PHP EngineBlock_ApplicationSingleton::getLog方法代码示例

 protected function _getAccessToken($conf, $subjectId, $requireNew)
 {
     $cache = EngineBlock_ApplicationSingleton::getInstance()->getDiContainer()->getApplicationCache();
     if (!$requireNew && $cache instanceof Zend_Cache_Backend_Apc) {
         $accessToken = $cache->load(self::ACCESS_TOKEN_KEY);
         if ($accessToken) {
             return $accessToken;
         }
     }
     // for example https://api.dev.surfconext.nl/v1/oauth2/token
     $baseUrl = $this->_ensureTrailingSlash($conf->baseUrl) . 'v1/oauth2/token';
     $client = new Zend_Http_Client($baseUrl);
     try {
         $response = $client->setConfig(array('timeout' => 15))->setHeaders(Zend_Http_Client::CONTENT_TYPE, Zend_Http_Client::ENC_URLENCODED)->setAuth($conf->key, $conf->secret)->setParameterPost('grant_type', 'client_credentials')->request(Zend_Http_Client::POST);
         $result = json_decode($response->getBody(), true);
         if (isset($result['access_token'])) {
             $accessToken = $result['access_token'];
             if ($cache instanceof Zend_Cache_Backend_Apc) {
                 $cache->save($accessToken, self::ACCESS_TOKEN_KEY);
             }
             return $accessToken;
         }
         throw new EngineBlock_VirtualOrganization_AccessTokenNotGrantedException('AccessToken not granted for EB as SP. Check SR and the Group Provider endpoint log.');
     } catch (Exception $exception) {
         $additionalInfo = EngineBlock_Log_Message_AdditionalInfo::create()->setUserId($subjectId)->setDetails($exception->getTraceAsString());
         EngineBlock_ApplicationSingleton::getLog()->error("Error in connecting to API(s) for access token grant" . $exception->getMessage(), array('additional_info' => $additionalInfo->toArray()));
         throw new EngineBlock_VirtualOrganization_AccessTokenNotGrantedException('AccessToken not granted for EB as SP. Check SR and the Group Provider endpoint log', EngineBlock_Exception::CODE_ALERT, $exception);
     }
 }

 /**
  * @return array|Zend_Rest_Client_Result
  */
 public function get($args = array())
 {
     if (!isset($args[0])) {
         $args[0] = $this->_uri->getPath();
     }
     $this->_data['rest'] = 1;
     $data = array_slice($args, 1) + $this->_data;
     $response = $this->restGet($args[0], $data);
     /**
      * @var Zend_Http_Client $httpClient
      */
     $httpClient = $this->getHttpClient();
     EngineBlock_ApplicationSingleton::getLog()->debug("REST Request: " . $httpClient->getLastRequest());
     EngineBlock_ApplicationSingleton::getLog()->debug("REST Response: " . $httpClient->getLastResponse()->getBody());
     $this->_data = array();
     //Initializes for next Rest method.
     if ($response->getStatus() !== 200) {
         throw new EngineBlock_Exception("Response status !== 200: " . var_export($httpClient->getLastRequest(), true) . var_export($response, true) . var_export($response->getBody(), true));
     }
     if (strpos($response->getHeader("Content-Type"), "application/json") !== false) {
         return json_decode($response->getBody(), true);
     } else {
         try {
             return new Zend_Rest_Client_Result($response->getBody());
         } catch (Zend_Rest_Client_Result_Exception $e) {
             throw new EngineBlock_Exception('Error parsing response' . var_export($httpClient->getLastRequest(), true) . var_export($response, true) . var_export($response->getBody(), true), null, $e);
         }
     }
 }

 /**
  * Send a mail based on the configuration in the emails table
  *
  * @throws EngineBlock_Exception in case there is no EmailConfiguration in emails table
  * @param $emailAddress the email address of the recipient
  * @param $emailType the pointer to the emails configuration
  * @param $replacements array where the key is a variable (e.g. {user}) and the value the string where the variable should be replaced
  * @return void
  */
 public function sendMail($emailAddress, $emailType, $replacements)
 {
     $dbh = $this->_getDatabaseConnection();
     $query = "SELECT email_text, email_from, email_subject, is_html FROM emails where email_type = ?";
     $parameters = array($emailType);
     $statement = $dbh->prepare($query);
     $statement->execute($parameters);
     $rows = $statement->fetchAll();
     if (count($rows) !== 1) {
         EngineBlock_ApplicationSingleton::getLog()->err("Unable to send mail because of missing email configuration: " . $emailType);
         return;
     }
     $emailText = $rows[0]['email_text'];
     foreach ($replacements as $key => $value) {
         // Single value replacement
         if (!is_array($value)) {
             $emailText = str_ireplace($key, $value, $emailText);
         } else {
             $replacement = '<ul>';
             foreach ($value as $valElem) {
                 $replacement .= '<li>' . $valElem . '</li>';
             }
             $replacement .= '</ul>';
             $emailText = str_ireplace($key, $replacement, $emailText);
         }
     }
     $emailFrom = $rows[0]['email_from'];
     $emailSubject = $rows[0]['email_subject'];
     $mail = new Zend_Mail('UTF-8');
     $mail->setBodyHtml($emailText, 'utf-8', 'utf-8');
     $mail->setFrom($emailFrom, "SURFconext Support");
     $mail->addTo($emailAddress);
     $mail->setSubject($emailSubject);
     $mail->send();
 }

 /**
  * Validate the license information
  *
  * @param string $userId
  * @param array $spMetadata
  * @param array $idpMetadata
  * @return string
  */
 public function validate($userId, array $spMetadata, array $idpMetadata)
 {
     if (!$this->_active) {
         return EngineBlock_LicenseEngine_ValidationManager::LICENSE_UNKNOWN;
     }
     $client = new Zend_Http_Client($this->_url);
     $client->setConfig(array('timeout' => 15));
     try {
         $client->setHeaders(Zend_Http_Client::CONTENT_TYPE, 'application/json; charset=utf-8')->setParameterGet('userId', urlencode($userId))->setParameterGet('serviceProviderEntityId', urlencode($spMetadata['EntityId']))->setParameterGet('identityProviderEntityId', urlencode($idpMetadata['EntityId']))->request('GET');
         $body = $client->getLastResponse()->getBody();
         $response = json_decode($body, true);
         $status = $response['status'];
     } catch (Exception $exception) {
         $additionalInfo = new EngineBlock_Log_Message_AdditionalInfo($userId, $idpMetadata['EntityId'], $spMetadata['EntityId'], $exception->getTraceAsString());
         EngineBlock_ApplicationSingleton::getLog()->error("Could not connect to License Manager" . $exception->getMessage(), $additionalInfo);
         return EngineBlock_LicenseEngine_ValidationManager::LICENSE_UNKNOWN;
     }
     if ($status['returnUrl']) {
         $currentResponse = EngineBlock_ApplicationSingleton::getInstance()->getHttpResponse();
         $currentResponse->setRedirectUrl($status['returnUrl']);
         $currentResponse->send();
         exit;
     } else {
         if ($status['licenseStatus']) {
             return $status['licenseStatus'];
         } else {
             return EngineBlock_LicenseEngine_ValidationManager::LICENSE_UNKNOWN;
         }
     }
 }

 public function metadataAction()
 {
     $this->setNoRender();
     $request = EngineBlock_ApplicationSingleton::getInstance()->getHttpRequest();
     $entityId = $request->getQueryParameter("entityid");
     $gadgetUrl = $request->getQueryParameter('gadgeturl');
     // If we were only handed a gadget url, no entity id, lookup the Service Provider entity id
     if ($gadgetUrl && !$entityId) {
         $identifiers = $this->_getRegistry()->findIdentifiersByMetadata('coin:gadgetbaseurl', $gadgetUrl);
         if (count($identifiers) > 1) {
             EngineBlock_ApplicationSingleton::getLog()->warn("Multiple identifiers found for gadgetbaseurl: '{$gadgetUrl}'");
             throw new EngineBlock_Exception('Multiple identifiers found for gadgetbaseurl');
         }
         if (count($identifiers) === 0) {
             EngineBlock_ApplicationSingleton::getInstance()->getLog()->warn("No Entity Id found for gadgetbaseurl '{$gadgetUrl}'");
             $this->_getResponse()->setHeader('Content-Type', 'application/json');
             $this->_getResponse()->setBody(json_encode(new stdClass()));
             return;
         }
         $entityId = $identifiers[0];
     }
     if (!$entityId) {
         throw new EngineBlock_Exception('No entity id provided to get metadata for?!');
     }
     if (isset($_REQUEST["keys"])) {
         $result = $this->_getRegistry()->getMetaDataForKeys($entityId, explode(",", $_REQUEST["keys"]));
     } else {
         $result = $this->_getRegistry()->getMetadata($entityId);
     }
     $result['entityId'] = $entityId;
     $this->_getResponse()->setHeader('Content-Type', 'application/json');
     $this->_getResponse()->setBody(json_encode($result));
 }

 public function saml2AttributesToLdapAttributes($attributes)
 {
     $log = EngineBlock_ApplicationSingleton::getLog();
     $required = $this->_saml2Required;
     $ldapAttributes = array();
     foreach ($attributes as $saml2Name => $values) {
         // Map it to an LDAP attribute
         if (isset($this->_s2lMap[$saml2Name])) {
             if (count($values) > 1) {
                 $log->notice("Ignoring everything but first value of {$saml2Name}", array('attribute_values' => $values));
             }
             $ldapAttributes[$this->_s2lMap[$saml2Name]] = $values[0];
         }
         // Check off against required attribute list
         $requiredAttributeKey = array_search($saml2Name, $required);
         if ($requiredAttributeKey !== false) {
             unset($required[$requiredAttributeKey]);
         }
     }
     if (!empty($required)) {
         $log->error('Missing required SAML2 fields in attributes', array('required_fields' => $required, 'attributes' => $attributes));
         throw new EngineBlock_Exception_MissingRequiredFields('Missing required SAML2 fields in attributes');
     }
     return $ldapAttributes;
 }

 /**
  *
  * @example /profile/group-oauth/consume/provider2?oauth_token=request-token
  *
  * @param string $providerId
  * @return void
  */
 public function consumeAction($providerId)
 {
     $this->setNoRender();
     $providerConfig = $this->_getProviderConfiguration($providerId);
     $consumer = new Zend_Oauth_Consumer($providerConfig->auth);
     $queryParameters = $this->_getRequest()->getQueryParameters();
     if (empty($queryParameters)) {
         throw new EngineBlock_Exception('Unable to consume access token, no query parameters given');
     }
     if (!isset($_SESSION['request_token'][$providerId])) {
         throw new EngineBlock_Exception("Unable to consume access token, no request token (session lost?)");
     }
     $requestToken = unserialize($_SESSION['request_token'][$providerId]);
     $token = $consumer->getAccessToken($queryParameters, $requestToken);
     $userId = $this->attributes['nameid'][0];
     $provider = EngineBlock_Group_Provider_OpenSocial_Oauth_ThreeLegged::createFromConfigs($providerConfig, $userId);
     $provider->setAccessToken($token);
     if (!$provider->validatePreconditions()) {
         EngineBlock_ApplicationSingleton::getLog()->err("Unable to test OpenSocial 3-legged Oauth provider because not all preconditions have been matched?", new EngineBlock_Log_Message_AdditionalInfo($userId, null, null, null));
         $this->providerId = $providerId;
         $this->renderAction("Error");
     } else {
         // Now that we have an Access Token, we can discard the Request Token
         $_SESSION['request_token'][$providerId] = null;
         $this->_redirectToUrl($_SESSION['return_url']);
     }
 }

 /**
  * Add the 'urn:collab:org:surf.nl' value to the isMemberOf attribute in case a user
  * is considered a 'full member' of the SURFfederation.
  *
  * @return array Response Attributes
  */
 protected function _addIsMemberOfSurfNlAttribute()
 {
     if ($this->_identityProvider->guestQualifier === IdentityProvider::GUEST_QUALIFIER_ALL) {
         // All users from this IdP are guests, so no need to add the isMemberOf
         return;
     }
     if ($this->_identityProvider->guestQualifier === IdentityProvider::GUEST_QUALIFIER_NONE) {
         $this->_setIsMember();
         return;
     }
     $log = EngineBlock_ApplicationSingleton::getLog();
     if ($this->_identityProvider->guestQualifier === IdentityProvider::GUEST_QUALIFIER_SOME) {
         if (isset($this->_responseAttributes[static::URN_SURF_PERSON_AFFILIATION][0])) {
             if ($this->_responseAttributes[static::URN_SURF_PERSON_AFFILIATION][0] === 'member') {
                 $this->_setIsMember();
             } else {
                 $log->notice("Idp guestQualifier is set to 'Some', surfPersonAffiliation attribute does not contain " . 'the value "member", so not adding isMemberOf for surf.nl');
             }
         } else {
             $log->warning("Idp guestQualifier is set to 'Some' however, " . "the surfPersonAffiliation attribute was not provided, " . "not adding the isMemberOf for surf.nl", array('idp' => $this->_identityProvider, 'response_attributes' => $this->_responseAttributes));
         }
         return;
     }
     // Unknown policy for handling guests? Treat the user as a guest, but issue a warning in the logs
     $log->warning("Idp guestQualifier is set to unknown value '{$this->_identityProvider['GuestQualifier']}", array('idp' => $this->_identityProvider, 'response_attributes' => $this->_responseAttributes));
 }

 public function execute()
 {
     $spEntityId = $this->_spMetadata['EntityId'];
     $serviceRegistryAdapter = $this->_getServiceRegistryAdapter();
     $arp = $serviceRegistryAdapter->getArp($spEntityId);
     if ($arp) {
         EngineBlock_ApplicationSingleton::getLog()->info("Applying attribute release policy {$arp['name']} for {$spEntityId}");
         $newAttributes = array();
         foreach ($this->_responseAttributes as $attribute => $attributeValues) {
             if (!isset($arp['attributes'][$attribute])) {
                 EngineBlock_ApplicationSingleton::getLog()->info("ARP: Removing attribute {$attribute}");
                 continue;
             }
             $allowedValues = $arp['attributes'][$attribute];
             if (in_array('*', $allowedValues)) {
                 // Passthrough all values
                 $newAttributes[$attribute] = $attributeValues;
                 continue;
             }
             foreach ($attributeValues as $attributeValue) {
                 if (in_array($attributeValue, $allowedValues)) {
                     if (!isset($newAttributes[$attribute])) {
                         $newAttributes[$attribute] = array();
                     }
                     $newAttributes[$attribute][] = $attributeValue;
                 }
             }
         }
         $this->_responseAttributes = $newAttributes;
     }
 }

 public function dispatch($uri = "")
 {
     try {
         $application = EngineBlock_ApplicationSingleton::getInstance();
         if (!$uri) {
             $uri = $application->getHttpRequest()->getUri();
         }
         if (!$this->_dispatch($uri)) {
             EngineBlock_ApplicationSingleton::getLog()->notice("[404]Unroutable URI: '{$uri}'");
             $this->_getControllerInstance('default', 'error')->handleAction('NotFound');
         }
     } catch (Exception $e) {
         $this->_handleDispatchException($e);
     }
 }

 public function execute()
 {
     if (!isset($this->_responseAttributes[self::URN_IS_MEMBER_OF])) {
         return;
     }
     $groups =& $this->_responseAttributes[self::URN_IS_MEMBER_OF];
     for ($i = 0; $i < count($groups); $i++) {
         $hasVoPrefix = strpos($groups[$i], self::URN_COLLAB_ORG_PREFIX) === 0;
         if (!$hasVoPrefix) {
             continue;
         }
         unset($groups[$i]);
         EngineBlock_ApplicationSingleton::getLog()->notice(sprintf('FilterReservedMemberOfValue: Removed "%s" value from %s attribute by %s', $groups[$i], self::URN_IS_MEMBER_OF, $this->_identityProvider->entityId));
     }
 }

 /**
  * 
  *
  * @param  $userId
  * @param  $attributes
  * @param  $spMetadata
  * @param  $idpMetadata
  * @return void
  */
 public function provisionUser($userId, $attributes, $spMetadata, $idpMetadata)
 {
     if (!$spMetadata['MustProvisionExternally']) {
         return;
     }
     // https://os.XXX.surfconext.nl/provisioning-manager/provisioning/jit.shtml?
     // provisionDomain=apps.surfnet.nl&provisionAdmin=admin%40apps.surfnet.nl&
     // provisionPassword=xxxxx&provisionType=GOOGLE&provisionGroups=true
     $client = new Zend_Http_Client($this->_url);
     $client->setHeaders(Zend_Http_Client::CONTENT_TYPE, 'application/json; charset=utf-8')->setParameterGet('provisionType', $spMetadata['ExternalProvisionType'])->setParameterGet('provisionDomain', $spMetadata['ExternalProvisionDomain'])->setParameterGet('provisionAdmin', $spMetadata['ExternalProvisionAdmin'])->setParameterGet('provisionPassword', $spMetadata['ExternalProvisionPassword'])->setParameterGet('provisionGroups', $spMetadata['ExternalProvisionGroups'])->setRawData(json_encode($this->_getData($userId, $attributes)))->request('POST');
     $additionalInfo = new EngineBlock_Log_Message_AdditionalInfo($userId, $idpMetadata['EntityId'], $spMetadata['EntityId'], null);
     EngineBlock_ApplicationSingleton::getLog()->debug("PROVISIONING: Sent HTTP request to provision user using " . __CLASS__, $additionalInfo);
     EngineBlock_ApplicationSingleton::getLog()->debug("PROVISIONING: URI: " . $client->getUri(true), $additionalInfo);
     EngineBlock_ApplicationSingleton::getLog()->debug("PROVISIONING: REQUEST: " . $client->getLastRequest(), $additionalInfo);
     EngineBlock_ApplicationSingleton::getLog()->debug("PROVISIONING: RESPONSE: " . $client->getLastResponse(), $additionalInfo);
 }

 public function indexAction()
 {
     $this->metadata = new EngineBlock_AttributeMetadata();
     $this->aggregator = EngineBlock_Group_Provider_Aggregator_MemoryCacheProxy::createFromDatabaseFor($this->attributes['nameid'][0]);
     $this->groupOauth = $this->user->getUserOauth();
     $serviceRegistryClient = new Janus_Client_CacheProxy();
     $this->spList = $serviceRegistryClient->getSpList();
     $this->consent = $this->user->getConsent();
     $this->spAttributesList = $this->_getSpAttributeList($this->spList);
     try {
         $this->spOauthList = $this->_getSpOauthList($this->spList);
     } catch (Exception $e) {
         $additionalInfo = new EngineBlock_Log_Message_AdditionalInfo($this->user->getUid(), null, null, $e->getTraceAsString());
         EngineBlock_ApplicationSingleton::getLog()->critical($e->getMessage(), $additionalInfo);
     }
 }

 protected function _isMemberOfGroups(EngineBlock_VirtualOrganization $virtualOrganization, $subjectId)
 {
     $groupProvider = $this->_getGroupProvider($subjectId);
     try {
         $groups = $virtualOrganization->getGroups();
         foreach ($groups as $group) {
             if ($groupProvider->isMember($group->id)) {
                 return true;
             }
         }
     } catch (EngineBlock_VirtualOrganization_VoIdentifierNotFoundException $e) {
         $additionalInfo = new EngineBlock_Log_Message_AdditionalInfo($subjectId, null, null, $virtualOrganization);
         EngineBlock_ApplicationSingleton::getLog()->warn($e->getMessage(), $additionalInfo);
     }
     return false;
 }

 /**
  * Ask PDP for access.
  *
  * @return \Pdp_PolicyResponse
  * @throws \EngineBlock_Exception
  */
 protected function requestAccess()
 {
     $httpClient = new Zend_Http_Client($this->baseUrl);
     try {
         $result = $httpClient->setConfig(array('timeout' => 15))->setAuth($this->username, $this->password, Zend_Http_Client::AUTH_BASIC)->setRawData($this->policyRequest->toJson())->setEncType('application/json')->request('POST');
         if ($result->getStatus() != '200') {
             $error = "Received invalid HTTP " . $result->getStatus() . "response from PDP";
             EngineBlock_ApplicationSingleton::getLog()->error($error);
             throw new EngineBlock_Exception($error);
         }
     } catch (Zend_Http_Client_Exception $e) {
         EngineBlock_ApplicationSingleton::getLog()->error($e->getMessage());
         throw new EngineBlock_Exception($e->getMessage());
     }
     $this->policyResponse = new Pdp_PolicyResponse($result->getBody());
     return $this->policyResponse;
 }