 2 +- www/saml2/idp/initSLO.php | 2 +- www/shib13/idp/SSOService.php | 8 +- 24 files changed, 139 insertions(+), 130 deletions(-) diff --git a/lib/SimpleSAML/IdP.php b/lib/SimpleSAML/IdP.php index 8089ad074..6110df9c7 100644 --- a/lib/SimpleSAML/IdP.php +++ b/lib/SimpleSAML/IdP.php @@ -1,5 +1,9 @@ <?php +namespace SimpleSAML; + +use SimpleSAML\Error\Exception; + /** * IdP class. * @@ -7,7 +11,8 @@ * * @package SimpleSAMLphp */ -class SimpleSAML_IdP + +class IdP { /** * A cache for resolving IdP id's. @@ -36,14 +41,14 @@ class SimpleSAML_IdP /** * The configuration for this IdP. * - * @var SimpleSAML\Configuration + * @var Configuration */ private $config; /** * Our authsource. * - * @var \SimpleSAML\Auth\Simple + * @var Auth\Simple */ private $authSource; @@ -52,7 +57,7 @@ class SimpleSAML_IdP * * @param string $id The identifier of this IdP. * - * @throws \SimpleSAML\Error\Exception If the IdP is disabled or no such auth source was found. + * @throws Exception If the IdP is disabled or no such auth source was found. */ private function __construct($id) { @@ -60,22 +65,22 @@ class SimpleSAML_IdP $this->id = $id; - $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); - $globalConfig = SimpleSAML\Configuration::getInstance(); + $metadata = Metadata\MetaDataStorageHandler::getMetadataHandler(); + $globalConfig = Configuration::getInstance(); if (substr($id, 0, 6) === 'saml2:') { if (!$globalConfig->getBoolean('enable.saml20-idp', false)) { - throw new \SimpleSAML\Error\Exception('enable.saml20-idp disabled in config.php.'); + throw new Exception('enable.saml20-idp disabled in config.php.'); } $this->config = $metadata->getMetaDataConfig(substr($id, 6), 'saml20-idp-hosted'); } elseif (substr($id, 0, 6) === 'saml1:') { if (!$globalConfig->getBoolean('enable.shib13-idp', false)) { - throw new \SimpleSAML\Error\Exception('enable.shib13-idp disabled in config.php.'); + throw new Exception('enable.shib13-idp disabled in config.php.'); } $this->config = $metadata->getMetaDataConfig(substr($id, 6), 'shib13-idp-hosted'); } elseif (substr($id, 0, 5) === 'adfs:') { if (!$globalConfig->getBoolean('enable.adfs-idp', false)) { - throw new \SimpleSAML\Error\Exception('enable.adfs-idp disabled in config.php.'); + throw new Exception('enable.adfs-idp disabled in config.php.'); } $this->config = $metadata->getMetaDataConfig(substr($id, 5), 'adfs-idp-hosted'); @@ -83,7 +88,7 @@ class SimpleSAML_IdP // this makes the ADFS IdP use the same SP associations as the SAML 2.0 IdP $saml2EntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); $this->associationGroup = 'saml2:'.$saml2EntityId; - } catch (Exception $e) { + } catch (\Exception $e) { // probably no SAML 2 IdP configured for this host. Ignore the error } } else { @@ -95,10 +100,10 @@ class SimpleSAML_IdP } $auth = $this->config->getString('auth'); - if (\SimpleSAML\Auth\Source::getById($auth) !== null) { - $this->authSource = new \SimpleSAML\Auth\Simple($auth); + if (Auth\Source::getById($auth) !== null) { + $this->authSource = new Auth\Simple($auth); } else { - throw new \SimpleSAML\Error\Exception('No such "'.$auth.'" auth source found.'); + throw new Exception('No such "'.$auth.'" auth source found.'); } } @@ -119,7 +124,7 @@ class SimpleSAML_IdP * * @param string $id The identifier of the IdP. * - * @return SimpleSAML_IdP The IdP. + * @return IdP The IdP. */ public static function getById($id) { @@ -140,7 +145,7 @@ class SimpleSAML_IdP * * @param array &$state The state array. * - * @return SimpleSAML_IdP The IdP. + * @return IdP The IdP. */ public static function getByState(array &$state) { @@ -153,7 +158,7 @@ class SimpleSAML_IdP /** * Retrieve the configuration for this IdP. * - * @return SimpleSAML\Configuration The configuration object. + * @return Configuration The configuration object. */ public function getConfig() { @@ -174,15 +179,15 @@ class SimpleSAML_IdP $prefix = substr($assocId, 0, 4); $spEntityId = substr($assocId, strlen($prefix) + 1); - $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); + $metadata = Metadata\MetaDataStorageHandler::getMetadataHandler(); if ($prefix === 'saml') { try { $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote'); - } catch (Exception $e) { + } catch (\Exception $e) { try { $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote'); - } catch (Exception $e) { + } catch (\Exception $e) { return null; } } @@ -216,7 +221,7 @@ class SimpleSAML_IdP $association['core:IdP'] = $this->id; - $session = \SimpleSAML\Session::getSessionFromRequest(); + $session = Session::getSessionFromRequest(); $session->addAssociation($this->associationGroup, $association); } @@ -228,7 +233,7 @@ class SimpleSAML_IdP */ public function getAssociations() { - $session = \SimpleSAML\Session::getSessionFromRequest(); + $session = Session::getSessionFromRequest(); return $session->getAssociations($this->associationGroup); } @@ -242,7 +247,7 @@ class SimpleSAML_IdP { assert(is_string($assocId)); - $session = \SimpleSAML\Session::getSessionFromRequest(); + $session = Session::getSessionFromRequest(); $session->terminateAssociation($this->associationGroup, $assocId); } @@ -273,7 +278,7 @@ class SimpleSAML_IdP 'core:idp-ssotime', $state['core:IdP'].';'.$state['core:SP'], time(), - \SimpleSAML\Session::DATA_TIMEOUT_SESSION_END + Session::DATA_TIMEOUT_SESSION_END ); } @@ -287,14 +292,14 @@ class SimpleSAML_IdP * * @param array $state The authentication request state array. * - * @throws \SimpleSAML\Error\Exception If we are not authenticated. + * @throws Exception If we are not authenticated. */ public static function postAuth(array $state) { - $idp = SimpleSAML_IdP::getByState($state); + $idp = IdP::getByState($state); if (!$idp->isAuthenticated()) { - throw new \SimpleSAML\Error\Exception('Not authenticated.'); + throw new Exception('Not authenticated.'); } $state['Attributes'] = $idp->authSource->getAttributes(); @@ -306,7 +311,7 @@ class SimpleSAML_IdP } if (isset($state['core:SP'])) { - $session = \SimpleSAML\Session::getSessionFromRequest(); + $session = Session::getSessionFromRequest(); $previousSSOTime = $session->getData('core:idp-ssotime', $state['core:IdP'].';'.$state['core:SP']); if ($previousSSOTime !== null) { $state['PreviousSSOTimestamp'] = $previousSSOTime; @@ -315,9 +320,9 @@ class SimpleSAML_IdP $idpMetadata = $idp->getConfig()->toArray(); - $pc = new \SimpleSAML\Auth\ProcessingChain($idpMetadata, $spMetadata, 'idp'); + $pc = new Auth\ProcessingChain($idpMetadata, $spMetadata, 'idp'); - $state['ReturnCall'] = array('SimpleSAML_IdP', 'postAuthProc'); + $state['ReturnCall'] = array('\SimpleSAML\IdP', 'postAuthProc'); $state['Destination'] = $spMetadata; $state['Source'] = $idpMetadata; @@ -334,12 +339,12 @@ class SimpleSAML_IdP * * @param array &$state The authentication request state. * - * @throws \SimpleSAML\Module\saml\Error\NoPassive If we were asked to do passive authentication. + * @throws Module\saml\Error\NoPassive If we were asked to do passive authentication. */ private function authenticate(array &$state) { if (isset($state['isPassive']) && (bool) $state['isPassive']) { - throw new \SimpleSAML\Module\saml\Error\NoPassive('Passive authentication not supported.'); + throw new Module\saml\Error\NoPassive('Passive authentication not supported.'); } $this->authSource->login($state); @@ -356,13 +361,13 @@ class SimpleSAML_IdP * * @param array &$state The authentication request state. * - * @throws \SimpleSAML\Error\Exception If there is no auth source defined for this IdP. + * @throws Exception If there is no auth source defined for this IdP. */ private function reauthenticate(array &$state) { $sourceImpl = $this->authSource->getAuthSource(); if ($sourceImpl === null) { - throw new \SimpleSAML\Error\Exception('No such auth source defined.'); + throw new Exception('No such auth source defined.'); } $sourceImpl->reauthenticate($state); @@ -398,7 +403,7 @@ class SimpleSAML_IdP } $state['IdPMetadata'] = $this->getConfig()->toArray(); - $state['ReturnCallback'] = array('SimpleSAML_IdP', 'postAuth'); + $state['ReturnCallback'] = array('\SimpleSAML\IdP', 'postAuth'); try { if ($needAuth) { @@ -408,11 +413,11 @@ class SimpleSAML_IdP $this->reauthenticate($state); } $this->postAuth($state); - } catch (\SimpleSAML\Error\Exception $e) { - \SimpleSAML\Auth\State::throwException($state, $e); } catch (Exception $e) { - $e = new \SimpleSAML\Error\UnserializableException($e); \SimpleSAML\Auth\State::throwException($state, $e); + } catch (\Exception $e) { + $e = new Error\UnserializableException($e); + Auth\State::throwException($state, $e); } } @@ -420,9 +425,9 @@ class SimpleSAML_IdP /** * Find the logout handler of this IdP. * - * @return \SimpleSAML\IdP\LogoutHandlerInterface The logout handler class. + * @return IdP\LogoutHandlerInterface The logout handler class. * - * @throws \SimpleSAML\Error\Exception If we cannot find a logout handler. + * @throws Exception If we cannot find a logout handler. */ public function getLogoutHandler() { @@ -430,13 +435,13 @@ class SimpleSAML_IdP $logouttype = $this->getConfig()->getString('logouttype', 'traditional'); switch ($logouttype) { case 'traditional': - $handler = 'SimpleSAML\IdP\TraditionalLogoutHandler'; + $handler = '\SimpleSAML\IdP\TraditionalLogoutHandler'; break; case 'iframe': - $handler = 'SimpleSAML\IdP\IFrameLogoutHandler'; + $handler = '\SimpleSAML\IdP\IFrameLogoutHandler'; break; default: - throw new \SimpleSAML\Error\Exception('Unknown logout handler: '.var_export($logouttype, true)); + throw new Exception('Unknown logout handler: '.var_export($logouttype, true)); } return new $handler($this); @@ -454,7 +459,7 @@ class SimpleSAML_IdP { assert(isset($state['Responder'])); - $idp = SimpleSAML_IdP::getByState($state); + $idp = IdP::getByState($state); call_user_func($state['Responder'], $idp, $state); assert(false); } @@ -479,13 +484,13 @@ class SimpleSAML_IdP if ($assocId !== null) { $this->terminateAssociation($assocId); - $session = \SimpleSAML\Session::getSessionFromRequest(); + $session = Session::getSessionFromRequest(); $session->deleteData('core:idp-ssotime', $this->id.':'.$state['saml:SPEntityId']); } // terminate the local session - $id = \SimpleSAML\Auth\State::saveState($state, 'core:Logout:afterbridge'); - $returnTo = \SimpleSAML\Module::getModuleURL('core/idp/resumelogout.php', array('id' => $id)); + $id = Auth\State::saveState($state, 'core:Logout:afterbridge'); + $returnTo = Module::getModuleURL('core/idp/resumelogout.php', array('id' => $id)); $this->authSource->logout($returnTo); @@ -500,16 +505,16 @@ class SimpleSAML_IdP * * This function will never return. * - * @param string $assocId The association that is terminated. - * @param string|null $relayState The RelayState from the start of the logout. - * @param \SimpleSAML\Error\Exception|null $error The error that occurred during session termination (if any). + * @param string $assocId The association that is terminated. + * @param string|null $relayState The RelayState from the start of the logout. + * @param Exception|null $error The error that occurred during session termination (if any). */ - public function handleLogoutResponse($assocId, $relayState, \SimpleSAML\Error\Exception $error = null) + public function handleLogoutResponse($assocId, $relayState, Exception $error = null) { assert(is_string($assocId)); assert(is_string($relayState) || $relayState === null); - $session = \SimpleSAML\Session::getSessionFromRequest(); + $session = Session::getSessionFromRequest(); $session->deleteData('core:idp-ssotime', $this->id.';'.substr($assocId, strpos($assocId, ':') + 1)); $handler = $this->getLogoutHandler(); @@ -531,7 +536,7 @@ class SimpleSAML_IdP assert(is_string($url)); $state = array( - 'Responder' => array('SimpleSAML_IdP', 'finishLogoutRedirect'), + 'Responder' => array('\SimpleSAML\IdP', 'finishLogoutRedirect'), 'core:Logout:URL' => $url, ); @@ -545,14 +550,14 @@ class SimpleSAML_IdP * * This function never returns. * - * @param SimpleSAML_IdP $idp Deprecated. Will be removed. - * @param array &$state The logout state from doLogoutRedirect(). + * @param IdP $idp Deprecated. Will be removed. + * @param array &$state The logout state from doLogoutRedirect(). */ - public static function finishLogoutRedirect(SimpleSAML_IdP $idp, array $state) + public static function finishLogoutRedirect(IdP $idp, array $state) { assert(isset($state['core:Logout:URL'])); - \SimpleSAML\Utils\HTTP::redirectTrustedURL($state['core:Logout:URL']); + Utils\HTTP::redirectTrustedURL($state['core:Logout:URL']); assert(false); } } diff --git a/lib/SimpleSAML/IdP/IFrameLogoutHandler.php b/lib/SimpleSAML/IdP/IFrameLogoutHandler.php index af9aebbdd..e1f4df2ad 100644 --- a/lib/SimpleSAML/IdP/IFrameLogoutHandler.php +++ b/lib/SimpleSAML/IdP/IFrameLogoutHandler.php @@ -16,7 +16,7 @@ class IFrameLogoutHandler implements LogoutHandlerInterface /** * The IdP we are logging out from. * - * @var \SimpleSAML_IdP + * @var \SimpleSAML\IdP */ private $idp; @@ -24,9 +24,9 @@ class IFrameLogoutHandler implements LogoutHandlerInterface /** * LogoutIFrame constructor. * - * @param \SimpleSAML_IdP $idp The IdP to log out from. + * @param \SimpleSAML\IdP $idp The IdP to log out from. */ - public function __construct(\SimpleSAML_IdP $idp) + public function __construct(\SimpleSAML\IdP $idp) { $this->idp = $idp; } @@ -48,7 +48,7 @@ class IFrameLogoutHandler implements LogoutHandlerInterface } foreach ($associations as $id => &$association) { - $idp = \SimpleSAML_IdP::getByState($association); + $idp = \SimpleSAML\IdP::getByState($association); $association['core:Logout-IFrame:Name'] = $idp->getSPName($id); $association['core:Logout-IFrame:State'] = 'onhold'; } diff --git a/lib/SimpleSAML/IdP/LogoutHandlerInterface.php b/lib/SimpleSAML/IdP/LogoutHandlerInterface.php index cda28721f..773bda694 100644 --- a/lib/SimpleSAML/IdP/LogoutHandlerInterface.php +++ b/lib/SimpleSAML/IdP/LogoutHandlerInterface.php @@ -13,9 +13,9 @@ interface LogoutHandlerInterface /** * Initialize this logout handler. * - * @param \SimpleSAML_IdP $idp The IdP we are logging out from. + * @param \SimpleSAML\IdP $idp The IdP we are logging out from. */ - public function __construct(\SimpleSAML_IdP $idp); + public function __construct(\SimpleSAML\IdP $idp); /** diff --git a/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php b/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php index eb8d0ec6a..37218ea88 100644 --- a/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php +++ b/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php @@ -16,7 +16,7 @@ class TraditionalLogoutHandler implements LogoutHandlerInterface /** * The IdP we are logging out from. * - * @var \SimpleSAML_IdP + * @var \SimpleSAML\IdP */ private $idp; @@ -24,9 +24,9 @@ class TraditionalLogoutHandler implements LogoutHandlerInterface /** * TraditionalLogout constructor. * - * @param \SimpleSAML_IdP $idp The IdP to log out from. + * @param \SimpleSAML\IdP $idp The IdP to log out from. */ - public function __construct(\SimpleSAML_IdP $idp) + public function __construct(\SimpleSAML\IdP $idp) { $this->idp = $idp; } @@ -52,7 +52,7 @@ class TraditionalLogoutHandler implements LogoutHandlerInterface Logger::info('Logging out of '.var_export($id, true).'.'); try { - $idp = \SimpleSAML_IdP::getByState($association); + $idp = \SimpleSAML\IdP::getByState($association); $url = call_user_func(array($association['Handler'], 'getLogoutURL'), $idp, $association, $relayState); HTTP::redirectTrustedURL($url); } catch (\Exception $e) { diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php index 15dc2ff33..3432ca53b 100644 --- a/lib/SimpleSAML/Session.php +++ b/lib/SimpleSAML/Session.php @@ -1049,7 +1049,7 @@ class Session implements \Serializable /** * Add an SP association for an IdP. * - * This function is only for use by the SimpleSAML_IdP class. + * This function is only for use by the IdP class. * * @param string $idp The IdP id. * @param array $association The association we should add. @@ -1077,7 +1077,7 @@ class Session implements \Serializable /** * Retrieve the associations for an IdP. * - * This function is only for use by the SimpleSAML_IdP class. + * This function is only for use by the IdP class. * * @param string $idp The IdP id. * @@ -1113,7 +1113,7 @@ class Session implements \Serializable /** * Remove an SP association for an IdP. * - * This function is only for use by the SimpleSAML_IdP class. + * This function is only for use by the IdP class. * * @param string $idp The IdP id. * @param string $associationId The id of the association. diff --git a/modules/adfs/lib/IdP/ADFS.php b/modules/adfs/lib/IdP/ADFS.php index e468ddce4..15464d30f 100644 --- a/modules/adfs/lib/IdP/ADFS.php +++ b/modules/adfs/lib/IdP/ADFS.php @@ -5,7 +5,7 @@ use RobRichards\XMLSecLibs\XMLSecurityKey; class sspmod_adfs_IdP_ADFS { - public static function receiveAuthnRequest(SimpleSAML_IdP $idp) + public static function receiveAuthnRequest(\SimpleSAML\IdP $idp) { try { parse_str($_SERVER['QUERY_STRING'], $query); @@ -167,7 +167,7 @@ MSG; $nameid = SimpleSAML\Utils\Random::generateID(); } - $idp = \SimpleSAML_IdP::getByState($state); + $idp = \SimpleSAML\IdP::getByState($state); $idpMetadata = $idp->getConfig(); $idpEntityId = $idpMetadata->getString('entityid'); @@ -198,14 +198,14 @@ MSG; \sspmod_adfs_IdP_ADFS::postResponse($wreply, $wresult, $wctx); } - public static function sendLogoutResponse(SimpleSAML_IdP $idp, array $state) + public static function sendLogoutResponse(\SimpleSAML\IdP $idp, array $state) { // NB:: we don't know from which SP the logout request came from $idpMetadata = $idp->getConfig(); \SimpleSAML\Utils\HTTP::redirectTrustedURL($idpMetadata->getValue('redirect-after-logout', \SimpleSAML\Utils\HTTP::getBaseURL())); } - public static function receiveLogoutMessage(SimpleSAML_IdP $idp) + public static function receiveLogoutMessage(\SimpleSAML\IdP $idp) { // if a redirect is to occur based on wreply, we will redirect to url as // this implies an override to normal sp notification @@ -225,7 +225,7 @@ MSG; } // accepts an association array, and returns a URL that can be accessed to terminate the association - public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState) + public static function getLogoutURL(\SimpleSAML\IdP $idp, array $association, $relayState) { $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $spMetadata = $metadata->getMetaDataConfig($association['adfs:entityID'], 'adfs-sp-remote'); diff --git a/modules/adfs/www/idp/prp.php b/modules/adfs/www/idp/prp.php index b0705a2c7..6000d72db 100644 --- a/modules/adfs/www/idp/prp.php +++ b/modules/adfs/www/idp/prp.php @@ -10,7 +10,7 @@ $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('adfs-idp-hosted'); -$idp = \SimpleSAML_IdP::getById('adfs:' . $idpEntityId); +$idp = \SimpleSAML\IdP::getById('adfs:' . $idpEntityId); if (isset($_GET['wa'])) { if ($_GET['wa'] === 'wsignout1.0') { diff --git a/modules/consent/lib/Logout.php b/modules/consent/lib/Logout.php index 821a5fdee..dfd94afde 100644 --- a/modules/consent/lib/Logout.php +++ b/modules/consent/lib/Logout.php @@ -1,17 +1,16 @@ <?php - /** * Class defining the logout completed handler for the consent page. * * @package SimpleSAMLphp */ + class sspmod_consent_Logout { - - public static function postLogout(SimpleSAML_IdP $idp, array $state) + public static function postLogout(\SimpleSAML\IdP $idp, array $state) { - $url = SimpleSAML\Module::getModuleURL('consent/logout_completed.php'); + $url = \SimpleSAML\Module::getModuleURL('consent/logout_completed.php'); \SimpleSAML\Utils\HTTP::redirectTrustedURL($url); } } diff --git a/modules/consent/www/logout.php b/modules/consent/www/logout.php index 50d551926..8d4c2f6d8 100644 --- a/modules/consent/www/logout.php +++ b/modules/consent/www/logout.php @@ -12,6 +12,6 @@ $state = \SimpleSAML\Auth\State::loadState($_GET['StateId'], 'consent:request'); $state['Responder'] = array('sspmod_consent_Logout', 'postLogout'); -$idp = \SimpleSAML_IdP::getByState($state); +$idp = \SimpleSAML\IdP::getByState($state); $idp->handleLogoutRequest($state, null); assert(false); diff --git a/modules/core/www/idp/logout-iframe-done.php b/modules/core/www/idp/logout-iframe-done.php index b99870ca3..d338b1811 100644 --- a/modules/core/www/idp/logout-iframe-done.php +++ b/modules/core/www/idp/logout-iframe-done.php @@ -4,7 +4,7 @@ if (!isset($_REQUEST['id'])) { throw new \SimpleSAML\Error\BadRequest('Missing required parameter: id'); } $state = \SimpleSAML\Auth\State::loadState($_REQUEST['id'], 'core:Logout-IFrame'); -$idp = SimpleSAML_IdP::getByState($state); +$idp = \SimpleSAML\IdP::getByState($state); $associations = $idp->getAssociations(); diff --git a/modules/core/www/idp/logout-iframe-post.php b/modules/core/www/idp/logout-iframe-post.php index ce4932d7e..aeb6554c2 100644 --- a/modules/core/www/idp/logout-iframe-post.php +++ b/modules/core/www/idp/logout-iframe-post.php @@ -4,7 +4,7 @@ if (!isset($_REQUEST['idp'])) { throw new \SimpleSAML\Error\BadRequest('Missing "idp" parameter.'); } $idp = (string) $_REQUEST['idp']; -$idp = SimpleSAML_IdP::getById($idp); +$idp = \SimpleSAML\IdP::getById($idp); if (!isset($_REQUEST['association'])) { throw new \SimpleSAML\Error\BadRequest('Missing "association" parameter.'); diff --git a/modules/core/www/idp/logout-iframe.php b/modules/core/www/idp/logout-iframe.php index 4916c1199..8cc07f13d 100644 --- a/modules/core/www/idp/logout-iframe.php +++ b/modules/core/www/idp/logout-iframe.php @@ -19,7 +19,7 @@ if ($type !== 'embed') { } $state = \SimpleSAML\Auth\State::loadState($_REQUEST['id'], 'core:Logout-IFrame'); -$idp = \SimpleSAML_IdP::getByState($state); +$idp = \SimpleSAML\IdP::getByState($state); $mdh = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); if ($type !== 'init') { // update association state @@ -53,7 +53,7 @@ if ($type !== 'init') { // update association state if (!isset($sp['core:Logout-IFrame:Timeout'])) { if (method_exists($sp['Handler'], 'getAssociationConfig')) { - $assocIdP = SimpleSAML_IdP::getByState($sp); + $assocIdP = \SimpleSAML\IdP::getByState($sp); $assocConfig = call_user_func(array($sp['Handler'], 'getAssociationConfig'), $assocIdP, $sp); $sp['core:Logout-IFrame:Timeout'] = $assocConfig->getInteger('core:logout-timeout', 5) + time(); } else { @@ -71,7 +71,7 @@ foreach ($state['core:Logout-IFrame:Associations'] as $assocId => &$sp) { } try { - $assocIdP = SimpleSAML_IdP::getByState($sp); + $assocIdP = \SimpleSAML\IdP::getByState($sp); $url = call_user_func(array($sp['Handler'], 'getLogoutURL'), $assocIdP, $sp, null); $sp['core:Logout-IFrame:URL'] = $url; } catch (\Exception $e) { diff --git a/modules/core/www/idp/resumelogout.php b/modules/core/www/idp/resumelogout.php index 497e369b8..3e84b3a4e 100644 --- a/modules/core/www/idp/resumelogout.php +++ b/modules/core/www/idp/resumelogout.php @@ -4,7 +4,7 @@ if (!isset($_REQUEST['id'])) { throw new \SimpleSAML\Error\BadRequest('Missing id-parameter.'); } $state = \SimpleSAML\Auth\State::loadState($_REQUEST['id'], 'core:Logout:afterbridge'); -$idp = SimpleSAML_IdP::getByState($state); +$idp = \SimpleSAML\IdP::getByState($state); $assocId = $state['core:TerminatedAssocId']; diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php index 7aa29e2e3..a6840d35d 100644 --- a/modules/saml/lib/Auth/Source/SP.php +++ b/modules/saml/lib/Auth/Source/SP.php @@ -560,7 +560,7 @@ class sspmod_saml_Auth_Source_SP extends Source } $state['Responder'] = array('sspmod_saml_Auth_Source_SP', 'reauthPostLogout'); - $idp = SimpleSAML_IdP::getByState($state); + $idp = \SimpleSAML\IdP::getByState($state); $idp->handleLogoutRequest($state, null); assert(false); } @@ -589,10 +589,10 @@ class sspmod_saml_Auth_Source_SP extends Source * * This method will never return. * - * @param SimpleSAML_IdP $idp The IdP we are logging out from. + * @param \SimpleSAML\IdP $idp The IdP we are logging out from. * @param array &$state The state array with the state during logout. */ - public static function reauthPostLogout(SimpleSAML_IdP $idp, array $state) + public static function reauthPostLogout(\SimpleSAML\IdP $idp, array $state) { assert(isset($state['saml:sp:AuthId'])); diff --git a/modules/saml/lib/IdP/SAML1.php b/modules/saml/lib/IdP/SAML1.php index 9a11c4de6..f7ee616a6 100644 --- a/modules/saml/lib/IdP/SAML1.php +++ b/modules/saml/lib/IdP/SAML1.php @@ -1,11 +1,14 @@ <?php + use SimpleSAML\Bindings\Shib13\HTTPPost; +use SimpleSAML\Utils\HTTP; /** * IdP implementation for SAML 1.1 protocol. * * @package SimpleSAMLphp */ + class sspmod_saml_IdP_SAML1 { /** @@ -31,7 +34,7 @@ class sspmod_saml_IdP_SAML1 $shire = $state['saml:shire']; $target = $state['saml:target']; - $idp = SimpleSAML_IdP::getByState($state); + $idp = \SimpleSAML\IdP::getByState($state); $idpMetadata = $idp->getConfig(); @@ -60,9 +63,9 @@ class sspmod_saml_IdP_SAML1 /** * Receive an authentication request. * - * @param SimpleSAML_IdP $idp The IdP we are receiving it for. + * @param \SimpleSAML\IdP $idp The IdP we are receiving it for. */ - public static function receiveAuthnRequest(SimpleSAML_IdP $idp) + public static function receiveAuthnRequest(\SimpleSAML\IdP $idp) { if (isset($_REQUEST['cookieTime'])) { $cookieTime = (int)$_REQUEST['cookieTime']; @@ -71,7 +74,7 @@ class sspmod_saml_IdP_SAML1 * Less than five seconds has passed since we were * here the last time. Cookies are probably disabled. */ - \SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL()); + HTTP::checkSessionCookie(HTTP::getSelfURL()); } } @@ -117,8 +120,8 @@ class sspmod_saml_IdP_SAML1 'protocol' => 'saml1', )); - $sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters( - \SimpleSAML\Utils\HTTP::getSelfURL(), + $sessionLostURL = HTTP::addURLParameters( + HTTP::getSelfURL(), array('cookieTime' => time())); $state = array( diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php index ef3a53427..1ee1d6e67 100644 --- a/modules/saml/lib/IdP/SAML2.php +++ b/modules/saml/lib/IdP/SAML2.php @@ -39,7 +39,7 @@ class sspmod_saml_IdP_SAML2 $consumerURL = $state['saml:ConsumerURL']; $protocolBinding = $state['saml:Binding']; - $idp = \SimpleSAML_IdP::getByState($state); + $idp = \SimpleSAML\IdP::getByState($state); $idpMetadata = $idp->getConfig(); @@ -113,7 +113,7 @@ class sspmod_saml_IdP_SAML2 $consumerURL = $state['saml:ConsumerURL']; $protocolBinding = $state['saml:Binding']; - $idp = SimpleSAML_IdP::getByState($state); + $idp = \SimpleSAML\IdP::getByState($state); $idpMetadata = $idp->getConfig(); @@ -243,10 +243,10 @@ class sspmod_saml_IdP_SAML2 /** * Receive an authentication request. * - * @param SimpleSAML_IdP $idp The IdP we are receiving it for. + * @param \SimpleSAML\IdP $idp The IdP we are receiving it for. * @throws \SimpleSAML\Error\BadRequest In case an error occurs when trying to receive the request. */ - public static function receiveAuthnRequest(SimpleSAML_IdP $idp) + public static function receiveAuthnRequest(\SimpleSAML\IdP $idp) { $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $idpMetadata = $idp->getConfig(); @@ -455,11 +455,11 @@ class sspmod_saml_IdP_SAML2 /** * Send a logout request to a given association. * - * @param SimpleSAML_IdP $idp The IdP we are sending a logout request from. - * @param array $association The association that should be terminated. - * @param string|NULL $relayState An id that should be carried across the logout. + * @param \SimpleSAML\IdP $idp The IdP we are sending a logout request from. + * @param array $association The association that should be terminated. + * @param string|NULL $relayState An id that should be carried across the logout. */ - public static function sendLogoutRequest(SimpleSAML_IdP $idp, array $association, $relayState) + public static function sendLogoutRequest(\SimpleSAML\IdP $idp, array $association, $relayState) { assert(is_string($relayState) || $relayState === null); @@ -492,10 +492,10 @@ class sspmod_saml_IdP_SAML2 /** * Send a logout response. * - * @param SimpleSAML_IdP $idp The IdP we are sending a logout request from. - * @param array &$state The logout state array. + * @param \SimpleSAML\IdP $idp The IdP we are sending a logout request from. + * @param array &$state The logout state array. */ - public static function sendLogoutResponse(SimpleSAML_IdP $idp, array $state) + public static function sendLogoutResponse(\SimpleSAML\IdP $idp, array $state) { assert(isset($state['saml:SPEntityId'])); assert(isset($state['saml:RequestId'])); @@ -550,10 +550,10 @@ class sspmod_saml_IdP_SAML2 /** * Receive a logout message. * - * @param SimpleSAML_IdP $idp The IdP we are receiving it for. + * @param \SimpleSAML\IdP $idp The IdP we are receiving it for. * @throws \SimpleSAML\Error\BadRequest In case an error occurs while trying to receive the logout message. */ - public static function receiveLogoutMessage(SimpleSAML_IdP $idp) + public static function receiveLogoutMessage(\SimpleSAML\IdP $idp) { $binding = \SAML2\Binding::getCurrentBinding(); $message = $binding->receive(); @@ -621,13 +621,13 @@ class sspmod_saml_IdP_SAML2 /** * Retrieve a logout URL for a given logout association. * - * @param SimpleSAML_IdP $idp The IdP we are sending a logout request from. - * @param array $association The association that should be terminated. - * @param string|NULL $relayState An id that should be carried across the logout. + * @param \SimpleSAML\IdP $idp The IdP we are sending a logout request from. + * @param array $association The association that should be terminated. + * @param string|NULL $relayState An id that should be carried across the logout. * * @return string The logout URL. */ - public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState) + public static function getLogoutURL(\SimpleSAML\IdP $idp, array $association, $relayState) { assert(is_string($relayState) || $relayState === null); @@ -662,12 +662,12 @@ class sspmod_saml_IdP_SAML2 /** * Retrieve the metadata for the given SP association. * - * @param SimpleSAML_IdP $idp The IdP the association belongs to. - * @param array $association The SP association. + * @param \SimpleSAML\IdP $idp The IdP the association belongs to. + * @param array $association The SP association. * * @return \SimpleSAML\Configuration Configuration object for the SP metadata. */ - public static function getAssociationConfig(SimpleSAML_IdP $idp, array $association) + public static function getAssociationConfig(\SimpleSAML\IdP $idp, array $association) { $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); try { diff --git a/modules/saml/www/proxy/invalid_session.php b/modules/saml/www/proxy/invalid_session.php index 934373a5a..f24f493db 100644 --- a/modules/saml/www/proxy/invalid_session.php +++ b/modules/saml/www/proxy/invalid_session.php @@ -22,7 +22,7 @@ try { $state = \SimpleSAML\Auth\State::loadState($_REQUEST['AuthState'], 'core:Logout:afterbridge'); // success! Try to continue with reauthentication, since we no longer have a valid session here - $idp = \SimpleSAML_IdP::getById($state['core:IdP']); + $idp = \SimpleSAML\IdP::getById($state['core:IdP']); \sspmod_saml_Auth_Source_SP::reauthPostLogout($idp, $state); } diff --git a/tests/lib/SimpleSAML/DatabaseTest.php b/tests/lib/SimpleSAML/DatabaseTest.php index dea2ec26c..b99575b66 100644 --- a/tests/lib/SimpleSAML/DatabaseTest.php +++ b/tests/lib/SimpleSAML/DatabaseTest.php @@ -3,7 +3,7 @@ use PHPUnit\Framework\TestCase; /** - * This test ensures that the SimpleSAML_Database class can properly + * This test ensures that the \SimpleSAML\Database class can properly * query a database. * * It currently uses sqlite to test, but an alternate config.php file @@ -13,9 +13,9 @@ use PHPUnit\Framework\TestCase; * @author Tyler Antonio, University of Alberta. <tantonio@ualberta.ca> * @package SimpleSAMLphp */ -class SimpleSAML_DatabaseTest extends TestCase -{ +class DatabaseTest extends TestCase +{ /** * @var \SimpleSAML\Configuration */ diff --git a/tests/lib/SimpleSAML/Metadata/MetaDataStorageSourceTest.php b/tests/lib/SimpleSAML/Metadata/MetaDataStorageSourceTest.php index b98f0a8ab..ce301db53 100644 --- a/tests/lib/SimpleSAML/Metadata/MetaDataStorageSourceTest.php +++ b/tests/lib/SimpleSAML/Metadata/MetaDataStorageSourceTest.php @@ -1,10 +1,10 @@ <?php /** - * Class SimpleSAML_Metadata_MetaDataStorageSourceTest + * Class MetaDataStorageSourceTest */ -class SimpleSAML_Metadata_MetaDataStorageSourceTest extends PHPUnit_Framework_TestCase +class MetaDataStorageSourceTest extends PHPUnit_Framework_TestCase { /** * Test \SimpleSAML\Metadata\MetaDataStorageSourceTest::getConfig XML bad source diff --git a/tests/lib/SimpleSAML/Metadata/SAMLBuilderTest.php b/tests/lib/SimpleSAML/Metadata/SAMLBuilderTest.php index 0871ee968..1a57bbab0 100644 --- a/tests/lib/SimpleSAML/Metadata/SAMLBuilderTest.php +++ b/tests/lib/SimpleSAML/Metadata/SAMLBuilderTest.php @@ -4,11 +4,11 @@ use PHPUnit\Framework\TestCase; use SimpleSAML\Metadata\SAMLBuilder; /** - * Class SimpleSAML_Metadata_SAMLBuilderTest + * Class SAMLBuilderTest */ -class SimpleSAML_Metadata_SAMLBuilderTest extends TestCase -{ +class SAMLBuilderTest extends TestCase +{ /** * Test the requested attributes are valued correctly. */ diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php index 55bf4cfb6..4b4090fc3 100644 --- a/www/saml2/idp/SSOService.php +++ b/www/saml2/idp/SSOService.php @@ -15,7 +15,7 @@ require_once('../../_include.php'); $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); -$idp = \SimpleSAML_IdP::getById('saml2:' . $idpEntityId); +$idp = \SimpleSAML\IdP::getById('saml2:' . $idpEntityId); try { \sspmod_saml_IdP_SAML2::receiveAuthnRequest($idp); diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php index 90a0a38f0..0cf9b37ba 100644 --- a/www/saml2/idp/SingleLogoutService.php +++ b/www/saml2/idp/SingleLogoutService.php @@ -14,7 +14,7 @@ require_once('../../_include.php'); $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); -$idp = \SimpleSAML_IdP::getById('saml2:'.$idpEntityId); +$idp = \SimpleSAML\IdP::getById('saml2:'.$idpEntityId); if (isset($_REQUEST['ReturnTo'])) { $idp->doLogoutRedirect(\SimpleSAML\Utils\HTTP::checkURLAllowed((string) $_REQUEST['ReturnTo'])); diff --git a/www/saml2/idp/initSLO.php b/www/saml2/idp/initSLO.php index 6ab7cd5b1..526c7cd86 100644 --- a/www/saml2/idp/initSLO.php +++ b/www/saml2/idp/initSLO.php @@ -4,7 +4,7 @@ require_once('../../_include.php'); $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); -$idp = \SimpleSAML_IdP::getById('saml2:'.$idpEntityId); +$idp = \SimpleSAML\IdP::getById('saml2:'.$idpEntityId); \SimpleSAML\Logger::info('SAML2.0 - IdP.initSLO: Accessing SAML 2.0 IdP endpoint init Single Logout'); diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php index 2055d3985..d5b7f075d 100644 --- a/www/shib13/idp/SSOService.php +++ b/www/shib13/idp/SSOService.php @@ -1,4 +1,5 @@ <?php + /** * The SSOService is part of the Shibboleth 1.3 IdP code, and it receives incoming Authentication Requests * from a Shibboleth 1.3 SP, parses, and process it, and then authenticates the user and sends the user back @@ -10,10 +11,11 @@ require_once '../../_include.php'; -SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Accessing Shibboleth 1.3 IdP endpoint SSOService'); +\SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Accessing Shibboleth 1.3 IdP endpoint SSOService'); $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted'); -$idp = SimpleSAML_IdP::getById('saml1:' . $idpEntityId); -sspmod_saml_IdP_SAML1::receiveAuthnRequest($idp); +$idp = \SimpleSAML\IdP::getById('saml1:' . $idpEntityId); +\sspmod_saml_IdP_SAML1::receiveAuthnRequest($idp); + assert(false); -- GitLab