GEANT /
CAT
| Total Complexity | 83 |
| Total Lines | 677 |
| Duplicated Lines | 0 % |
| Changes | 3 | ||
| Bugs | 0 | Features | 0 |
Complex classes like DeviceConfig often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use DeviceConfig, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 58 | abstract class DeviceConfig extends \core\common\Entity { |
||
| 59 | |||
| 60 | /** |
||
| 61 | * stores the path to the temporary working directory for a module instance |
||
| 62 | * @var string $FPATH |
||
| 63 | */ |
||
| 64 | public $FPATH; |
||
| 65 | |||
| 66 | /** |
||
| 67 | * array of specialities - will be displayed on the admin download as "footnote" |
||
| 68 | * @var array specialities |
||
| 69 | */ |
||
| 70 | public $specialities; |
||
| 71 | |||
| 72 | /** |
||
| 73 | * list of supported EAP methods |
||
| 74 | * @var array EAP methods |
||
| 75 | */ |
||
| 76 | public $supportedEapMethods; |
||
| 77 | |||
| 78 | /** |
||
| 79 | * sets the supported EAP methods for a device |
||
| 80 | * |
||
| 81 | * @param array $eapArray the list of EAP methods the device supports |
||
| 82 | * @return void |
||
| 83 | */ |
||
| 84 | protected function setSupportedEapMethods($eapArray) { |
||
| 88 | } |
||
| 89 | |||
| 90 | /** |
||
| 91 | * device module constructor should be defined by each module. |
||
| 92 | * The one important thing to do is to call setSupportedEapMethods with an |
||
| 93 | * array of EAP methods the device supports |
||
| 94 | */ |
||
| 95 | public function __construct() { |
||
| 96 | parent::__construct(); |
||
| 97 | } |
||
| 98 | |||
| 99 | public function longestNameSuffix() { |
||
|
Coding Style
introduced
by
|
|||
| 100 | // for all configured server names, find the string that is the longest |
||
| 101 | // suffix to all of them |
||
| 102 | $longestSuffix = ""; |
||
| 103 | $numStrings = count($this->attributes["eap:server_name"]); |
||
| 104 | $mismatchFound = FALSE; |
||
| 105 | // always take the candidate character from the first array element, and |
||
| 106 | // verify whether the other elements have that character in the same |
||
| 107 | // position, too |
||
| 108 | while ($mismatchFound === FALSE) { |
||
| 109 | if ($longestSuffix == $this->attributes["eap:server_name"][0]) { |
||
| 110 | $mismatchFound = TRUE; |
||
| 111 | break; |
||
| 112 | } |
||
| 113 | $candidate = substr($this->attributes["eap:server_name"][0], -(strlen($longestSuffix) + 1), 1); |
||
| 114 | for ($iterator = 1; $iterator < $numStrings; $iterator++) { |
||
| 115 | if (substr($this->attributes["eap:server_name"][$iterator], -(strlen($longestSuffix) + 1), 1) != $candidate) { |
||
| 116 | $mismatchFound = TRUE; |
||
| 117 | continue 2; |
||
| 118 | } |
||
| 119 | } |
||
| 120 | $longestSuffix = $candidate . $longestSuffix; |
||
| 121 | } |
||
| 122 | return $longestSuffix; |
||
| 123 | } |
||
| 124 | |||
| 125 | /** |
||
| 126 | * Set up working environment for a device module |
||
| 127 | * |
||
| 128 | * Sets up the device module environment taking into account the actual profile |
||
| 129 | * selected by the user in the GUI. The selected profile is passed as the |
||
| 130 | * Profile $profile argumant. |
||
| 131 | * |
||
| 132 | * This method needs to be called after the device instance has been created (the GUI class does that) |
||
| 133 | * |
||
| 134 | * setup performs the following tasks: |
||
| 135 | * - collect profile attributes and pass them as the attributes property; |
||
| 136 | * - create the temporary working directory |
||
| 137 | * - process CA certificates and store them as 'internal:CAs' attribute |
||
| 138 | * - process and save optional info files and store references to them in |
||
| 139 | * 'internal:info_file' attribute |
||
| 140 | * @param AbstractProfile $profile the profile object which will be passed by the caller |
||
| 141 | * @param string $token the invitation token for silverbullet requests |
||
| 142 | * @param string $importPassword the PIN for the installer for silverbullet requests |
||
| 143 | * @return void |
||
| 144 | * @final not to be redefined |
||
| 145 | */ |
||
| 146 | final public function setup(AbstractProfile $profile, $token = NULL, $importPassword = NULL) { |
||
| 147 | $this->loggerInstance->debug(4, "module setup start\n"); |
||
| 148 | common\Entity::intoThePotatoes(); |
||
| 149 | $purpose = 'installer'; |
||
| 150 | $eaps = $profile->getEapMethodsinOrderOfPreference(1); |
||
| 151 | $this->calculatePreferredEapType($eaps); |
||
| 152 | if (count($this->selectedEap) == 0) { |
||
| 153 | throw new Exception("No EAP type available."); |
||
| 154 | } |
||
| 155 | $this->attributes = $this->getProfileAttributes($profile); |
||
| 156 | $this->deviceUUID = common\Entity::uuid('', 'CAT' . $profile->institution . "-" . $profile->identifier . "-" . $this->device_id); |
||
| 157 | |||
| 158 | |||
| 159 | // if we are instantiating a Silverbullet profile AND have been given |
||
| 160 | // a token, attempt to create the client certificate NOW |
||
| 161 | // then, this is the only instance of the device ever which knows the |
||
| 162 | // cert and private key. It's not saved anywhere, so it's gone forever |
||
| 163 | // after code execution! |
||
| 164 | |||
| 165 | $this->loggerInstance->debug(5, "DeviceConfig->setup() - preliminaries done.\n"); |
||
| 166 | if ($profile instanceof ProfileSilverbullet && $token !== NULL && $importPassword !== NULL) { |
||
| 167 | $this->clientCert = SilverbulletCertificate::issueCertificate($token, $importPassword, $this->options['clientcert']); |
||
| 168 | // we need to drag this along; ChromeOS needs it outside the P12 container to encrypt the entire *config* with it. |
||
| 169 | // Because encrypted private keys are not supported as per spec! |
||
| 170 | $purpose = 'silverbullet'; |
||
| 171 | // let's keep a record for which device type this token was consumed |
||
| 172 | $dbInstance = DBConnection::handle("INST"); |
||
| 173 | $certId = $this->clientCert['certObject']->dbId; |
||
| 174 | $dbInstance->exec("UPDATE `silverbullet_certificate` SET `device` = ? WHERE `id` = ?", "si", $this->device_id, $certId); |
||
| 175 | } |
||
| 176 | $this->loggerInstance->debug(5, "DeviceConfig->setup() - silverbullet checks done.\n"); |
||
| 177 | // create temporary directory, its full path will be saved in $this->FPATH; |
||
| 178 | $tempDir = $this->createTemporaryDirectory($purpose); |
||
| 179 | $this->FPATH = $tempDir['dir']; |
||
| 180 | mkdir($tempDir['dir'] . '/tmp'); |
||
| 181 | chdir($tempDir['dir'] . '/tmp'); |
||
| 182 | $caList = []; |
||
| 183 | $x509 = new \core\common\X509(); |
||
| 184 | if (isset($this->attributes['eap:ca_file'])) { |
||
| 185 | foreach ($this->attributes['eap:ca_file'] as $ca) { |
||
| 186 | $processedCert = $x509->processCertificate($ca); |
||
| 187 | if (is_array($processedCert)) { |
||
| 188 | // add a UUID for convenience (some devices refer to their CAs by a UUID value) |
||
| 189 | $processedCert['uuid'] = common\Entity::uuid("", $processedCert['pem']); |
||
| 190 | $caList[] = $processedCert; |
||
| 191 | } |
||
| 192 | } |
||
| 193 | $this->attributes['internal:CAs'][0] = $caList; |
||
| 194 | } |
||
| 195 | |||
| 196 | if (isset($this->attributes['support:info_file'])) { |
||
| 197 | $this->attributes['internal:info_file'][0] = $this->saveInfoFile($this->attributes['support:info_file'][0]); |
||
| 198 | } |
||
| 199 | if (isset($this->attributes['general:logo_file'])) { |
||
| 200 | $this->loggerInstance->debug(5, "saving IDP logo\n"); |
||
| 201 | $this->attributes['internal:logo_file'] = $this->saveLogoFile($this->attributes['general:logo_file'], 'idp'); |
||
| 202 | } |
||
| 203 | if (isset($this->attributes['fed:logo_file'])) { |
||
| 204 | $this->loggerInstance->debug(5, "saving FED logo\n"); |
||
| 205 | $this->attributes['fed:logo_file'] = $this->saveLogoFile($this->attributes['fed:logo_file'], 'fed'); |
||
| 206 | } |
||
| 207 | $this->attributes['internal:SSID'] = $this->getSSIDs()['add']; |
||
| 208 | |||
| 209 | $this->attributes['internal:remove_SSID'] = $this->getSSIDs()['del']; |
||
| 210 | |||
| 211 | $this->attributes['internal:consortia'] = $this->getConsortia(); |
||
| 212 | |||
| 213 | $this->support_email_substitute = sprintf(_("your local %s support"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
||
| 214 | $this->support_url_substitute = sprintf(_("your local %s support page"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
||
| 215 | |||
| 216 | if ($this->signer && $this->options['sign']) { |
||
| 217 | $this->sign = ROOT . '/signer/' . $this->signer; |
||
| 218 | } |
||
| 219 | $this->installerBasename = $this->getInstallerBasename(); |
||
| 220 | common\Entity::outOfThePotatoes(); |
||
| 221 | } |
||
| 222 | |||
| 223 | /** |
||
| 224 | * Selects the preferred eap method based on profile EAP configuration and device EAP capabilities |
||
| 225 | * |
||
| 226 | * @param array $eapArrayofObjects an array of eap methods supported by a given device |
||
| 227 | * @return void |
||
| 228 | */ |
||
| 229 | public function calculatePreferredEapType($eapArrayofObjects) { |
||
| 239 | } |
||
| 240 | } |
||
| 241 | |||
| 242 | /** |
||
| 243 | * prepare usage information for the installer |
||
| 244 | * every device module should override this method |
||
| 245 | * |
||
| 246 | * @return string HTML text to be displayed |
||
| 247 | */ |
||
| 248 | public function writeDeviceInfo() { |
||
| 249 | common\Entity::intoThePotatoes(); |
||
| 250 | $retval = _("Sorry, this should not happen - no additional information is available"); |
||
| 251 | common\Entity::outOfThePotatoes(); |
||
| 252 | return $retval; |
||
| 253 | } |
||
| 254 | |||
| 255 | /** |
||
| 256 | * function to return exactly one attribute type |
||
| 257 | * |
||
| 258 | * @param string $attrName the attribute to retrieve |
||
| 259 | * @return array|NULL the attributes |
||
| 260 | */ |
||
| 261 | public function getAttribute($attrName) { |
||
| 263 | } |
||
| 264 | |||
| 265 | /** |
||
| 266 | * some modules have a complex directory structure. This helper finds resources |
||
| 267 | * in that structure. Mostly used in the Windows modules. |
||
| 268 | * |
||
| 269 | * @param string $file the filename to search for (without path) |
||
| 270 | * @return string|boolean the filename as found, with path, or FALSE if it does not exist |
||
| 271 | */ |
||
| 272 | protected function findSourceFile($file) { |
||
| 273 | if (is_file($this->module_path . '/Files/' . $this->device_id . '/' . $file)) { |
||
| 274 | return $this->module_path . '/Files/' . $this->device_id . '/' . $file; |
||
| 275 | } elseif (is_file($this->module_path . '/Files/' . $file)) { |
||
| 276 | return $this->module_path . '/Files/' . $file; |
||
| 277 | } else { |
||
| 278 | $this->loggerInstance->debug(2, "requested file $file does not exist\n"); |
||
| 279 | return FALSE; |
||
| 280 | } |
||
| 281 | } |
||
| 282 | |||
| 283 | /** |
||
| 284 | * Copy a file from the module location to the temporary directory. |
||
| 285 | * |
||
| 286 | * If the second argument is provided then the file will be saved under the name |
||
| 287 | * taken form this argument. If only one parameter is given, source and destination |
||
| 288 | * filenames are the same |
||
| 289 | * Source file can be located either in the Files subdirectory or in the sibdirectory of Files |
||
| 290 | * named the same as device_id. The second option takes precedence. |
||
| 291 | * |
||
| 292 | * @param string $source_name The source file name |
||
| 293 | * @param string $output_name The destination file name |
||
| 294 | * |
||
| 295 | * @return boolean result of the copy operation |
||
| 296 | * @final not to be redefined |
||
| 297 | */ |
||
| 298 | final protected function copyFile($source_name, $output_name = NULL) { |
||
| 313 | } |
||
| 314 | |||
| 315 | /** |
||
| 316 | * Save certificate files in either DER or PEM format |
||
| 317 | * |
||
| 318 | * Certificate files will be saved in the module working directory. |
||
| 319 | * |
||
| 320 | * saved certificate file names are avalable under the 'file' index |
||
| 321 | * additional array entries are indexed as 'sha1', 'md5', and 'root'. |
||
| 322 | * sha1 and md5 are correcponding certificate hashes |
||
| 323 | * root is set to 1 for the CA roor certicicate and 0 otherwise |
||
| 324 | * |
||
| 325 | * @param string $format only "der" and "pem" are currently allowed |
||
| 326 | * @return array an array of arrays or empty array on error |
||
| 327 | |||
| 328 | */ |
||
| 329 | final protected function saveCertificateFiles($format) { |
||
| 330 | switch ($format) { |
||
| 331 | case "der": // fall-thorugh, same treatment |
||
| 332 | case "pem": |
||
| 333 | $iterator = 0; |
||
| 334 | $caFiles = []; |
||
| 335 | $caArray = $this->attributes['internal:CAs'][0]; |
||
| 336 | if (!$caArray) { |
||
| 337 | return([]); |
||
| 338 | } |
||
| 339 | foreach ($caArray as $certAuthority) { |
||
| 340 | $fileHandle = fopen("cert-$iterator.crt", "w"); |
||
| 341 | if (!$fileHandle) { |
||
| 342 | throw new Exception("problem opening the file"); |
||
| 343 | } |
||
| 344 | if ($format === "pem") { |
||
| 345 | fwrite($fileHandle, $certAuthority['pem']); |
||
| 346 | } else { |
||
| 347 | fwrite($fileHandle, $certAuthority['der']); |
||
| 348 | } |
||
| 349 | fclose($fileHandle); |
||
| 350 | $certAuthorityProps = []; |
||
| 351 | $certAuthorityProps['file'] = "cert-$iterator.crt"; |
||
| 352 | $certAuthorityProps['sha1'] = $certAuthority['sha1']; |
||
| 353 | $certAuthorityProps['md5'] = $certAuthority['md5']; |
||
| 354 | $certAuthorityProps['root'] = $certAuthority['root']; |
||
| 355 | $caFiles[] = $certAuthorityProps; |
||
| 356 | $iterator++; |
||
| 357 | } |
||
| 358 | return($caFiles); |
||
| 359 | default: |
||
| 360 | $this->loggerInstance->debug(2, 'incorrect format value specified'); |
||
| 361 | return([]); |
||
| 362 | } |
||
| 363 | } |
||
| 364 | |||
| 365 | /** |
||
| 366 | * set of characters to remove from filename strings |
||
| 367 | */ |
||
| 368 | private const TRANSLIT_SCRUB = '/[ ()\/\'"]+/'; |
||
| 369 | |||
| 370 | /** |
||
| 371 | * Does a transliteration from UTF-8 to ASCII to get a sane filename |
||
| 372 | * Takes special characters into account, and always uses English CTYPE |
||
| 373 | * to avoid introduction of funny characters due to "flying accents" |
||
| 374 | * |
||
| 375 | * @param string $input the input string that is to be transliterated |
||
| 376 | * @return string the transliterated string |
||
| 377 | */ |
||
| 378 | private function customTranslit($input) { |
||
| 384 | } |
||
| 385 | |||
| 386 | /** |
||
| 387 | * Generate installer filename base. |
||
| 388 | * Device module should use this name adding an extension. |
||
| 389 | * Normally the device identifier follows the Consortium name. |
||
| 390 | * The sting taken for the device identifier equals (by default) to the index in the listDevices array, |
||
| 391 | * but can be overriden with the 'device_id' device option. |
||
| 392 | * |
||
| 393 | * @return string |
||
| 394 | */ |
||
| 395 | private function getInstallerBasename() { |
||
| 396 | |||
| 397 | $baseName = $this->customTranslit(CONFIG_CONFASSISTANT['CONSORTIUM']['name']) . "-" . $this->getDeviceId(); |
||
| 398 | if (isset($this->attributes['profile:customsuffix'][1])) { |
||
| 399 | // this string will end up as a filename on a filesystem, so always |
||
| 400 | // take a latin-based language variant if available |
||
| 401 | // and then scrub non-ASCII just in case |
||
| 402 | return $baseName . $this->customTranslit($this->attributes['profile:customsuffix'][1]); |
||
| 403 | } |
||
| 404 | // Okay, no custom suffix. |
||
| 405 | // Use the configured inst name and apply shortening heuristics |
||
| 406 | $lang_pointer = CONFIG['LANGUAGES'][$this->languageInstance->getLang()]['latin_based'] == TRUE ? 0 : 1; |
||
| 407 | $this->loggerInstance->debug(5, "getInstallerBasename1:" . $this->attributes['general:instname'][$lang_pointer] . "\n"); |
||
| 408 | $inst = $this->customTranslit($this->attributes['general:instname'][$lang_pointer]); |
||
| 409 | $this->loggerInstance->debug(4, "getInstallerBasename2:$inst\n"); |
||
| 410 | $Inst_a = explode('_', $inst); |
||
| 411 | if (count($Inst_a) > 2) { |
||
| 412 | $inst = ''; |
||
| 413 | foreach ($Inst_a as $i) { |
||
| 414 | $inst .= $i[0]; |
||
| 415 | } |
||
| 416 | } |
||
| 417 | // and if the inst has multiple profiles, add the profile name behin |
||
| 418 | if ($this->attributes['internal:profile_count'][0] > 1) { |
||
| 419 | if (!empty($this->attributes['profile:name']) && !empty($this->attributes['profile:name'][$lang_pointer])) { |
||
| 420 | $profTemp = $this->customTranslit($this->attributes['profile:name'][$lang_pointer]); |
||
| 421 | $prof = preg_replace('/_+$/', '', $profTemp); |
||
| 422 | return $baseName . $inst . '-' . $prof; |
||
| 423 | } |
||
| 424 | } |
||
| 425 | return $baseName . $inst; |
||
| 426 | } |
||
| 427 | |||
| 428 | /** |
||
| 429 | * returns the device_id of the current device |
||
| 430 | * |
||
| 431 | * @return string |
||
| 432 | */ |
||
| 433 | private function getDeviceId() { |
||
| 442 | } |
||
| 443 | |||
| 444 | /** |
||
| 445 | * returns the list of SSIDs that installers should treat. |
||
| 446 | * |
||
| 447 | * Includes both SSIDs to be set up (and whether it's a TKIP-mixed or AES-only SSID) and SSIDs to be deleted |
||
| 448 | * |
||
| 449 | * @return array |
||
| 450 | */ |
||
| 451 | private function getSSIDs() { |
||
| 452 | $ssidList = []; |
||
| 453 | $ssidList['add'] = []; |
||
| 454 | $ssidList['del'] = []; |
||
| 455 | if (isset(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid'])) { |
||
| 456 | foreach (CONFIG_CONFASSISTANT['CONSORTIUM']['ssid'] as $ssid) { |
||
| 457 | if (\core\common\Entity::getAttributeValue(CONFIG_CONFASSISTANT, 'CONSORTIUM', 'tkipsupport') == TRUE) { |
||
| 458 | $ssidList['add'][$ssid] = 'TKIP'; |
||
| 459 | } else { |
||
| 460 | $ssidList['add'][$ssid] = 'AES'; |
||
| 461 | $ssidList['del'][$ssid] = 'TKIP'; |
||
| 462 | } |
||
| 463 | } |
||
| 464 | } |
||
| 465 | if (isset($this->attributes['media:SSID'])) { |
||
| 466 | $ssidWpa2 = $this->attributes['media:SSID']; |
||
| 467 | |||
| 468 | foreach ($ssidWpa2 as $ssid) { |
||
| 469 | $ssidList['add'][$ssid] = 'AES'; |
||
| 470 | } |
||
| 471 | } |
||
| 472 | if (isset($this->attributes['media:SSID_with_legacy'])) { |
||
| 473 | $ssidTkip = $this->attributes['media:SSID_with_legacy']; |
||
| 474 | foreach ($ssidTkip as $ssid) { |
||
| 475 | $ssidList['add'][$ssid] = 'TKIP'; |
||
| 476 | } |
||
| 477 | } |
||
| 478 | if (isset($this->attributes['media:remove_SSID'])) { |
||
| 479 | $ssidRemove = $this->attributes['media:remove_SSID']; |
||
| 480 | foreach ($ssidRemove as $ssid) { |
||
| 481 | $ssidList['del'][$ssid] = 'DEL'; |
||
| 482 | } |
||
| 483 | } |
||
| 484 | return $ssidList; |
||
| 485 | } |
||
| 486 | |||
| 487 | /** |
||
| 488 | * returns the list of Hotspot 2.0 / Passpoint roaming consortia to set up |
||
| 489 | * |
||
| 490 | * @return array |
||
| 491 | */ |
||
| 492 | private function getConsortia() { |
||
| 505 | } |
||
| 506 | |||
| 507 | /** |
||
| 508 | * An array with shorthand definitions for MIME types |
||
| 509 | * @var array |
||
| 510 | */ |
||
| 511 | private $mime_extensions = [ |
||
| 512 | 'text/plain' => 'txt', |
||
| 513 | 'text/rtf' => 'rtf', |
||
| 514 | 'application/pdf' => 'pdf', |
||
| 515 | ]; |
||
| 516 | |||
| 517 | /** |
||
| 518 | * saves a number of logos to a cache directory on disk. |
||
| 519 | * |
||
| 520 | * @param array $logos list of logos (binary strings each) |
||
| 521 | * @param string $type a qualifier what type of logo this is |
||
| 522 | * @return array list of filenames and the mime types |
||
| 523 | * @throws Exception |
||
| 524 | */ |
||
| 525 | private function saveLogoFile($logos, $type) { |
||
| 550 | } |
||
| 551 | |||
| 552 | /** |
||
| 553 | * saves the Terms of Use file onto disk |
||
| 554 | * |
||
| 555 | * @param string $blob the Terms of Use |
||
| 556 | * @return array with one entry, containging the filename and mime type |
||
| 557 | * @throws Exception |
||
| 558 | */ |
||
| 559 | private function saveInfoFile($blob) { |
||
| 560 | $finfo = new \finfo(FILEINFO_MIME_TYPE); |
||
| 561 | $mime = $finfo->buffer($blob); |
||
| 562 | $ext = isset($this->mime_extensions[$mime]) ? $this->mime_extensions[$mime] : 'usupported'; |
||
| 563 | $this->loggerInstance->debug(5, "saveInfoFile: $mime : $ext\n"); |
||
| 564 | $fileHandle = fopen('local-info.' . $ext, "w"); |
||
| 565 | if ($fileHandle === FALSE) { |
||
| 566 | throw new Exception("problem opening the file"); |
||
| 567 | } |
||
| 568 | fwrite($fileHandle, $blob); |
||
| 569 | fclose($fileHandle); |
||
| 570 | return(['name' => 'local-info.' . $ext, 'mime' => $ext]); |
||
| 571 | } |
||
| 572 | |||
| 573 | /** |
||
| 574 | * returns the attributes of the profile for which to generate an installer |
||
| 575 | * |
||
| 576 | * In condensed notion, and most specific level only (i.e. ignores overriden attributes from a higher level) |
||
| 577 | * @param \core\AbstractProfile $profile the Profile in question |
||
| 578 | * @return array |
||
| 579 | */ |
||
| 580 | private function getProfileAttributes(AbstractProfile $profile) { |
||
| 581 | $bestMatchEap = $this->selectedEap; |
||
| 582 | if (count($bestMatchEap) > 0) { |
||
| 583 | $a = $profile->getCollapsedAttributes($bestMatchEap); |
||
| 584 | $a['eap'] = $bestMatchEap; |
||
| 585 | $a['all_eaps'] = $profile->getEapMethodsinOrderOfPreference(1); |
||
| 586 | return($a); |
||
| 587 | } |
||
| 588 | print("No supported eap types found for this profile.\n"); |
||
| 589 | return []; |
||
| 590 | } |
||
| 591 | |||
| 592 | /** |
||
| 593 | * dumps attributes for debugging purposes |
||
| 594 | * |
||
| 595 | * dumpAttibutes method is supplied for debuging purposes, it simply dumps the attribute array |
||
| 596 | * to a file with name passed in the attribute. |
||
| 597 | * @param string $file the output file name |
||
| 598 | * @return void |
||
| 599 | */ |
||
| 600 | protected function dumpAttibutes($file) { |
||
| 601 | ob_start(); |
||
| 602 | print_r($this->attributes); |
||
| 603 | $output = ob_get_clean(); |
||
| 604 | file_put_contents($file, $output); |
||
| 605 | } |
||
| 606 | |||
| 607 | /** |
||
| 608 | * placeholder for the main device method |
||
| 609 | * @return string |
||
| 610 | */ |
||
| 611 | abstract public function writeInstaller(); |
||
| 612 | |||
| 613 | /** |
||
| 614 | * collates the string to use as EAP outer ID |
||
| 615 | * |
||
| 616 | * @return string|NULL |
||
| 617 | */ |
||
| 618 | protected function determineOuterIdString() { |
||
| 627 | } |
||
| 628 | |||
| 629 | /** |
||
| 630 | * Array passing all options to the device module. |
||
| 631 | * |
||
| 632 | * $attrbutes array contains option values defined for the institution and a particular |
||
| 633 | * profile (possibly overriding one another) ready for the device module to consume. |
||
| 634 | * |
||
| 635 | * For each of the options the value is another array of vales (even if only one value is present). |
||
| 636 | * Some attributes may be missing if they have not been configured for a viven institution or profile. |
||
| 637 | * |
||
| 638 | * The following attributes are meant to be used by device modules: |
||
| 639 | * - <b>general:geo_coordinates</b> - geographical coordinates of the institution or a campus |
||
| 640 | * - <b>support:info_file</b> - consent file displayed to the users |
||
| 641 | * - <b>general:logo_file</b> - file data containing institution logo |
||
| 642 | * - <b>support:eap_types</b> - URL to a local support page for a specific eap methiod, not to be confused with general:url |
||
| 643 | * - <b>support:email</b> - email for users to contact for local instructions |
||
| 644 | * - <b>support:phone</b> - telephone number for users to contact for local instructions |
||
| 645 | * - <b>support:url</b> - URL where the user will find local instructions |
||
| 646 | * - <b>internal:info_file</b> - the pathname of the info_file saved in the working directory |
||
| 647 | * - <b>internal:logo_file</b> - array of pathnames of logo_files saved in the working directory |
||
| 648 | * - <b>internal:CAs</b> - the value is an array produced by X509::processCertificate() with the following filds |
||
| 649 | * - <b>internal:SSID</b> - an array indexed by SSID strings with values either TKIP or AES; if TKIP is set the both WPA/TKIP and WPA2/AES should be set if AES is set the this is a WPA2/AES only SSID; the consortium's defined SSIDs are always set as the first array elements. |
||
| 650 | * - <b>internal:consortia</b> an array of consortion IO as declared in the config-confassistant |
||
| 651 | * - <b>internal:profile_count</b> - the number of profiles for the associated IdP |
||
| 652 | * |
||
| 653 | * |
||
| 654 | * these attributes are available and can be used, but the "internal" attributes are better suited for modules |
||
| 655 | * - eap:ca_file - certificate of the CA signing the RADIUS server key |
||
| 656 | * - <b>media:SSID</b> - additional SSID to configure, WPA2/AES only (device modules should use internal:SSID) |
||
| 657 | * - <b>media:SSID_with_legacy</b> - additional SSID to configure, WPA2/AES and WPA/TKIP (device modules should use internal:SSID) |
||
| 658 | * |
||
| 659 | * @see \core\common\X509::processCertificate() |
||
| 660 | * @var array $attributes |
||
| 661 | */ |
||
| 662 | public $attributes; |
||
| 663 | |||
| 664 | /** |
||
| 665 | * stores the path to the module source location and is used |
||
| 666 | * by copyFile and translateFile |
||
| 667 | * the only reason for it to be a public variable ies that it is set by the DeviceFactory class |
||
| 668 | * module_path should not be used by module drivers. |
||
| 669 | * @var string |
||
| 670 | */ |
||
| 671 | public $module_path; |
||
| 672 | |||
| 673 | /** |
||
| 674 | * * The optimal EAP type selected given profile and device |
||
| 675 | * @var array |
||
| 676 | */ |
||
| 677 | public $selectedEap; |
||
| 678 | public $selectedEapObject; |
||
| 679 | |||
| 680 | /** |
||
| 681 | * the path to the profile signing program |
||
| 682 | * device modules which require signing should use this property to exec the signer |
||
| 683 | * the signer program must accept two arguments - input and output file names |
||
| 684 | * the signer program mus operate in the local directory and filenames are relative to this |
||
| 685 | * directory |
||
| 686 | * |
||
| 687 | * @var string |
||
| 688 | */ |
||
| 689 | public $sign; |
||
| 690 | public $signer; |
||
| 691 | |||
| 692 | /** |
||
| 693 | * The string identifier of the device (don't show this to users) |
||
| 694 | * @var string |
||
| 695 | */ |
||
| 696 | public $device_id; |
||
| 697 | |||
| 698 | /** |
||
| 699 | * See devices-template.php for a list of available options |
||
| 700 | * @var array |
||
| 701 | */ |
||
| 702 | public $options; |
||
| 703 | |||
| 704 | /** |
||
| 705 | * This string will be shown if no support email was configured by the admin |
||
| 706 | * |
||
| 707 | * @var string |
||
| 708 | */ |
||
| 709 | public $support_email_substitute; |
||
| 710 | |||
| 711 | /** |
||
| 712 | * This string will be shown if no support URL was configured by the admin |
||
| 713 | * |
||
| 714 | * @var string |
||
| 715 | */ |
||
| 716 | public $support_url_substitute; |
||
| 717 | |||
| 718 | /** |
||
| 719 | * This string should be used by all installer modules to set the |
||
| 720 | * installer file basename. |
||
| 721 | * |
||
| 722 | * @var string |
||
| 723 | */ |
||
| 724 | public $installerBasename; |
||
| 725 | |||
| 726 | /** |
||
| 727 | * stores the PKCS#12 DER representation of a client certificate for SilverBullet |
||
| 728 | */ |
||
| 729 | protected $clientCert; |
||
| 730 | |||
| 731 | /** |
||
| 732 | * stores identifier used by GEANTLink profiles |
||
| 733 | */ |
||
| 734 | public $deviceUUID; |
||
| 735 | |||
| 737 |
Loading history...
