Skip to content
Snippets Groups Projects
Commit f3d42c47 authored by Tim van Dijen's avatar Tim van Dijen
Browse files

Fail nicely when unparsable xml is being passed (closes #1327)

parent 08ae7dfd
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/admin/lib/Controller/Federation.php
+ 37
26
View file @ f3d42c47
...@@ -4,6 +4,7 @@ declare(strict_types=1); ...@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace SimpleSAML\Module\admin\Controller; namespace SimpleSAML\Module\admin\Controller;
use Exception;
use SimpleSAML\Auth; use SimpleSAML\Auth;
use SimpleSAML\Configuration; use SimpleSAML\Configuration;
use SimpleSAML\HTTP\RunnableResponse; use SimpleSAML\HTTP\RunnableResponse;
...@@ -354,39 +355,48 @@ class Federation ...@@ -354,39 +355,48 @@ class Federation
$xmldata = trim($xmldata); $xmldata = trim($xmldata);
} }
$error = null;
if (!empty($xmldata)) { if (!empty($xmldata)) {
Utils\XML::checkSAMLMessage($xmldata, 'saml-meta'); Utils\XML::checkSAMLMessage($xmldata, 'saml-meta');
$entities = SAMLParser::parseDescriptorsString($xmldata);
$entities = null;
// get all metadata for the entities try {
foreach ($entities as &$entity) { $entities = SAMLParser::parseDescriptorsString($xmldata);
$entity = [ } catch (Exception $e) {
'saml20-sp-remote' => $entity->getMetadata20SP(), $error = $e->getMessage();
'saml20-idp-remote' => $entity->getMetadata20IdP(),
];
} }
// transpose from $entities[entityid][type] to $output[type][entityid] if ($entities !== null) {
$output = Utils\Arrays::transpose($entities); // get all metadata for the entities
foreach ($entities as &$entity) {
$entity = [
'saml20-sp-remote' => $entity->getMetadata20SP(),
'saml20-idp-remote' => $entity->getMetadata20IdP(),
];
}
// merge all metadata of each type to a single string which should be added to the corresponding file // transpose from $entities[entityid][type] to $output[type][entityid]
foreach ($output as $type => &$entities) { $output = Utils\Arrays::transpose($entities);
$text = '';
foreach ($entities as $entityId => $entityMetadata) { // merge all metadata of each type to a single string which should be added to the corresponding file
if ($entityMetadata === null) { foreach ($output as $type => &$entities) {
continue; $text = '';
foreach ($entities as $entityId => $entityMetadata) {
if ($entityMetadata === null) {
continue;
}
/**
* remove the entityDescriptor element because it is unused,
* and only makes the output harder to read
*/
unset($entityMetadata['entityDescriptor']);
$text .= '$metadata[' . var_export($entityId, true) . '] = '
. VarExporter::export($entityMetadata) . ";\n";
} }
$entities = $text;
/**
* remove the entityDescriptor element because it is unused,
* and only makes the output harder to read
*/
unset($entityMetadata['entityDescriptor']);
$text .= '$metadata[' . var_export($entityId, true) . '] = '
. VarExporter::export($entityMetadata) . ";\n";
} }
$entities = $text;
} }
} else { } else {
$xmldata = ''; $xmldata = '';
...@@ -398,6 +408,7 @@ class Federation ...@@ -398,6 +408,7 @@ class Federation
'logouturl' => Utils\Auth::getAdminLogoutURL(), 'logouturl' => Utils\Auth::getAdminLogoutURL(),
'xmldata' => $xmldata, 'xmldata' => $xmldata,
'output' => $output, 'output' => $output,
'error' => $error,
]; ];
$this->menu->addOption('logout', $t->data['logouturl'], Translate::noop('Log out')); $this->menu->addOption('logout', $t->data['logouturl'], Translate::noop('Log out'));
......
modules/admin/templates/metadata_converter.twig
+ 8
0
View file @ f3d42c47
...@@ -47,6 +47,14 @@ ...@@ -47,6 +47,14 @@
<br><br> <br><br>
{%- set i=i+1 %} {%- set i=i+1 %}
{%- endfor -%} {%- endfor -%}
{% elseif error is not null %}
<br>
<h2 id="error">{{ 'An error occured'|trans }}</h2>
<div class="code-box">
<div class="code-box-content">
<pre id="error" class="fa-warning">{{ error }}</pre>
</div>
</div>
{% endif -%} {% endif -%}
{% endblock content -%} {% endblock content -%}
{% block postload %} {% block postload %}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment