118        assert(
'is_string($instance)');
 
  127        $this->
log(
'Accessing discovery service.');
 
  130        if (!array_key_exists(
'entityID', 
$_GET)) {
 
  131            throw new Exception(
'Missing parameter: entityID');
 
  133            $this->spEntityId = 
$_GET[
'entityID'];
 
  136        if (!array_key_exists(
'returnIDParam', 
$_GET)) {
 
  137            $this->returnIdParam = 
'entityID';
 
  139            $this->returnIdParam = 
$_GET[
'returnIDParam'];
 
  142        $this->
log(
'returnIdParam initially set to ['.$this->returnIdParam.
']');
 
  144        if (!array_key_exists(
'return', 
$_GET)) {
 
  145            throw new Exception(
'Missing parameter: return');
 
  150        $this->isPassive = 
false;
 
  151        if (array_key_exists(
'isPassive', 
$_GET)) {
 
  152            if (
$_GET[
'isPassive'] === 
'true') {
 
  153                $this->isPassive = 
true;
 
  156        $this->
log(
'isPassive initially set to ['.($this->isPassive ? 
'TRUE' : 
'FALSE').
']');
 
  158        if (array_key_exists(
'IdPentityID', 
$_GET)) {
 
  159            $this->setIdPentityID = 
$_GET[
'IdPentityID'];
 
  162        if (array_key_exists(
'IDPList', $_REQUEST)) {
 
  163            $this->scopedIDPList = $_REQUEST[
'IDPList'];
 
  194        $prefixedName = 
'idpdisco_'.$this->instance.
'_'.
$name;
 
  195        if (array_key_exists($prefixedName, 
$_COOKIE)) {
 
  214        $prefixedName = 
'idpdisco_'.$this->instance.
'_'.
$name;
 
  218            'lifetime' => (60 * 60 * 24 * 90),
 
  220            'path'     => $this->config->getBasePath(),
 
  244        if (!$this->config->getBoolean(
'idpdisco.validate', 
true)) {
 
  248        foreach ($this->metadataSets as $metadataSet) {
 
  250                $this->metadata->getMetaData(
$idp, $metadataSet);
 
  252            } 
catch (Exception $e) {
 
  257        $this->
log(
'Unable to validate IdP entity id ['.
$idp.
'].');
 
  276        if (!empty($this->setIdPentityID)) {
 
  281        if (array_key_exists(
'idpentityid', 
$_GET)) {
 
  293        if (preg_match(
'/(?:^|&)idp_([^=]+)=/', $qstr, $matches)) {
 
  309        if (!$this->config->getBoolean(
'idpdisco.enableremember', 
false)) {
 
  314        if ($this->
getCookie(
'remember') === 
'1') {
 
  315            $this->
log(
'Return previously saved IdP because of remember cookie set to 1');
 
  319        if ($this->isPassive) {
 
  320            $this->
log(
'Return previously saved IdP because of isPassive');
 
  346        foreach ($this->metadataSets as $metadataSet) {
 
  347            $idp = $this->metadata->getPreferredEntityIdFromCIDRhint($metadataSet, 
$_SERVER[
'REMOTE_ADDR']);
 
  369            $this->
log(
'Preferred IdP from previous use ['.
$idp.
'].');
 
  376            $this->
log(
'Preferred IdP from CIDR hint ['.
$idp.
'].');
 
  391        assert(
'is_string($idp)');
 
  393        $this->
log(
'Choice made ['.
$idp.
'] Setting cookie.');
 
  405        if (!$this->config->getBoolean(
'idpdisco.enableremember', 
false)) {
 
  410        if (array_key_exists(
'remember', 
$_GET)) {
 
  440        $this->
log(
'getSelectedIdP() returned null');
 
  445            $this->
log(
'Using saved choice ['.
$idp.
'].');
 
  462        foreach ($this->metadataSets as $metadataSet) {
 
  463            $newList = $this->metadata->getList($metadataSet);
 
  468            $idpList = array_merge($newList, $idpList);
 
  499            if (array_key_exists(
'hide.from.discovery', 
$metadata) && 
$metadata[
'hide.from.discovery'] === 
true) {
 
  500                unset(
$list[$entity]);
 
  514        $idp = $this->getTargetIdp();
 
  516            $extDiscoveryStorage = $this->config->getString(
'idpdisco.extDiscoveryStorage', 
null);
 
  517            if ($extDiscoveryStorage !== 
null) {
 
  518                $this->
log(
'Choice made ['.
$idp.
'] (Forwarding to external discovery storage)');
 
  520                    'entityID'      => $this->spEntityId,
 
  521                    'IdPentityID'   => 
$idp,
 
  522                    'returnIDParam' => $this->returnIdParam,
 
  523                    'isPassive'     => 
'true',
 
  524                    'return'        => $this->returnURL
 
  528                    'Choice made ['.
$idp.
'] (Redirecting the user back. returnIDParam='.$this->returnIdParam.
')' 
  534        if ($this->isPassive) {
 
  535            $this->
log(
'Choice not made. (Redirecting the user back without answer)');
 
  555        $idpintersection = array_intersect(array_keys($idpList), $this->
getScopedIDPList());
 
  556        if (
sizeof($idpintersection) > 0) {
 
  557            $idpList = array_intersect_key($idpList, array_fill_keys($idpintersection, 
null));
 
  560        $idpintersection = array_values($idpintersection);
 
  562        if (
sizeof($idpintersection) == 1) {
 
  564                'Choice made ['.$idpintersection[0].
'] (Redirecting the user back. returnIDParam='.
 
  565                $this->returnIdParam.
')' 
  569                array($this->returnIdParam => $idpintersection[0])
 
  577        switch ($this->config->getString(
'idpdisco.layout', 
'links')) {
 
  579                $templateFile = 
'selectidp-dropdown.php';
 
  582                $templateFile = 
'selectidp-links.php';
 
  585                throw new Exception(
'Invalid value for the \'idpdisco.layout\' option.');
 
  589        $t->data[
'idplist'] = $idpList;
 
  590        $t->data[
'preferredidp'] = $preferredIdP;
 
  594        $t->data[
'urlpattern'] = htmlspecialchars(\
SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
 
  595        $t->data[
'rememberenabled'] = $this->config->getBoolean(
'idpdisco.enableremember', 
false);
 
An exception for terminatinating execution or to throw for unit testing.
static setCookie($name, $value, $params=null, $throw=true)
Set a cookie.
static checkURLAllowed($url, array $trustedSites=null)
Check if a URL is valid and is in our list of allowed URLs.
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
static getSessionFromRequest()
Retrieves the current session.
getCookie($name)
Retrieve cookie with the given name.
setPreviousIdP($idp)
Save the current IdP choice to a cookie.
getIdPList()
Retrieve the list of IdPs which are stored in the metadata.
handleRequest()
Handles a request to this discovery service.
filterList($list)
Filter the list of IdPs.
start()
Check if an IdP is set or if the request is passive, and redirect accordingly.
getScopedIDPList()
Return the list of scoped idp.
getSelectedIdP()
Retrieve the users choice of IdP.
log($message)
Log a message.
__construct(array $metadataSets, $instance)
Initializes this discovery service.
validateIdP($idp)
Validates the given IdP entity id.
getPreviousIdP()
Retrieve the previous IdP the user used.
getFromCIDRhint()
Retrieve a recommended IdP based on the IP address of the client.
setCookie($name, $value)
Save cookie with the given name and value.
getTargetIdP()
Determine which IdP the user should go to, if any.
saveIdP()
Determine whether the choice of IdP should be saved.
getSavedIdP()
Retrieve the users saved choice of IdP.
getRecommendedIdP()
Try to determine which IdP the user should most likely use.
catch(Exception $e) $message
Attribute-related utility methods.
if(isset($_REQUEST['delete'])) $list
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']