diff options
| -rw-r--r-- | lib/SimpleSAML/Auth/BWC.php | 172 | ||||
| -rw-r--r-- | lib/SimpleSAML/IdP.php | 2 |
2 files changed, 1 insertions, 173 deletions
diff --git a/lib/SimpleSAML/Auth/BWC.php b/lib/SimpleSAML/Auth/BWC.php deleted file mode 100644 index 8cf8d7c..0000000 --- a/lib/SimpleSAML/Auth/BWC.php +++ /dev/null @@ -1,172 +0,0 @@ -<?php - -/** - * WARNING: - * - * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS - * - * @deprecated - */ - -/** - * Helper class for backwards compatibility with old-style authentication sources. - * - * Provides the same interface as Auth_Simple. - * - * @package simpleSAMLphp - */ -class SimpleSAML_Auth_BWC extends SimpleSAML_Auth_Simple { - - /** - * Our authentication handler. - * - * @var string - */ - private $auth; - - - /** - * Our authority. - * - * @var string - */ - private $authority; - - - /** - * Initialize a backwards-compatibility authsource for the given authentication page and authority. - * - * @param string $auth The authentication page. - * @param string|NULL $authority The authority we should validate the login against. - * @deprecated - */ - public function __construct($auth, $authority) { - assert('is_string($auth)'); - assert('is_string($authority) || is_null($authority)'); - - if ($authority === NULL) { - $candidates = array( - 'auth/login-admin.php' => 'login-admin', - 'auth/login-cas-ldap.php' => 'login-cas-ldap', - 'auth/login-ldapmulti.php' => 'login-ldapmulti', - 'auth/login-radius.php' => 'login-radius', - 'auth/login-tlsclient.php' => 'tlsclient', - 'auth/login-wayf-ldap.php' => 'login-wayf-ldap', - 'auth/login.php' => 'login', - ); - if (!isset($candidates[$auth])) { - throw new SimpleSAML_Error_Exception('You must provide an authority when using ' . $auth); - } - $authority = $candidates[$auth]; - } - - $this->auth = $auth; - $this->authority = $authority; - - parent::__construct($authority); - } - - - /** - * Retrieve the implementing authentication source. - * - * @return NULL There is never an authentication source behind this class. - * @deprecated - */ - public function getAuthSource() { - return NULL; - } - - - /** - * Start a login operation. - * - * @param array $params Various options to the authentication request. - * @deprecated - */ - public function login(array $params = array()) { - - if (array_key_exists('KeepPost', $params)) { - $keepPost = (bool)$params['KeepPost']; - } else { - $keepPost = TRUE; - } - - if (!isset($params['ReturnTo']) && !isset($params['ReturnCallback'])) { - $params['ReturnTo'] = SimpleSAML_Utilities::selfURL(); - } - - if (isset($params['ReturnTo']) && $keepPost && $_SERVER['REQUEST_METHOD'] === 'POST') { - $params['ReturnTo'] = SimpleSAML_Utilities::createPostRedirectLink($params['ReturnTo'], $_POST); - } - - $session = SimpleSAML_Session::getSessionFromRequest(); - - $authnRequest = array( - 'IsPassive' => isset($params['isPassive']) ? $params['isPassive'] : FALSE, - 'ForceAuthn' => isset($params['ForceAuthn']) ? $params['ForceAuthn'] : FALSE, - 'core:State' => $params, - 'core:prevSession' => $session->getAuthData($this->authority, 'AuthnInstant'), - 'core:authority' => $this->authority, - ); - - if (isset($params['saml:RequestId'])) { - $authnRequest['RequestID'] = $params['saml:RequestId']; - } - if (isset($params['SPMetadata']['entityid'])) { - $authnRequest['Issuer'] = $params['SPMetadata']['entityid']; - } - if (isset($params['saml:RelayState'])) { - $authnRequest['RelayState'] = $params['saml:RelayState']; - } - if (isset($params['saml:IDPList'])) { - $authnRequest['IDPList'] = $params['saml:IDPList']; - } - - $authId = SimpleSAML_Utilities::generateID(); - $session->setAuthnRequest('saml2', $authId, $authnRequest); - - $relayState = SimpleSAML_Module::getModuleURL('core/bwc_resumeauth.php', array('RequestID' => $authId)); - - $config = SimpleSAML_Configuration::getInstance(); - $authurl = '/' . $config->getBaseURL() . $this->auth; - SimpleSAML_Utilities::redirectTrustedURL($authurl, array( - 'RelayState' => $relayState, - 'AuthId' => $authId, - 'protocol' => 'saml2', - )); - } - - - /** - * Start a logout operation. - * - * @param string|NULL $url The URL the user should be redirected to after logging out. - * Defaults to the current page. - * @deprecated - */ - public function logout($url = NULL) { - - if ($url === NULL) { - $url = SimpleSAML_Utilities::selfURL(); - } - - $session = SimpleSAML_Session::getSessionFromRequest(); - if (!$session->isValid($this->authority)) { - /* Not authenticated to this authentication source. */ - SimpleSAML_Utilities::redirectTrustedURL($url); - assert('FALSE'); - } - - if ($this->authority === 'saml2') { - $config = SimpleSAML_Configuration::getInstance(); - SimpleSAML_Utilities::redirectTrustedURL('/' . $config->getBaseURL() . 'saml2/sp/initSLO.php', - array('RelayState' => $url) - ); - } - - $session->doLogout($this->authority); - SimpleSAML_Utilities::redirectTrustedURL($url); - } - -} diff --git a/lib/SimpleSAML/IdP.php b/lib/SimpleSAML/IdP.php index 5a20159..a2bcbf1 100644 --- a/lib/SimpleSAML/IdP.php +++ b/lib/SimpleSAML/IdP.php @@ -102,7 +102,7 @@ class SimpleSAML_IdP { if (SimpleSAML_Auth_Source::getById($auth) !== NULL) { $this->authSource = new SimpleSAML_Auth_Simple($auth); } else { - $this->authSource = new SimpleSAML_Auth_BWC($auth, $this->config->getString('authority', NULL)); + throw new SimpleSAML_Error_Exception('No such "'.$auth.'" auth source found.'); } } |