sspmod_metarefresh_MetaLoader::loadSource PHP Method

sspmod_metarefresh_MetaLoader Class Documentation Usage Examples Of sspmod_metarefresh_MetaLoader::loadSource Show file Open project: simplesamlphp/simplesamlphp

loadSource() public method

This function processes a SAML metadata file.

public loadSource ( $source )
$source

    public function loadSource($source)
    {
        if (preg_match('@^https?://@i', $source['src'])) {
            // Build new HTTP context
            $context = $this->createContext($source);
            // GET!
            try {
                list($data, $responseHeaders) = \SimpleSAML\Utils\HTTP::fetch($source['src'], $context, TRUE);
            } catch (Exception $e) {
                SimpleSAML\Logger::warning('metarefresh: ' . $e->getMessage());
            }
            // We have response headers, so the request succeeded
            if (!isset($responseHeaders)) {
                // No response headers, this means the request failed in some way, so re-use old data
                SimpleSAML\Logger::debug('No response from ' . $source['src'] . ' - attempting to re-use cached metadata');
                $this->addCachedMetadata($source);
                return;
            } elseif (preg_match('@^HTTP/1\\.[01]\\s304\\s@', $responseHeaders[0])) {
                // 304 response
                SimpleSAML\Logger::debug('Received HTTP 304 (Not Modified) - attempting to re-use cached metadata');
                $this->addCachedMetadata($source);
                return;
            } elseif (!preg_match('@^HTTP/1\\.[01]\\s200\\s@', $responseHeaders[0])) {
                // Other error
                SimpleSAML\Logger::debug('Error from ' . $source['src'] . ' - attempting to re-use cached metadata');
                $this->addCachedMetadata($source);
                return;
            }
        } else {
            // Local file.
            $data = file_get_contents($source['src']);
            $responseHeaders = NULL;
        }
        // Everything OK. Proceed.
        if (isset($source['conditionalGET']) && $source['conditionalGET']) {
            // Stale or no metadata, so a fresh copy
            SimpleSAML\Logger::debug('Downloaded fresh copy');
        }
        try {
            $entities = $this->loadXML($data, $source);
        } catch (Exception $e) {
            SimpleSAML\Logger::debug('XML parser error when parsing ' . $source['src'] . ' - attempting to re-use cached metadata');
            $this->addCachedMetadata($source);
            return;
        }
        foreach ($entities as $entity) {
            if (isset($source['blacklist'])) {
                if (!empty($source['blacklist']) && in_array($entity->getEntityID(), $source['blacklist'])) {
                    SimpleSAML\Logger::info('Skipping "' . $entity->getEntityID() . '" - blacklisted.' . "\n");
                    continue;
                }
            }
            if (isset($source['whitelist'])) {
                if (!empty($source['whitelist']) && !in_array($entity->getEntityID(), $source['whitelist'])) {
                    SimpleSAML\Logger::info('Skipping "' . $entity->getEntityID() . '" - not in the whitelist.' . "\n");
                    continue;
                }
            }
            if (array_key_exists('certificates', $source) && $source['certificates'] !== NULL) {
                if (!$entity->validateSignature($source['certificates'])) {
                    SimpleSAML\Logger::info('Skipping "' . $entity->getEntityId() . '" - could not verify signature using certificate.' . "\n");
                    continue;
                }
            }
            if (array_key_exists('validateFingerprint', $source) && $source['validateFingerprint'] !== NULL) {
                if (!array_key_exists('certificates', $source) || $source['certificates'] == NULL) {
                    if (!$entity->validateFingerprint($source['validateFingerprint'])) {
                        SimpleSAML\Logger::info('Skipping "' . $entity->getEntityId() . '" - could not verify signature using fingerprint.' . "\n");
                        continue;
                    }
                } else {
                    SimpleSAML\Logger::info('Skipping validation with fingerprint since option certificate is set.' . "\n");
                }
            }
            $template = NULL;
            if (array_key_exists('template', $source)) {
                $template = $source['template'];
            }
            $this->addMetadata($source['src'], $entity->getMetadata1xSP(), 'shib13-sp-remote', $template);
            $this->addMetadata($source['src'], $entity->getMetadata1xIdP(), 'shib13-idp-remote', $template);
            $this->addMetadata($source['src'], $entity->getMetadata20SP(), 'saml20-sp-remote', $template);
            $this->addMetadata($source['src'], $entity->getMetadata20IdP(), 'saml20-idp-remote', $template);
            $attributeAuthorities = $entity->getAttributeAuthorities();
            if (!empty($attributeAuthorities)) {
                $this->addMetadata($source['src'], $attributeAuthorities[0], 'attributeauthority-remote', $template);
            }
        }
        $this->saveState($source, $responseHeaders);
    }

Usage Example

Example #1

Show file

File: hook_cron.php Project: hukumonline/yii

/**
 * Hook to run a cron job.
 *
 * @param array &$croninfo  Output
 */
function metarefresh_hook_cron(&$croninfo)
{
    assert('is_array($croninfo)');
    assert('array_key_exists("summary", $croninfo)');
    assert('array_key_exists("tag", $croninfo)');
    SimpleSAML_Logger::info('cron [metarefresh]: Running cron in cron tag [' . $croninfo['tag'] . '] ');
    try {
        $config = SimpleSAML_Configuration::getInstance();
        $mconfig = SimpleSAML_Configuration::getConfig('config-metarefresh.php');
        $sets = $mconfig->getConfigList('sets');
        foreach ($sets as $setkey => $set) {
            // Only process sets where cron matches the current cron tag.
            $cronTags = $set->getArray('cron');
            if (!in_array($croninfo['tag'], $cronTags)) {
                continue;
            }
            SimpleSAML_Logger::info('cron [metarefresh]: Executing set [' . $setkey . ']');
            $expireAfter = $set->getInteger('expireAfter', NULL);
            if ($expireAfter !== NULL) {
                $expire = time() + $expireAfter;
            } else {
                $expire = NULL;
            }
            $metaloader = new sspmod_metarefresh_MetaLoader($expire);
            foreach ($set->getArray('sources') as $source) {
                SimpleSAML_Logger::debug('cron [metarefresh]: In set [' . $setkey . '] loading source [' . $source['src'] . ']');
                $metaloader->loadSource($source);
            }
            $outputDir = $set->getString('outputDir');
            $outputDir = $config->resolvePath($outputDir);
            $outputFormat = $set->getValueValidate('outputFormat', array('flatfile', 'serialize'), 'flatfile');
            switch ($outputFormat) {
                case 'flatfile':
                    $metaloader->writeMetadataFiles($outputDir);
                    break;
                case 'serialize':
                    $metaloader->writeMetadataSerialize($outputDir);
                    break;
            }
            if ($set->hasValue('arp')) {
                $arpconfig = SimpleSAML_Configuration::loadFromArray($set->getValue('arp'));
                $metaloader->writeARPfile($arpconfig);
            }
        }
    } catch (Exception $e) {
        $croninfo['summary'][] = 'Error during metarefresh: ' . $e->getMessage();
    }
}

All Usage Examples Of sspmod_metarefresh_MetaLoader::loadSource

sspmod_metarefresh_MetaLoader

__construct

addCachedMetadata

addMetadata

createContext

dumpMetadataStdOut

getTime

getTypes

loadSource

loadXML

saveState

setTypes

writeARPfile

writeMetadataFiles

writeMetadataSerialize

writeState