Log encrypted and decrypted messages.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2544 44740490-163a-0410-bde0-09ae8108e29a

Log encrypted and decrypted messages.
f46e38a6 · Olav Morken · 6db59b74 · f46e38a6 · f46e38a6 · f46e38a6
Commit f46e38a6 authored 14 years ago by Olav Morken
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -28,6 +28,8 @@ $config = array (
 	 * If you enable this option, simpleSAMLphp will log all sent and received messages
 	 * to the log file.
 	 *
+	 * This option also enables logging of the messages that are encrypted and decrypted.
+	 *
 	 * Note: The messages are logged with the DEBUG log level, so you also need to set
 	 * the 'logging.level' option to LOG_DEBUG.
 	 */

--- a/lib/SAML2/EncryptedAssertion.php
+++ b/lib/SAML2/EncryptedAssertion.php
@@ -46,6 +46,9 @@ class SAML2_EncryptedAssertion {

 		$xml = $assertion->toXML();

+		$xmlStr = $xml->ownerDocument->saveXML($xml);
+		SimpleSAML_Utilities::debugMessage($xmlStr, 'encrypt');
+
 		$enc = new XMLSecEnc();
 		$enc->setNode($xml);
 		$enc->type = XMLSecEnc::Element;
@@ -84,6 +87,10 @@ class SAML2_EncryptedAssertion {
 	public function getAssertion(XMLSecurityKey $inputKey) {

 		$assertionXML = SAML2_Utils::decryptElement($this->encryptedData, $inputKey);
+
+		$xmlStr = $assertionXML->ownerDocument->saveXML($assertionXML);
+		SimpleSAML_Utilities::debugMessage($xmlStr, 'decrypt');
+
 		return new SAML2_Assertion($assertionXML);
 	}


--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -1911,11 +1911,10 @@ class SimpleSAML_Utilities {
 	 * Helper function to log messages that we send or receive.
 	 *
 	 * @param string $message  The message, as an XML string.
-	 * @param string $type  Whether this message is sent or received.
+	 * @param string $type  Whether this message is sent or received, encrypted or decrypted.
 	 */
 	public static function debugMessage($message, $type) {
 		assert('is_string($message)');
-		assert('$type === "out" || $type === "in"');

 		$globalConfig = SimpleSAML_Configuration::getInstance();
 		if (!$globalConfig->getBoolean('debug', FALSE)) {
@@ -1923,10 +1922,21 @@ class SimpleSAML_Utilities {
 			return;
 		}

-		if ($type === 'in') {
+		switch ($type) {
+		case 'in':
 			SimpleSAML_Logger::debug('Received message:');
-		} else {
+			break;
+		case 'out':
 			SimpleSAML_Logger::debug('Sending message:');
+			break;
+		case 'decrypt':
+			SimpleSAML_Logger::debug('Decrypted message:');
+			break;
+		case 'encrypt':
+			SimpleSAML_Logger::debug('Encrypted message:');
+			break;
+		default:
+			assert(FALSE);
 		}

 		$str = self::formatXMLString($message);