Skip to content

Commit e703a35

Browse files
tvdijentvdijen
committed
PSR-12
1 parent 7782b53 commit e703a35

3 files changed

Lines changed: 114 additions & 51 deletions

File tree

lib/Auth/Process/Fticks.php

Lines changed: 56 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -139,15 +139,15 @@ private function generatePNhash(&$state)
139139
}
140140

141141
/* calculate a hash */
142-
if (isset($uid) and is_string($uid)) {
142+
if (isset($uid) && is_string($uid)) {
143143
$userdata = $this->federation;
144144
if (array_key_exists('saml:sp:IdP', $state)) {
145-
$userdata .= strlen($state['saml:sp:IdP']).':'.$state['saml:sp:IdP'];
145+
$userdata .= strlen($state['saml:sp:IdP']) . ':' . $state['saml:sp:IdP'];
146146
} else {
147-
$userdata .= strlen($state['Source']['entityid']).':'.$state['Source']['entityid'];
147+
$userdata .= strlen($state['Source']['entityid']) . ':' . $state['Source']['entityid'];
148148
}
149-
$userdata .= strlen($state['Destination']['entityid']).':'.$state['Destination']['entityid'];
150-
$userdata .= strlen($uid).':'.$uid;
149+
$userdata .= strlen($state['Destination']['entityid']) . ':' . $state['Destination']['entityid'];
150+
$userdata .= strlen($uid) . ':' . $uid;
151151
$userdata .= $this->salt;
152152

153153
return hash($this->algorithm, $userdata);
@@ -187,17 +187,17 @@ public function __construct($config, $reserved)
187187
if (is_string($config['federation'])) {
188188
$this->federation = $config['federation'];
189189
} else {
190-
throw new Exception('Federation identifier must be a string');
190+
throw new \Exception('Federation identifier must be a string');
191191
}
192192
} else {
193-
throw new Exception('Federation identifier must be set');
193+
throw new \Exception('Federation identifier must be set');
194194
}
195195

196196
if (array_key_exists('salt', $config)) {
197197
if (is_string($config['salt'])) {
198198
$this->salt = $config['salt'];
199199
} else {
200-
throw new Exception('Salt must be a string');
200+
throw new \Exception('Salt must be a string');
201201
}
202202
} else {
203203
$this->salt = Utils\Config::getSecretSalt();
@@ -207,25 +207,26 @@ public function __construct($config, $reserved)
207207
if (is_string($config['userId'])) {
208208
$this->userId = $config['userId'];
209209
} else {
210-
throw new Exception('UserId must be a string');
210+
throw new \Exception('UserId must be a string');
211211
}
212212
}
213213

214214
if (array_key_exists('realm', $config)) {
215215
if (is_string($config['realm'])) {
216216
$this->realm = $config['realm'];
217217
} else {
218-
throw new Exception('realm must be a string');
218+
throw new \Exception('realm must be a string');
219219
}
220220
}
221221

222222
if (array_key_exists('algorithm', $config)) {
223-
if (is_string($config['algorithm'])
224-
and in_array($config['algorithm'], hash_algos())
223+
if (
224+
is_string($config['algorithm'])
225+
&& in_array($config['algorithm'], hash_algos())
225226
) {
226227
$this->algorithm = $config['algorithm'];
227228
} else {
228-
throw new Exception('algorithm must be a hash algorithm listed in hash_algos()');
229+
throw new \Exception('algorithm must be a hash algorithm listed in hash_algos()');
229230
}
230231
}
231232

@@ -235,41 +236,59 @@ public function __construct($config, $reserved)
235236
} elseif (is_string($config['exclude'])) {
236237
$this->exclude = [$config['exclude']];
237238
} else {
238-
throw new Exception('F-ticks exclude must be an array');
239+
throw new \Exception('F-ticks exclude must be an array');
239240
}
240241
}
241242

242243
if (array_key_exists('logdest', $config)) {
243-
if (is_string($config['logdest']) and
244+
if (
245+
is_string($config['logdest']) &&
244246
in_array($config['logdest'], ['local', 'syslog', 'remote', 'stdout', 'errorlog', 'simplesamlphp'])
245247
) {
246248
$this->logdest = $config['logdest'];
247249
} else {
248-
throw new Exception('F-ticks log destination must be one of [local, remote, stdout, errorlog, simplesamlphp]');
250+
throw new \Exception(
251+
'F-ticks log destination must be one of [local, remote, stdout, errorlog, simplesamlphp]'
252+
);
249253
}
250254
}
251255

252256
/* match SSP config or we risk mucking up the openlog call */
253257
$globalConfig = Configuration::getInstance();
254-
$defaultFacility = $globalConfig->getInteger('logging.facility', defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER);
258+
$defaultFacility = $globalConfig->getInteger(
259+
'logging.facility',
260+
defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER
261+
);
255262
$defaultProcessName = $globalConfig->getString('logging.processname', 'SimpleSAMLphp');
256263
if (array_key_exists('logconfig', $config)) {
257264
if (is_array($config['logconfig'])) {
258265
$this->logconfig = $config['logconfig'];
259266
} else {
260-
throw new Exception('F-ticks logconfig must be an array');
267+
throw new \Exception('F-ticks logconfig must be an array');
261268
}
262269
} else {
263270
$this->logconfig['facility'] = $defaultFacility;
264271
$this->logconfig['processname'] = $defaultProcessName;
265272
}
266273
/* warn if we risk mucking up the openlog call (doesn't matter for remote syslog) */
267274
if (in_array($this->logdest, ['local', 'syslog'])) {
268-
if (array_key_exists('facility', $this->logconfig) and $this->logconfig['facility'] !== $defaultFacility) {
269-
Logger::warning('F-ticks syslog facility differs from global config which may cause SimpleSAMLphp\'s logging to behave inconsistently');
275+
if (
276+
array_key_exists('facility', $this->logconfig)
277+
&& ($this->logconfig['facility'] !== $defaultFacility)
278+
) {
279+
Logger::warning(
280+
'F-ticks syslog facility differs from global config which may cause'
281+
. ' SimpleSAMLphp\'s logging to behave inconsistently'
282+
);
270283
}
271-
if (array_key_exists('processname', $this->logconfig) and $this->logconfig['processname'] !== $defaultProcessName) {
272-
Logger::warning('F-ticks syslog processname differs from global config which may cause SimpleSAMLphp\'s logging to behave inconsistently');
284+
if (
285+
array_key_exists('processname', $this->logconfig)
286+
&& ($this->logconfig['processname'] !== $defaultProcessName)
287+
) {
288+
Logger::warning(
289+
'F-ticks syslog processname differs from global config which may cause'
290+
. ' SimpleSAMLphp\'s logging to behave inconsistently'
291+
);
273292
}
274293
}
275294
}
@@ -308,9 +327,15 @@ public function process(&$state)
308327
$fticks['CSI'] = $session->getTrackID();
309328

310329
/* Authentication method identifier */
311-
if (array_key_exists('saml:sp:State', $state) and array_key_exists('saml:sp:AuthnContext', $state['saml:sp:State'])) {
330+
if (
331+
array_key_exists('saml:sp:State', $state)
332+
&& array_key_exists('saml:sp:AuthnContext', $state['saml:sp:State'])
333+
) {
312334
$fticks['AM'] = $state['saml:sp:State']['saml:sp:AuthnContext'];
313-
} elseif (array_key_exists('SimpleSAML_Auth_State.stage', $state) and preg_match('/UserPass/', $state['SimpleSAML_Auth_State.stage'])) {
335+
} elseif (
336+
array_key_exists('SimpleSAML_Auth_State.stage', $state)
337+
&& preg_match('/UserPass/', $state['SimpleSAML_Auth_State.stage'])
338+
) {
314339
/* hack to try identify LDAP et al as Password */
315340
$fticks['AM'] = Constants::AC_PASSWORD;
316341
}
@@ -322,7 +347,10 @@ public function process(&$state)
322347
}
323348

324349
/* timestamp */
325-
if (array_key_exists('saml:sp:State', $state) and array_key_exists('saml:AuthnInstant', $state['saml:sp:State'])) {
350+
if (
351+
array_key_exists('saml:sp:State', $state)
352+
&& array_key_exists('saml:AuthnInstant', $state['saml:sp:State'])
353+
) {
326354
$fticks['TS'] = $state['saml:sp:State']['saml:AuthnInstant'];
327355
} else {
328356
$fticks['TS'] = time();
@@ -357,20 +385,19 @@ function ($k) {
357385

358386
/* assemble an F-ticks log string */
359387
$this->log(
360-
'F-TICKS/'.$this->federation.'/'.self::$fticksVersion.'#' .
388+
'F-TICKS/' . $this->federation . '/' . self::$fticksVersion . '#' .
361389
implode('#', array_map(
362390
/**
363391
* @param string $k
364392
* @param string $v
365393
* @return string
366394
*/
367395
function ($k, $v) {
368-
return $k.'='.$this->escapeFticks($v);
396+
return $k . '=' . $this->escapeFticks($v);
369397
},
370398
array_keys($fticks),
371399
$fticks
372-
)) .
373-
'#'
400+
)) . '#'
374401
);
375402
}
376403
}

tests/bootstrap.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
<?php
22
$projectRoot = dirname(__DIR__);
3-
require_once($projectRoot.'/vendor/autoload.php');
3+
require_once($projectRoot . '/vendor/autoload.php');
44

55
// Symlink module into ssp vendor lib so that templates and urls can resolve correctly
6-
$linkPath = $projectRoot.'/vendor/simplesamlphp/simplesamlphp/modules/fticks';
6+
$linkPath = $projectRoot . '/vendor/simplesamlphp/simplesamlphp/modules/fticks';
77
if (file_exists($linkPath) === false) {
88
echo "Linking '$linkPath' to '$projectRoot'\n";
99
symlink($projectRoot, $linkPath);

tests/lib/Auth/Process/FticksTest.php

Lines changed: 56 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
namespace SimpleSAML\Test\Module\fticks\Auth\Process;
44

55
use PHPUnit\Framework\TestCase;
6+
use SAML2\Constants;
67
use SimpleSAML\Module\fticks\Auth\Process\Fticks;
78
use SimpleSAML\Configuration;
89
use SimpleSAML\Logger;
@@ -21,11 +22,11 @@ class FticksTest extends TestCase
2122
];
2223

2324
/** @var array SP request */
24-
private static $spRequest =[
25+
private static $spRequest = [
2526
'saml:sp:IdP' => 'https://localhost/saml:sp:IdP',
2627
'saml:sp:SessionIndex' => 'saml:sp:SessionIndex',
2728
'saml:sp:State' => [
28-
'saml:sp:AuthnContext' => 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified',
29+
'saml:sp:AuthnContext' => Constants::AC_UNSPECIFIED,
2930
'saml:AuthnInstant' => 1000,
3031
],
3132
];
@@ -73,8 +74,11 @@ public function testMinimal()
7374
{
7475
$config = ['federation' => 'ACME', 'logdest' => 'stdout'];
7576
$request = self::$minRequest;
76-
$pattern = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL', '/');
77-
$this->expectOutputRegex('/^'.$pattern.'[^#]+#TS=\d+#$/');
77+
$pattern = preg_quote(
78+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL',
79+
'/'
80+
);
81+
$this->expectOutputRegex('/^' . $pattern . '[^#]+#TS=\d+#$/');
7882
$result = self::processFilter($config, $request);
7983
}
8084

@@ -85,9 +89,12 @@ public function testAsServiceProvider()
8589
{
8690
$config = ['federation' => 'ACME', 'logdest' => 'stdout',];
8791
$request = array_merge(self::$minRequest, self::$spRequest);
88-
$pattern1 = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/saml:sp:IdP#RP=https://localhost/idp#CSI=CL', '/');
92+
$pattern1 = preg_quote(
93+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/saml:sp:IdP#RP=https://localhost/idp#CSI=CL',
94+
'/'
95+
);
8996
$pattern2 = preg_quote('#AM=urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified#TS=1000#', '/');
90-
$this->expectOutputRegex('/^'.$pattern1.'[^#]+'.$pattern2.'$/');
97+
$this->expectOutputRegex('/^' . $pattern1 . '[^#]+' . $pattern2 . '$/');
9198
$result = self::processFilter($config, $request);
9299
}
93100

@@ -102,9 +109,16 @@ public function testSPwithUserId()
102109
'eduPersonPrincipalName' => 'user2@example.net',
103110
],
104111
]);
105-
$pattern1 = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/saml:sp:IdP#RP=https://localhost/idp#CSI=CL', '/');
106-
$pattern2 = preg_quote('#AM=urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified#PN=e5d066a96d5809a21264e153013c3c793e6574cb77afdfa248ad2cefab9b0451#TS=1000#', '/');
107-
$this->expectOutputRegex('/^'.$pattern1.'[^#]+'.$pattern2.'$/');
112+
$pattern1 = preg_quote(
113+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/saml:sp:IdP#RP=https://localhost/idp#CSI=CL',
114+
'/'
115+
);
116+
$pattern2 = preg_quote(
117+
'#AM=' . Constants::AC_UNSPECIFIED
118+
. '#PN=e5d066a96d5809a21264e153013c3c793e6574cb77afdfa248ad2cefab9b0451#TS=1000#',
119+
'/'
120+
);
121+
$this->expectOutputRegex('/^' . $pattern1 . '[^#]+' . $pattern2 . '$/');
108122
$result = self::processFilter($config, $request);
109123
}
110124

@@ -115,9 +129,16 @@ public function testAsIdentityProvider()
115129
{
116130
$config = ['federation' => 'ACME', 'logdest' => 'stdout',];
117131
$request = array_merge(self::$minRequest, self::$idpRequest);
118-
$pattern1 = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL', '/');
119-
$pattern2 = preg_quote('#AM=urn:oasis:names:tc:SAML:2.0:ac:classes:Password#PN=d844a9a0666bb3990e88f72b8f5c20accbcfa46f7b8a7ab38593bfbbab6e9cbc#TS=', '/');
120-
$this->expectOutputRegex('/^'.$pattern1.'[^#]+'.$pattern2.'\d+#$/');
132+
$pattern1 = preg_quote(
133+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL',
134+
'/'
135+
);
136+
$pattern2 = preg_quote(
137+
'#AM=' . Constants::AC_PASSWORD
138+
. '#PN=d844a9a0666bb3990e88f72b8f5c20accbcfa46f7b8a7ab38593bfbbab6e9cbc#TS=',
139+
'/'
140+
);
141+
$this->expectOutputRegex('/^' . $pattern1 . '[^#]+' . $pattern2 . '\d+#$/');
121142
$result = self::processFilter($config, $request);
122143
}
123144

@@ -141,9 +162,15 @@ public function testExample()
141162
'schacHomeOrganization' => 'example.com',
142163
],
143164
]);
144-
$pattern1 = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL', '/');
145-
$pattern2 = preg_quote('#AM=urn:oasis:names:tc:SAML:2.0:ac:classes:Password#TS=', '/');
146-
$this->expectOutputRegex('/^'.$pattern1.'[^#]+'.$pattern2.'\d+#REALM=example.com#$/');
165+
$pattern1 = preg_quote(
166+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL',
167+
'/'
168+
);
169+
$pattern2 = preg_quote(
170+
'#AM=urn:oasis:names:tc:SAML:2.0:ac:classes:Password#TS=',
171+
'/'
172+
);
173+
$this->expectOutputRegex('/^' . $pattern1 . '[^#]+' . $pattern2 . '\d+#REALM=example.com#$/');
147174
$result = self::processFilter($config, $request);
148175
}
149176

@@ -154,8 +181,11 @@ public function testFilteringArray()
154181
{
155182
$config = ['federation' => 'ACME', 'logdest' => 'stdout', 'exclude' => ['PN', 'AM']];
156183
$request = array_merge(self::$minRequest, self::$idpRequest);
157-
$pattern1 = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL', '/');
158-
$this->expectOutputRegex('/^'.$pattern1.'[^#]+#TS=\d+#$/');
184+
$pattern1 = preg_quote(
185+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL',
186+
'/'
187+
);
188+
$this->expectOutputRegex('/^' . $pattern1 . '[^#]+#TS=\d+#$/');
159189
$result = self::processFilter($config, $request);
160190
}
161191

@@ -166,9 +196,15 @@ public function testFilteringString()
166196
{
167197
$config = ['federation' => 'ACME', 'logdest' => 'stdout', 'exclude' => 'AM'];
168198
$request = array_merge(self::$minRequest, self::$idpRequest);
169-
$pattern1 = preg_quote('F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL', '/');
170-
$pattern2 = preg_quote('#PN=d844a9a0666bb3990e88f72b8f5c20accbcfa46f7b8a7ab38593bfbbab6e9cbc#TS=', '/');
171-
$this->expectOutputRegex('/^'.$pattern1.'[^#]+'.$pattern2.'\d+#$/');
199+
$pattern1 = preg_quote(
200+
'F-TICKS/ACME/1.0#RESULT=OK#AP=https://localhost/sp#RP=https://localhost/idp#CSI=CL',
201+
'/'
202+
);
203+
$pattern2 = preg_quote(
204+
'#PN=d844a9a0666bb3990e88f72b8f5c20accbcfa46f7b8a7ab38593bfbbab6e9cbc#TS=',
205+
'/'
206+
);
207+
$this->expectOutputRegex('/^' . $pattern1 . '[^#]+' . $pattern2 . '\d+#$/');
172208
$result = self::processFilter($config, $request);
173209
}
174210
}

0 commit comments

Comments
 (0)