db/d47/MDQ_8php_source.html

<?php


namespace SimpleSAML\Metadata\Sources;


use SimpleSAML\Logger;

use SimpleSAML\Utils\HTTP;


class MDQ extends \SimpleSAML_Metadata_MetaDataStorageSource

{


    private $server;


    private $validateFingerprint;


    private $cacheDir;


    private $cacheLength;


    protected function __construct($config)

    {

        assert('is_array($config)');


        if (!array_key_exists('server', $config)) {

            throw new \Exception(__CLASS__.": the 'server' configuration option is not set.");

        } else {

            $this->server = $config['server'];

        }


        if (array_key_exists('validateFingerprint', $config)) {

            $this->validateFingerprint = $config['validateFingerprint'];

        } else {

            $this->validateFingerprint = null;

        }


        if (array_key_exists('cachedir', $config)) {

            $globalConfig = \SimpleSAML_Configuration::getInstance();

            $this->cacheDir = $globalConfig->resolvePath($config['cachedir']);

        } else {

            $this->cacheDir = null;

        }


        if (array_key_exists('cachelength', $config)) {

            $this->cacheLength = $config['cachelength'];

        } else {

            $this->cacheLength = 86400;

        }

    }


    public function getMetadataSet($set)

    {

        // we don't have this metadata set

        return array();

    }


    private function getCacheFilename($set, $entityId)

    {

        assert('is_string($set)');

        assert('is_string($entityId)');


        $cachekey = sha1($entityId);

        return $this->cacheDir.'/'.$set.'-'.$cachekey.'.cached.xml';

    }


    private function getFromCache($set, $entityId)

    {

        assert('is_string($set)');

        assert('is_string($entityId)');


        if (empty($this->cacheDir)) {

            return null;

        }


        $cachefilename = $this->getCacheFilename($set, $entityId);

        if (!file_exists($cachefilename)) {

            return null;

        }

        if (!is_readable($cachefilename)) {

            throw new \Exception(__CLASS__.': could not read cache file for entity ['.$cachefilename.']');

        }

        Logger::debug(__CLASS__.': reading cache ['.$entityId.'] => ['.$cachefilename.']');


        /* Ensure that this metadata isn't older that the cachelength option allows. This

         * must be verified based on the file, since this option may be changed after the

         * file is written.

         */

        $stat = stat($cachefilename);

        if ($stat['mtime'] + $this->cacheLength <= time()) {

            Logger::debug(__CLASS__.': cache file older that the cachelength option allows.');

            return null;

        }


        $rawData = file_get_contents($cachefilename);

        if (empty($rawData)) {

            $error = error_get_last();

            throw new \Exception(

                __CLASS__.': error reading metadata from cache file "'.$cachefilename.'": '.$error['message']

            );

        }


        $data = unserialize($rawData);

        if ($data === false) {

            throw new \Exception(__CLASS__.': error unserializing cached data from file "'.$cachefilename.'".');

        }


        if (!is_array($data)) {

            throw new \Exception(__CLASS__.': Cached metadata from "'.$cachefilename.'" wasn\'t an array.');

        }


        return $data;

    }


    private function writeToCache($set, $entityId, $data)

    {

        assert('is_string($set)');

        assert('is_string($entityId)');

        assert('is_array($data)');


        if (empty($this->cacheDir)) {

            return;

        }


        $cachefilename = $this->getCacheFilename($set, $entityId);

        if (!is_writable(dirname($cachefilename))) {

            throw new \Exception(__CLASS__.': could not write cache file for entity ['.$cachefilename.']');

        }

        Logger::debug(__CLASS__.': Writing cache ['.$entityId.'] => ['.$cachefilename.']');

        file_put_contents($cachefilename, serialize($data));

    }


    private static function getParsedSet(\SimpleSAML_Metadata_SAMLParser $entity, $set)

    {

        assert('is_string($set)');


        switch ($set) {

            case 'saml20-idp-remote':

                return $entity->getMetadata20IdP();

            case 'saml20-sp-remote':

                return $entity->getMetadata20SP();

            case 'shib13-idp-remote':

                return $entity->getMetadata1xIdP();

            case 'shib13-sp-remote':

                return $entity->getMetadata1xSP();

            case 'attributeauthority-remote':

                $ret = $entity->getAttributeAuthorities();

                return $ret[0];


            default:

                Logger::warning(__CLASS__.': unknown metadata set: \''.$set.'\'.');

        }


        return null;

    }


    public function getMetaData($index, $set)

    {

        assert('is_string($index)');

        assert('is_string($set)');


        Logger::info(__CLASS__.': loading metadata entity ['.$index.'] from ['.$set.']');


        // read from cache if possible

        $data = $this->getFromCache($set, $index);


        if ($data !== null && array_key_exists('expires', $data) && $data['expires'] < time()) {

            // metadata has expired

            $data = null;

        }


        if (isset($data)) {

            // metadata found in cache and not expired

            Logger::debug(__CLASS__.': using cached metadata for: '.$index.'.');

            return $data;

        }


        // look at Metadata Query Protocol: https://github.com/iay/md-query/blob/master/draft-young-md-query.txt

        $mdq_url = $this->server.'/entities/'.urlencode($index);


        Logger::debug(__CLASS__.': downloading metadata for "'.$index.'" from ['.$mdq_url.']');

        try {

            $xmldata = HTTP::fetch($mdq_url);

        } catch (\Exception $e) {

            Logger::warning('Fetching metadata for '.$index.': '.$e->getMessage());

        }


        if (empty($xmldata)) {

            $error = error_get_last();

            throw new \Exception(

                'Error downloading metadata for "'.$index.'" from "'.$mdq_url.'": '.$error['message']

            );

        }


        $entity = \SimpleSAML_Metadata_SAMLParser::parseString($xmldata);

        Logger::debug(__CLASS__.': completed parsing of ['.$mdq_url.']');


        if ($this->validateFingerprint !== null) {

            if (!$entity->validateFingerprint($this->validateFingerprint)) {

                throw new \Exception(__CLASS__.': error, could not verify signature for entity: '.$index.'".');

            }

        }


        $data = self::getParsedSet($entity, $set);

        if ($data === null) {

            throw new \Exception(__CLASS__.': no metadata for set "'.$set.'" available from "'.$index.'".');

        }


        $this->writeToCache($set, $index, $data);


        return $data;

    }

}

php
An exception for terminatinating execution or to throw for unit testing.

SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:179

SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:213

SimpleSAML\Metadata\Sources\MDQ
Definition: MDQ.php:17

SimpleSAML\Metadata\Sources\MDQ\getFromCache
getFromCache($set, $entityId)
Load a entity from the cache.
Definition: MDQ.php:139

SimpleSAML\Metadata\Sources\MDQ\getParsedSet
static getParsedSet(\SimpleSAML_Metadata_SAMLParser $entity, $set)
Retrieve metadata for the correct set from a SAML2Parser.
Definition: MDQ.php:225

SimpleSAML\Metadata\Sources\MDQ\$server
$server
Definition: MDQ.php:24

SimpleSAML\Metadata\Sources\MDQ\getMetadataSet
getMetadataSet($set)
This function is not implemented.
Definition: MDQ.php:104

SimpleSAML\Metadata\Sources\MDQ\writeToCache
writeToCache($set, $entityId, $data)
Save a entity to the cache.
Definition: MDQ.php:197

SimpleSAML\Metadata\Sources\MDQ\getCacheFilename
getCacheFilename($set, $entityId)
Find the cache file name for an entity,.
Definition: MDQ.php:119

SimpleSAML\Metadata\Sources\MDQ\$cacheDir
$cacheDir
Definition: MDQ.php:39

SimpleSAML\Metadata\Sources\MDQ\$cacheLength
$cacheLength
Definition: MDQ.php:47

SimpleSAML\Metadata\Sources\MDQ\__construct
__construct($config)
This function initializes the dynamic XML metadata source.
Definition: MDQ.php:66

SimpleSAML\Metadata\Sources\MDQ\$validateFingerprint
$validateFingerprint
Definition: MDQ.php:32

SimpleSAML\Utils\HTTP
Definition: HTTP.php:13

SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:297

SimpleSAML_Metadata_MetaDataStorageSource
Definition: MetaDataStorageSource.php:16

SimpleSAML_Metadata_SAMLParser
This is class for parsing of SAML 1.x and SAML 2.0 metadata.
Definition: SAMLParser.php:16

SimpleSAML_Metadata_SAMLParser\getMetadata1xSP
getMetadata1xSP()
This function returns the metadata for SAML 1.x SPs in the format SimpleSAMLphp expects.
Definition: SAMLParser.php:538

SimpleSAML_Metadata_SAMLParser\getAttributeAuthorities
getAttributeAuthorities()
Retrieve AttributeAuthorities from the metadata.
Definition: SAMLParser.php:823

SimpleSAML_Metadata_SAMLParser\getMetadata20SP
getMetadata20SP()
This function returns the metadata for SAML 2.0 SPs in the format SimpleSAMLphp expects.
Definition: SAMLParser.php:668

SimpleSAML_Metadata_SAMLParser\getMetadata20IdP
getMetadata20IdP()
This function returns the metadata for SAML 2.0 IdPs in the format SimpleSAMLphp expects.
Definition: SAMLParser.php:765

SimpleSAML_Metadata_SAMLParser\getMetadata1xIdP
getMetadata1xIdP()
This function returns the metadata for SAML 1.x IdPs in the format SimpleSAMLphp expects.
Definition: SAMLParser.php:612

error
error($a_errmsg)
set error message @access public
Definition: class.ilIniFile.php:395

$config
$config
Definition: flush-definition-cache.php:23

$error
$error
Definition: Error.php:17

$index
$index
Definition: metadata.php:60

$entityId
if( $source===null) if(!($source instanceof sspmod_saml_Auth_Source_SP)) $entityId
Definition: metadata.php:22

SimpleSAML\Logger
Definition: ErrorLogLoggingHandler.php:3

SimpleSAML\Metadata\Sources
Definition: MDQ.php:3

$ret
$ret
Definition: parser.php:6

$data
$data
Definition: test-settings.sample.php:14

$globalConfig
$globalConfig
Definition: authorize_403.php:13