From efac15bf12855736d0248b7cddb0d31265103051 Mon Sep 17 00:00:00 2001 From: Tim van Dijen <tvdijen@gmail.com> Date: Sat, 8 Aug 2020 18:23:54 +0200 Subject: [PATCH] Revert "Remove legacy code" This reverts commit f1e05f8f5d3c4f944d28836487dd75b3454e870f. --- lib/SimpleSAML/Module.php | 118 +++++++++++++++++++++++++++++++++++++- 1 file changed, 115 insertions(+), 3 deletions(-) diff --git a/lib/SimpleSAML/Module.php b/lib/SimpleSAML/Module.php index 9126f4b77..0851b23ce 100644 --- a/lib/SimpleSAML/Module.php +++ b/lib/SimpleSAML/Module.php @@ -203,10 +203,122 @@ class Module $request->getContent() ); - $kernel = new Kernel($module); - $response = $kernel->handle($request); - $kernel->terminate($request, $response); + try { + $kernel = new Kernel($module); + $response = $kernel->handle($request); + $kernel->terminate($request, $response); + + return $response; + } catch (FileLocatorFileNotFoundException $e) { + // no routes configured for this module, fall back to the old system + } catch (NotFoundHttpException $e) { + // this module has been migrated, but the route wasn't found + } + + $moduleDir = self::getModuleDir($module) . '/www/'; + + // check for '.php/' in the path, the presence of which indicates that another php-script should handle the + // request + for ($phpPos = strpos($url, '.php/'); $phpPos !== false; $phpPos = strpos($url, '.php/', $phpPos + 1)) { + $newURL = substr($url, 0, $phpPos + 4); + $param = substr($url, $phpPos + 4); + + if (is_file($moduleDir . $newURL)) { + /* $newPath points to a normal file. Point execution to that file, and save the remainder of the path + * in PATH_INFO. + */ + $url = $newURL; + $request->server->set('PATH_INFO', $param); + $_SERVER['PATH_INFO'] = $param; + break; + } + } + + $path = $moduleDir . $url; + + if ($path[strlen($path) - 1] === '/') { + // path ends with a slash - directory reference. Attempt to find index file in directory + foreach (self::$indexFiles as $if) { + if (file_exists($path . $if)) { + $path .= $if; + break; + } + } + } + + if (is_dir($path)) { + /* Path is a directory - maybe no index file was found in the previous step, or maybe the path didn't end + * with a slash. Either way, we don't do directory listings. + */ + throw new Error\NotFound('Directory listing not available.'); + } + + if (!file_exists($path)) { + // file not found + Logger::info('Could not find file \'' . $path . '\'.'); + throw new Error\NotFound('The URL wasn\'t found in the module.'); + } + if (mb_strtolower(substr($path, -4), 'UTF-8') === '.php') { + // PHP file - attempt to run it + + /* In some environments, $_SERVER['SCRIPT_NAME'] is already set with $_SERVER['PATH_INFO']. Check for that + * case, and append script name only if necessary. + * + * Contributed by Travis Hegner. + */ + $script = "/$module/$url"; + if (strpos($request->getScriptName(), $script) === false) { + $request->server->set('SCRIPT_NAME', $request->getScriptName() . '/' . $module . '/' . $url); + } + + require($path); + exit(); + } + + // some other file type - attempt to serve it + + // find MIME type for file, based on extension + $contentType = null; + if (preg_match('#\.([^/\.]+)$#D', $path, $type)) { + $type = strtolower($type[1]); + if (array_key_exists($type, self::$mimeTypes)) { + $contentType = self::$mimeTypes[$type]; + } + } + + if ($contentType === null) { + /* We were unable to determine the MIME type from the file extension. Fall back to mime_content_type (if it + * exists). + */ + if (function_exists('mime_content_type')) { + $contentType = mime_content_type($path); + } else { + // mime_content_type doesn't exist. Return a default MIME type + Logger::warning('Unable to determine mime content type of file: ' . $path); + $contentType = 'application/octet-stream'; + } + } + + /** @psalm-var \SimpleSAML\Configuration $assetConfig */ + $assetConfig = $config->getConfigItem('assets'); + /** @psalm-var \SimpleSAML\Configuration $cacheConfig */ + $cacheConfig = $assetConfig->getConfigItem('caching'); + $response = new BinaryFileResponse($path); + $response->setCache([ + // "public" allows response caching even if the request was authenticated, + // which is exactly what we want for static resources + 'public' => true, + 'max_age' => strval($cacheConfig->getInteger('max_age', 86400)) + ]); + $response->setAutoLastModified(); + if ($cacheConfig->getBoolean('etag', false)) { + $response->setAutoEtag(); + } + $response->isNotModified($request); + $response->headers->set('Content-Type', $contentType); + $response->setContentDisposition(ResponseHeaderBag::DISPOSITION_INLINE); + $response->prepare($request); return $response; } -- GitLab