GEANT / CAT

docker/MSP/web/html/lib.inc

Indentation +8 added lines, -8 removed lines

@@ -2,12 +2,12 @@
 define('SOCKET', '/opt/Socket/CAT_requests/queue');
 
 function cat_socket($obj) {
-   $sock = socket_create(AF_UNIX, SOCK_STREAM, 0);
-   $conn = socket_connect($sock, SOCKET);
-   if ( $conn ) {
-     socket_write ($sock, $obj, strlen($obj));
-     $out = socket_read ($sock, 2048);
-     return $out;
-   }
-   return 'FAILURE';
+    $sock = socket_create(AF_UNIX, SOCK_STREAM, 0);
+    $conn = socket_connect($sock, SOCKET);
+    if ( $conn ) {
+        socket_write ($sock, $obj, strlen($obj));
+        $out = socket_read ($sock, 2048);
+        return $out;
+    }
+    return 'FAILURE';
 }

Spacing +3 added lines, -3 removed lines

@@ -6,9 +6,9 @@
 function cat_socket($obj) {
    $sock = socket_create(AF_UNIX, SOCK_STREAM, 0);
    $conn = socket_connect($sock, SOCKET);
-   if ( $conn ) {
-     socket_write ($sock, $obj, strlen($obj));
-     $out = socket_read ($sock, 2048);
+   if ($conn) {
+     socket_write($sock, $obj, strlen($obj));
+     $out = socket_read($sock, 2048);
      return $out;
    }
    return 'FAILURE';

core/DeploymentManaged.php

Indentation +39 added lines, -39 removed lines

@@ -372,20 +372,20 @@ 
         );
         // Generate a new private (and public) key pair
         $privkey = openssl_pkey_new(array(
-                                          "private_key_bits" => 4096,
-                                          "private_key_type" => OPENSSL_KEYTYPE_RSA));
+                                            "private_key_bits" => 4096,
+                                            "private_key_type" => OPENSSL_KEYTYPE_RSA));
         // export private key to $clientprivateKey (as string)
         openssl_pkey_export($privkey, $this->radsec_priv);
         // Generate a certificate signing request
         $csr = openssl_csr_new($dn, $privkey,
-                               array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"));
+                                array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"));
         // get CA certificate and private key
         $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"),
                             \config\Master::MANAGEDSP['capass']);
         $cacert = file_get_contents(ROOT .  "/config/ManagedSPCerts/eduroamSP-CA.pem");
         $this->setTLSSerialNumber();
         $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'],
-                          array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no);
+                            array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no);
         openssl_x509_export($clientcert, $this->radsec_cert);
     } 
     /**
@@ -506,9 +506,9 @@ 
      */
     public function renewtls()
     {
-       $id = $this->identifier;
-       $futureTlsClient = $this->createTLScredentials();
-       $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = ?, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "ssii", $this->radsec_priv, $this->radsec_cert, $this->radsec_cert_serial_no, $id);           
+        $id = $this->identifier;
+        $futureTlsClient = $this->createTLScredentials();
+        $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = ?, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "ssii", $this->radsec_priv, $this->radsec_cert, $this->radsec_cert_serial_no, $id);           
     }
     
     /**
@@ -518,38 +518,38 @@ 
      */
     public function tlsfromcsr($csr)
     {
-       $id = $this->identifier;
-       $dn = array();
-       $dn['rdnSequence'] = array();
-       $dn['rdnSequence'][0] = array();
-       $dn['rdnSequence'][0][] = array('type' => 'id-at-organizationName', 'value' => array());
-       $dn['rdnSequence'][0][0]['value']['utf8String'] = 'eduroam';
-       $dn['rdnSequence'][1] = array();
-       $dn['rdnSequence'][1][] = array('type' => 'id-at-organizationalUnitName', 'value' => array());
-       $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP';
-       $dn['rdnSequence'][2] = array();
-       $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array());
-       $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution;
-       $csr->setDN($dn);
-       $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key");
-       $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] );
-       $pemca = file_get_contents(ROOT .  "/config/ManagedSPCerts/eduroamSP-CA.pem");
-       $ca = new \phpseclib3\File\X509();
-       $ca->loadX509($pemca);
-       $ca->setPrivateKey($cakey);
-       // Sign the updated request, producing the certificate.
-       $x509 = new \phpseclib3\File\X509();
-       $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']);
-       $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']);
-       $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false);
-       $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days');
-       $this->setTLSSerialNumber(999999999999999999);
-       $x509->setSerialNumber($this->radsec_cert_serial_no, 10);
-       $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr)));
-       $this->radsec_cert = $x509->saveX509($cert);
-       $this->radsec_priv = NULL;
-       //$futureTlsClient = $this->createTLScredentials();
-       $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = NULL, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "sii", $this->radsec_cert, $this->radsec_cert_serial_no, $id);           
+        $id = $this->identifier;
+        $dn = array();
+        $dn['rdnSequence'] = array();
+        $dn['rdnSequence'][0] = array();
+        $dn['rdnSequence'][0][] = array('type' => 'id-at-organizationName', 'value' => array());
+        $dn['rdnSequence'][0][0]['value']['utf8String'] = 'eduroam';
+        $dn['rdnSequence'][1] = array();
+        $dn['rdnSequence'][1][] = array('type' => 'id-at-organizationalUnitName', 'value' => array());
+        $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP';
+        $dn['rdnSequence'][2] = array();
+        $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array());
+        $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution;
+        $csr->setDN($dn);
+        $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key");
+        $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] );
+        $pemca = file_get_contents(ROOT .  "/config/ManagedSPCerts/eduroamSP-CA.pem");
+        $ca = new \phpseclib3\File\X509();
+        $ca->loadX509($pemca);
+        $ca->setPrivateKey($cakey);
+        // Sign the updated request, producing the certificate.
+        $x509 = new \phpseclib3\File\X509();
+        $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']);
+        $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']);
+        $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false);
+        $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days');
+        $this->setTLSSerialNumber(999999999999999999);
+        $x509->setSerialNumber($this->radsec_cert_serial_no, 10);
+        $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr)));
+        $this->radsec_cert = $x509->saveX509($cert);
+        $this->radsec_priv = NULL;
+        //$futureTlsClient = $this->createTLScredentials();
+        $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = NULL, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "sii", $this->radsec_cert, $this->radsec_cert_serial_no, $id);           
     }
     /**
      * marks the deployment as deactivated 

Spacing +39 added lines, -39 removed lines

@@ -322,7 +322,7 @@ 
                 $serverCandidates[IdPlist::geoDistance($adminLocation, ['lat' => $iterator->location_lat, 'lon' => $iterator->location_lon])] = $iterator->server_id;
             }
             if ($clients > $maxSupportedClients * 0.9) {
-                $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (" . $iterator->server_id . ") is serving at more than 90% capacity!");
+                $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (".$iterator->server_id.") is serving at more than 90% capacity!");
             }
         }
         if (count($serverCandidates) == 0 && $federation != "DEFAULT") {
@@ -344,7 +344,7 @@ 
      * 
      * @throws Exception
      */
-    private function setTLSSerialNumber($max=PHP_INT_MAX) {
+    private function setTLSSerialNumber($max = PHP_INT_MAX) {
         $nonDupSerialFound = FALSE;
         do {
             $serial = random_int(1000000000, $max);
@@ -364,7 +364,7 @@ 
      */
     private function createTLScredentials()
     {
-        $clientName = 'SP' . $this->identifier . '-' . $this->institution;
+        $clientName = 'SP'.$this->identifier.'-'.$this->institution;
         $dn = array(
                     "organizationName" => "eduroam",
                     "organizationalUnitName" => "eduroam Managed SP",
@@ -378,14 +378,14 @@ 
         openssl_pkey_export($privkey, $this->radsec_priv);
         // Generate a certificate signing request
         $csr = openssl_csr_new($dn, $privkey,
-                               array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"));
+                               array('digest_alg' => 'sha256', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf"));
         // get CA certificate and private key
-        $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"),
+        $caprivkey = array(file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key"),
                             \config\Master::MANAGEDSP['capass']);
-        $cacert = file_get_contents(ROOT .  "/config/ManagedSPCerts/eduroamSP-CA.pem");
+        $cacert = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem");
         $this->setTLSSerialNumber();
         $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'],
-                          array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no);
+                          array('digest_alg'=>'sha512', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no);
         openssl_x509_export($clientcert, $this->radsec_cert);
     } 
     /**
@@ -410,8 +410,8 @@ 
             $conditional1 = "AND activity_time > DATE_SUB(NOW(), INTERVAL $backlog SECOND )";
             $conditional2 = "DESC";
         }
-        $client = 'SP' . $this->identifier . '-' . $this->institution;
-        $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id, prot, outer_user FROM activity WHERE owner = ? $conditional1 ORDER BY activity_time $conditional2", "s", $client );
+        $client = 'SP'.$this->identifier.'-'.$this->institution;
+        $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id, prot, outer_user FROM activity WHERE owner = ? $conditional1 ORDER BY activity_time $conditional2", "s", $client);
        
         return mysqli_fetch_all($stats, \MYSQLI_ASSOC);
     }
@@ -529,11 +529,11 @@ 
        $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP';
        $dn['rdnSequence'][2] = array();
        $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array());
-       $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution;
+       $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP'.$this->identifier."-".$this->institution;
        $csr->setDN($dn);
-       $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key");
-       $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] );
-       $pemca = file_get_contents(ROOT .  "/config/ManagedSPCerts/eduroamSP-CA.pem");
+       $pemcakey = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key");
+       $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass']);
+       $pemca = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem");
        $ca = new \phpseclib3\File\X509();
        $ca->loadX509($pemca);
        $ca->setPrivateKey($cakey);
@@ -542,7 +542,7 @@ 
        $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']);
        $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']);
        $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false);
-       $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days');
+       $x509->setEndDate('+'.\config\Master::MANAGEDSP['daystoexpiry'].' days');
        $this->setTLSSerialNumber(999999999999999999);
        $x509->setSerialNumber($this->radsec_cert_serial_no, 10);
        $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr)));
@@ -584,7 +584,7 @@ 
     {
         $customAttrib = $this->getAttributes("managedsp:operatorname");
         if (count($customAttrib) == 0) {
-            return "1sp." . $this->identifier . "-" . $this->institution . \config\ConfAssistant::SILVERBULLET['realm_suffix'];
+            return "1sp.".$this->identifier."-".$this->institution.\config\ConfAssistant::SILVERBULLET['realm_suffix'];
         }
         return $customAttrib[0]["value"];
     }
@@ -599,14 +599,14 @@ 
     private function sendToRADIUS(int $idx, $post)
     {
         $hostname = "radius_hostname_$idx";
-        $ch = curl_init("http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport']);
+        $ch = curl_init("http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']);
         if ($ch === FALSE) {
             $res = 'FAILURE';
         } else {
             curl_setopt($ch, CURLOPT_USERAGENT, "CAT-ManagedSP");
             curl_setopt($ch, CURLOPT_POST, 1);
             curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
-            $this->loggerInstance->debug(1, "Posting to http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport'] . "/$post\n");
+            $this->loggerInstance->debug(1, "Posting to http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']."/$post\n");
             curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
             curl_setopt($ch, CURLOPT_HEADER, 0);
             curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
@@ -645,19 +645,19 @@ 
         } else {
             $txt = $remove ? _('Profile deactivation failed') : _('Profile activation/modification failed');
         }
-        $txt = $txt . ' ';
+        $txt = $txt.' ';
         if (array_count_values($response)[$status] == 2) {
-            $txt = $txt . _('on both RADIUS servers: primary and backup') . '.';
+            $txt = $txt._('on both RADIUS servers: primary and backup').'.';
         } else {
             if ($response['res[1]'] == $status) {
-                $txt = $txt . _('on primary RADIUS server') . '.';
+                $txt = $txt._('on primary RADIUS server').'.';
             } else {
-                $txt = $txt . _('on backup RADIUS server') . '.';
+                $txt = $txt._('on backup RADIUS server').'.';
             }
         }
         $mail = \core\common\OutsideComm::mailHandle();
         $email = $this->getAttributes("support:email")[0]['value'];
-        $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System";
+        $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System";
         $mail->addAddress($email);
         if ($status == 'OK') {
             $mail->Subject = _('RADIUS profile update problem fixed');
@@ -691,7 +691,7 @@ 
             return NULL;
         }
         $timeout = 10;
-        curl_setopt($ch, CURLOPT_URL, 'http://' . $host);
+        curl_setopt($ch, CURLOPT_URL, 'http://'.$host);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
         curl_exec($ch);
@@ -783,52 +783,52 @@ 
     {
         $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => ''));
         if ($torevoke != '') {
-            $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier .
+            $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier.
                     "&torevoke=$torevoke";
             foreach (array_keys($toPost) as $key) {
                 $toPost[$key] = $toPostTemplate;
             }
         } else {
             $remove = ($this->status == \core\AbstractDeployment::INACTIVE) ? 0 : 1;
-            $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . 
-                '&secret=' . $this->secret .
-                '&country=' . $this->getAttributes("internal:country")[0]['value'] .
-                '&pskkey=' . $this->pskkey . '&';
+            $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier. 
+                '&secret='.$this->secret.
+                '&country='.$this->getAttributes("internal:country")[0]['value'].
+                '&pskkey='.$this->pskkey.'&';
             if ($remove) {
-                $toPostTemplate = $toPostTemplate . 'remove=1&';
+                $toPostTemplate = $toPostTemplate.'remove=1&';
             } else {
-                $toPostTemplate = $toPostTemplate . 'operatorname=' . $this->getOperatorName() . '&'; 
+                $toPostTemplate = $toPostTemplate.'operatorname='.$this->getOperatorName().'&'; 
                 if ($this->getAttributes("managedsp:vlan")[0]['value'] ?? NULL) {
                     $allRealms = $this->getAllRealms();
                     if (!empty($allRealms)) {
-                        $toPostTemplate = $toPostTemplate . 'vlan=' . $this->getAttributes("managedsp:vlan")[0]['value'] . '&';
-                        $toPostTemplate = $toPostTemplate . 'realmforvlan[]=' . implode('&realmforvlan[]=', $allRealms) . '&';
+                        $toPostTemplate = $toPostTemplate.'vlan='.$this->getAttributes("managedsp:vlan")[0]['value'].'&';
+                        $toPostTemplate = $toPostTemplate.'realmforvlan[]='.implode('&realmforvlan[]=', $allRealms).'&';
                     }
                 }
                 if ($this->getAttributes("managedsp:guest_vlan")[0]['value'] ?? NULL) {
-                    $toPostTemplate = $toPostTemplate . 'guest_vlan=' . $this->getAttributes("managedsp:guest_vlan")[0]['value'] . '&';
+                    $toPostTemplate = $toPostTemplate.'guest_vlan='.$this->getAttributes("managedsp:guest_vlan")[0]['value'].'&';
                 }
             }
             foreach (array_keys($toPost) as $key) {
-                $elem = 'port' . $key;
-                $toPost[$key] = $toPostTemplate . 'port=' . $this->$elem;
+                $elem = 'port'.$key;
+                $toPost[$key] = $toPostTemplate.'port='.$this->$elem;
             }
         }
         $response = array();
         foreach ($toPost as $key => $value) {
-            $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] . "\n");
+            $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n");
             // temporarly one server $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]);
             //if ($key == 2) {
             //    $response['res[2]'] = 'OK'; 
             //} else {
-                $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]);
+                $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]);
             //}
         }
         if ($onlyone) {
-            $response['res[' . ($onlyone == 1) ? 2 : 1 . ']'] = \core\AbstractDeployment::RADIUS_OK;
+            $response['res['.($onlyone == 1) ? 2 : 1.']'] = \core\AbstractDeployment::RADIUS_OK;
         }
         foreach (array('OK', 'FAILURE') as $status) {
-            if ( ( ($status == 'OK' && $notify) || ($status == 'FAILURE') ) && ( in_array($status, $response) ) ) {
+            if ((($status == 'OK' && $notify) || ($status == 'FAILURE')) && (in_array($status, $response))) {
                 $this->sendMailtoAdmin($remove, $response, $status);
             }
         }

core/CertificationAuthorityEduPkiServer.php

Spacing +42 added lines, -42 removed lines

@@ -35,10 +35,10 @@ 
     public function __construct()
     {
             
-        if ( \config\ConfAssistant::eduPKI['testing'] === true ) {
-            $this->locationRaCert = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
-            $this->locationRaKey = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
-            $this->locationWebRoot = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
+        if (\config\ConfAssistant::eduPKI['testing'] === true) {
+            $this->locationRaCert = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
+            $this->locationRaKey = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
+            $this->locationWebRoot = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
             $this->eduPkiRaId = 700;
             $this->eduPkiCertProfileBoth = "Radius Server SOAP";
             $this->eduPkiCertProfileIdp = "Radius Server SOAP";
@@ -47,9 +47,9 @@ 
             $this->eduPkiEndpointPublic = "https://pki.edupki.org/edupki-test-ca/cgi-bin/pub/soap?wsdl=1";
             $this->eduPkiEndpointRa = "https://ra.edupki.org/edupki-test-ca/cgi-bin/ra/soap?wsdl=1";
         } else {
-            $this->locationRaCert = ROOT . "/config/SilverbulletClientCerts/edupki-prod-ra.pem";
-            $this->locationRaKey = ROOT . "/config/SilverbulletClientCerts/edupki-prod-ra.clearkey";
-            $this->locationWebRoot = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
+            $this->locationRaCert = ROOT."/config/SilverbulletClientCerts/edupki-prod-ra.pem";
+            $this->locationRaKey = ROOT."/config/SilverbulletClientCerts/edupki-prod-ra.clearkey";
+            $this->locationWebRoot = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
             $this->eduPkiRaId = 100;
             $this->eduPkiCertProfileBoth = "eduroam IdP and SP";
             $this->eduPkiCertProfileIdp = "eduroam IdP";
@@ -63,13 +63,13 @@ 
         parent::__construct();
 
         if (stat($this->locationRaCert) === FALSE) {
-            throw new Exception("RA operator PEM file not found: " . $this->locationRaCert);
+            throw new Exception("RA operator PEM file not found: ".$this->locationRaCert);
         }
         if (stat($this->locationRaKey) === FALSE) {
-            throw new Exception("RA operator private key file not found: " . $this->locationRaKey);
+            throw new Exception("RA operator private key file not found: ".$this->locationRaKey);
         }
         if (stat($this->locationWebRoot) === FALSE) {
-            throw new Exception("CA website root CA file not found: " . $this->locationWebRoot);
+            throw new Exception("CA website root CA file not found: ".$this->locationWebRoot);
         }
     }
 
@@ -136,26 +136,26 @@ 
                 throw new Exception("Unexpected policies requested.");
             }
             $altArray = [# Array mit den Subject Alternative Names
-                "email:" . $csr["USERMAIL"]
+                "email:".$csr["USERMAIL"]
             ];
             foreach ($csr["ALTNAMES"] as $oneAltName) {
                 if (!empty($oneAltName) && preg_match('/(?=^.{1,254}$)(^(?:(?!\d|-)[a-z0-9\-]{1,63}(?<!-)\.)+(?:[a-z]{2,})$)/i', $oneAltName) > 0) {
-                    $altArray[] = "DNS:" . $oneAltName;
+                    $altArray[] = "DNS:".$oneAltName;
                 } else {
-                    $altArray[] = "IP:" . $oneAltName;
+                    $altArray[] = "IP:".$oneAltName;
                 }
             }
             $soapPub = $this->initEduPKISoapSession("PUBLIC");
             $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n");
-            $this->loggerInstance->debug(5, "PARAM_1: " . $this->eduPkiRaId . "\n");
-            $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_1: ".$this->eduPkiRaId."\n");
+            $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n");
             $this->loggerInstance->debug(5, "PARAM_3: ");
             $this->loggerInstance->debug(5, $altArray);
-            $this->loggerInstance->debug(5, "PARAM_4: " . $profile . "\n");
-            $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n");
-            $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n");
+            $this->loggerInstance->debug(5, "PARAM_4: ".$profile."\n");
+            $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n");
+            $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n");
             $this->loggerInstance->debug(5, "PARAM_9: false\n");
             
             $soapNewRequest = $soapPub->newRequest(
@@ -185,7 +185,7 @@ 
                 #}\n");
                 return 0;
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
         try {
             $soap = $this->initEduPKISoapSession("RA");
@@ -217,7 +217,7 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext);
+            file_put_contents($tempdir['dir']."/content.txt", $soapCleartext);
             // retrieve our RA cert from filesystem                    
             // the RA certificates are not needed right now because we
             // have resorted to S/MIME signatures with openssl command-line
@@ -229,7 +229,7 @@ 
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(2, "Actual content to be signed is this:\n  $soapCleartext\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . $this->locationRaKey . " -signer " . $this->locationRaCert;
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".$this->locationRaKey." -signer ".$this->locationRaCert;
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline:   $execCmd\n");
             $output = [];
             $return = 999;
@@ -238,21 +238,21 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n");
-            $this->loggerInstance->debug(5, $soapReqnum . "\n");
-            $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending!
-            $this->loggerInstance->debug(5, $detachedSig . "\n");
+            $this->loggerInstance->debug(5, $soapReqnum."\n");
+            $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending!
+            $this->loggerInstance->debug(5, $detachedSig."\n");
             $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig);
-            $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest());
-            $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse());
+            $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest());
+            $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse());
             if ($soapIssueCert === FALSE) {
                 throw new Exception("The locally approved request was NOT processed by the CA.");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return $soapReqnum;
     }
@@ -304,9 +304,9 @@ 
                 throw new Exception("CAInfo has no root certificate for us!");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return [
             "CERT" => openssl_x509_read($parsedCert['pem']),
@@ -339,12 +339,12 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest);
+            file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest);
             // retrieve our RA cert from filesystem
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n");
-        $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . $this->locationRaKey . " -signer " . $this->locationRaCert;
+        $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".$this->locationRaKey." -signer ".$this->locationRaCert;
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n");
             $output = [];
             $return = 999;
@@ -353,7 +353,7 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig);
             if ($soapIssueRev === FALSE) {
                 throw new Exception("The locally approved revocation request was NOT processed by the CA.");
@@ -361,9 +361,9 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n");
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
     }
 
@@ -465,9 +465,9 @@ 
      */
     public function soapToXmlInteger($x)
     {
-        return '<' . $x[0] . '>'
+        return '<'.$x[0].'>'
                 . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1)
-                . '</' . $x[0] . '>';
+                . '</'.$x[0].'>';
     }
 
     /**
@@ -486,9 +486,9 @@ 
         // dump private key into directory
         $outstring = "";
         openssl_pkey_export($privateKey, $outstring);
-        file_put_contents($tempdir . "/pkey.pem", $outstring);
+        file_put_contents($tempdir."/pkey.pem", $outstring);
         // PHP can only do one DC in the Subject. But we need three.
-        $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username";
+        $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username";
         $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;

core/ExternalEduroamDBData.php

Spacing +9 added lines, -9 removed lines

@@ -142,7 +142,7 @@ 
             return $this->counter;
         }
 
-        $cachedNumber = @file_get_contents(ROOT . "/var/tmp/cachedSPNumber.serialised");
+        $cachedNumber = @file_get_contents(ROOT."/var/tmp/cachedSPNumber.serialised");
         if ($cachedNumber !== FALSE) {
             $numberData = unserialize($cachedNumber);
             $now = new \DateTime();
@@ -155,7 +155,7 @@ 
         } else { // data in cache is too old or doesn't exist. We really need to ask the database
             $list = $this->listAllServiceProviders();
             $this->counter = count($list);
-            file_put_contents(ROOT . "/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()]));
+            file_put_contents(ROOT."/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()]));
             return $this->counter;
         }
     }
@@ -246,7 +246,7 @@ 
         $returnarray = [];
         $query = "SELECT instid AS id, country, inst_realm as realmlist, name AS collapsed_name, contact AS collapsed_contact, type FROM view_active_institution WHERE country = ?";
         if ($eduroamDbType !== NULL) {
-            $query .= " AND ( type = '" . ExternalEduroamDBData::TYPE_IDPSP . "' OR type = '" . $eduroamDbType . "')";
+            $query .= " AND ( type = '".ExternalEduroamDBData::TYPE_IDPSP."' OR type = '".$eduroamDbType."')";
         }
         $externals = $this->db->exec($query, "s", $tld);
         // was a SELECT query, so a resource and not a boolean
@@ -305,7 +305,7 @@ 
      * @return array
      */
     
-    public function listExternalEntitiesByUserEmail($userEmail){
+    public function listExternalEntitiesByUserEmail($userEmail) {
         $out = [];
         $cat = $this->localDb->dbName;
         $query = "SELECT DISTINCT view_institution_admins.instid, $cat.institution.inst_id,
@@ -320,10 +320,10 @@ 
             WHERE view_active_institution.type != 2 AND view_institution_admins.email= ?";
         $externals = $this->db->exec($query, 's', $userEmail);
         while ($row = $externals->fetch_array()) {
-            $external_db_id =  $row[0]; // identifier in eduroam DB
+            $external_db_id = $row[0]; // identifier in eduroam DB
             $inst_id = $row[1]; // identifier in CAT - possibly NULL
             $country = $row[2]; // country
-            $name = $row[3];  // institution name from eduroam DB
+            $name = $row[3]; // institution name from eduroam DB
             $realm = $row[4]; // realms from eduroam DB
             $type = $row[5]; // institution type from eduroam DB
             if (!isset($out[$country])) {
@@ -404,19 +404,19 @@ 
      * 
      * @return array
      */
-    public function listExternalTlsServersInstitution($tld, $include_not_ready=FALSE) {
+    public function listExternalTlsServersInstitution($tld, $include_not_ready = FALSE) {
         $retval = [];
         // this includes servers of type "staging", which is fine
         $query = "SELECT ROid, instid, type, inst_name, servers, contacts, ts FROM view_tls_inst WHERE country = ?";
         if (!$include_not_ready) {
-            $query = $query . " AND servers IS NOT NULL AND contacts IS NOT NULL";
+            $query = $query." AND servers IS NOT NULL AND contacts IS NOT NULL";
         }
         $instServerTransaction = $this->db->exec($query, "s", $tld);
         while ($instServerResponses = mysqli_fetch_object(/** @scrutinizer ignore-type */ $instServerTransaction)) {
             $contactList = $this::dissectCollapsedContacts($instServerResponses->contacts);
             $names = $this->splitNames($instServerResponses->inst_name);
             $thelanguage = $names[$this->languageInstance->getLang()] ?? $names["en"] ?? array_shift($names);
-            $retval[$instServerResponses->ROid . "-". $instServerResponses->instid] = [
+            $retval[$instServerResponses->ROid."-".$instServerResponses->instid] = [
                 "names" => $names,
                 "name" => $thelanguage,
                 "type" => array_search($instServerResponses->type, self::TYPE_MAPPING),

core/UserManagement.php

Spacing +8 added lines, -8 removed lines

@@ -160,7 +160,7 @@ 
                 } else {
                     $this->databaseHandle->exec("INSERT INTO ownership (user_id, institution_id, blesslevel, orig_mail) VALUES(?, ?, ?, ?)", "siss", $owner, $catId, $level, $destMail);
                 }
-                common\Logging::writeAudit_s((string) $owner, "OWN", "IdP " . $invitationDetails['cat_institution_id'] . " - added user as owner");
+                common\Logging::writeAudit_s((string) $owner, "OWN", "IdP ".$invitationDetails['cat_institution_id']." - added user as owner");
                 common\Entity::outOfThePotatoes();
                 return new IdP($invitationDetails['cat_institution_id']);
             }
@@ -174,7 +174,7 @@ 
                 $idp = new IdP($fed->newIdP('TOKEN', $invitationDetails['invite_fortype'], $owner, $invitationDetails['invite_issuer_level'], $invitationDetails['invite_dest_mail'], $bestnameguess));
                 $idp->addAttribute("general:instname", 'C', $bestnameguess);
             }
-            common\Logging::writeAudit_s($owner, "NEW", "IdP " . $idp->identifier . " - created from invitation");
+            common\Logging::writeAudit_s($owner, "NEW", "IdP ".$idp->identifier." - created from invitation");
 
             // in case we have more admins in the queue which were invited to 
             // administer the same inst but haven't redeemed their invitations 
@@ -188,7 +188,7 @@ 
                              WHERE invite_created >= TIMESTAMPADD(DAY, -1, NOW()) AND used = 0 AND name = ? AND country = ? AND ( cat_institution_id IS NULL OR external_db_uniquehandle IS NULL ) ", "ss", $invitationDetails['name'], $invitationDetails['country']);
             // SELECT -> resource, no boolean
             while ($pendingDetail = mysqli_fetch_object(/** @scrutinizer ignore-type */ $otherPending)) {
-                $this->databaseHandle->exec("UPDATE invitations SET cat_institution_id = " . $idp->identifier . " WHERE id = " . $pendingDetail->id);
+                $this->databaseHandle->exec("UPDATE invitations SET cat_institution_id = ".$idp->identifier." WHERE id = ".$pendingDetail->id);
             }
             common\Entity::outOfThePotatoes();
             return $idp;
@@ -213,7 +213,7 @@ 
             'invite_dest_mail' => $_SESSION['auth_email'],
         ];
         $idp = $this->newIdPFromExternal($extId, $fed, $invitationDetails, $owner, $externalinfo);
-        common\Logging::writeAudit_s($owner, "NEW", "IdP " . $idp->identifier . " - created from auto-registration of $extId");
+        common\Logging::writeAudit_s($owner, "NEW", "IdP ".$idp->identifier." - created from auto-registration of $extId");
         return $idp;
     }
     
@@ -335,9 +335,9 @@ 
         $retval = [];
         $invitations = $this->databaseHandle->exec("SELECT cat_institution_id, country, name, invite_issuer_level, invite_dest_mail, invite_token , TIMESTAMPADD(DAY, 1, invite_created) as expiry
                                         FROM invitations 
-                                        WHERE cat_institution_id " . ( $idpIdentifier != 0 ? "= $idpIdentifier" : "IS NULL") . " AND invite_created >= TIMESTAMPADD(DAY, -1, NOW()) AND used = 0");
+                                        WHERE cat_institution_id " . ($idpIdentifier != 0 ? "= $idpIdentifier" : "IS NULL")." AND invite_created >= TIMESTAMPADD(DAY, -1, NOW()) AND used = 0");
         // SELECT -> resource, not boolean
-        common\Logging::debug_s(4, "Retrieving pending invitations for " . ($idpIdentifier != 0 ? "IdP $idpIdentifier" : "IdPs awaiting initial creation" ) . ".\n");
+        common\Logging::debug_s(4, "Retrieving pending invitations for ".($idpIdentifier != 0 ? "IdP $idpIdentifier" : "IdPs awaiting initial creation").".\n");
         while ($invitationQuery = mysqli_fetch_object(/** @scrutinizer ignore-type */ $invitations)) {
             $retval[] = ["country" => $invitationQuery->country, "name" => $invitationQuery->name, "mail" => $invitationQuery->invite_dest_mail, "token" => $invitationQuery->invite_token, "expiry" => $invitationQuery->expiry];
         }
@@ -409,7 +409,7 @@ 
         // these require no further checking
         foreach ($extInstListTmp as $country => $extInstCountryList) {
             $len = count($extInstCountryList);
-            for($i = 0; $i < $len; ++$i) {
+            for ($i = 0; $i < $len; ++$i) {
                 $extInst = $extInstCountryList[$i];
                 if ($extInst['inst_id'] != NULL && in_array($extInst['inst_id'], $this->currentInstitutions['existing'])) {
                     unset($extInstList[$country][$i]);
@@ -500,7 +500,7 @@ 
             $names = $disectedNames['joint'];
             $realms = ExternalEduroamDBData::dissectCollapsedInstitutionRealms($extInst['realm']);
             $foundMatch = $this->checkForSimilarInstitutions($names, $realms);
-            common\Logging::debug_s(4, $foundMatch, "checkForSimilarInstitutions returned: ","\n");
+            common\Logging::debug_s(4, $foundMatch, "checkForSimilarInstitutions returned: ", "\n");
             if ($foundMatch == 0) {
                 $this->currentInstitutions['new'][] = [$extInst['external_db_id'], $disectedNames['perlang'], $country];
             }

core/Federation.php

Indentation +4 added lines, -4 removed lines

@@ -367,7 +367,7 @@ 
         if (\config\Master::MAILSETTINGS['notify_nro']) {
             foreach ($admins as $id) {
                 $user = new User($id);
-                 /// organisation
+                    /// organisation
                 $retval = $user->sendMailToUser(sprintf(_("%s in your federation was created"), common\Entity::$nomenclature_participant), $message);
                 if ($retval === FALSE) {
                     $this->loggerInstance->debug(2, "Mail to federation admin was NOT sent!\n");
@@ -434,7 +434,7 @@ 
         $newReq = new CertificationAuthorityEduPkiServer();
         $reqserial = $newReq->sendRequestToCa($csr, $revocationPin, $expiryDays);
         if ($reqserial > 0) {
-             $this->loggerInstance->writeAudit($user, "NEW", "Certificate request - NRO: ".$this->tld." - serial: ".$reqserial." - subject: ".$csr['SUBJECT']);
+                $this->loggerInstance->writeAudit($user, "NEW", "Certificate request - NRO: ".$this->tld." - serial: ".$reqserial." - subject: ".$csr['SUBJECT']);
             $reqQuery = "INSERT INTO federation_servercerts "
                 ."(federation_id, ca_name, request_serial, distinguished_name, status, revocation_pin) "
                 ."VALUES (?, 'eduPKI', ?, ?, 'REQUESTED', ?)";
@@ -494,7 +494,7 @@ 
         $result = $this->databaseHandle->exec($query);
         $rows = $result->fetch_all();
         foreach ($rows as $row) {
-           $activeProfiles[] = $row[0];
+            $activeProfiles[] = $row[0];
         }
         $query = "SELECT institution.inst_id AS inst_id, profile.profile_id AS profile_id, profile_option.option_value AS cert FROM profile_option JOIN profile ON profile_option.profile_id=profile.profile_id JOIN institution ON profile.inst_id=institution.inst_id WHERE profile_option.option_name='eap:ca_file' and institution.country='".$this->tld."'";        
         $result = $this->databaseHandle->exec($query);
@@ -579,7 +579,7 @@ 
                 'country' => strtoupper($idp->federation),
                 'instance' => $idp,
                 'realms' => $idpQuery->realms]
-                 ;
+                    ;
             $returnarray[$idp->identifier] = $idpInfo;
         }
         if ($activeOnly != 0) { // we're only doing this once.

core/common/Logging.php

Indentation +11 added lines, -11 removed lines

@@ -159,17 +159,17 @@
         }
     }
     
-     /**
-     * Writes an audit log entry to the audit log file - static version. These audits are semantic logs; they don't record every single modification
-     * in the database, but provide a logical "who did what" overview. The exact modification SQL statements are logged
-     * automatically with writeSQLAudit() instead. The log file path is configurable in _config.php.
-     * 
-     * @param string $user     persistent identifier of the user who triggered the action
-     * @param string $category type of modification, from the fixed vocabulary: "NEW", "OWN", "MOD", "DEL"
-     * @param string $message  message to log into the audit log
-     * @return boolean TRUE if successful. Will terminate script execution on failure. 
-     * @throws Exception
-     */
+        /**
+         * Writes an audit log entry to the audit log file - static version. These audits are semantic logs; they don't record every single modification
+         * in the database, but provide a logical "who did what" overview. The exact modification SQL statements are logged
+         * automatically with writeSQLAudit() instead. The log file path is configurable in _config.php.
+         * 
+         * @param string $user     persistent identifier of the user who triggered the action
+         * @param string $category type of modification, from the fixed vocabulary: "NEW", "OWN", "MOD", "DEL"
+         * @param string $message  message to log into the audit log
+         * @return boolean TRUE if successful. Will terminate script execution on failure. 
+         * @throws Exception
+         */
     public static function writeAudit_s($user, $category, $message)
     {
         switch ($category) {

Spacing +8 added lines, -8 removed lines

@@ -49,7 +49,7 @@ 
      */
     private function writeToFile($filename, $message)
     {
-        file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND);
+        file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND);
     }
 
     /**
@@ -61,7 +61,7 @@ 
      */
     private static function writeToFile_s($filename, $message)
     {
-        file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND);
+        file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND);
     }
     
     /**
@@ -89,9 +89,9 @@ 
             $output .= " [$file / $function / $line] ";
         }
         if (is_string($stuff)) {
-            $output .= $prefix . $stuff . $suffix;
+            $output .= $prefix.$stuff.$suffix;
         } else {
-            $output .= $prefix . var_export($stuff, TRUE) . $suffix;
+            $output .= $prefix.var_export($stuff, TRUE).$suffix;
         }
         $this->writeToFile("debug.log", $output);
 
@@ -123,9 +123,9 @@ 
             $output .= " [$file / $function / $line] ";
         }
         if (is_string($stuff)) {
-            $output .= $prefix . $stuff . $suffix;
+            $output .= $prefix.$stuff.$suffix;
         } else {
-            $output .= $prefix . var_export($stuff, TRUE) . $suffix;
+            $output .= $prefix.var_export($stuff, TRUE).$suffix;
         }
         self::writeToFile_s("debug.log", $output);
         return;
@@ -201,7 +201,7 @@ 
         $logTextStep1 = preg_replace("/[\n\r]/", "", $query);
         $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1);
         $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2);
-        $this->writeToFile("audit-SQL.log", " " . $logTextStep3 . "\n");
+        $this->writeToFile("audit-SQL.log", " ".$logTextStep3."\n");
     }
     
     
@@ -219,6 +219,6 @@ 
         $logTextStep1 = preg_replace("/[\n\r]/", "", $query);
         $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1);
         $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2);
-        self::writeToFile_s("audit-SQL.log", " " . $logTextStep3 . "\n");
+        self::writeToFile_s("audit-SQL.log", " ".$logTextStep3."\n");
     }
 }
\ No newline at end of file

core/User.php

Spacing +11 added lines, -11 removed lines

@@ -173,8 +173,8 @@ 
             return false;
         }
         $entityId = $matches[1];
-        $url = \config\Diagnostics::EDUGAINRESOLVER['url'] . "?action=get_entity_name&type=idp&opt=2&e_id=$entityId";
-        \core\common\Logging::debug_s(4, $url, "URL: ","\n");
+        $url = \config\Diagnostics::EDUGAINRESOLVER['url']."?action=get_entity_name&type=idp&opt=2&e_id=$entityId";
+        \core\common\Logging::debug_s(4, $url, "URL: ", "\n");
         $ch = curl_init($url);
         if ($ch === false) {
             $loggerInstance->debug(2, "Unable ask eduGAIN about IdP - CURL init failed!");
@@ -200,10 +200,10 @@ 
             return false;            
         }
         if ($responseDetails['name'] === null) {
-            \core\common\Logging::debug_s(4,"User not in eduGAIN\n");
+            \core\common\Logging::debug_s(4, "User not in eduGAIN\n");
             return false;            
         }
-        \core\common\Logging::debug_s(4,"User in eduGAIN\n");
+        \core\common\Logging::debug_s(4, "User in eduGAIN\n");
         $_SESSION['eduGAIN'] = $responseDetails['regauth'];
         return true;
     }
@@ -243,7 +243,7 @@ 
      * @return boolean did it work?
      */
     public static function sendMailToCATadmins($subject, $content) {
-        if (!isset(\config\Master::APPEARANCE['cat-admin-mail']) ||  \config\Master::APPEARANCE['cat-admin-mail'] === []) {
+        if (!isset(\config\Master::APPEARANCE['cat-admin-mail']) || \config\Master::APPEARANCE['cat-admin-mail'] === []) {
             return;
         }
         foreach (\config\Master::APPEARANCE['cat-admin-mail'] as $mailaddr) {
@@ -266,8 +266,8 @@ 
         common\Entity::intoThePotatoes();
         $mail = \core\common\OutsideComm::mailHandle();
 // who to whom?
-        $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System";
-        $mail->addReplyTo(\config\Master::APPEARANCE['support-contact']['developer-mail'], \config\Master::APPEARANCE['productname'] . " " . _("Feedback"));
+        $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System";
+        $mail->addReplyTo(\config\Master::APPEARANCE['support-contact']['developer-mail'], \config\Master::APPEARANCE['productname']." "._("Feedback"));
         $mail->addAddress($mailaddr);
 // what do we want to say?
         $mail->Subject = $subject;
@@ -333,7 +333,7 @@ 
                 }
                 $lookFor .= "$name";
             }
-            $finding = preg_match("/^(" . $lookFor . "):(.*)/", $oneRow->user_id, $matches);
+            $finding = preg_match("/^(".$lookFor."):(.*)/", $oneRow->user_id, $matches);
             if ($finding === 0 || $finding === false) {
                 return false;
             }
@@ -352,7 +352,7 @@ 
                         $matchedProviders[] = $idp;
                         $name = $idp;
                         if ($skipCurl == 0) {
-                            $url = \config\Diagnostics::EDUGAINRESOLVER['url'] . "?action=get_entity_name&type=idp&e_id=$idp&lang=$lang";
+                            $url = \config\Diagnostics::EDUGAINRESOLVER['url']."?action=get_entity_name&type=idp&e_id=$idp&lang=$lang";
                             $ch = curl_init($url);
                             if ($ch === false) {
                                 $loggerInstance->debug(2, "Unable ask eduGAIN about IdP - CURL init failed!");
@@ -377,7 +377,7 @@ 
                             }
                             curl_close($ch);
                         }
-                        $listOfProviders[] = User::PROVIDER_STRINGS[$providerStrings[0]] . " - IdP: " . $name;
+                        $listOfProviders[] = User::PROVIDER_STRINGS[$providerStrings[0]]." - IdP: ".$name;
                     }
                     break;
                 case $providerStrings[2]:
@@ -393,7 +393,7 @@ 
                     return false;
             }
         }
-        \core\common\Logging::debug_s(4,$listOfProviders, "PROVIDERS:\n", "\n");
+        \core\common\Logging::debug_s(4, $listOfProviders, "PROVIDERS:\n", "\n");
         return $listOfProviders;
     }
 }
\ No newline at end of file

core/CertificationAuthorityEduPki.php

Spacing +38 added lines, -38 removed lines

@@ -17,9 +17,9 @@ 
 class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
-    private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
-    private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
+    private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
+    private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
+    private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
     private const EDUPKI_RA_ID = 700;
     private const EDUPKI_CERT_PROFILE = "User SOAP";
     private const EDUPKI_RA_PKEY_PASSPHRASE = "...";
@@ -35,13 +35,13 @@ 
         parent::__construct();
 
         if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) {
-            throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT);
+            throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT);
         }
         if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) {
-            throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY);
+            throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY);
         }
         if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) {
-            throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT);
+            throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT);
         }
     }
 
@@ -75,19 +75,19 @@ 
         // initialise connection to eduPKI CA / eduroam RA and send the request to them
         try {
             $altArray = [# Array mit den Subject Alternative Names
-                "email:" . $csr["USERNAME"]
+                "email:".$csr["USERNAME"]
             ];
             $soapPub = $this->initEduPKISoapSession("PUBLIC");
             $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n");
-            $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n");
-            $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n");
+            $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n");
             $this->loggerInstance->debug(5, "PARAM_3: ");
             $this->loggerInstance->debug(5, $altArray);
-            $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n");
-            $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n");
-            $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n");
+            $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n");
+            $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n");
             $this->loggerInstance->debug(5, "PARAM_9: false\n");
             $soapNewRequest = $soapPub->newRequest(
                     CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID
@@ -109,11 +109,11 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}:  {
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}:  {
                     $e->faultstring
                 }\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
         try {
             $soap = $this->initEduPKISoapSession("RA");
@@ -125,8 +125,8 @@ 
                     $soapReqnum, [
                 "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID,
                 "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE,
-                "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'],
-                "SubjectAltNames" => ["email:" . $csr["USERNAME"]],
+                "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'],
+                "SubjectAltNames" => ["email:".$csr["USERNAME"]],
                 "NotBefore" => (new \DateTime())->format('c'),
                 "NotAfter" => $expiry->format('c'),
                     ]
@@ -145,7 +145,7 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext);
+            file_put_contents($tempdir['dir']."/content.txt", $soapCleartext);
             // retrieve our RA cert from filesystem                    
             // the RA certificates are not needed right now because we
             // have resorted to S/MIME signatures with openssl command-line
@@ -157,7 +157,7 @@ 
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n  $soapCleartext\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline:   $execCmd\n");
             $output = [];
             $return = 999;
@@ -166,14 +166,14 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n");
-            $this->loggerInstance->debug(5, $soapReqnum . "\n");
-            $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending!
-            $this->loggerInstance->debug(5, $detachedSig . "\n");
+            $this->loggerInstance->debug(5, $soapReqnum."\n");
+            $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending!
+            $this->loggerInstance->debug(5, $detachedSig."\n");
             $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig);
-            $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest());
-            $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse());
+            $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest());
+            $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse());
             if ($soapIssueCert === FALSE) {
                 throw new Exception("The locally approved request was NOT processed by the CA.");
             }
@@ -210,9 +210,9 @@ 
                 throw new Exception("CAInfo has no root certificate for us!");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return [
             "CERT" => openssl_x509_read($parsedCert['pem']),
@@ -245,12 +245,12 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest);
+            file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest);
             // retrieve our RA cert from filesystem
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT;
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT;
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n");
             $output = [];
             $return = 999;
@@ -259,7 +259,7 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig);
             if ($soapIssueRev === FALSE) {
                 throw new Exception("The locally approved revocation request was NOT processed by the CA.");
@@ -267,9 +267,9 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n");
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
     }
 
@@ -289,7 +289,7 @@ 
             'http' => [
                 'timeout' => 60,
                 'user_agent' => 'Stefan',
-                'header'=> array( "Accept-language: en" ),
+                'header'=> array("Accept-language: en"),
                 'protocol_version' => 1.1
             ],
             'ssl' => [
@@ -370,9 +370,9 @@ 
      */
     public function soapToXmlInteger($x)
     {
-        return '<' . $x[0] . '>'
+        return '<'.$x[0].'>'
                 . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1)
-                . '</' . $x[0] . '>';
+                . '</'.$x[0].'>';
     }
 
     /**
@@ -391,9 +391,9 @@ 
         // dump private key into directory
         $outstring = "";
         openssl_pkey_export($privateKey, $outstring);
-        file_put_contents($tempdir . "/pkey.pem", $outstring);
+        file_put_contents($tempdir."/pkey.pem", $outstring);
         // PHP can only do one DC in the Subject. But we need three.
-        $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username";
+        $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username";
         $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;