当前位置: 首页>>代码示例>>PHP>>正文


PHP SimpleSAML_Utilities::isHTTPS方法代码示例

本文整理汇总了PHP中SimpleSAML_Utilities::isHTTPS方法的典型用法代码示例。如果您正苦于以下问题:PHP SimpleSAML_Utilities::isHTTPS方法的具体用法?PHP SimpleSAML_Utilities::isHTTPS怎么用?PHP SimpleSAML_Utilities::isHTTPS使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在SimpleSAML_Utilities的用法示例。


在下文中一共展示了SimpleSAML_Utilities::isHTTPS方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: __construct

 protected function __construct()
 {
     /* Call the parent constructor in case it should become
      * necessary in the future.
      */
     parent::__construct();
     /* Initialize the php session handling.
      *
      * If session_id() returns a blank string, then we need
      * to call session start. Otherwise the session is already
      * started, and we should avoid calling session_start().
      */
     if (session_id() === '') {
         $config = SimpleSAML_Configuration::getInstance();
         $cookiepath = $config->getBoolean('session.phpsession.limitedpath', FALSE) ? '/' . $config->getBaseURL() : '/';
         session_set_cookie_params(0, $cookiepath, NULL, SimpleSAML_Utilities::isHTTPS());
         $cookiename = $config->getString('session.phpsession.cookiename', NULL);
         if (!empty($cookiename)) {
             session_name($cookiename);
         }
         $savepath = $config->getString('session.phpsession.savepath', NULL);
         if (!empty($savepath)) {
             session_save_path($savepath);
         }
         if (!array_key_exists(session_name(), $_COOKIE)) {
             /* Session cookie unset - session id not set. Generate new (secure) session id. */
             session_id(SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16)));
         }
         session_start();
     }
 }
开发者ID:hukumonline,项目名称:yii,代码行数:31,代码来源:SessionHandlerPHP.php

示例2: getCookieSessionId

 /**
  * Retrieve the session id of saved in the session cookie.
  *
  * @return string  The session id saved in the cookie.
  */
 public function getCookieSessionId()
 {
     if (session_id() === '') {
         $session_cookie_params = session_get_cookie_params();
         if ($session_cookie_params['secure'] && !SimpleSAML_Utilities::isHTTPS()) {
             throw new SimpleSAML_Error_Exception('Session start with secure cookie not allowed on http.');
         }
         if (!self::hasSessionCookie()) {
             if (headers_sent()) {
                 throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.');
             }
             /* Session cookie unset - session id not set. Generate new (secure) session id. */
             $sessionId = SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16));
             SimpleSAML_Session::createSession($sessionId);
             session_id($sessionId);
         }
         session_start();
     }
     return session_id();
 }
开发者ID:rchavik,项目名称:simplesamlphp,代码行数:25,代码来源:SessionHandlerPHP.php

示例3: selfURLhost

 /**
  * Will return https://sp.example.org
  */
 public static function selfURLhost()
 {
     $currenthost = self::getSelfHost();
     if (SimpleSAML_Utilities::isHTTPS()) {
         $protocol = 'https';
     } else {
         $protocol = 'http';
     }
     $portnumber = $_SERVER["SERVER_PORT"];
     $port = ':' . $portnumber;
     if ($protocol == 'http') {
         if ($portnumber == '80') {
             $port = '';
         }
     } elseif ($protocol == 'https') {
         if ($portnumber == '443') {
             $port = '';
         }
     }
     $querystring = '';
     return $protocol . "://" . $currenthost . $port;
 }
开发者ID:newlongwhitecloudy,项目名称:OpenConext-serviceregistry,代码行数:25,代码来源:Utilities.php

示例4: setCookie

 /**
  * Set a session cookie.
  *
  * @param string $name  The name of the session cookie.
  * @param string|NULL $value  The value of the cookie. Set to NULL to delete the cookie.
  */
 public function setCookie($name, $value)
 {
     assert('is_string($name)');
     assert('is_string($value) || is_null($value)');
     $params = $this->getCookieParams();
     // Do not set secure cookie if not on HTTPS
     if ($params['secure'] && !SimpleSAML_Utilities::isHTTPS()) {
         SimpleSAML_Logger::warning('Setting secure cookie on http not allowed.');
         return;
     }
     if ($value === NULL) {
         $expire = time() - 365 * 24 * 60 * 60;
     } elseif ($params['lifetime'] === 0) {
         $expire = 0;
     } else {
         $expire = time() + $params['lifetime'];
     }
     if (!setcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly'])) {
         throw new SimpleSAML_Error_Exception('Error setting cookie - headers already sent.');
     }
 }
开发者ID:emma5021,项目名称:toba,代码行数:27,代码来源:SessionHandler.php

示例5: buildAssertion

 /**
  * Build an assertion based on information in the metadata.
  *
  * @param SimpleSAML_Configuration $idpMetadata  The metadata of the IdP.
  * @param SimpleSAML_Configuration $spMetadata  The metadata of the SP.
  * @param array &$state  The state array with information about the request.
  * @return SAML2_Assertion  The assertion.
  */
 private static function buildAssertion(SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, array &$state)
 {
     assert('isset($state["Attributes"])');
     assert('isset($state["saml:ConsumerURL"])');
     $signAssertion = $spMetadata->getBoolean('saml20.sign.assertion', NULL);
     if ($signAssertion === NULL) {
         $signAssertion = $idpMetadata->getBoolean('saml20.sign.assertion', TRUE);
     }
     $config = SimpleSAML_Configuration::getInstance();
     $a = new SAML2_Assertion();
     if ($signAssertion) {
         sspmod_saml_Message::addSign($idpMetadata, $spMetadata, $a);
     }
     $a->setIssuer($idpMetadata->getString('entityid'));
     $a->setValidAudiences(array($spMetadata->getString('entityid')));
     $a->setNotBefore(time() - 30);
     $assertionLifetime = $spMetadata->getInteger('assertion.lifetime', NULL);
     if ($assertionLifetime === NULL) {
         $assertionLifetime = $idpMetadata->getInteger('assertion.lifetime', 300);
     }
     $a->setNotOnOrAfter(time() + $assertionLifetime);
     if (isset($state['saml:AuthnContextClassRef'])) {
         $a->setAuthnContext($state['saml:AuthnContextClassRef']);
     } else {
         $a->setAuthnContext(SAML2_Const::AC_PASSWORD);
     }
     if (isset($state['AuthnInstant'])) {
         $a->setAuthnInstant($state['AuthnInstant']);
     } else {
         /* For backwards compatibility. Remove in version 1.8. */
         $session = SimpleSAML_Session::getInstance();
         $a->setAuthnInstant($session->getAuthnInstant());
     }
     $sessionLifetime = $config->getInteger('session.duration', 8 * 60 * 60);
     $a->setSessionNotOnOrAfter(time() + $sessionLifetime);
     $a->setSessionIndex(SimpleSAML_Utilities::generateID());
     $sc = new SAML2_XML_saml_SubjectConfirmation();
     $sc->SubjectConfirmationData = new SAML2_XML_saml_SubjectConfirmationData();
     $sc->SubjectConfirmationData->NotOnOrAfter = time() + $assertionLifetime;
     $sc->SubjectConfirmationData->Recipient = $state['saml:ConsumerURL'];
     $sc->SubjectConfirmationData->InResponseTo = $state['saml:RequestId'];
     /* ProtcolBinding of SP's <AuthnRequest> overwrites IdP hosted metadata configuration. */
     $hokAssertion = NULL;
     if ($state['saml:Binding'] === SAML2_Const::BINDING_HOK_SSO) {
         $hokAssertion = TRUE;
     }
     if ($hokAssertion === NULL) {
         $hokAssertion = $idpMetadata->getBoolean('saml20.hok.assertion', FALSE);
     }
     if ($hokAssertion) {
         /* Holder-of-Key */
         $sc->Method = SAML2_Const::CM_HOK;
         if (SimpleSAML_Utilities::isHTTPS()) {
             if (isset($_SERVER['SSL_CLIENT_CERT']) && !empty($_SERVER['SSL_CLIENT_CERT'])) {
                 /* Extract certificate data (if this is a certificate). */
                 $clientCert = $_SERVER['SSL_CLIENT_CERT'];
                 $pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m';
                 if (preg_match($pattern, $clientCert, $matches)) {
                     /* We have a client certificate from the browser which we add to the HoK assertion. */
                     $x509Certificate = new SAML2_XML_ds_X509Certificate();
                     $x509Certificate->certificate = str_replace(array("\r", "\n", " "), '', $matches[1]);
                     $x509Data = new SAML2_XML_ds_X509Data();
                     $x509Data->data[] = $x509Certificate;
                     $keyInfo = new SAML2_XML_ds_KeyInfo();
                     $keyInfo->info[] = $x509Data;
                     $sc->SubjectConfirmationData->info[] = $keyInfo;
                 } else {
                     throw new SimpleSAML_Error_Exception('Error creating HoK assertion: No valid client certificate provided during TLS handshake with IdP');
                 }
             } else {
                 throw new SimpleSAML_Error_Exception('Error creating HoK assertion: No client certificate provided during TLS handshake with IdP');
             }
         } else {
             throw new SimpleSAML_Error_Exception('Error creating HoK assertion: No HTTPS connection to IdP, but required for Holder-of-Key SSO');
         }
     } else {
         /* Bearer */
         $sc->Method = SAML2_Const::CM_BEARER;
     }
     $a->setSubjectConfirmation(array($sc));
     /* Add attributes. */
     if ($spMetadata->getBoolean('simplesaml.attributes', TRUE)) {
         $attributeNameFormat = self::getAttributeNameFormat($idpMetadata, $spMetadata);
         $a->setAttributeNameFormat($attributeNameFormat);
         $attributes = self::encodeAttributes($idpMetadata, $spMetadata, $state['Attributes']);
         $a->setAttributes($attributes);
     }
     /* Generate the NameID for the assertion. */
     if (isset($state['saml:NameIDFormat'])) {
         $nameIdFormat = $state['saml:NameIDFormat'];
     } else {
         $nameIdFormat = NULL;
//.........这里部分代码省略.........
开发者ID:ravi-sharma,项目名称:saml-sso-integration,代码行数:101,代码来源:SAML2.php

示例6: processAssertion

 /**
  * Process an assertion in a response.
  *
  * Will throw an exception if it is invalid.
  *
  * @param SimpleSAML_Configuration $spMetadata  The metadata of the service provider.
  * @param SimpleSAML_Configuration $idpMetadata  The metadata of the identity provider.
  * @param SAML2_Response $response  The response containing the assertion.
  * @param SAML2_Assertion|SAML2_EncryptedAssertion $assertion  The assertion.
  * @param bool $responseSigned  Whether the response is signed.
  * @return SAML2_Assertion  The assertion, if it is valid.
  */
 private static function processAssertion(SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata, SAML2_Response $response, $assertion, $responseSigned)
 {
     assert('$assertion instanceof SAML2_Assertion || $assertion instanceof SAML2_EncryptedAssertion');
     assert('is_bool($responseSigned)');
     $assertion = self::decryptAssertion($idpMetadata, $spMetadata, $assertion);
     if (!self::checkSign($idpMetadata, $assertion)) {
         if (!$responseSigned) {
             throw new SimpleSAML_Error_Exception('Neither the assertion nor the response was signed.');
         }
     }
     /* At least one valid signature found. */
     $currentURL = SimpleSAML_Utilities::selfURLNoQuery();
     /* Check various properties of the assertion. */
     $notBefore = $assertion->getNotBefore();
     if ($notBefore !== NULL && $notBefore > time() + 60) {
         throw new SimpleSAML_Error_Exception('Received an assertion that is valid in the future. Check clock synchronization on IdP and SP.');
     }
     $notOnOrAfter = $assertion->getNotOnOrAfter();
     if ($notOnOrAfter !== NULL && $notOnOrAfter <= time() - 60) {
         throw new SimpleSAML_Error_Exception('Received an assertion that has expired. Check clock synchronization on IdP and SP.');
     }
     $sessionNotOnOrAfter = $assertion->getSessionNotOnOrAfter();
     if ($sessionNotOnOrAfter !== NULL && $sessionNotOnOrAfter <= time() - 60) {
         throw new SimpleSAML_Error_Exception('Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.');
     }
     $validAudiences = $assertion->getValidAudiences();
     if ($validAudiences !== NULL) {
         $spEntityId = $spMetadata->getString('entityid');
         if (!in_array($spEntityId, $validAudiences, TRUE)) {
             $candidates = '[' . implode('], [', $validAudiences) . ']';
             throw new SimpleSAML_Error_Exception('This SP [' . $spEntityId . ']  is not a valid audience for the assertion. Candidates were: ' . $candidates);
         }
     }
     $found = FALSE;
     $lastError = 'No SubjectConfirmation element in Subject.';
     foreach ($assertion->getSubjectConfirmation() as $sc) {
         if ($sc->Method !== SAML2_Const::CM_BEARER && $sc->Method !== SAML2_Const::CM_HOK) {
             $lastError = 'Invalid Method on SubjectConfirmation: ' . var_export($sc->Method, TRUE);
             continue;
         }
         /* Is SSO with HoK enabled? IdP remote metadata overwrites SP metadata configuration. */
         $hok = $idpMetadata->getBoolean('saml20.hok.assertion', NULL);
         if ($hok === NULL) {
             $hok = $spMetadata->getBoolean('saml20.hok.assertion', FALSE);
         }
         if ($sc->Method === SAML2_Const::CM_BEARER && $hok) {
             $lastError = 'Bearer SubjectConfirmation received, but Holder-of-Key SubjectConfirmation needed';
             continue;
         }
         if ($sc->Method === SAML2_Const::CM_HOK && !$hok) {
             $lastError = 'Holder-of-Key SubjectConfirmation received, but the Holder-of-Key profile is not enabled.';
             continue;
         }
         $scd = $sc->SubjectConfirmationData;
         if ($sc->Method === SAML2_Const::CM_HOK) {
             /* Check HoK Assertion */
             if (SimpleSAML_Utilities::isHTTPS() === FALSE) {
                 $lastError = 'No HTTPS connection, but required for Holder-of-Key SSO';
                 continue;
             }
             if (isset($_SERVER['SSL_CLIENT_CERT']) && empty($_SERVER['SSL_CLIENT_CERT'])) {
                 $lastError = 'No client certificate provided during TLS Handshake with SP';
                 continue;
             }
             /* Extract certificate data (if this is a certificate). */
             $clientCert = $_SERVER['SSL_CLIENT_CERT'];
             $pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m';
             if (preg_match($pattern, $clientCert, $matches) === FALSE) {
                 $lastError = 'No valid client certificate provided during TLS Handshake with SP';
                 continue;
             }
             /* We have a valid client certificate from the browser. */
             $clientCert = str_replace(array("\r", "\n", " "), '', $matches[1]);
             foreach ($scd->info as $thing) {
                 if ($thing instanceof SAML2_XML_ds_KeyInfo) {
                     $keyInfo[] = $thing;
                 }
             }
             if (count($keyInfo) != 1) {
                 $lastError = 'Error validating Holder-of-Key assertion: Only one <ds:KeyInfo> element in <SubjectConfirmationData> allowed';
                 continue;
             }
             foreach ($keyInfo[0]->info as $thing) {
                 if ($thing instanceof SAML2_XML_ds_X509Data) {
                     $x509data[] = $thing;
                 }
             }
             if (count($x509data) != 1) {
//.........这里部分代码省略.........
开发者ID:jiangjunt,项目名称:efront_open_source,代码行数:101,代码来源:Message.php

示例7: _setConsentCookie

 /**
  * Helper function for setting a cookie.
  *
  * @param string      $name  Name of the cookie.
  * @param string|null $value Value of the cookie. Set this to null to
  *                           delete the cookie.
  *
  * @return void
  */
 private function _setConsentCookie($name, $value)
 {
     assert('is_string($name)');
     assert('is_string($value) || is_null($value)');
     $globalConfig = SimpleSAML_Configuration::getInstance();
     $params = array('lifetime' => 90 * 24 * 60 * 60, 'path' => '/' . $globalConfig->getBaseURL(), 'httponly' => FALSE);
     if (SimpleSAML_Utilities::isHTTPS()) {
         /* Enable secure cookie for https-requests. */
         $params['secure'] = true;
     } else {
         $params['secure'] = false;
     }
     SimpleSAML_Utilities::setCookie($name, $value, $params, FALSE);
 }
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:23,代码来源:Cookie.php

示例8: array

<?php

/* Load simpleSAMLphp, configuration */
$config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getInstance();
/* Check if valid local session exists.. */
if ($config->getBoolean('admin.protectindexpage', false)) {
    SimpleSAML_Utilities::requireAdmin();
}
$loginurl = SimpleSAML_Utilities::getAdminLoginURL();
$isadmin = SimpleSAML_Utilities::isAdmin();
$warnings = array();
if (!SimpleSAML_Utilities::isHTTPS()) {
    $warnings[] = '{core:frontpage:warnings_https}';
}
if ($config->getValue('secretsalt') === 'defaultsecretsalt') {
    $warnings[] = '{core:frontpage:warnings_secretsalt}';
}
if (extension_loaded('suhosin')) {
    $suhosinLength = ini_get('suhosin.get.max_value_length');
    if (empty($suhosinLength) || (int) $suhosinLength < 2048) {
        $warnings[] = '{core:frontpage:warnings_suhosin_url_length}';
    }
}
$links = array();
$links_welcome = array();
$links_config = array();
$links_auth = array();
$links_federation = array();
$links_config[] = array('href' => SimpleSAML_Utilities::getBaseURL() . 'example-simple/hostnames.php?dummy=1', 'text' => '{core:frontpage:link_diagnostics}');
$links_config[] = array('href' => SimpleSAML_Utilities::getBaseURL() . 'admin/phpinfo.php', 'text' => '{core:frontpage:link_phpinfo}');
开发者ID:danielkjfrog,项目名称:docker,代码行数:31,代码来源:frontpage_config.php

示例9: setConsentCookie

 /**
  * Helper function for setting a cookie.
  *
  * @param string $name  Name of the cookie.
  * @param string|NULL $value  Value of the cookie. Set this to NULL to delete the cookie.
  */
 private function setConsentCookie($name, $value)
 {
     assert('is_string($name)');
     assert('is_string($value)');
     if ($value === NULL) {
         $expire = 1;
         /* Delete by setting expiry in the past. */
         $value = '';
     } else {
         $expire = time() + 90 * 24 * 60 * 60;
     }
     if (SimpleSAML_Utilities::isHTTPS()) {
         /* Enable secure cookie for https-requests. */
         $secure = TRUE;
     } else {
         $secure = FALSE;
     }
     $globalConfig = SimpleSAML_Configuration::getInstance();
     $path = '/' . $globalConfig->getBaseURL();
     setcookie($name, $value, $expire, $path, NULL, $secure);
 }
开发者ID:filonuse,项目名称:fedlab,代码行数:27,代码来源:Cookie.php

示例10: getCookieSessionId

 /**
  * Retrieve the session id of saved in the session cookie.
  *
  * @return string  The session id saved in the cookie.
  */
 public function getCookieSessionId()
 {
     if (session_id() === '') {
         if (!self::hasSessionCookie()) {
             return self::newSessionId();
         }
         $session_cookie_params = session_get_cookie_params();
         if ($session_cookie_params['secure'] && !SimpleSAML_Utilities::isHTTPS()) {
             throw new SimpleSAML_Error_Exception('Session start with secure cookie not allowed on http.');
         }
         session_start();
     }
     return session_id();
 }
开发者ID:williamamed,项目名称:Raptor2,代码行数:19,代码来源:SessionHandlerPHP.php

示例11: array

             SimpleSAML_Utilities::redirect('/' . $globalConfig->getBaseURL() . 'saml2/sp/initSSO.php', array('RelayState' => SimpleSAML_Utilities::selfURL()));
         }
         break;
     case 'shib13':
         if (!$session->isValid('shib13')) {
             SimpleSAML_Utilities::redirect('/' . $globalConfig->getBaseURL() . 'shib13/sp/initSSO.php', array('RelayState' => SimpleSAML_Utilities::selfURL()));
         }
         break;
     default:
         /* Should never happen, as the login method is checked in the AuthMemCookie class. */
         throw new Exception('Invalid login method.');
 }
 /* Generate session id and save it in a cookie. */
 $sessionID = SimpleSAML_Utilities::generateID();
 $cookieName = $amc->getCookieName();
 setcookie($cookieName, $sessionID, 0, '/', NULL, SimpleSAML_Utilities::isHTTPS(), TRUE);
 /* Generate the authentication information. */
 $attributes = $session->getAttributes();
 $authData = array();
 /* Username. */
 $usernameAttr = $amc->getUsernameAttr();
 if (!array_key_exists($usernameAttr, $attributes)) {
     throw new Exception('The user doesn\'t have an attribute named \'' . $usernameAttr . '\'. This attribute is expected to contain the username.');
 }
 $authData['UserName'] = $attributes[$usernameAttr];
 /* Groups. */
 $groupsAttr = $amc->getGroupsAttr();
 if ($groupsAttr !== NULL) {
     if (!array_key_exists($groupsAttr, $attributes)) {
         throw new Exception('The user doesn\'t have an attribute named \'' . $groupsAttr . '\'. This attribute is expected to contain the groups the user is a member of.');
     }
开发者ID:hukumonline,项目名称:yii,代码行数:31,代码来源:authmemcookie.php

示例12: doLogout

 /**
  * This function logs the user out by deleting the session information from memcache.
  */
 private function doLogout()
 {
     $cookieName = $this->getCookieName();
     /* Check if we have a valid cookie. */
     if (!array_key_exists($cookieName, $_COOKIE)) {
         return;
     }
     $sessionID = $_COOKIE[$cookieName];
     /* Delete the session from memcache. */
     $memcache = $this->getMemcache();
     $memcache->delete($sessionID);
     /* Delete the session cookie. */
     setcookie($cookieName, '', 1, '/', NULL, SimpleSAML_Utilities::isHTTPS(), TRUE);
 }
开发者ID:hukumonline,项目名称:yii,代码行数:17,代码来源:AuthMemCookie.php


注:本文中的SimpleSAML_Utilities::isHTTPS方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。