本文整理汇总了PHP中SimpleSAML_Utilities::fatalError方法的典型用法代码示例。如果您正苦于以下问题:PHP SimpleSAML_Utilities::fatalError方法的具体用法?PHP SimpleSAML_Utilities::fatalError怎么用?PHP SimpleSAML_Utilities::fatalError使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类SimpleSAML_Utilities
的用法示例。
在下文中一共展示了SimpleSAML_Utilities::fatalError方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: handleError
/**
* Helper function for handling exception/errors.
*
* This function will send an error response to the SP which contacted this IdP.
*
* @param Exception $exception The exception.
*/
function handleError(Exception $exception)
{
global $requestcache, $config, $metadata, $idpentityid;
assert('is_array($requestcache)');
assert('array_key_exists("Issuer", $requestcache)');
$issuer = $requestcache['Issuer'];
if (array_key_exists('RequestID', $requestcache)) {
$requestID = $requestcache['RequestID'];
} else {
$requestID = NULL;
}
if (array_key_exists('RelayState', $requestcache)) {
$relayState = $requestcache['RelayState'];
} else {
$relayState = NULL;
}
$error = sspmod_saml2_Error::fromException($exception);
SimpleSAML_Logger::warning('Returning error to sp: ' . var_export($issuer, TRUE));
$error->logWarning();
try {
$idpMetadata = $metadata->getMetaDataConfig($idpentityid, 'saml20-idp-hosted');
$spMetadata = $metadata->getMetaDataConfig($issuer, 'saml20-sp-remote');
if (array_key_exists('ConsumerURL', $requestcache)) {
$consumerURL = $requestcache['ConsumerURL'];
} else {
$urlArray = $spMetadata->getArrayizeString('AssertionConsumerService');
$consumerURL = $urlArray[0];
}
$ar = sspmod_saml2_Message::buildResponse($idpMetadata, $spMetadata, $consumerURL);
$ar->setInResponseTo($requestID);
$ar->setRelayState($relayState);
$ar->setStatus(array('Code' => $error->getStatus(), 'SubCode' => $error->getSubStatus(), 'Message' => $error->getStatusMessage()));
$binding = new SAML2_HTTPPost();
$binding->setDestination(sspmod_SAML2_Message::getDebugDestination());
$binding->send($ar);
} catch (Exception $e) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'GENERATEAUTHNRESPONSE', $e);
}
}
示例2: SimpleSAML_Auth_LDAP
* Load the RelayState argument. The RelayState argument contains the address
* we should redirect the user to after a successful authentication.
*/
if (!array_key_exists('RelayState', $_REQUEST)) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NORELAYSTATE');
}
$relaystate = $_REQUEST['RelayState'];
if ($username = $_POST['username']) {
try {
$ldap = new SimpleSAML_Auth_LDAP($ldapconfig['servers'], $ldapconfig['enable_tls']);
$attributes = $ldap->validate($ldapconfig, $username, $_POST['password']);
if ($attributes === FALSE) {
$error = "LDAP_INVALID_CREDENTIALS";
} else {
$session->doLogin('login-wayf-ldap');
$session->setAttributes($attributes);
$session->setNameID(array('value' => SimpleSAML_Utilities::generateID(), 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
SimpleSAML_Utilities::redirect($relaystate);
}
} catch (Exception $e) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'LDAPERROR', $e);
}
}
$t = new SimpleSAML_XHTML_Template($config, $ldapconfig['template']);
$t->data['header'] = 'simpleSAMLphp: Enter username and password';
$t->data['relaystate'] = htmlspecialchars($relaystate);
$t->data['error'] = $error;
if (isset($error)) {
$t->data['username'] = htmlspecialchars($username);
}
$t->show();
示例3: var_export
if (array_key_exists('url', $idpmeta)) {
$metaArray['url'] = $idpmeta['url'];
}
if (array_key_exists('scope', $idpmeta)) {
$metaArray['scope'] = $idpmeta['scope'];
}
$metaflat = '$metadata[' . var_export($idpentityid, TRUE) . '] = ' . var_export($metaArray, TRUE) . ';';
$metaArray['certData'] = $certInfo['certData'];
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid);
$metaBuilder->addMetadataIdP20($metaArray);
$metaBuilder->addContact('technical', array('emailAddress' => $config->getString('technicalcontact_email', NULL), 'name' => $config->getString('technicalcontact_name', NULL)));
$metaxml = $metaBuilder->getEntityDescriptorText();
/* Sign the metadata if enabled. */
$metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $idpmeta, 'SAML 2 IdP');
if (array_key_exists('output', $_GET) && $_GET['output'] == 'xhtml') {
$defaultidp = $config->getString('default-saml20-idp', NULL);
$t = new SimpleSAML_XHTML_Template($config, 'metadata.php', 'admin');
$t->data['header'] = 'saml20-idp';
$t->data['metaurl'] = SimpleSAML_Utilities::selfURLNoQuery();
$t->data['metadata'] = htmlentities($metaxml);
$t->data['metadataflat'] = htmlentities($metaflat);
$t->data['defaultidp'] = $defaultidp;
$t->show();
} else {
header('Content-Type: application/xml');
echo $metaxml;
exit(0);
}
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'METADATA', $exception);
}
示例4: array
$casusername = $success->item(0)->textContent;
return array($casusername, $attributes);
}
} else {
throw new Exception("validate or serviceValidate not specified");
}
/**
* First request, will redirect the user to the CAS server for authentication.
*/
} else {
SimpleSAML_Logger::info("AUTH - cas-ldap: redirecting to {$cas['login']}");
SimpleSAML_Utilities::redirect($cas['login'], array('service' => $service));
}
}
try {
$relaystate = $_REQUEST['RelayState'];
list($username, $casattributes) = casValidate($casconfig);
SimpleSAML_Logger::info('AUTH - cas-ldap: ' . $username . ' authenticated by ' . $casconfig['validate']);
$ldapattributes = array();
if ($ldapconfig['servers']) {
$ldap = new SimpleSAML_Auth_LDAP($ldapconfig['servers'], $ldapconfig['enable_tls']);
$ldapattributes = $ldap->validate($ldapconfig, $username);
}
$attributes = array_merge_recursive($casattributes, $ldapattributes);
$session->doLogin('login-cas-ldap');
$session->setAttributes($attributes);
$session->setNameID(array('value' => SimpleSAML_Utilities::generateID(), 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
SimpleSAML_Utilities::redirect($relaystate);
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'CASERROR', $exception);
}
示例5: gsaml_send_auth_response
/**
* Accept a SAML Request and form a Response
* NOTE: that this function is Google Specific
*
*/
function gsaml_send_auth_response($samldata)
{
global $CFG, $SESSION, $USER;
SimpleSAML_Configuration::init($CFG->dirroot . '/auth/gsaml/config');
$config = SimpleSAML_Configuration::getInstance();
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$session = SimpleSAML_Session::getInstance();
try {
$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
$idmetaindex = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted', 'metaindex');
$idpmetadata = $metadata->getMetaDataCurrent('saml20-idp-hosted');
if (!array_key_exists('auth', $idpmetadata)) {
throw new Exception('Missing mandatory parameter in SAML 2.0 IdP Hosted Metadata: [auth]');
}
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'METADATA', $exception);
}
/// SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Accessing SAML 2.0 IdP endpoint SSOService');
if (!$config->getValue('enable.saml20-idp', false)) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
}
$rawRequest = $samldata;
if (!empty($SESSION->samlrelaystate)) {
$relaystate = $SESSION->samlrelaystate;
} else {
$relaystate = NULL;
}
$decodedRequest = @base64_decode($rawRequest);
if (!$decodedRequest) {
throw new Exception('Could not base64 decode SAMLRequest GET parameter');
}
$samlRequestXML = @gzinflate($decodedRequest);
if (!$samlRequestXML) {
$error = error_get_last();
throw new Exception('Could not gzinflate base64 decoded SAMLRequest: ' . $error['message']);
}
SimpleSAML_Utilities::validateXMLDocument($samlRequestXML, 'saml20');
$samlRequest = new SimpleSAML_XML_SAML20_AuthnRequest($config, $metadata);
$samlRequest->setXML($samlRequestXML);
if (!is_null($relaystate)) {
$samlRequest->setRelayState($relaystate);
}
// $samlRequest presenting the request object
$authnrequest = $samlRequest;
if ($session == NULL) {
debugging('No SAML Session gsaml_send_auth_response', DEBUG_DEVELOPER);
return false;
// if this func returns we Know it's an error
}
if (!empty($USER->id)) {
// TODO: if moodle user is not the same as google user
// use the mapping
$username = $USER->username;
} else {
debugging('No User given to gsaml_send_auth_response', DEBUG_DEVELOPER);
return false;
}
//TODO: better errors
if (!($domain = get_config('auth/gsaml', 'domainname'))) {
debugging('No domain set in gsaml_send_auth_response', DEBUG_DEVELOPER);
return false;
// if this func returns we Know it's an error
}
$attributes['useridemail'] = array($username . '@' . $domain);
$session->doLogin('login');
// was login
$session->setAttributes($attributes);
$session->setNameID(array('value' => SimpleSAML_Utilities::generateID(), 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
$requestcache = array('RequestID' => $authnrequest->getRequestID(), 'Issuer' => $authnrequest->getIssuer(), 'ConsentCookie' => SimpleSAML_Utilities::generateID(), 'RelayState' => $authnrequest->getRelayState());
try {
$spentityid = $requestcache['Issuer'];
$spmetadata = $metadata->getMetaData($spentityid, 'saml20-sp-remote');
$sp_name = isset($spmetadata['name']) ? $spmetadata['name'] : $spentityid;
// TODO: Are we really tracking SP's???
//
// Adding this service provider to the list of sessions.
// Right now the list is used for SAML 2.0 only.
$session->add_sp_session($spentityid);
/// SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Sending back AuthnResponse to ' . $spentityid);
// TODO: handle passive situtation
// Rigth now I replaced $isPassive with isset($isPassive) to prevent notice on debug mode
if (isset($isPassive)) {
/* Generate an SAML 2.0 AuthNResponse message
With statusCode: urn:oasis:names:tc:SAML:2.0:status:NoPassive
*/
$ar = new SimpleSAML_XML_SAML20_AuthnResponse($config, $metadata);
$authnResponseXML = $ar->generate($idpentityid, $spentityid, $requestcache['RequestID'], null, array(), 'NoPassive');
// Sending the AuthNResponse using HTTP-Post SAML 2.0 binding
$httppost = new SimpleSAML_Bindings_SAML20_HTTPPost($config, $metadata);
$httppost->sendResponse($authnResponseXML, $idpentityid, $spentityid, $requestcache['RelayState']);
exit;
}
/*
* Attribute handling
*/
//.........这里部分代码省略.........
示例6: foreach
}
/* Transpose from $entities[entityid][type] to $output[type][entityid]. */
$output = SimpleSAML_Utilities::transposeArray($entities);
/* Merge all metadata of each type to a single string which should be
* added to the corresponding file.
*/
foreach ($output as $type => &$entities) {
$text = '';
foreach ($entities as $entityId => $entityMetadata) {
if ($entityMetadata === NULL) {
continue;
}
/* Remove the entityDescriptor element because it is unused, and only
* makes the output harder to read.
*/
unset($entityMetadata['entityDescriptor']);
$text .= '$metadata[' . var_export($entityId, TRUE) . '] = ' . var_export($entityMetadata, TRUE) . ";\n";
}
$entities = $text;
}
} else {
$xmldata = '';
$output = array();
}
$template = new SimpleSAML_XHTML_Template($config, 'metadata-converter.php', 'admin');
$template->data['xmldata'] = $xmldata;
$template->data['output'] = $output;
$template->show();
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError('', 'METADATA_PARSER', $exception);
}
示例7: Exception
if (!SimpleSAML_Utilities::checkDateConditions($notBefore, $notOnOrAfter)) {
throw new Exception('The response has expired.');
}
}
/* Extract the name identifier from the response. */
$nameid = $xpath->query('./saml:AuthenticationStatement/saml:Subject/saml:NameIdentifier', $assertion);
if ($nameid->length === 0) {
throw new Exception('Could not find the name identifier in the response from the WS-Fed IdP \'' . $idpEntityId . '\'.');
}
$nameid = array('Format' => $nameid->item(0)->getAttribute('Format'), 'value' => $nameid->item(0)->textContent);
/* Extract the attributes from the response. */
$attributes = array();
$attributeValues = $xpath->query('./saml:AttributeStatement/saml:Attribute/saml:AttributeValue', $assertion);
foreach ($attributeValues as $attribute) {
$name = $attribute->parentNode->getAttribute('AttributeName');
$value = $attribute->textContent;
if (!array_key_exists($name, $attributes)) {
$attributes[$name] = array();
}
$attributes[$name][] = $value;
}
/* Mark the user as logged in. */
$session->doLogin('wsfed');
$session->setAttributes($attributes);
$session->setNameID($nameid);
$session->setIdP($idpEntityId);
/* Redirect the user back to the page which requested the login. */
SimpleSAML_Utilities::redirect($wctx);
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'PROCESSASSERTION', $exception);
}
示例8: catch
if (!$config->getBoolean('enable.saml20-idp', false)) {
SimpleSAML_Utilities::fatalError(isset($session) ? $session->getTrackID() : null, 'NOACCESS');
}
try {
$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'METADATA', $exception);
}
SimpleSAML_Logger::debug('SAML2.0 - IdP.SingleLogoutServiceiFrame: Got IdP entity id: ' . $idpentityid);
$logouttype = 'traditional';
$idpmeta = $metadata->getMetaDataCurrent('saml20-idp-hosted');
if (array_key_exists('logouttype', $idpmeta)) {
$logouttype = $idpmeta['logouttype'];
}
if ($logouttype !== 'iframe') {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS', new Exception('This IdP is configured to use logout type [' . $logouttype . '], but this endpoint is only available for IdP using logout type [iframe]'));
}
SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutServiceiFrameNoJavascript: Accessing SAML 2.0 IdP endpoint SingleLogoutService (iFrame version without javascript support) ');
$config = SimpleSAML_Configuration::getInstance();
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$session = SimpleSAML_Session::getInstance();
$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
$templistofsps = $session->get_sp_list(SimpleSAML_Session::STATE_ONLINE);
$listofsps = array();
foreach ($templistofsps as $spentityid) {
if (!empty($_COOKIE['spstate-' . sha1($spentityid)])) {
$listofsps[] = $spentityid;
}
}
if (count($templistofsps) === count($listofsps)) {
$templistofsps = $session->get_sp_list(SimpleSAML_Session::STATE_ONLINE);
示例9:
* AUTHOR: Samuel Muñoz Hidalgo
* EMAIL: samuel.mh@gmail.com
* LAST REVISION: 13-FEB-09
* DESCRIPTION:
* Pretty form to get a managed InfoCard
* User flow controller.
* Displays the template and request a non null xmlToken
*/
/* Load the configuration. */
$config = SimpleSAML_Configuration::getInstance();
$autoconfig = $config->copyFromBase('logininfocard', 'config-login-infocard.php');
$Infocard = $autoconfig->getValue('InfoCard');
/* Load the session of the current user. */
$session = SimpleSAML_Session::getInstance();
if ($session == NULL) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOSESSION');
}
if (!array_key_exists('AuthState', $_REQUEST)) {
SimpleSAML_Logger::debug('NO AUTH STATE');
SimpleSAML_Logger::debug('ERROR: NO AUTH STATE');
throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.');
} else {
$authStateId = $_REQUEST['AuthState'];
SimpleSAML_Logger::debug('AUTH STATE: ' . $authStateId);
}
$username = null;
$password = null;
$state = "validate";
if (array_key_exists('form', $_POST) && $_POST['form'] != NULL) {
if (array_key_exists('username', $_POST) && $_POST['username'] != NULL) {
if (array_key_exists('password', $_POST) && $_POST['password'] != NULL) {
示例10: Exception
SimpleSAML_Logger::debug('SAML2.0 - IdP.SingleLogoutServiceiFrame: Got IdP entity id: ' . $idpEntityId);
$logouttype = $idpMetadata->getString('logouttype', 'traditional');
if ($logouttype !== 'iframe') {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS', new Exception('This IdP is configured to use logout type [' . $logouttype . '], but this endpoint is only available for IdP using logout type [iframe]'));
}
if (!isset($_REQUEST['SAMLResponse'])) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'SLOSERVICEPARAMS', new Exception('No valid SAMLResponse found? Probably some error in remote partys metadata that sends something to this endpoint that is not SAML LogoutResponses'));
}
$binding = SAML2_Binding::getCurrentBinding();
$logoutResponse = $binding->receive();
if (!$logoutResponse instanceof SAML2_LogoutResponse) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'SLOSERVICEPARAMS', new Exception('Message received on response endpoint wasn\'t a response. Was: ' . get_class($logoutResponse)));
}
$spEntityId = $logoutResponse->getIssuer();
if ($spEntityId === NULL) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'SLOSERVICEPARAMS', new Exception('Missing issuer on logout response.'));
}
$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
sspmod_saml2_Message::validateMessage($spMetadata, $idpMetadata, $logoutResponse);
$sphash = sha1($spEntityId);
setcookie('spstate-' . $sphash, '1');
// Duration: 2 hours
SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutServiceiFrameResponse: Logging out completed');
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>Logout OK</title>
</head>
<body>OK</body>
示例11: Exception
$groupsAttr = $amc->getGroupsAttr();
if ($groupsAttr !== NULL) {
if (!array_key_exists($groupsAttr, $attributes)) {
throw new Exception('The user doesn\'t have an attribute named \'' . $groupsAttr . '\'. This attribute is expected to contain the groups the user is a member of.');
}
$authData['Groups'] = $attributes[$groupsAttr];
} else {
$authData['Groups'] = array();
}
$authData['RemoteIP'] = $_SERVER['REMOTE_ADDR'];
foreach ($attributes as $n => $v) {
$authData['ATTR_' . $n] = $v;
}
/* Store the authentication data in the memcache server. */
$data = '';
foreach ($authData as $n => $v) {
if (is_array($v)) {
$v = implode(':', $v);
}
$data .= $n . '=' . $v . "\r\n";
}
$memcache = $amc->getMemcache();
$expirationTime = $session->remainingTime();
$memcache->set($sessionID, $data, 0, $expirationTime);
/* Register logout handler. */
$session->registerLogoutHandler('SimpleSAML_AuthMemCookie', 'logoutHandler');
/* Redirect the user back to this page to signal that the login is completed. */
SimpleSAML_Utilities::redirect(SimpleSAML_Utilities::selfURL());
} catch (Exception $e) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'CONFIG', $e);
}
示例12: process
/**
* This function processes a response message and adds information from it to the
* current session if it is valid. It throws an exception if it is invalid.
*/
public function process()
{
$status = $this->findstatus();
if ($status == 'urn:oasis:names:tc:SAML:2.0:status:Success') {
/* Find the issuer of this response. */
$this->issuer = $this->findIssuer();
$this->decryptAssertion();
/* Validate the signature element. */
$this->validateSignature();
/* Process all assertions. */
$assertions = $this->doXPathQuery('/samlp:Response/saml:Assertion');
foreach ($assertions as $assertion) {
$this->processAssertion($assertion);
}
if ($this->nameid === NULL) {
throw new Exception('No nameID found in AuthnResponse.');
}
/* Update the session information */
$session = SimpleSAML_Session::getInstance();
$session->doLogin('saml2');
$session->setAttributes($this->attributes);
$session->setNameID($this->nameid);
$session->setSessionIndex($this->sessionIndex);
$session->setIdP($this->issuer);
} elseif ($status == 'urn:oasis:names:tc:SAML:2.0:status:NoPassive') {
/* Do not process the authResponse when NoPassive is sent - we continue with an empty set of attributes.
Some day we will be able to tell the application what happened */
$session = SimpleSAML_Session::getInstance();
$session->doLogin('saml2');
$session->setAttributes(array());
} else {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'RESPONSESTATUSNOSUCCESS', new Exception("Status = " . $status));
}
}
示例13: IdP
// Extract some parameters from the logout request
$requestid = $message->getId();
SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: IdP (' . $idpEntityId . ') is sending logout request to me SP (' . $spEntityId . ') requestid ' . $requestid);
SimpleSAML_Logger::stats('saml20-idp-SLO idpinit ' . $spEntityId . ' ' . $idpEntityId);
/* Create response. */
$lr = sspmod_saml2_Message::buildLogoutResponse($spMetadata, $idpMetadata);
$lr->setRelayState($message->getRelayState());
$lr->setInResponseTo($message->getId());
SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: SP me (' . $spEntityId . ') is sending logout response to IdP (' . $idpEntityId . ')');
/* Send response. */
$binding = new SAML2_HTTPRedirect();
$binding->setDestination(sspmod_SAML2_Message::getDebugDestination());
$binding->send($lr);
} catch (Exception $exception) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'LOGOUTREQUEST', $exception);
}
} elseif ($message instanceof SAML2_LogoutResponse) {
SimpleSAML_Logger::stats('saml20-sp-SLO spinit ' . $spEntityId . ' ' . $idpEntityId);
$id = $message->getRelayState();
if (empty($id)) {
/* For backwardscompatibility. */
$id = $message->getInResponseTo();
}
$returnTo = $session->getData('spLogoutReturnTo', $id);
if (empty($returnTo)) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'LOGOUTINFOLOST');
}
SimpleSAML_Utilities::redirect($returnTo);
} else {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'SLOSERVICEPARAMS');
}
示例14: getMetadata
//.........这里部分代码省略.........
continue;
}
// Compute is the default values is allowed
$default_allow = false;
if (isset($metadatafields_required[$v->getKey()]->default_allow) && is_bool($metadatafields_required[$v->getKey()]->default_allow)) {
$default_allow = $metadatafields_required[$v->getKey()]->default_allow;
}
/*
* Do not include metadata if value is set to default and default
* is not allowed.
*/
if (!$default_allow && (isset($metadatafields_required[$v->getKey()]->default) && $v->getValue() == $metadatafields_required[$v->getKey()]->default)) {
continue;
}
$metadata[] = $v->getKey();
}
// Compute missing metadata that is required
$missing_required = array_diff($required, $metadata);
$entityId = $entity->getEntityid();
if (!empty($missing_required)) {
SimpleSAML_Logger::error('JANUS - Missing required metadata fields. Entity_id:' . $entityId);
self::$_error = $missing_required;
return false;
}
try {
$metaArray = $entityController->getMetaArray();
$metaArray['eid'] = $eid;
$blockedEntities = $entityController->getBlockedEntities();
$allowedEntities = $entityController->getAllowedEntities();
$disabledConsent = $entityController->getDisableConsent();
$metaFlat = '// Revision: ' . $entity->getRevisionid() . "\n";
$metaFlat .= var_export($entityId, TRUE) . ' => ' . var_export($metaArray, TRUE) . ',';
// Add authproc filter to block blocked entities
if (!empty($blockedEntities) || !empty($allowedEntities)) {
$metaFlat = substr($metaFlat, 0, -2);
if (!empty($allowedEntities)) {
$metaFlat .= " 'allowed' => array(\n";
$metaArray['allowed'] = array();
foreach ($allowedEntities as $allowedEntity) {
$metaFlat .= " '" . $allowedEntity['remoteentityid'] . "',\n";
$metaArray['allowed'][] = $allowedEntity['remoteentityid'];
}
$metaFlat .= " ),\n";
}
if (!empty($blockedEntities)) {
$metaFlat .= " 'blocked' => array(\n";
$metaArray['blocked'] = array();
foreach ($blockedEntities as $blockedEntity) {
$metaFlat .= " '" . $blockedEntity['remoteentityid'] . "',\n";
$metaArray['blocked'][] = $blockedEntity['remoteentityid'];
}
$metaFlat .= " ),\n";
}
$metaFlat .= '),';
}
// Add disable consent
if (!empty($disabledConsent)) {
$metaFlat = substr($metaFlat, 0, -2);
$metaFlat .= " 'consent.disable' => array(\n";
foreach ($disabledConsent as $key => $value) {
$metaFlat .= " '" . $key . "',\n";
}
$metaFlat .= " ),\n";
$metaFlat .= '),';
}
$maxCache = isset($option['maxCache']) ? $option['maxCache'] : null;
$maxDuration = isset($option['maxDuration']) ? $option['maxDuration'] : null;
try {
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($entityId, $maxCache, $maxDuration);
$metaBuilder->addMetadata($metaArray['metadata-set'], $metaArray);
} catch (Exception $e) {
SimpleSAML_Logger::error('JANUS - Entity_id:' . $entityId . ' - Error generating XML metadata - ' . var_export($e, true));
self::$_error = array('Error generating XML metadata - ' . $e->getMessage());
return false;
}
// Add organization info
if (!empty($metaArray['OrganizationName']) && !empty($metaArray['OrganizationDisplayName']) && !empty($metaArray['OrganizationURL'])) {
$metaBuilder->addOrganizationInfo(array('OrganizationName' => $metaArray['OrganizationName'], 'OrganizationDisplayName' => $metaArray['OrganizationDisplayName'], 'OrganizationURL' => $metaArray['OrganizationURL']));
}
// Add contact info
if (!empty($metaArray['contact'])) {
$metaBuilder->addContact('technical', $metaArray['contact']);
}
switch ($type) {
case self::XML:
return $metaBuilder->getEntityDescriptor();
case self::XMLREADABLE:
return $metaBuilder->getEntityDescriptorText();
case self::PHPARRAY:
return $metaArray;
case self::FLATFILE:
default:
return $metaFlat;
}
} catch (Exception $exception) {
$session = SimpleSAML_Session::getInstance();
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'JANUS - Metadatageneration', $exception);
return false;
}
}
示例15: show
/**
* Display this error.
*
* This method displays a standard simpleSAMLphp error page and exits.
*/
public function show()
{
$this->setHTTPCode();
$session = SimpleSAML_Session::getInstance();
if ($this->cause !== NULL) {
$e = $this->cause;
} else {
$e = $this;
}
SimpleSAML_Utilities::fatalError($session->getTrackID(), $this->errorCode, $e);
}