From efac15bf12855736d0248b7cddb0d31265103051 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Sat, 8 Aug 2020 18:23:54 +0200
Subject: [PATCH] Revert "Remove legacy code"

This reverts commit f1e05f8f5d3c4f944d28836487dd75b3454e870f.
---
 lib/SimpleSAML/Module.php | 118 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 115 insertions(+), 3 deletions(-)

diff --git a/lib/SimpleSAML/Module.php b/lib/SimpleSAML/Module.php
index 9126f4b77..0851b23ce 100644
--- a/lib/SimpleSAML/Module.php
+++ b/lib/SimpleSAML/Module.php
@@ -203,10 +203,122 @@ class Module
             $request->getContent()
         );
 
-        $kernel = new Kernel($module);
-        $response = $kernel->handle($request);
-        $kernel->terminate($request, $response);
+        try {
+            $kernel = new Kernel($module);
+            $response = $kernel->handle($request);
+            $kernel->terminate($request, $response);
+
+            return $response;
+        } catch (FileLocatorFileNotFoundException $e) {
+            // no routes configured for this module, fall back to the old system
+        } catch (NotFoundHttpException $e) {
+            // this module has been migrated, but the route wasn't found
+        }
+
+        $moduleDir = self::getModuleDir($module) . '/www/';
+
+        // check for '.php/' in the path, the presence of which indicates that another php-script should handle the
+        // request
+        for ($phpPos = strpos($url, '.php/'); $phpPos !== false; $phpPos = strpos($url, '.php/', $phpPos + 1)) {
+            $newURL = substr($url, 0, $phpPos + 4);
+            $param = substr($url, $phpPos + 4);
+
+            if (is_file($moduleDir . $newURL)) {
+                /* $newPath points to a normal file. Point execution to that file, and save the remainder of the path
+                 * in PATH_INFO.
+                 */
+                $url = $newURL;
+                $request->server->set('PATH_INFO', $param);
+                $_SERVER['PATH_INFO'] = $param;
+                break;
+            }
+        }
+
+        $path = $moduleDir . $url;
+
+        if ($path[strlen($path) - 1] === '/') {
+            // path ends with a slash - directory reference. Attempt to find index file in directory
+            foreach (self::$indexFiles as $if) {
+                if (file_exists($path . $if)) {
+                    $path .= $if;
+                    break;
+                }
+            }
+        }
+
+        if (is_dir($path)) {
+            /* Path is a directory - maybe no index file was found in the previous step, or maybe the path didn't end
+             * with a slash. Either way, we don't do directory listings.
+             */
+            throw new Error\NotFound('Directory listing not available.');
+        }
+
+        if (!file_exists($path)) {
+            // file not found
+            Logger::info('Could not find file \'' . $path . '\'.');
+            throw new Error\NotFound('The URL wasn\'t found in the module.');
+        }
 
+        if (mb_strtolower(substr($path, -4), 'UTF-8') === '.php') {
+            // PHP file - attempt to run it
+
+            /* In some environments, $_SERVER['SCRIPT_NAME'] is already set with $_SERVER['PATH_INFO']. Check for that
+             * case, and append script name only if necessary.
+             *
+             * Contributed by Travis Hegner.
+             */
+            $script = "/$module/$url";
+            if (strpos($request->getScriptName(), $script) === false) {
+                $request->server->set('SCRIPT_NAME', $request->getScriptName() . '/' . $module . '/' . $url);
+            }
+
+            require($path);
+            exit();
+        }
+
+        // some other file type - attempt to serve it
+
+        // find MIME type for file, based on extension
+        $contentType = null;
+        if (preg_match('#\.([^/\.]+)$#D', $path, $type)) {
+            $type = strtolower($type[1]);
+            if (array_key_exists($type, self::$mimeTypes)) {
+                $contentType = self::$mimeTypes[$type];
+            }
+        }
+
+        if ($contentType === null) {
+            /* We were unable to determine the MIME type from the file extension. Fall back to mime_content_type (if it
+             * exists).
+             */
+            if (function_exists('mime_content_type')) {
+                $contentType = mime_content_type($path);
+            } else {
+                // mime_content_type doesn't exist. Return a default MIME type
+                Logger::warning('Unable to determine mime content type of file: ' . $path);
+                $contentType = 'application/octet-stream';
+            }
+        }
+
+        /** @psalm-var \SimpleSAML\Configuration $assetConfig */
+        $assetConfig = $config->getConfigItem('assets');
+        /** @psalm-var \SimpleSAML\Configuration $cacheConfig */
+        $cacheConfig = $assetConfig->getConfigItem('caching');
+        $response = new BinaryFileResponse($path);
+        $response->setCache([
+            // "public" allows response caching even if the request was authenticated,
+            // which is exactly what we want for static resources
+            'public' => true,
+            'max_age' => strval($cacheConfig->getInteger('max_age', 86400))
+        ]);
+        $response->setAutoLastModified();
+        if ($cacheConfig->getBoolean('etag', false)) {
+            $response->setAutoEtag();
+        }
+        $response->isNotModified($request);
+        $response->headers->set('Content-Type', $contentType);
+        $response->setContentDisposition(ResponseHeaderBag::DISPOSITION_INLINE);
+        $response->prepare($request);
         return $response;
     }
 
-- 
GitLab