Skip to content

Commit 6263712

Browse files
author
Mannes Brak
committed
refactor utils out of static
1 parent eef7235 commit 6263712

File tree

9 files changed

+226
-189
lines changed

9 files changed

+226
-189
lines changed

composer.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,8 @@
2222
"ext-openssl": "*",
2323
"ext-dom": "*",
2424
"ext-mcrypt": "*",
25-
"symfony/http-foundation": "2.8.*"
25+
"symfony/http-foundation": "2.8.*",
26+
"symfony/routing": "2.8.*"
2627
},
2728
"require-dev": {
2829
"phpunit/phpunit": "4.8",

lib/Saml/Response.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,11 +10,11 @@ class OneLogin_Saml_Response extends OneLogin_Saml2_Response
1010
* @param array|object $oldSettings Settings
1111
* @param string $assertion SAML Response
1212
*/
13-
public function __construct($oldSettings, $assertion)
13+
public function __construct(OneLogin_Saml2_Utils $utils, $oldSettings, $assertion)
1414
{
1515
$auth = new OneLogin_Saml2_Auth($oldSettings);
1616
$settings = $auth->getSettings();
17-
parent::__construct($settings, $assertion);
17+
parent::__construct($utils, $settings, $assertion);
1818
}
1919

2020
/**

lib/Saml2/Auth.php

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33

44
use Symfony\Component\HttpFoundation\Request;
55
use Symfony\Component\HttpFoundation\RedirectResponse;
6+
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
67

78
/**
89
* Main class of OneLogin's PHP Toolkit
@@ -130,14 +131,17 @@ class OneLogin_Saml2_Auth
130131
*/
131132
private $_lastResponse;
132133

134+
protected $utils;
135+
133136
/**
134137
* Initializes the SP SAML instance.
135138
*
136139
* @param array|object|null $oldSettings Setting data (You can provide a OneLogin_Saml_Settings, the settings object of the Saml folder implementation)
137140
*/
138-
public function __construct($oldSettings = null)
141+
public function __construct(UrlGeneratorInterface $urlGenerator, $oldSettings = null)
139142
{
140-
$this->_settings = new OneLogin_Saml2_Settings($oldSettings);
143+
$this->utils = new OneLogin_Saml2_Utils($urlGenerator);
144+
$this->_settings = new OneLogin_Saml2_Settings($this->utils, $oldSettings);
141145
}
142146

143147
/**
@@ -182,7 +186,7 @@ public function processResponse($samlResponse, $requestId = null)
182186
$this->_errorReason = null;
183187
if (null !== $samlResponse) {
184188
// AuthnResponse -- HTTP_POST Binding
185-
$response = new OneLogin_Saml2_Response($this->_settings, $samlResponse);
189+
$response = new OneLogin_Saml2_Response($this->utils, $this->_settings, $samlResponse);
186190
$this->_lastResponse = $response->getXMLDocument();
187191

188192
if ($response->isValid($requestId)) {
@@ -245,7 +249,7 @@ public function processSLO(
245249
$this->_lastMessageId = $logoutResponse->id;
246250
if (!$keepLocalSession) {
247251
if ($cbDeleteSession === null) {
248-
OneLogin_Saml2_Utils::deleteLocalSession();
252+
$this->utils->deleteLocalSession();
249253
} else {
250254
call_user_func($cbDeleteSession);
251255
}
@@ -260,7 +264,7 @@ public function processSLO(
260264
} else {
261265
if (!$keepLocalSession) {
262266
if ($cbDeleteSession === null) {
263-
OneLogin_Saml2_Utils::deleteLocalSession();
267+
$this->utils->deleteLocalSession();
264268
} else {
265269
call_user_func($cbDeleteSession);
266270
}
@@ -324,10 +328,10 @@ public function redirectTo($url = '', $parameters = array(), $stay = false)
324328
*/
325329

326330
if ($stay) {
327-
return OneLogin_Saml2_Utils::redirect($url, $parameters, $stay);
331+
return $this->utils->redirect($url, $parameters, $stay);
328332
}
329333

330-
return new RedirectResponse(OneLogin_Saml2_Utils::redirect($url, $parameters, true));
334+
return new RedirectResponse($this->utils->redirect($url, $parameters, true));
331335
}
332336

333337
/**
@@ -454,7 +458,7 @@ public function login($returnTo = null, $parameters = array(), $forceAuthn = fal
454458
{
455459
assert('is_array($parameters)');
456460

457-
$authnRequest = new OneLogin_Saml2_AuthnRequest($this->_settings, $forceAuthn, $isPassive, $setNameIdPolicy);
461+
$authnRequest = new OneLogin_Saml2_AuthnRequest($this->utils, $this->_settings, $forceAuthn, $isPassive, $setNameIdPolicy);
458462

459463
$this->_lastRequest = $authnRequest->getXML();
460464
$this->_lastRequestID = $authnRequest->getId();
@@ -465,7 +469,7 @@ public function login($returnTo = null, $parameters = array(), $forceAuthn = fal
465469
if (!empty($returnTo)) {
466470
$parameters['RelayState'] = $returnTo;
467471
} else {
468-
$parameters['RelayState'] = OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery();
472+
$parameters['RelayState'] = $this->utils->getSelfRoutedURLNoQuery();
469473
}
470474

471475
$security = $this->_settings->getSecurityData();
@@ -511,7 +515,7 @@ public function logout($returnTo = null, $parameters = array(), $nameId = null,
511515
$nameIdFormat = $this->_nameidFormat;
512516
}
513517

514-
$logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, null, $nameId, $sessionIndex, $nameIdFormat, $nameIdNameQualifier);
518+
$logoutRequest = new OneLogin_Saml2_LogoutRequest($this->utils, $this->_settings, null, $nameId, $sessionIndex, $nameIdFormat, $nameIdNameQualifier);
515519

516520
$this->_lastRequest = $logoutRequest->getXML();
517521
$this->_lastRequestID = $logoutRequest->id;
@@ -522,7 +526,7 @@ public function logout($returnTo = null, $parameters = array(), $nameId = null,
522526
if (!empty($returnTo)) {
523527
$parameters['RelayState'] = $returnTo;
524528
} else {
525-
$parameters['RelayState'] = OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery();
529+
$parameters['RelayState'] = $this->utils->getSelfRoutedURLNoQuery();
526530
}
527531

528532
$security = $this->_settings->getSecurityData();

lib/Saml2/AuthnRequest.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,16 +33,16 @@ class OneLogin_Saml2_AuthnRequest
3333
* @param bool $isPassive When true the AuthNReuqest will set the Ispassive='true'
3434
* @param bool $setNameIdPolicy When true the AuthNReuqest will set a nameIdPolicy
3535
*/
36-
public function __construct(OneLogin_Saml2_Settings $settings, $forceAuthn = false, $isPassive = false, $setNameIdPolicy = true)
36+
public function __construct(OneLogin_Saml2_Utils $utils, OneLogin_Saml2_Settings $settings, $forceAuthn = false, $isPassive = false, $setNameIdPolicy = true)
3737
{
3838
$this->_settings = $settings;
3939

4040
$spData = $this->_settings->getSPData();
4141
$idpData = $this->_settings->getIdPData();
4242
$security = $this->_settings->getSecurityData();
4343

44-
$id = OneLogin_Saml2_Utils::generateUniqueID();
45-
$issueInstant = OneLogin_Saml2_Utils::parseTime2SAML(time());
44+
$id = $utils->generateUniqueID();
45+
$issueInstant = $utils->parseTime2SAML(time());
4646

4747
$nameIdPolicyStr = '';
4848
if ($setNameIdPolicy) {

lib/Saml2/LogoutRequest.php

Lines changed: 30 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ class OneLogin_Saml2_LogoutRequest
3030
*/
3131
private $_error;
3232

33+
protected $utils;
34+
3335
/**
3436
* Constructs the Logout Request object.
3537
*
@@ -40,25 +42,26 @@ class OneLogin_Saml2_LogoutRequest
4042
* @param string|null $nameIdFormat The NameID Format will be set in the LogoutRequest.
4143
* @param string|null $nameIdNameQualifier The NameID NameQualifier will be set in the LogoutRequest.
4244
*/
43-
public function __construct(OneLogin_Saml2_Settings $settings, $request = null, $nameId = null, $sessionIndex = null, $nameIdFormat = null, $nameIdNameQualifier = null)
45+
public function __construct(OneLogin_Saml2_Utils $utils, OneLogin_Saml2_Settings $settings, $request = null, $nameId = null, $sessionIndex = null, $nameIdFormat = null, $nameIdNameQualifier = null)
4446
{
4547
$this->_settings = $settings;
48+
$this->utils = $utils;
4649

4750
$baseURL = $this->_settings->getBaseURL();
4851
if (!empty($baseURL)) {
49-
OneLogin_Saml2_Utils::setBaseURL($baseURL);
52+
$this->utils->setBaseURL($baseURL);
5053
}
5154

5255
if (!isset($request) || empty($request)) {
5356
$spData = $this->_settings->getSPData();
5457
$idpData = $this->_settings->getIdPData();
5558
$security = $this->_settings->getSecurityData();
5659

57-
$id = OneLogin_Saml2_Utils::generateUniqueID();
60+
$id = $this->utils->generateUniqueID();
5861
$this->id = $id;
5962

60-
$nameIdValue = OneLogin_Saml2_Utils::generateUniqueID();
61-
$issueInstant = OneLogin_Saml2_Utils::parseTime2SAML(time());
63+
$nameIdValue = $this->utils->generateUniqueID();
64+
$issueInstant = $this->utils->parseTime2SAML(time());
6265

6366
$cert = null;
6467
if (isset($security['nameIdEncrypted']) && $security['nameIdEncrypted']) {
@@ -83,7 +86,7 @@ public function __construct(OneLogin_Saml2_Settings $settings, $request = null,
8386
$spNameQualifier = $spData['entityId'];
8487
}
8588

86-
$nameIdObj = OneLogin_Saml2_Utils::generateNameId(
89+
$nameIdObj = $this->utils->generateNameId(
8790
$nameId,
8891
$spNameQualifier,
8992
$nameIdFormat,
@@ -116,7 +119,7 @@ public function __construct(OneLogin_Saml2_Settings $settings, $request = null,
116119
} else {
117120
$logoutRequest = $decoded;
118121
}
119-
$this->id = self::getID($logoutRequest);
122+
$this->id = $this->getID($logoutRequest);
120123
}
121124
$this->_logoutRequest = $logoutRequest;
122125
}
@@ -151,13 +154,13 @@ public function getRequest($deflate = null)
151154
*
152155
* @return string ID
153156
*/
154-
public static function getID($request)
157+
public function getID($request)
155158
{
156159
if ($request instanceof DOMDocument) {
157160
$dom = $request;
158161
} else {
159162
$dom = new DOMDocument();
160-
$dom = OneLogin_Saml2_Utils::loadXML($dom, $request);
163+
$dom = $this->utils->loadXML($dom, $request);
161164
}
162165

163166
$id = $dom->documentElement->getAttribute('ID');
@@ -174,16 +177,16 @@ public static function getID($request)
174177
*
175178
* @throws Exception
176179
*/
177-
public static function getNameIdData($request, $key = null)
180+
public function getNameIdData($request, $key = null)
178181
{
179182
if ($request instanceof DOMDocument) {
180183
$dom = $request;
181184
} else {
182185
$dom = new DOMDocument();
183-
$dom = OneLogin_Saml2_Utils::loadXML($dom, $request);
186+
$dom = $this->utils->loadXML($dom, $request);
184187
}
185188

186-
$encryptedEntries = OneLogin_Saml2_Utils::query($dom, '/samlp:LogoutRequest/saml:EncryptedID');
189+
$encryptedEntries = $this->utils->query($dom, '/samlp:LogoutRequest/saml:EncryptedID');
187190

188191
if ($encryptedEntries->length == 1) {
189192
$encryptedDataNodes = $encryptedEntries->item(0)->getElementsByTagName('EncryptedData');
@@ -199,10 +202,10 @@ public static function getNameIdData($request, $key = null)
199202
$seckey = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'private'));
200203
$seckey->loadKey($key);
201204

202-
$nameId = OneLogin_Saml2_Utils::decryptElement($encryptedData, $seckey);
205+
$nameId = $this->utils->decryptElement($encryptedData, $seckey);
203206

204207
} else {
205-
$entries = OneLogin_Saml2_Utils::query($dom, '/samlp:LogoutRequest/saml:NameID');
208+
$entries = $this->utils->query($dom, '/samlp:LogoutRequest/saml:NameID');
206209
if ($entries->length == 1) {
207210
$nameId = $entries->item(0);
208211
}
@@ -234,9 +237,9 @@ public static function getNameIdData($request, $key = null)
234237
*
235238
* @return string Name ID Value
236239
*/
237-
public static function getNameId($request, $key = null)
240+
public function getNameId($request, $key = null)
238241
{
239-
$nameId = self::getNameIdData($request, $key);
242+
$nameId = $this->getNameIdData($request, $key);
240243
return $nameId['Value'];
241244
}
242245

@@ -247,17 +250,17 @@ public static function getNameId($request, $key = null)
247250
*
248251
* @return string|null $issuer The Issuer
249252
*/
250-
public static function getIssuer($request)
253+
public function getIssuer($request)
251254
{
252255
if ($request instanceof DOMDocument) {
253256
$dom = $request;
254257
} else {
255258
$dom = new DOMDocument();
256-
$dom = OneLogin_Saml2_Utils::loadXML($dom, $request);
259+
$dom = $this->utils->loadXML($dom, $request);
257260
}
258261

259262
$issuer = null;
260-
$issuerNodes = OneLogin_Saml2_Utils::query($dom, '/samlp:LogoutRequest/saml:Issuer');
263+
$issuerNodes = $this->utils->query($dom, '/samlp:LogoutRequest/saml:Issuer');
261264
if ($issuerNodes->length == 1) {
262265
$issuer = $issuerNodes->item(0)->textContent;
263266
}
@@ -274,17 +277,17 @@ public static function getIssuer($request)
274277
*
275278
* @return array The SessionIndex value
276279
*/
277-
public static function getSessionIndexes($request)
280+
public function getSessionIndexes($request)
278281
{
279282
if ($request instanceof DOMDocument) {
280283
$dom = $request;
281284
} else {
282285
$dom = new DOMDocument();
283-
$dom = OneLogin_Saml2_Utils::loadXML($dom, $request);
286+
$dom = $this->utils->loadXML($dom, $request);
284287
}
285288

286289
$sessionIndexes = array();
287-
$sessionIndexNodes = OneLogin_Saml2_Utils::query($dom, '/samlp:LogoutRequest/samlp:SessionIndex');
290+
$sessionIndexNodes = $this->utils->query($dom, '/samlp:LogoutRequest/samlp:SessionIndex');
288291
foreach ($sessionIndexNodes as $sessionIndexNode) {
289292
$sessionIndexes[] = $sessionIndexNode->textContent;
290293
}
@@ -301,7 +304,7 @@ public function isValid(\Symfony\Component\HttpFoundation\Request $request, $ret
301304
$this->_error = null;
302305
try {
303306
$dom = new DOMDocument();
304-
$dom = OneLogin_Saml2_Utils::loadXML($dom, $this->_logoutRequest);
307+
$dom = $this->utils->loadXML($dom, $this->_logoutRequest);
305308

306309
$idpData = $this->_settings->getIdPData();
307310
$idPEntityId = $idpData['entityId'];
@@ -310,7 +313,7 @@ public function isValid(\Symfony\Component\HttpFoundation\Request $request, $ret
310313
$security = $this->_settings->getSecurityData();
311314

312315
if ($security['wantXMLValidation']) {
313-
$res = OneLogin_Saml2_Utils::validateXML($dom, 'saml-schema-protocol-2.0.xsd', $this->_settings->isDebugActive());
316+
$res = $this->utils->validateXML($dom, 'saml-schema-protocol-2.0.xsd', $this->_settings->isDebugActive());
314317
if (!$res instanceof DOMDocument) {
315318
throw new OneLogin_Saml2_ValidationError(
316319
"Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd",
@@ -319,11 +322,11 @@ public function isValid(\Symfony\Component\HttpFoundation\Request $request, $ret
319322
}
320323
}
321324

322-
$currentURL = OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery();
325+
$currentURL = $this->utils->getSelfRoutedURLNoQuery();
323326

324327
// Check NotOnOrAfter
325328
if ($dom->documentElement->hasAttribute('NotOnOrAfter')) {
326-
$na = OneLogin_Saml2_Utils::parseSAML2Time($dom->documentElement->getAttribute('NotOnOrAfter'));
329+
$na = $this->utils->parseSAML2Time($dom->documentElement->getAttribute('NotOnOrAfter'));
327330
if ($na <= time()) {
328331
throw new OneLogin_Saml2_ValidationError(
329332
"Could not validate timestamp: expired. Check system clock.",
@@ -367,7 +370,7 @@ public function isValid(\Symfony\Component\HttpFoundation\Request $request, $ret
367370
}
368371

369372
if (null !== $request->get('Signature')) {
370-
$signatureValid = OneLogin_Saml2_Utils::validateBinarySign("SAMLRequest", $request, $idpData, $retrieveParametersFromServer);
373+
$signatureValid = $this->utils->validateBinarySign("SAMLRequest", $request, $idpData, $retrieveParametersFromServer);
371374
if (!$signatureValid) {
372375
throw new OneLogin_Saml2_ValidationError(
373376
"Signature validation failed. Logout Request rejected",

lib/Saml2/Metadata.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -181,9 +181,9 @@ public static function builder($sp, $authnsign = false, $wsign = false, $validUn
181181
*
182182
* @return string Signed Metadata
183183
*/
184-
public static function signMetadata($metadata, $key, $cert, $signAlgorithm = XMLSecurityKey::RSA_SHA1, $digestAlgorithm = XMLSecurityDSig::SHA1)
184+
public static function signMetadata(OneLogin_Saml2_Utils $utils, $metadata, $key, $cert, $signAlgorithm = XMLSecurityKey::RSA_SHA1, $digestAlgorithm = XMLSecurityDSig::SHA1)
185185
{
186-
return OneLogin_Saml2_Utils::addSign($metadata, $key, $cert, $signAlgorithm, $digestAlgorithm);
186+
return $utils->addSign($metadata, $key, $cert, $signAlgorithm, $digestAlgorithm);
187187
}
188188

189189
/**
@@ -196,21 +196,21 @@ public static function signMetadata($metadata, $key, $cert, $signAlgorithm = XML
196196
*
197197
* @return string Metadata with KeyDescriptors
198198
*/
199-
public static function addX509KeyDescriptors($metadata, $cert, $wantsEncrypted = true)
199+
public static function addX509KeyDescriptors(OneLogin_Saml2_Utils $utils, $metadata, $cert, $wantsEncrypted = true)
200200
{
201201
$xml = new DOMDocument();
202202
$xml->preserveWhiteSpace = false;
203203
$xml->formatOutput = true;
204204
try {
205-
$xml = OneLogin_Saml2_Utils::loadXML($xml, $metadata);
205+
$xml = $utils->loadXML($xml, $metadata);
206206
if (!$xml) {
207207
throw new Exception('Error parsing metadata');
208208
}
209209
} catch (Exception $e) {
210210
throw new Exception('Error parsing metadata. '.$e->getMessage());
211211
}
212212

213-
$formatedCert = OneLogin_Saml2_Utils::formatCert($cert, false);
213+
$formatedCert = $utils->formatCert($cert, false);
214214
$x509Certificate = $xml->createElementNS(OneLogin_Saml2_Constants::NS_DS, 'X509Certificate', $formatedCert);
215215

216216
$keyData = $xml->createElementNS(OneLogin_Saml2_Constants::NS_DS, 'ds:X509Data');

0 commit comments

Comments
 (0)