Merge "Bug 1840109: Update simplesamlphp to 1.17.6"

Makefile

@@ -62,7 +62,7 @@ ifdef simplesamlphp
 	@echo "SimpleSAMLphp already exists - doing nothing"
 else
 	@echo "Pulling SimpleSAMLphp from download ..."
-	@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.16.3/simplesamlphp-1.16.3.tar.gz | tar  --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.
+	@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.17.6/simplesamlphp-1.17.6.tar.gz | tar  --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.
 	@php external/composer.phar --working-dir=htdocs/auth/saml/extlib/simplesamlphp require predis/predis
 	@echo "Copying www/resources/* files to sp/resources/ ..."
 	@cp -R htdocs/auth/saml/extlib/simplesamlphp/www/resources/ htdocs/auth/saml/sp/

htdocs/auth/saml/db/upgrade.php

@@ -44,6 +44,9 @@ function xmldb_auth_saml_upgrade($oldversion=0) {
     if ($oldversion < 2019011100) {
         set_config_plugin('auth', 'saml', 'version', '1.16.3');
     }
+    if ($oldversion < 2019091600) {
+        set_config_plugin('auth', 'saml', 'version', '1.17.6');
+    }
 
     return $status;
 }

htdocs/auth/saml/lib.php

@@ -393,7 +393,7 @@ class PluginAuthSaml extends PluginAuth {
 
     public static function install_auth_default() {
         // Set library version to download
-        set_config_plugin('auth', 'saml', 'version', '1.16.3');
+        set_config_plugin('auth', 'saml', 'version', '1.17.6');
     }
 
     private static function delete_old_certificates() {
@@ -793,6 +793,9 @@ class PluginAuthSaml extends PluginAuth {
     }
 
     public static function idptable($list, $preferred = array(), $institutions = array(), $showdelete = false) {
+        if (empty($list)) {
+            return array(0, '');
+        }
         $idps = array();
         $lang = current_language();
         $lang = explode('.', $lang);
@@ -968,9 +971,12 @@ class PluginAuthSaml extends PluginAuth {
     }
 
     public static function get_raw_disco_list() {
-        PluginAuthSaml::init_simplesamlphp();
-        $discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml');
-        return $discoHandler->getTheIdPs();
+        if (class_exists('PluginAuthSaml_IdPDisco')) {
+            PluginAuthSaml::init_simplesamlphp();
+            $discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml');
+            return $discoHandler->getTheIdPs();
+        }
+        return array('list' => 0);
     }
 
     public static function get_disco_list($lang = null, $entityidps = array()) {
@@ -992,7 +998,7 @@ class PluginAuthSaml extends PluginAuth {
     }
 
     public static function get_instance_config_options($institution, $instance = 0) {
-        if (!class_exists('SimpleSAML_XHTML_IdPDisco')) {
+        if (!class_exists('SimpleSAML\XHTML\IdPDisco')) {
             return array(
                 'error' => get_string('errorssphpsetup', 'auth.saml')
             );
@@ -1481,8 +1487,9 @@ function auth_saml_openssl_x509_fingerprint($cert, $hash) {
 
 if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php')) {
     require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php');
-
-    class PluginAuthSaml_IdPDisco extends SimpleSAML_XHTML_IdPDisco
+}
+if (class_exists('SimpleSAML\XHTML\IdPDisco')) {
+    class PluginAuthSaml_IdPDisco extends SimpleSAML\XHTML\IdPDisco
     {
 
         /**
@@ -1514,7 +1521,10 @@ if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/Simp
         }
     }
 }
-
+else {
+    global $SESSION;
+    $SESSION->add_msg_once(get_string('errorupdatelib', 'auth.saml'), 'error', false);
+}
 
 /*
  * Provides any mahara specific wrappers for the metarefresh plugin from simplesamlphp that is used to refresh IDP metadata
@@ -1607,8 +1617,8 @@ class Metarefresh {
                     'type' => $outputFormat,
                     'directory' => $outputDir,
                 ));
-
-                $metaloader = new sspmod_metarefresh_MetaLoader($expire, $stateFile, $oldMetadataSrc);
+                require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/modules/metarefresh/lib/MetaLoader.php');
+                $metaloader = new SimpleSAML\Module\metarefresh\MetaLoader($expire, $stateFile, $oldMetadataSrc);
 
                 # Get global blacklist, whitelist and caching info
                 $blacklist = $mconfig->getArray('blacklist', array());

htdocs/auth/saml/sp/metadata.php

@@ -54,7 +54,7 @@ if ($source === null) {
     throw new SimpleSAML_Error_AuthSource($sourceId, 'Could not find authentication source.');
 }
 
-if (!($source instanceof sspmod_saml_Auth_Source_SP)) {
+if (!($source instanceof \SimpleSAML\Module\saml\Auth\Source\SP)) {
     throw new SimpleSAML_Error_AuthSource($sourceId,
         'The authentication source is not a SAML Service Provider.');
 }

htdocs/auth/saml/version.php

@@ -11,7 +11,7 @@
 defined('INTERNAL') || die();
 
 $config = new stdClass();
-$config->version = 2019011100;
+$config->version = 2019091600;
 $config->release = '1.5.0';
 $config->name = 'saml';
 $config->requires_config = 1;