145        if (php_sapi_name() === 
'cli' || defined(
'STDIN')) {
 
  146            $this->trackid = 
'CL'.bin2hex(openssl_random_pseudo_bytes(4));
 
  154            $this->trackid = 
'TR'.bin2hex(openssl_random_pseudo_bytes(4));
 
  156            $this->
transient = 
true;
 
  162            $this->sessionId = $sh->getCookieSessionId();
 
  163            if ($this->sessionId === 
null) {
 
  164                $this->sessionId = $sh->newSessionId();
 
  168            $this->sessionId = $sh->newSessionId();
 
  169            $sh->setCookie($sh->getSessionCookieName(), $this->sessionId, $sh->getCookieParams());
 
  172            $this->trackid = bin2hex(openssl_random_pseudo_bytes(5));
 
  179            $checkFunction = 
$globalConfig->getArray(
'session.check_function', 
null);
 
  180            if (isset($checkFunction)) {
 
  181                assert(is_callable($checkFunction));
 
  182                call_user_func($checkFunction, $this, 
true);
 
  197        $serialized = 
serialize(get_object_vars($this));
 
  220        foreach ($this->authData as 
$authority => $parameters) {
 
  221            if (!array_key_exists(
'RawAttributes', $parameters)) {
 
  225            foreach ($parameters[
'RawAttributes'] as $attribute => 
$values) {
 
  226                foreach (
$values as $idx => $value) { 
 
  228                    $this->authData[
$authority][
'Attributes'][$attribute][$idx] = $value->element->childNodes;
 
  244        if (isset(self::$instance)) {
 
  252        } 
catch (Exception $e) {
 
  262                $cause = $e->getCause();
 
  263                if ($cause instanceof Exception) {
 
  281        if (self::$instance !== 
null) {
 
  288        } 
catch (\
SimpleSAML\Error\CannotSetCookie $e) {
 
  293            if ($e->getCode() === \
SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE) {
 
  294                throw new \SimpleSAML\Error\CriticalConfigurationError(
 
  331        if (array_key_exists(
$sessionId, self::$sessions)) {
 
  347                    'session.authtoken.cookiename',
 
  348                    'SimpleSAMLAuthToken' 
  350                if (!isset(
$_COOKIE[$authTokenCookieName])) {
 
  361            $checkFunction = 
$globalConfig->getArray(
'session.check_function', 
null);
 
  362            if (isset($checkFunction)) {
 
  363                assert(is_callable($checkFunction));
 
  364                $check = call_user_func($checkFunction, 
$session);
 
  365                if ($check !== 
true) {
 
  403        if (isset(self::$instance)) {
 
  437        $this->dirty = 
false;
 
  438        $this->callback_registered = 
false;
 
  443            $sh->saveSession($this);
 
  444        } 
catch (Exception $e) {
 
  464        if ($sh instanceof \
SimpleSAML\SessionHandlerPHP) {
 
  465            $sh->restorePrevious();
 
  483        if ($this->callback_registered) {
 
  487        $this->callback_registered = header_register_callback(array($this, 
'save'));
 
  556        $this->rememberMeExpire = 
$expire;
 
  558        $cookieParams = array(
'expire' => $this->rememberMeExpire);
 
  586        if (
$data === 
null) {
 
  593        if (!isset(
$data[
'AuthnInstant'])) {
 
  594            $data[
'AuthnInstant'] = time();
 
  597        $maxSessionExpire = time() + 
$globalConfig->getInteger(
'session.duration', 8 * 60 * 60);
 
  598        if (!isset(
$data[
'Expire']) || 
$data[
'Expire'] > $maxSessionExpire) {
 
  600            $data[
'Expire'] = $maxSessionExpire;
 
  604        foreach (
$data[
'Attributes'] as $attribute => 
$values) {
 
  605            foreach (
$values as $idx => $value) {
 
  606                if (is_string($value) || is_int($value)) {
 
  611                if (!is_a($value, 
'DOMNodeList')) {
 
  616                if ($value->length === 0) {
 
  621                $attrval = new \SAML2\XML\saml\AttributeValue($value->item(0)->parentNode);
 
  622                $data[
'RawAttributes'][$attribute][$idx] = $attrval;
 
  631        if (!$this->
transient && (!empty(
$data[
'RememberMe']) || $this->rememberMeExpire) &&
 
  632            $globalConfig->getBoolean(
'session.rememberme.enable', 
false)
 
  638                    $globalConfig->getString(
'session.authtoken.cookiename', 
'SimpleSAMLAuthToken'),
 
  640                    $sessionHandler->getCookieParams()
 
  642            } 
catch (
SimpleSAML\Error\CannotSetCookie $e) {
 
  648                unset($this->authToken);
 
  677        if (!$this->
isValid($authority) && $this->rememberMeExpire) {
 
  678            $this->rememberMeExpire = 
null;
 
  695        if (empty($this->authData[
$authority][
'LogoutHandlers'])) {
 
  705                    'Logout handler is not a valid function: '.$classname.
'::'.
 
  715        unset($this->authData[
$authority][
'LogoutHandlers']);
 
  733                ' not valid because we are not authenticated.' 
  738        if ($this->authData[
$authority][
'Expire'] <= time()) {
 
  759        if ($this->sessionId !== 
null) {
 
  760            $sessionHandler->setCookie($sessionHandler->getSessionCookieName(), $this->sessionId, 
$params);
 
  765        if ($this->authToken !== 
null) {
 
  768                $globalConfig->getString(
'session.authtoken.cookiename', 
'SimpleSAMLAuthToken'),
 
  809        $logout_handler = array($classname, $functionname);
 
  811        if (!is_callable($logout_handler)) {
 
  813                'Logout handler is not a vaild function: '.$classname.
'::'.
 
  818        $this->authData[
$authority][
'LogoutHandlers'][] = $logout_handler;
 
  832        assert(is_string(
$type));
 
  833        assert(is_string(
$id));
 
  835        if (!is_array($this->dataStore)) {
 
  839        if (!array_key_exists(
$type, $this->dataStore)) {
 
  843        unset($this->dataStore[
$type][
$id]);
 
  865        assert(is_string(
$type));
 
  866        assert(is_string(
$id));
 
  867        assert(is_int($timeout) || $timeout === 
null || $timeout === self::DATA_TIMEOUT_SESSION_END);
 
  872        if ($timeout === 
null) {
 
  876            $timeout = $configuration->getInteger(
'session.datastore.timeout', 
null);
 
  877            if ($timeout !== 
null) {
 
  880                        'The value of the session.datastore.timeout'.
 
  881                        ' configuration option should be a positive integer.' 
  887        if ($timeout === self::DATA_TIMEOUT_SESSION_END) {
 
  890            $expires = time() + $timeout;
 
  894            'expires' => $expires,
 
  895            'timeout' => $timeout,
 
  899        if (!is_array($this->dataStore)) {
 
  900            $this->dataStore = array();
 
  903        if (!array_key_exists(
$type, $this->dataStore)) {
 
  904            $this->dataStore[
$type] = array();
 
  907        $this->dataStore[
$type][
$id] = $dataInfo;
 
  921        if (!is_array($this->dataStore)) {
 
  927        foreach ($this->dataStore as &$typedData) {
 
  928            foreach ($typedData as 
$id => 
$info) {
 
  929                if (
$info[
'expires'] === self::DATA_TIMEOUT_SESSION_END) {
 
  934                if ($ct > 
$info[
'expires']) {
 
  935                    unset($typedData[
$id]);
 
  954        assert(is_string(
$type));
 
  955        assert(
$id === 
null || is_string(
$id));
 
  963        if (!is_array($this->dataStore)) {
 
  967        if (!array_key_exists(
$type, $this->dataStore)) {
 
  971        if (!array_key_exists(
$id, $this->dataStore[
$type])) {
 
  975        return $this->dataStore[
$type][
$id][
'data'];
 
  993        assert(is_string(
$type));
 
  995        if (!is_array($this->dataStore)) {
 
  999        if (!array_key_exists(
$type, $this->dataStore)) {
 
 1040        return $sh->hasSessionCookie();
 
 1054        assert(is_string(
$idp));
 
 1058        if (!isset($this->associations)) {
 
 1059            $this->associations = array();
 
 1062        if (!isset($this->associations[
$idp])) {
 
 1063            $this->associations[
$idp] = array();
 
 1083        assert(is_string(
$idp));
 
 1085        if (!isset($this->associations)) {
 
 1086            $this->associations = array();
 
 1089        if (!isset($this->associations[
$idp])) {
 
 1093        foreach ($this->associations[
$idp] as 
$id => $assoc) {
 
 1094            if (!isset($assoc[
'Expires'])) {
 
 1097            if ($assoc[
'Expires'] >= time()) {
 
 1101            unset($this->associations[
$idp][
$id]);
 
 1104        return $this->associations[
$idp];
 
 1118        assert(is_string(
$idp));
 
 1119        assert(is_string($associationId));
 
 1121        if (!isset($this->associations)) {
 
 1125        if (!isset($this->associations[
$idp])) {
 
 1129        unset($this->associations[
$idp][$associationId]);
 
 1146        assert(is_string(
$name));
 
 1163        $authorities = array();
 
 1164        foreach (array_keys($this->authData) as 
$authority) {
 
 1165            if ($this->
isValid($authority)) {
 
 1169        return $authorities;
 
An exception for terminatinating execution or to throw for unit testing.
static setTrackId($trackId)
Set the track identifier to use in all logs.
static getSessionHandler()
This function retrieves the current instance of the session handler.
static setCookie($name, $value, $params=null, $throw=true)
Set a cookie.
static generateID()
Generate a random identifier, ID_LENGTH bytes long.
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
updateSessionCookies($params=null)
Update session cookies.
callLogoutHandlers($authority)
This function calls all registered logout handlers.
setAuthorityExpire($authority, $expire=null)
Set the lifetime for authentication source.
getSessionId()
Retrieve the session ID of this session.
deleteData($type, $id)
Delete data from the data store.
setData($type, $id, $data, $timeout=null)
This function stores data in the data store.
const DATA_TIMEOUT_SESSION_END
This is a timeout value for setData, which indicates that the data should never be deleted,...
unserialize($serialized)
Unserialize a session object and load it.
registerLogoutHandler($authority, $classname, $functionname)
This function registers a logout handler.
expireData()
This function removes expired data from the data store.
addAssociation($idp, array $association)
Add an SP association for an IdP.
terminateAssociation($idp, $associationId)
Remove an SP association for an IdP.
isValid($authority)
Is the session representing an authenticated user, and is the session still alive.
cleanup()
Save the current session and clean any left overs that could interfere with the normal application be...
getAuthData($authority, $name)
Retrieve authentication data.
static getSession($sessionId=null)
Get a session from the session handler.
doLogin($authority, array $data=null)
Marks the user as logged in with the specified authority.
isTransient()
Retrieve if session is transient.
__construct($transient=false)
Private constructor that restricts instantiation to either getSessionFromRequest() for the current se...
static $instance
This variable holds the instance of the session - Singleton approach.
__destruct()
Destroy the session.
markDirty()
Mark this session as dirty.
getRememberMeExpire()
Get remember me expire time.
doLogout($authority)
Marks the user as logged out.
serialize()
Serialize this session object.
getTrackID()
Get a unique ID that will be permanent for this session.
hasSessionCookie()
Check whether the session cookie is set.
getDataOfType($type)
This function retrieves all data of the specified type from the data store.
getData($type, $id)
This function retrieves data from the data store.
static getSessionFromRequest()
Retrieves the current session.
setRememberMeExpire($expire=null)
Set remember me expire time.
getAssociations($idp)
Retrieve the associations for an IdP.
static load(SimpleSAML_Session $session)
Load a given session as the current one.
save()
Save the session to the store.
static createSession($sessionId)
Create a new session and cache it.
static useTransientSession()
Use a transient session.
getAuthorities()
Retrieve a list of authorities (authentication sources) that are currently valid within this session.
getAuthState($authority)
Get the current persistent authentication state.
if(!array_key_exists('StateId', $_REQUEST)) $id
if(!isset($associations[$assocId])) $association
Attribute-related utility methods.