ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Private Attributes
sspmod_core_Auth_Process_Cardinality Class Reference
+ Inheritance diagram for sspmod_core_Auth_Process_Cardinality:
+ Collaboration diagram for sspmod_core_Auth_Process_Cardinality:

Public Member Functions

 __construct ($config, $reserved, HTTPAdapter $http=null)
 Initialize this filter, parse configuration. More...
 
 process (&$request)
 Process this filter. More...
 
- Public Member Functions inherited from SimpleSAML_Auth_ProcessingFilter
 __construct (&$config, $reserved)
 Constructor for a processing filter. More...
 
 process (&$request)
 Process a request. More...
 

Private Attributes

 $cardinality = array()
 
 $ignoreEntities = array()
 
 $http
 

Additional Inherited Members

- Data Fields inherited from SimpleSAML_Auth_ProcessingFilter
 $priority = 50
 Priority of this filter. More...
 

Detailed Description

Definition at line 11 of file Cardinality.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_core_Auth_Process_Cardinality::__construct (   $config,
  $reserved,
HTTPAdapter  $http = null 
)

Initialize this filter, parse configuration.

Parameters
array$configConfiguration information about this filter.
mixed$reservedFor future use.
HTTPAdapter$httpHTTP utility service (handles redirects).
Exceptions
SimpleSAML_Error_Exception

Definition at line 30 of file Cardinality.php.

31 {
32 parent::__construct($config, $reserved);
33 assert(is_array($config));
34
35 $this->http = $http ?: new HTTPAdapter();
36
37 foreach ($config as $attribute => $rules) {
38 if ($attribute === '%ignoreEntities') {
39 $this->ignoreEntities = $config['%ignoreEntities'];
40 continue;
41 }
42
43 if (!is_string($attribute)) {
44 throw new SimpleSAML_Error_Exception('Invalid attribute name: '.var_export($attribute, true));
45 }
46 $this->cardinality[$attribute] = array('warn' => false);
47
48 /* allow either positional or name-based parameters */
49 if (isset($rules[0])) {
50 $this->cardinality[$attribute]['min'] = $rules[0];
51 } elseif (isset($rules['min'])) {
52 $this->cardinality[$attribute]['min'] = $rules['min'];
53 }
54 if (isset($rules[1])) {
55 $this->cardinality[$attribute]['max'] = $rules[1];
56 } elseif (isset($rules['max'])) {
57 $this->cardinality[$attribute]['max'] = $rules['max'];
58 }
59 if (array_key_exists('warn', $rules)) {
60 $this->cardinality[$attribute]['warn'] = (bool) $rules['warn'];
61 }
62
63 /* sanity check the rules */
64 if (!array_key_exists('min', $this->cardinality[$attribute])) {
65 $this->cardinality[$attribute]['min'] = 0;
66 } elseif (!is_int($this->cardinality[$attribute]['min']) ||
67 $this->cardinality[$attribute]['min'] < 0
68 ) {
69 throw new SimpleSAML_Error_Exception('Minimum cardinality must be a positive integer: '.
70 var_export($attribute, true));
71 }
72 if (array_key_exists('max', $this->cardinality[$attribute]) &&
73 !is_int($this->cardinality[$attribute]['max'])
74 ) {
75 throw new SimpleSAML_Error_Exception('Maximum cardinality must be a positive integer: '.
76 var_export($attribute, true));
77 }
78 if (array_key_exists('min', $this->cardinality[$attribute]) &&
79 array_key_exists('max', $this->cardinality[$attribute]) &&
80 $this->cardinality[$attribute]['min'] > $this->cardinality[$attribute]['max']
81 ) {
82 throw new SimpleSAML_Error_Exception('Minimum cardinality must be less than maximium: '.
83 var_export($attribute, true));
84 }
85
86 /* generate a display expression */
87 $this->cardinality[$attribute]['_expr'] = sprintf('%d ≤ n', $this->cardinality[$attribute]['min']);
88 if (array_key_exists('max', $this->cardinality[$attribute])) {
89 $this->cardinality[$attribute]['_expr'] .= sprintf(' ≤ %d', $this->cardinality[$attribute]['max']);
90 }
91 }
92 }
SimpleSAML_Error_Exception
Definition: Exception.php:13
sspmod_core_Auth_Process_Cardinality\$http
$http
Definition: Cardinality.php:20
$config
$config
Definition: bootstrap.php:15
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:36

References $config, $http, and ILIAS\FileDelivery\http().

+ Here is the call graph for this function:

Member Function Documentation

◆ process()

sspmod_core_Auth_Process_Cardinality::process ( $request)

Process this filter.

Parameters
array&$requestThe current request

Reimplemented from SimpleSAML_Auth_ProcessingFilter.

Definition at line 99 of file Cardinality.php.

100 {
101 assert(is_array($request));
102 assert(array_key_exists("Attributes", $request));
103
104 $entityid = false;
105 if (array_key_exists('Source', $request) && array_key_exists('entityid', $request['Source'])) {
106 $entityid = $request['Source']['entityid'];
107 }
108 if (in_array($entityid, $this->ignoreEntities, true)) {
109 SimpleSAML\Logger::debug('Cardinality: Ignoring assertions from '.$entityid);
110 return;
111 }
112
113 foreach ($request['Attributes'] as $k => $v) {
114
115 if (!array_key_exists($k, $this->cardinality)) {
116 continue;
117 }
118 if (!is_array($v)) {
119 $v = array($v);
120 }
121
122 /* minimum cardinality */
123 if (count($v) < $this->cardinality[$k]['min']) {
124 if ($this->cardinality[$k]['warn']) {
125 SimpleSAML\Logger::warning(sprintf(
126 'Cardinality: attribute %s from %s does not meet minimum cardinality of %d (%d)',
127 $k, $entityid, $this->cardinality[$k]['min'], count($v)
128 ));
129 } else {
130 $request['core:cardinality:errorAttributes'][$k] = array(count($v), $this->cardinality[$k]['_expr']);
131 }
132 continue;
133 }
134
135 /* maximum cardinality */
136 if (array_key_exists('max', $this->cardinality[$k]) && count($v) > $this->cardinality[$k]['max']) {
137 if ($this->cardinality[$k]['warn']) {
138 SimpleSAML\Logger::warning(sprintf(
139 'Cardinality: attribute %s from %s does not meet maximum cardinality of %d (%d)',
140 $k, $entityid, $this->cardinality[$k]['max'], count($v)
141 ));
142 } else {
143 $request['core:cardinality:errorAttributes'][$k] = array(count($v), $this->cardinality[$k]['_expr']);
144 }
145 continue;
146 }
147 }
148
149 /* check for missing attributes with a minimum cardinality */
150 foreach ($this->cardinality as $k => $v) {
151 if (!$this->cardinality[$k]['min'] || array_key_exists($k, $request['Attributes'])) {
152 continue;
153 }
154 if ($this->cardinality[$k]['warn']) {
155 SimpleSAML\Logger::warning(sprintf(
156 'Cardinality: attribute %s from %s is missing',
157 $k, $entityid
158 ));
159 } else {
160 $request['core:cardinality:errorAttributes'][$k] = array(0, $this->cardinality[$k]['_expr']);
161 }
162 }
163
164 /* abort if we found a problematic attribute */
165 if (array_key_exists('core:cardinality:errorAttributes', $request)) {
166 $id = SimpleSAML_Auth_State::saveState($request, 'core:cardinality');
167 $url = SimpleSAML\Module::getModuleURL('core/cardinality_error.php');
168 $this->http->redirectTrustedURL($url, array('StateId' => $id));
169 return;
170 }
171 }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:177
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:220
SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition: State.php:194
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$url
$url
Definition: proxy_ylocal.php:28

References $id, $request, $url, SimpleSAML\Logger\debug(), SimpleSAML\Module\getModuleURL(), ILIAS\FileDelivery\http(), SimpleSAML_Auth_State\saveState(), and SimpleSAML\Logger\warning().

+ Here is the call graph for this function:

Field Documentation

◆ $cardinality

sspmod_core_Auth_Process_Cardinality::$cardinality = array()
private

Definition at line 14 of file Cardinality.php.

◆ $http

sspmod_core_Auth_Process_Cardinality::$http
private

Definition at line 20 of file Cardinality.php.

Referenced by __construct().

◆ $ignoreEntities

sspmod_core_Auth_Process_Cardinality::$ignoreEntities = array()
private

Definition at line 17 of file Cardinality.php.

The documentation for this class was generated from the following file: