Merge "Bug 1840109: Update simplesamlphp to 1.17.6"

15b0134e · Robert Lyon · Gerrit Code Review · 37b0d459 · a5d3af2e · 15b0134e
Commit 15b0134e authored Oct 09, 2019 by Robert Lyon Committed by Gerrit Code Review Oct 09, 2019
5 changed files
--- a/Makefile
+++ b/Makefile
@@ -62,7 +62,7 @@ ifdef simplesamlphp
 	@echo "SimpleSAMLphp already exists - doing nothing"
 else
 	@echo "Pulling SimpleSAMLphp from download ..."
-	@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.16.3/simplesamlphp-1.16.3.tar.gz | tar  --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.
+	@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.17.6/simplesamlphp-1.17.6.tar.gz | tar  --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.
 	@php external/composer.phar --working-dir=htdocs/auth/saml/extlib/simplesamlphp require predis/predis
 	@echo "Copying www/resources/* files to sp/resources/ ..."
 	@cp -R htdocs/auth/saml/extlib/simplesamlphp/www/resources/ htdocs/auth/saml/sp/

--- a/htdocs/auth/saml/db/upgrade.php
+++ b/htdocs/auth/saml/db/upgrade.php
@@ -44,6 +44,9 @@ function xmldb_auth_saml_upgrade($oldversion=0) {
    if ($oldversion < 2019011100) {
        set_config_plugin('auth', 'saml', 'version', '1.16.3');
    }
+    if ($oldversion < 2019091600) {
+        set_config_plugin('auth', 'saml', 'version', '1.17.6');
+    }

    return $status;
 }
--- a/htdocs/auth/saml/lib.php
+++ b/htdocs/auth/saml/lib.php
@@ -393,7 +393,7 @@ class PluginAuthSaml extends PluginAuth {

    public static function install_auth_default() {
        // Set library version to download
-        set_config_plugin('auth', 'saml', 'version', '1.16.3');
+        set_config_plugin('auth', 'saml', 'version', '1.17.6');
    }

    private static function delete_old_certificates() {
@@ -793,6 +793,9 @@ class PluginAuthSaml extends PluginAuth {
    }

    public static function idptable($list, $preferred = array(), $institutions = array(), $showdelete = false) {
+        if (empty($list)) {
+            return array(0, '');
+        }
        $idps = array();
        $lang = current_language();
        $lang = explode('.', $lang);
@@ -968,9 +971,12 @@ class PluginAuthSaml extends PluginAuth {
    }

    public static function get_raw_disco_list() {
-        PluginAuthSaml::init_simplesamlphp();
-        $discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml');
-        return $discoHandler->getTheIdPs();
+        if (class_exists('PluginAuthSaml_IdPDisco')) {
+            PluginAuthSaml::init_simplesamlphp();
+            $discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml');
+            return $discoHandler->getTheIdPs();
+        }
+        return array('list' => 0);
    }

    public static function get_disco_list($lang = null, $entityidps = array()) {
@@ -992,7 +998,7 @@ class PluginAuthSaml extends PluginAuth {
    }

    public static function get_instance_config_options($institution, $instance = 0) {
-        if (!class_exists('SimpleSAML_XHTML_IdPDisco')) {
+        if (!class_exists('SimpleSAML\XHTML\IdPDisco')) {
            return array(
                'error' => get_string('errorssphpsetup', 'auth.saml')
            );
@@ -1481,8 +1487,9 @@ function auth_saml_openssl_x509_fingerprint($cert, $hash) {

 if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php')) {
    require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php');
-
-    class PluginAuthSaml_IdPDisco extends SimpleSAML_XHTML_IdPDisco
+}
+if (class_exists('SimpleSAML\XHTML\IdPDisco')) {
+    class PluginAuthSaml_IdPDisco extends SimpleSAML\XHTML\IdPDisco
    {

        /**
@@ -1514,7 +1521,10 @@ if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/Simp
        }
    }
 }
-
+else {
+    global $SESSION;
+    $SESSION->add_msg_once(get_string('errorupdatelib', 'auth.saml'), 'error', false);
+}

 /*
 * Provides any mahara specific wrappers for the metarefresh plugin from simplesamlphp that is used to refresh IDP metadata
@@ -1607,8 +1617,8 @@ class Metarefresh {
                    'type' => $outputFormat,
                    'directory' => $outputDir,
                ));
-
-                $metaloader = new sspmod_metarefresh_MetaLoader($expire, $stateFile, $oldMetadataSrc);
+                require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/modules/metarefresh/lib/MetaLoader.php');
+                $metaloader = new SimpleSAML\Module\metarefresh\MetaLoader($expire, $stateFile, $oldMetadataSrc);

                # Get global blacklist, whitelist and caching info
                $blacklist = $mconfig->getArray('blacklist', array());

--- a/htdocs/auth/saml/sp/metadata.php
+++ b/htdocs/auth/saml/sp/metadata.php
@@ -54,7 +54,7 @@ if ($source === null) {
    throw new SimpleSAML_Error_AuthSource($sourceId, 'Could not find authentication source.');
 }

-if (!($source instanceof sspmod_saml_Auth_Source_SP)) {
+if (!($source instanceof \SimpleSAML\Module\saml\Auth\Source\SP)) {
    throw new SimpleSAML_Error_AuthSource($sourceId,
        'The authentication source is not a SAML Service Provider.');
 }

--- a/htdocs/auth/saml/version.php
+++ b/htdocs/auth/saml/version.php
@@ -11,7 +11,7 @@
 defined('INTERNAL') || die();

 $config = new stdClass();
-$config->version = 2019011100;
+$config->version = 2019091600;
 $config->release = '1.5.0';
 $config->name = 'saml';
 $config->requires_config = 1;