Commit a5d3af2e authored by Rebecca Blundell's avatar Rebecca Blundell Committed by Robert Lyon

Bug 1840109: Update simplesamlphp to 1.17.6

Upgrade to latest release of ssphp.
This includes security update 1.17.3 and some bug fixes

behatnotneeded

Change-Id: I283b3e11b67bfdba3ca428bb53605a9cd764b6f4
parent 58557cf3
...@@ -62,7 +62,7 @@ ifdef simplesamlphp ...@@ -62,7 +62,7 @@ ifdef simplesamlphp
@echo "SimpleSAMLphp already exists - doing nothing" @echo "SimpleSAMLphp already exists - doing nothing"
else else
@echo "Pulling SimpleSAMLphp from download ..." @echo "Pulling SimpleSAMLphp from download ..."
@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.16.3/simplesamlphp-1.16.3.tar.gz | tar --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies. @curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.17.6/simplesamlphp-1.17.6.tar.gz | tar --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.
@php external/composer.phar --working-dir=htdocs/auth/saml/extlib/simplesamlphp require predis/predis @php external/composer.phar --working-dir=htdocs/auth/saml/extlib/simplesamlphp require predis/predis
@echo "Copying www/resources/* files to sp/resources/ ..." @echo "Copying www/resources/* files to sp/resources/ ..."
@cp -R htdocs/auth/saml/extlib/simplesamlphp/www/resources/ htdocs/auth/saml/sp/ @cp -R htdocs/auth/saml/extlib/simplesamlphp/www/resources/ htdocs/auth/saml/sp/
......
...@@ -44,6 +44,9 @@ function xmldb_auth_saml_upgrade($oldversion=0) { ...@@ -44,6 +44,9 @@ function xmldb_auth_saml_upgrade($oldversion=0) {
if ($oldversion < 2019011100) { if ($oldversion < 2019011100) {
set_config_plugin('auth', 'saml', 'version', '1.16.3'); set_config_plugin('auth', 'saml', 'version', '1.16.3');
} }
if ($oldversion < 2019091600) {
set_config_plugin('auth', 'saml', 'version', '1.17.6');
}
return $status; return $status;
} }
...@@ -393,7 +393,7 @@ class PluginAuthSaml extends PluginAuth { ...@@ -393,7 +393,7 @@ class PluginAuthSaml extends PluginAuth {
public static function install_auth_default() { public static function install_auth_default() {
// Set library version to download // Set library version to download
set_config_plugin('auth', 'saml', 'version', '1.16.3'); set_config_plugin('auth', 'saml', 'version', '1.17.6');
} }
private static function delete_old_certificates() { private static function delete_old_certificates() {
...@@ -793,6 +793,9 @@ class PluginAuthSaml extends PluginAuth { ...@@ -793,6 +793,9 @@ class PluginAuthSaml extends PluginAuth {
} }
public static function idptable($list, $preferred = array(), $institutions = array(), $showdelete = false) { public static function idptable($list, $preferred = array(), $institutions = array(), $showdelete = false) {
if (empty($list)) {
return array(0, '');
}
$idps = array(); $idps = array();
$lang = current_language(); $lang = current_language();
$lang = explode('.', $lang); $lang = explode('.', $lang);
...@@ -968,9 +971,12 @@ class PluginAuthSaml extends PluginAuth { ...@@ -968,9 +971,12 @@ class PluginAuthSaml extends PluginAuth {
} }
public static function get_raw_disco_list() { public static function get_raw_disco_list() {
PluginAuthSaml::init_simplesamlphp(); if (class_exists('PluginAuthSaml_IdPDisco')) {
$discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml'); PluginAuthSaml::init_simplesamlphp();
return $discoHandler->getTheIdPs(); $discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml');
return $discoHandler->getTheIdPs();
}
return array('list' => 0);
} }
public static function get_disco_list($lang = null, $entityidps = array()) { public static function get_disco_list($lang = null, $entityidps = array()) {
...@@ -992,7 +998,7 @@ class PluginAuthSaml extends PluginAuth { ...@@ -992,7 +998,7 @@ class PluginAuthSaml extends PluginAuth {
} }
public static function get_instance_config_options($institution, $instance = 0) { public static function get_instance_config_options($institution, $instance = 0) {
if (!class_exists('SimpleSAML_XHTML_IdPDisco')) { if (!class_exists('SimpleSAML\XHTML\IdPDisco')) {
return array( return array(
'error' => get_string('errorssphpsetup', 'auth.saml') 'error' => get_string('errorssphpsetup', 'auth.saml')
); );
...@@ -1481,8 +1487,9 @@ function auth_saml_openssl_x509_fingerprint($cert, $hash) { ...@@ -1481,8 +1487,9 @@ function auth_saml_openssl_x509_fingerprint($cert, $hash) {
if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php')) { if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php')) {
require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php'); require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php');
}
class PluginAuthSaml_IdPDisco extends SimpleSAML_XHTML_IdPDisco if (class_exists('SimpleSAML\XHTML\IdPDisco')) {
class PluginAuthSaml_IdPDisco extends SimpleSAML\XHTML\IdPDisco
{ {
/** /**
...@@ -1514,7 +1521,10 @@ if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/Simp ...@@ -1514,7 +1521,10 @@ if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/Simp
} }
} }
} }
else {
global $SESSION;
$SESSION->add_msg_once(get_string('errorupdatelib', 'auth.saml'), 'error', false);
}
/* /*
* Provides any mahara specific wrappers for the metarefresh plugin from simplesamlphp that is used to refresh IDP metadata * Provides any mahara specific wrappers for the metarefresh plugin from simplesamlphp that is used to refresh IDP metadata
...@@ -1607,8 +1617,8 @@ class Metarefresh { ...@@ -1607,8 +1617,8 @@ class Metarefresh {
'type' => $outputFormat, 'type' => $outputFormat,
'directory' => $outputDir, 'directory' => $outputDir,
)); ));
require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/modules/metarefresh/lib/MetaLoader.php');
$metaloader = new sspmod_metarefresh_MetaLoader($expire, $stateFile, $oldMetadataSrc); $metaloader = new SimpleSAML\Module\metarefresh\MetaLoader($expire, $stateFile, $oldMetadataSrc);
# Get global blacklist, whitelist and caching info # Get global blacklist, whitelist and caching info
$blacklist = $mconfig->getArray('blacklist', array()); $blacklist = $mconfig->getArray('blacklist', array());
......
...@@ -54,7 +54,7 @@ if ($source === null) { ...@@ -54,7 +54,7 @@ if ($source === null) {
throw new SimpleSAML_Error_AuthSource($sourceId, 'Could not find authentication source.'); throw new SimpleSAML_Error_AuthSource($sourceId, 'Could not find authentication source.');
} }
if (!($source instanceof sspmod_saml_Auth_Source_SP)) { if (!($source instanceof \SimpleSAML\Module\saml\Auth\Source\SP)) {
throw new SimpleSAML_Error_AuthSource($sourceId, throw new SimpleSAML_Error_AuthSource($sourceId,
'The authentication source is not a SAML Service Provider.'); 'The authentication source is not a SAML Service Provider.');
} }
......
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
defined('INTERNAL') || die(); defined('INTERNAL') || die();
$config = new stdClass(); $config = new stdClass();
$config->version = 2019011100; $config->version = 2019091600;
$config->release = '1.5.0'; $config->release = '1.5.0';
$config->name = 'saml'; $config->name = 'saml';
$config->requires_config = 1; $config->requires_config = 1;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment