From f50f0297bc8c2b8851a8a5cee976807afb7270a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no>
Date: Mon, 4 Jul 2016 13:57:25 +0200
Subject: [PATCH] Start using the error codes in
 SimpleSAML\Error\CannotSetCookie.

Both SimpleSAML_SessionHandlerPHP::setCookie() and SimpleSAML\Utils\HTTP::setCookie() throw the SimpleSAML\Error\CannotSetCookie exception. Depending on why the error was generated, set the error code in the exception accordingly.
---
 lib/SimpleSAML/SessionHandlerPHP.php | 10 ++++++++--
 lib/SimpleSAML/Utils/HTTP.php        | 16 ++++++++++++----
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 198ea6a65..abdb0610d 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -322,11 +322,17 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
         }
 
         if ($cookieParams['secure'] && !\SimpleSAML\Utils\HTTP::isHTTPS()) {
-            throw new SimpleSAML\Error\CannotSetCookie('Secure cookies not allowed on http.');
+            throw new \SimpleSAML\Error\CannotSetCookie(
+                'Secure cookies not allowed on http.',
+                \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE
+            );
         }
 
         if (headers_sent()) {
-            throw new SimpleSAML\Error\CannotSetCookie('Headers already sent.');
+            throw new \SimpleSAML\Error\CannotSetCookie(
+                'Headers already sent.',
+                \SimpleSAML\Error\CannotSetCookie::HEADERS_SENT
+            );
         }
 
         session_set_cookie_params(
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index c1121de5c..a586ef8a4 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -1041,7 +1041,13 @@ class HTTP
 
         // Do not set secure cookie if not on HTTPS
         if ($params['secure'] && !self::isHTTPS()) {
-            Logger::warning('Setting secure cookie on plain HTTP is not allowed.');
+            if ($throw) {
+                throw new \SimpleSAML\Error\CannotSetCookie(
+                    'Setting secure cookie on plain HTTP is not allowed.',
+                    \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE
+                );
+            }
+            Logger::warning('Error setting cookie: setting secure cookie on plain HTTP is not allowed.');
             return;
         }
 
@@ -1079,10 +1085,12 @@ class HTTP
 
         if (!$success) {
             if ($throw) {
-                throw new \SimpleSAML\Error\CannotSetCookie('Headers already sent.');
-            } else {
-                Logger::warning('Error setting cookie: headers already sent.');
+                throw new \SimpleSAML\Error\CannotSetCookie(
+                    'Headers already sent.',
+                    \SimpleSAML\Error\CannotSetCookie::HEADERS_SENT
+                );
             }
+            Logger::warning('Error setting cookie: headers already sent.');
         }
     }
 
-- 
GitLab