From b97fb969d34fd5504b7089711814bef2f0f61197 Mon Sep 17 00:00:00 2001 From: shingo78 Date: Thu, 1 Feb 2024 17:48:34 +0900 Subject: [PATCH 1/4] Upgrade SimpleSAMLphp to 2.1 --- composer.json | 4 ++-- default-enable | 0 {lib => src}/Auth/Process/attributeaggregator.php | 13 +++++++------ 3 files changed, 9 insertions(+), 8 deletions(-) delete mode 100644 default-enable rename {lib => src}/Auth/Process/attributeaggregator.php (98%) diff --git a/composer.json b/composer.json index af6ece7..02fa117 100644 --- a/composer.json +++ b/composer.json @@ -3,12 +3,12 @@ "description": "Attribute Aggregator implementation or SAML AttributeQuery", "type": "simplesamlphp-module", "require": { - "simplesamlphp/composer-module-installer": "~1.1", + "simplesamlphp/composer-module-installer": "^1.3", "simplesamlphp/saml2": ">=4.0, <4.2.8 || >=4.5.1, ^4.6", "ext-soap": "*" }, "require-dev": { - "simplesamlphp/simplesamlphp": ">=1.14", + "simplesamlphp/simplesamlphp": ">=2.1", "phpunit/phpunit": "^7.5 || ^8.5 || ^9.5" }, "autoload-dev": { diff --git a/default-enable b/default-enable deleted file mode 100644 index e69de29..0000000 diff --git a/lib/Auth/Process/attributeaggregator.php b/src/Auth/Process/attributeaggregator.php similarity index 98% rename from lib/Auth/Process/attributeaggregator.php rename to src/Auth/Process/attributeaggregator.php index cfa668f..15ccc05 100644 --- a/lib/Auth/Process/attributeaggregator.php +++ b/src/Auth/Process/attributeaggregator.php @@ -36,7 +36,7 @@ class attributeaggregator extends \SimpleSAML\Auth\ProcessingFilter private $required = FALSE; /** - * + * * nameIdFormat, the format of the attributeId. Default is "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"; * @var unknown_type */ @@ -102,7 +102,7 @@ public function __construct($config, $reserved) if (!empty($config["attributeId"])){ $this->attributeId = $config["attributeId"]; } - + if (!empty($config["required"])){ $this->required = $config["required"]; } @@ -122,7 +122,7 @@ public function __construct($config, $reserved) if (array_key_exists("values", $attribute)) { if (! is_array($attribute["values"])) { throw new \SimpleSAML\Error\Exception("attributeaggregator: Invalid format of attributes array in the configuration"); - } + } } if (array_key_exists('multiSource', $attribute)){ if(! preg_match('/^(merge|keep|override)$/', $attribute['multiSource'])) @@ -147,7 +147,7 @@ public function __construct($config, $reserved) $metadata->getMetaData($this->entityId, 'attributeauthority-remote') ); if ($this->aaMetadata->hasValue('AttributeService')) { - foreach ($this->aaMetadata->getArray('AttributeService',array()) as $aa_endpoint) { + foreach ($this->aaMetadata->getOptionalArray('AttributeService',array()) as $aa_endpoint) { if ($aa_endpoint['Binding'] == \SAML2\Constants::BINDING_SOAP) { $this->aaEndpoint = $aa_endpoint['Location']; break; @@ -222,7 +222,8 @@ public function process(&$state) $query->setNameId($nameid); $query->setAttributeNameFormat($this->attributeNameFormat); $query->setAttributes($this->getRequestedAttributes()); // may be empty, then it's a noop - $query->setID(\SimpleSAML\Utils\Random::generateID()); + $randomUtils = \SimpleSAML\Utils\Random(); + $query->setID($randomUtils->generateID()); // TODO: should this call be made optional? \SimpleSAML\Module\saml\Message::addSign($this->selfMetadata,$this->aaMetadata,$query); @@ -245,7 +246,7 @@ public function process(&$state) $attributes_from_aa = array(); } $this->mergeAttributes($state, $attributes_from_aa); - + } catch (Exception $e) { \SimpleSAML\Logger::info("Attribute query failed: ".$e->getMessage()); if ($this->required) { From 3b510b1351fa4c9306ee60e0393458a78a7b18a0 Mon Sep 17 00:00:00 2001 From: shingo78 Date: Tue, 6 Feb 2024 15:06:28 +0900 Subject: [PATCH 2/4] Add strict_types=1 --- src/Auth/Process/attributeaggregator.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Auth/Process/attributeaggregator.php b/src/Auth/Process/attributeaggregator.php index 15ccc05..7d70d5a 100644 --- a/src/Auth/Process/attributeaggregator.php +++ b/src/Auth/Process/attributeaggregator.php @@ -9,6 +9,8 @@ * @version $Id$ */ +declare(strict_types=1); + namespace SimpleSAML\Module\attributeaggregator\Auth\Process; class attributeaggregator extends \SimpleSAML\Auth\ProcessingFilter From d07e83daee46463931b333c517226e763d5852f2 Mon Sep 17 00:00:00 2001 From: shingo78 Date: Thu, 15 Feb 2024 17:47:54 +0900 Subject: [PATCH 3/4] Fix missing new keyword --- src/Auth/Process/attributeaggregator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Auth/Process/attributeaggregator.php b/src/Auth/Process/attributeaggregator.php index 7d70d5a..7551498 100644 --- a/src/Auth/Process/attributeaggregator.php +++ b/src/Auth/Process/attributeaggregator.php @@ -224,7 +224,7 @@ public function process(&$state) $query->setNameId($nameid); $query->setAttributeNameFormat($this->attributeNameFormat); $query->setAttributes($this->getRequestedAttributes()); // may be empty, then it's a noop - $randomUtils = \SimpleSAML\Utils\Random(); + $randomUtils = new \SimpleSAML\Utils\Random(); $query->setID($randomUtils->generateID()); // TODO: should this call be made optional? \SimpleSAML\Module\saml\Message::addSign($this->selfMetadata,$this->aaMetadata,$query); From cc9a19329071a4d5f0a31f56108de6defb920a53 Mon Sep 17 00:00:00 2001 From: shingo78 Date: Thu, 15 Feb 2024 17:49:28 +0900 Subject: [PATCH 4/4] Fix attributeaggregator class signature --- src/Auth/Process/attributeaggregator.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Auth/Process/attributeaggregator.php b/src/Auth/Process/attributeaggregator.php index 7551498..b6e3f7e 100644 --- a/src/Auth/Process/attributeaggregator.php +++ b/src/Auth/Process/attributeaggregator.php @@ -89,7 +89,7 @@ class attributeaggregator extends \SimpleSAML\Auth\ProcessingFilter * @param array $config Configuration information * @param mixed $reserved For future use */ - public function __construct($config, $reserved) + public function __construct(array &$config, $reserved) { assert('is_array($config)'); parent::__construct($config, $reserved); @@ -179,7 +179,7 @@ public function __construct($config, $reserved) * * @param array &$state The state of the response. */ - public function process(&$state) + public function process(array &$state): void { assert('is_array($state)');