Commit 6c2e3431 authored by Rebecca Blundell's avatar Rebecca Blundell Committed by Cecilia Vela Gurovic
Browse files

Bug 1840109: Update simplesamlphp to 1.17.6 

Upgrade to latest release of ssphp.
This includes security update 1.17.3 and some bug fixes

behatnotneeded

Change-Id: I283b3e11b67bfdba3ca428bb53605a9cd764b6f4
parent 7bcb5dd3

Makefile

+1 −1
Original line number Diff line number Diff line
@@ -62,7 +62,7 @@ ifdef simplesamlphp 
	@echo "SimpleSAMLphp already exists - doing nothing"

else

	@echo "Pulling SimpleSAMLphp from download ..."

	@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.16.3/simplesamlphp-1.16.3.tar.gz | tar  --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.

	@curl -sSL https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.17.6/simplesamlphp-1.17.6.tar.gz | tar  --transform 's/simplesamlphp-[0-9]+\.[0-9]+\.[0-9]+/simplesamlphp/x1' -C htdocs/auth/saml/extlib -xzf - # SimpleSAMLPHP release tarball already has all composer dependencies.

	@php external/composer.phar --working-dir=htdocs/auth/saml/extlib/simplesamlphp require predis/predis

	@echo "Copying www/resources/* files to sp/resources/ ..."

	@cp -R htdocs/auth/saml/extlib/simplesamlphp/www/resources/ htdocs/auth/saml/sp/

htdocs/auth/saml/db/upgrade.php

+3 −0
Original line number Diff line number Diff line
@@ -44,6 +44,9 @@ function xmldb_auth_saml_upgrade($oldversion=0) { 
    if ($oldversion < 2019011100) {

        set_config_plugin('auth', 'saml', 'version', '1.16.3');

    }

    if ($oldversion < 2019011101) {

        set_config_plugin('auth', 'saml', 'version', '1.17.6');

    }



    return $status;

}

htdocs/auth/saml/lib.php

+20 −10
Original line number Diff line number Diff line
@@ -393,7 +393,7 @@ class PluginAuthSaml extends PluginAuth { 


    public static function install_auth_default() {

        // Set library version to download

        set_config_plugin('auth', 'saml', 'version', '1.16.3');

        set_config_plugin('auth', 'saml', 'version', '1.17.6');

    }



    private static function create_certificates($numberofdays = 3650) {
@@ -681,6 +681,9 @@ class PluginAuthSaml extends PluginAuth { 
    }



    public static function idptable($list, $preferred = array(), $institutions = array(), $showdelete = false) {

        if (empty($list)) {

            return array(0, '');

        }

        $idps = array();

        $lang = current_language();

        $lang = explode('.', $lang);
@@ -955,10 +958,13 @@ class PluginAuthSaml extends PluginAuth { 
    }



    public static function get_raw_disco_list() {

        if (class_exists('PluginAuthSaml_IdPDisco')) {

            PluginAuthSaml::init_simplesamlphp();

            $discoHandler = new PluginAuthSaml_IdPDisco(array('saml20-idp-remote', 'shib13-idp-remote'), 'saml');

            return $discoHandler->getTheIdPs();

        }

        return array('list' => 0);

    }



    public static function get_disco_list($lang = null, $entityidps = array()) {

        if (empty($lang)) {
@@ -979,7 +985,7 @@ class PluginAuthSaml extends PluginAuth { 
    }



    public static function get_instance_config_options($institution, $instance = 0) {

        if (!class_exists('SimpleSAML_XHTML_IdPDisco')) {

        if (!class_exists('SimpleSAML\XHTML\IdPDisco')) {

            global $SESSION;

            $SESSION->add_error_msg(get_string('errorssphpsetup', 'auth.saml'));

            redirect(get_config('wwwroot') . 'admin/users/institutions.php?i=' . $institution);
@@ -1464,8 +1470,9 @@ function auth_saml_openssl_x509_fingerprint($cert, $hash) { 


if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php')) {

    require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php');



    class PluginAuthSaml_IdPDisco extends SimpleSAML_XHTML_IdPDisco

}

if (class_exists('SimpleSAML\XHTML\IdPDisco')) {

    class PluginAuthSaml_IdPDisco extends SimpleSAML\XHTML\IdPDisco

    {



        /**
@@ -1497,7 +1504,10 @@ if (file_exists(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/lib/Simp 
        }

    }

}



else {

    global $SESSION;

    $SESSION->add_msg_once(get_string('errorupdatelib', 'auth.saml'), 'error', false);

}



/*

 * Provides any mahara specific wrappers for the metarefresh plugin from simplesamlphp that is used to refresh IDP metadata
@@ -1588,8 +1598,8 @@ class Metarefresh { 
                    'type' => $outputFormat,

                    'directory' => $outputDir,

                ));



                $metaloader = new sspmod_metarefresh_MetaLoader($expire, $stateFile, $oldMetadataSrc);

                require_once(get_config('docroot') . 'auth/saml/extlib/simplesamlphp/modules/metarefresh/lib/MetaLoader.php');

                $metaloader = new SimpleSAML\Module\metarefresh\MetaLoader($expire, $stateFile, $oldMetadataSrc);



                # Get global blacklist, whitelist and caching info

                $blacklist = $mconfig->getArray('blacklist', array());

htdocs/auth/saml/sp/metadata.php

+1 −1
Original line number Diff line number Diff line
@@ -54,7 +54,7 @@ if ($source === null) { 
    throw new SimpleSAML_Error_AuthSource($sourceId, 'Could not find authentication source.');

}



if (!($source instanceof sspmod_saml_Auth_Source_SP)) {

if (!($source instanceof \SimpleSAML\Module\saml\Auth\Source\SP)) {

    throw new SimpleSAML_Error_AuthSource($sourceId,

        'The authentication source is not a SAML Service Provider.');

}

htdocs/auth/saml/version.php

+1 −1
Original line number Diff line number Diff line
@@ -11,7 +11,7 @@ 
defined('INTERNAL') || die();



$config = new stdClass();

$config->version = 2019011100;

$config->version = 2019011101;

$config->release = '1.5.0';

$config->name = 'saml';

$config->requires_config = 1;