GEANT /
CAT
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | * <base_url>/copyright.php after deploying the software |
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $loggerInstance = new \core\common\Logging(); |
@@ -33,15 +33,15 @@ discard block |
||
| 33 | 33 | $myInstOriginal = $validator->existingIdP($_GET['inst_id'], $_SESSION['user']); |
| 34 | 34 | $instId = $myInstOriginal->identifier; |
| 35 | 35 | |
| 36 | -$hello = _("To whom it may concern,") . "\n\n"; |
|
| 37 | -$bye = _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.") . "\n\n" . |
|
| 38 | - _("Greetings, ") . "\n\n" . |
|
| 36 | +$hello = _("To whom it may concern,")."\n\n"; |
|
| 37 | +$bye = _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.")."\n\n". |
|
| 38 | + _("Greetings, ")."\n\n". |
|
| 39 | 39 | \config\Master::APPEARANCE['productname_long']; |
| 40 | 40 | |
| 41 | 41 | switch ($_POST['submitbutton']) { |
| 42 | 42 | case web\lib\common\FormElements::BUTTON_DELETE: |
| 43 | 43 | $myInstOriginal->destroy(); |
| 44 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP " . $instId); |
|
| 44 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP ".$instId); |
|
| 45 | 45 | header("Location: overview_user.php"); |
| 46 | 46 | exit; |
| 47 | 47 | case web\lib\common\FormElements::BUTTON_FLUSH_AND_RESTART: |
@@ -51,9 +51,9 @@ discard block |
||
| 51 | 51 | } |
| 52 | 52 | // flush all IdP attributes and send user to creation wizard |
| 53 | 53 | $myInstOriginal->flushAttributes(); |
| 54 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP starting over" . $instId); |
|
| 55 | - $text = $hello . |
|
| 56 | - sprintf(_("the %s %s / %s / (previously known as) '%s' has deleted all properties and is starting over freshly. This means that its not recognisable by its name any more, and it may assume a different name in the future. You will get another mail if and when the name change happens."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name) . "\n\n" . |
|
| 54 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP starting over".$instId); |
|
| 55 | + $text = $hello. |
|
| 56 | + sprintf(_("the %s %s / %s / (previously known as) '%s' has deleted all properties and is starting over freshly. This means that its not recognisable by its name any more, and it may assume a different name in the future. You will get another mail if and when the name change happens."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name)."\n\n". |
|
| 57 | 57 | $bye; |
| 58 | 58 | $fed = new core\Federation($myInstOriginal->federation); |
| 59 | 59 | foreach ($fed->listFederationAdmins() as $id) { |
@@ -72,19 +72,19 @@ discard block |
||
| 72 | 72 | exit(0); |
| 73 | 73 | } |
| 74 | 74 | $inst_name = $myInstOriginal->name; |
| 75 | - echo "<h1>" . sprintf(_("Submitted attributes for IdP '%s'"), $inst_name) . "</h1>"; |
|
| 75 | + echo "<h1>".sprintf(_("Submitted attributes for IdP '%s'"), $inst_name)."</h1>"; |
|
| 76 | 76 | echo "<table>"; |
| 77 | 77 | echo $optionParser->processSubmittedFields($myInstOriginal, $_POST, $_FILES); |
| 78 | 78 | echo "</table>"; |
| 79 | 79 | // delete cached logo, if present |
| 80 | - $dir = ROOT . '/web/downloads/logos/'; |
|
| 81 | - $globResult = glob($dir . $myInstOriginal->identifier . "_*.png"); |
|
| 80 | + $dir = ROOT.'/web/downloads/logos/'; |
|
| 81 | + $globResult = glob($dir.$myInstOriginal->identifier."_*.png"); |
|
| 82 | 82 | if ($globResult === FALSE) { // we should catch the improbable error condition |
| 83 | 83 | $globResult = []; |
| 84 | 84 | } |
| 85 | 85 | array_map('unlink', $globResult); |
| 86 | 86 | $loggerInstance->debug(4, "UNLINK from $dir\n"); |
| 87 | - $loggerInstance->writeAudit($_SESSION['user'], "MOD", "IdP " . $myInstOriginal->identifier . " - attributes changed"); |
|
| 87 | + $loggerInstance->writeAudit($_SESSION['user'], "MOD", "IdP ".$myInstOriginal->identifier." - attributes changed"); |
|
| 88 | 88 | |
| 89 | 89 | // re-instantiate ourselves... profiles need fresh data |
| 90 | 90 | $myInstReinstantiated = $validator->existingIdP($_GET['inst_id'], $_SESSION['user']); |
@@ -93,10 +93,10 @@ discard block |
||
| 93 | 93 | if (count($significantChanges) > 0) { |
| 94 | 94 | // send a notification/alert mail to someone we know is in charge |
| 95 | 95 | /// were made to the *Identity Provider* *LU* / integer number of IdP / (previously known as) Name |
| 96 | - $text = $hello . sprintf(_("significant changes were made to the %s %s / %s / (previously known as) '%s'."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name) . "\n\n"; |
|
| 96 | + $text = $hello.sprintf(_("significant changes were made to the %s %s / %s / (previously known as) '%s'."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name)."\n\n"; |
|
| 97 | 97 | if (isset($significantChanges[\core\IdP::INSTNAME_CHANGED])) { |
| 98 | - $text .= sprintf(_("The %s has changed its name. The details are below:"), $ui->nomenclatureInst) . "\n\n"; |
|
| 99 | - $text .= $significantChanges[\core\IdP::INSTNAME_CHANGED] . "\n\n"; |
|
| 98 | + $text .= sprintf(_("The %s has changed its name. The details are below:"), $ui->nomenclatureInst)."\n\n"; |
|
| 99 | + $text .= $significantChanges[\core\IdP::INSTNAME_CHANGED]."\n\n"; |
|
| 100 | 100 | } |
| 101 | 101 | $text .= $bye; |
| 102 | 102 | // (currently, send hard-wired to NRO - future: for linked insts, check eduroam DBv2 and send to registered admins directly) |
@@ -112,12 +112,12 @@ discard block |
||
| 112 | 112 | |
| 113 | 113 | if (isset(\config\ConfAssistant::CONSORTIUM['ssid']) && count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0) { |
| 114 | 114 | foreach (\config\ConfAssistant::CONSORTIUM['ssid'] as $ssidname) { |
| 115 | - $ssids[] = $ssidname . " " . _("(WPA2/AES)"); |
|
| 115 | + $ssids[] = $ssidname." "._("(WPA2/AES)"); |
|
| 116 | 116 | } |
| 117 | 117 | } |
| 118 | 118 | |
| 119 | 119 | foreach ($myInstReinstantiated->getAttributes("media:SSID") as $ssidname) { |
| 120 | - $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES)"); |
|
| 120 | + $ssids[] = $ssidname['value']." "._("(WPA2/AES)"); |
|
| 121 | 121 | } |
| 122 | 122 | |
| 123 | 123 | echo "<table>"; |
@@ -125,7 +125,7 @@ discard block |
||
| 125 | 125 | if (count($ssids) > 0) { |
| 126 | 126 | $printedlist = ""; |
| 127 | 127 | foreach ($ssids as $names) { |
| 128 | - $printedlist = $printedlist . "$names "; |
|
| 128 | + $printedlist = $printedlist."$names "; |
|
| 129 | 129 | } |
| 130 | 130 | echo $uiElements->boxOkay(sprintf(_("Your installers will configure the following SSIDs: <strong>%s</strong>"), $printedlist), _("SSIDs configured")); |
| 131 | 131 | } |
@@ -153,7 +153,7 @@ discard block |
||
| 153 | 153 | // did we get an email address? then, show the silverbullet jumpstart button |
| 154 | 154 | // otherwise, issue a smartass comment |
| 155 | 155 | if (count($myInstReinstantiated->getAttributes("support:email")) > 0) { |
| 156 | - echo "<form method='post' action='edit_silverbullet.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>" . sprintf(_("Continue to %s properties"), \core\ProfileSilverbullet::PRODUCTNAME) . "</button></form>"; |
|
| 156 | + echo "<form method='post' action='edit_silverbullet.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>".sprintf(_("Continue to %s properties"), \core\ProfileSilverbullet::PRODUCTNAME)."</button></form>"; |
|
| 157 | 157 | } else { |
| 158 | 158 | echo "<table>"; |
| 159 | 159 | echo $uiElements->boxError(sprintf(_("You did not submit an e-mail address. This is required for %s. Please go to the %s dashboard and edit your helpdesk settings to include a helpdesk e-mail address."), core\ProfileSilverbullet::PRODUCTNAME, $ui->nomenclatureInst), _("No support e-mail!")); |
@@ -161,10 +161,10 @@ discard block |
||
| 161 | 161 | } |
| 162 | 162 | } |
| 163 | 163 | if (\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_RADIUS'] == "LOCAL") { |
| 164 | - echo "<br/><form method='post' action='edit_profile.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>" . _("Continue to RADIUS/EAP profile definition") . "</button></form>"; |
|
| 164 | + echo "<br/><form method='post' action='edit_profile.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>"._("Continue to RADIUS/EAP profile definition")."</button></form>"; |
|
| 165 | 165 | } |
| 166 | 166 | } |
| 167 | - echo "<br/><form method='post' action='overview_user.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>" . _("Continue to dashboard") . "</button></form>"; |
|
| 167 | + echo "<br/><form method='post' action='overview_user.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'><button type='submit'>"._("Continue to dashboard")."</button></form>"; |
|
| 168 | 168 | |
| 169 | 169 | break; |
| 170 | 170 | default: |
@@ -82,7 +82,7 @@ discard block |
||
| 82 | 82 | $mail->WordWrap = 72; |
| 83 | 83 | $mail->isHTML(FALSE); |
| 84 | 84 | $mail->CharSet = 'UTF-8'; |
| 85 | - $configuredFrom = \config\Master::APPEARANCE['from-mail'] . ""; |
|
| 85 | + $configuredFrom = \config\Master::APPEARANCE['from-mail'].""; |
|
| 86 | 86 | $mail->From = $configuredFrom; |
| 87 | 87 | // are we fancy? i.e. S/MIME signing? |
| 88 | 88 | if (isset(\config\Master::MAILSETTINGS['certfilename'], \config\Master::MAILSETTINGS['keyfilename'], \config\Master::MAILSETTINGS['keypass'])) { |
@@ -123,7 +123,7 @@ discard block |
||
| 123 | 123 | $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no MX."); |
| 124 | 124 | return OutsideComm::MAILDOMAIN_NO_MX; |
| 125 | 125 | } |
| 126 | - $loggerInstance->debug(5, "Domain: $domain MX: " . /** @scrutinizer ignore-type */ print_r($mx, TRUE)); |
|
| 126 | + $loggerInstance->debug(5, "Domain: $domain MX: "./** @scrutinizer ignore-type */ print_r($mx, TRUE)); |
|
| 127 | 127 | // create a pool of A and AAAA records for all the MXes |
| 128 | 128 | $ipAddrs = []; |
| 129 | 129 | foreach ($mx as $onemx) { |
@@ -133,14 +133,14 @@ discard block |
||
| 133 | 133 | $ipAddrs[] = $oneipv4['ip']; |
| 134 | 134 | } |
| 135 | 135 | foreach ($v6list as $oneipv6) { |
| 136 | - $ipAddrs[] = "[" . $oneipv6['ipv6'] . "]"; |
|
| 136 | + $ipAddrs[] = "[".$oneipv6['ipv6']."]"; |
|
| 137 | 137 | } |
| 138 | 138 | } |
| 139 | 139 | if (count($ipAddrs) == 0) { |
| 140 | 140 | $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no mailserver hosts."); |
| 141 | 141 | return OutsideComm::MAILDOMAIN_NO_HOST; |
| 142 | 142 | } |
| 143 | - $loggerInstance->debug(5, "Domain: $domain Addrs: " . /** @scrutinizer ignore-type */ print_r($ipAddrs, TRUE)); |
|
| 143 | + $loggerInstance->debug(5, "Domain: $domain Addrs: "./** @scrutinizer ignore-type */ print_r($ipAddrs, TRUE)); |
|
| 144 | 144 | // connect to all hosts. If all can't connect, return MAILDOMAIN_NO_CONNECT. |
| 145 | 145 | // If at least one does not support STARTTLS or one of the hosts doesn't connect |
| 146 | 146 | // , return MAILDOMAIN_NO_STARTTLS (one which we can't connect to we also |
@@ -193,7 +193,7 @@ discard block |
||
| 193 | 193 | switch (\config\ConfAssistant::SMSSETTINGS['provider']) { |
| 194 | 194 | case 'Nexmo': |
| 195 | 195 | // taken from https://docs.nexmo.com/messaging/sms-api |
| 196 | - $url = 'https://rest.nexmo.com/sms/json?' . http_build_query( |
|
| 196 | + $url = 'https://rest.nexmo.com/sms/json?'.http_build_query( |
|
| 197 | 197 | [ |
| 198 | 198 | 'api_key' => \config\ConfAssistant::SMSSETTINGS['username'], |
| 199 | 199 | 'api_secret' => \config\ConfAssistant::SMSSETTINGS['password'], |
@@ -219,14 +219,14 @@ discard block |
||
| 219 | 219 | $loggerInstance->debug(2, 'Problem with SMS invitation: no message was sent!'); |
| 220 | 220 | return OutsideComm::SMS_NOTSENT; |
| 221 | 221 | } |
| 222 | - $loggerInstance->debug(2, 'Total of ' . $messageCount . ' messages were attempted to send.'); |
|
| 222 | + $loggerInstance->debug(2, 'Total of '.$messageCount.' messages were attempted to send.'); |
|
| 223 | 223 | |
| 224 | 224 | $totalFailures = 0; |
| 225 | 225 | foreach ($decoded_response['messages'] as $message) { |
| 226 | 226 | if ($message['status'] == 0) { |
| 227 | - $loggerInstance->debug(2, $message['message-id'] . ": Success"); |
|
| 227 | + $loggerInstance->debug(2, $message['message-id'].": Success"); |
|
| 228 | 228 | } else { |
| 229 | - $loggerInstance->debug(2, $message['message-id'] . ": Failed (failure code = " . $message['status'] . ")"); |
|
| 229 | + $loggerInstance->debug(2, $message['message-id'].": Failed (failure code = ".$message['status'].")"); |
|
| 230 | 230 | $totalFailures++; |
| 231 | 231 | } |
| 232 | 232 | } |
@@ -295,7 +295,7 @@ discard block |
||
| 295 | 295 | $proto = "https://"; |
| 296 | 296 | } |
| 297 | 297 | // then, send out the mail |
| 298 | - $message = _("Hello,") . "\n\n" . wordwrap($introTexts[$introtext] . " " . $validity, 72) . "\n\n"; |
|
| 298 | + $message = _("Hello,")."\n\n".wordwrap($introTexts[$introtext]." ".$validity, 72)."\n\n"; |
|
| 299 | 299 | // default means we don't have a Reply-To. |
| 300 | 300 | $replyToMessage = wordwrap(_("manually. Please do not reply to this mail; this is a send-only address.")); |
| 301 | 301 | |
@@ -303,8 +303,8 @@ discard block |
||
| 303 | 303 | // see if we are supposed to add a custom message |
| 304 | 304 | $customtext = $federation->getAttributes('fed:custominvite'); |
| 305 | 305 | if (count($customtext) > 0) { |
| 306 | - $message .= wordwrap(sprintf(_("Additional message from your %s administrator:"), Entity::$nomenclature_fed), 72) . "\n---------------------------------" . |
|
| 307 | - wordwrap($customtext[0]['value'], 72) . "\n---------------------------------\n\n"; |
|
| 306 | + $message .= wordwrap(sprintf(_("Additional message from your %s administrator:"), Entity::$nomenclature_fed), 72)."\n---------------------------------". |
|
| 307 | + wordwrap($customtext[0]['value'], 72)."\n---------------------------------\n\n"; |
|
| 308 | 308 | } |
| 309 | 309 | // and add Reply-To already now |
| 310 | 310 | foreach ($federation->listFederationAdmins() as $fedadmin_id) { |
@@ -320,19 +320,19 @@ discard block |
||
| 320 | 320 | } |
| 321 | 321 | $productname = \config\Master::APPEARANCE['productname']; |
| 322 | 322 | $consortium = \config\ConfAssistant::CONSORTIUM['display_name']; |
| 323 | - $message .= wordwrap(sprintf(_("To enlist as an administrator for that %s, please click on the following link:"), Entity::$nomenclature_participant), 72) . "\n\n" . |
|
| 324 | - $proto . $_SERVER['SERVER_NAME'] . \config\Master::PATHS['cat_base_url'] . "admin/action_enrollment.php?token=$newtoken\n\n" . |
|
| 325 | - wordwrap(sprintf(_("If clicking the link doesn't work, you can also go to the %s Administrator Interface at"), $productname), 72) . "\n\n" . |
|
| 326 | - $proto . $_SERVER['SERVER_NAME'] . \config\Master::PATHS['cat_base_url'] . "admin/\n\n" . |
|
| 327 | - _("and enter the invitation token") . "\n\n" . |
|
| 328 | - $newtoken . "\n\n$replyToMessage\n\n" . |
|
| 329 | - wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72) . "\n\n" . |
|
| 330 | - wordwrap(sprintf(_("We wish you a lot of fun with the %s."), $productname), 72) . "\n\n" . |
|
| 323 | + $message .= wordwrap(sprintf(_("To enlist as an administrator for that %s, please click on the following link:"), Entity::$nomenclature_participant), 72)."\n\n". |
|
| 324 | + $proto.$_SERVER['SERVER_NAME'].\config\Master::PATHS['cat_base_url']."admin/action_enrollment.php?token=$newtoken\n\n". |
|
| 325 | + wordwrap(sprintf(_("If clicking the link doesn't work, you can also go to the %s Administrator Interface at"), $productname), 72)."\n\n". |
|
| 326 | + $proto.$_SERVER['SERVER_NAME'].\config\Master::PATHS['cat_base_url']."admin/\n\n". |
|
| 327 | + _("and enter the invitation token")."\n\n". |
|
| 328 | + $newtoken."\n\n$replyToMessage\n\n". |
|
| 329 | + wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72)."\n\n". |
|
| 330 | + wordwrap(sprintf(_("We wish you a lot of fun with the %s."), $productname), 72)."\n\n". |
|
| 331 | 331 | sprintf(_("Sincerely,\n\nYour friendly folks from %s Operations"), $consortium); |
| 332 | 332 | |
| 333 | 333 | |
| 334 | 334 | // who to whom? |
| 335 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Invitation System"; |
|
| 335 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Invitation System"; |
|
| 336 | 336 | |
| 337 | 337 | if (isset(\config\Master::APPEARANCE['invitation-bcc-mail']) && \config\Master::APPEARANCE['invitation-bcc-mail'] !== NULL) { |
| 338 | 338 | $mail->addBCC(\config\Master::APPEARANCE['invitation-bcc-mail']); |
@@ -110,7 +110,7 @@ discard block |
||
| 110 | 110 | public function __construct() |
| 111 | 111 | { |
| 112 | 112 | $this->loggerInstance = new Logging(); |
| 113 | - $this->loggerInstance->debug(3, "--- BEGIN constructing class " . get_class($this) . " .\n"); |
|
| 113 | + $this->loggerInstance->debug(3, "--- BEGIN constructing class ".get_class($this)." .\n"); |
|
| 114 | 114 | $this->languageInstance = new Language(); |
| 115 | 115 | Entity::intoThePotatoes("core"); |
| 116 | 116 | // some config elements are displayable. We need some dummies to |
@@ -129,13 +129,13 @@ discard block |
||
| 129 | 129 | $dummy_organisation2a = _("organization"); |
| 130 | 130 | $dummy_organisation3 = _("entity"); |
| 131 | 131 | // and do something useless with the strings so that there's no "unused" complaint |
| 132 | - if (strlen($dummy_NRO . $dummy_inst1 . $dummy_inst2 . $dummy_inst3 . $dummy_hotspot1 . $dummy_hotspot2 . $dummy_hotspot3 . $dummy_organisation1 . $dummy_organisation2 . $dummy_organisation2a . $dummy_organisation3) < 0) { |
|
| 132 | + if (strlen($dummy_NRO.$dummy_inst1.$dummy_inst2.$dummy_inst3.$dummy_hotspot1.$dummy_hotspot2.$dummy_hotspot3.$dummy_organisation1.$dummy_organisation2.$dummy_organisation2a.$dummy_organisation3) < 0) { |
|
| 133 | 133 | throw new Exception("Strings are usually not shorter than 0 characters. We've encountered a string blackhole."); |
| 134 | 134 | } |
| 135 | - $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'] . ""; |
|
| 136 | - $xyzVariableInst = \config\ConfAssistant::CONSORTIUM['nomenclature_institution'] . ""; |
|
| 137 | - $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'] . ""; |
|
| 138 | - $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'] . ""; |
|
| 135 | + $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'].""; |
|
| 136 | + $xyzVariableInst = \config\ConfAssistant::CONSORTIUM['nomenclature_institution'].""; |
|
| 137 | + $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'].""; |
|
| 138 | + $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'].""; |
|
| 139 | 139 | Entity::$nomenclature_fed = _($xyzVariableFed); |
| 140 | 140 | Entity::$nomenclature_inst = _($xyzVariableInst); |
| 141 | 141 | Entity::$nomenclature_hotspot = _($xyzVariableHotspot); |
@@ -151,7 +151,7 @@ discard block |
||
| 151 | 151 | */ |
| 152 | 152 | public function __destruct() |
| 153 | 153 | { |
| 154 | - (new Logging())->debug(5, "--- KILL Destructing class " . get_class($this) . " .\n"); |
|
| 154 | + (new Logging())->debug(5, "--- KILL Destructing class ".get_class($this)." .\n"); |
|
| 155 | 155 | } |
| 156 | 156 | |
| 157 | 157 | /** |
@@ -184,7 +184,7 @@ discard block |
||
| 184 | 184 | public static function createTemporaryDirectory($purpose = 'installer', $failIsFatal = 1) |
| 185 | 185 | { |
| 186 | 186 | $loggerInstance = new Logging(); |
| 187 | - $name = md5(time() . rand()); |
|
| 187 | + $name = md5(time().rand()); |
|
| 188 | 188 | $path = ROOT; |
| 189 | 189 | switch ($purpose) { |
| 190 | 190 | case 'silverbullet': |
@@ -202,7 +202,7 @@ discard block |
||
| 202 | 202 | default: |
| 203 | 203 | throw new Exception("unable to create temporary directory due to unknown purpose: $purpose\n"); |
| 204 | 204 | } |
| 205 | - $tmpDir = $path . '/' . $name; |
|
| 205 | + $tmpDir = $path.'/'.$name; |
|
| 206 | 206 | $loggerInstance->debug(4, "temp dir: $purpose : $tmpDir\n"); |
| 207 | 207 | if (!mkdir($tmpDir, 0700, true)) { |
| 208 | 208 | if ($failIsFatal) { |
@@ -223,7 +223,7 @@ discard block |
||
| 223 | 223 | */ |
| 224 | 224 | public static function rrmdir($dir) |
| 225 | 225 | { |
| 226 | - foreach (glob($dir . '/*') as $file) { |
|
| 226 | + foreach (glob($dir.'/*') as $file) { |
|
| 227 | 227 | if (is_dir($file)) { |
| 228 | 228 | Entity::rrmdir($file); |
| 229 | 229 | } else { |
@@ -249,12 +249,12 @@ discard block |
||
| 249 | 249 | } |
| 250 | 250 | // these substr() are guaranteed to yield actual string data, as the |
| 251 | 251 | // base string is an MD5 hash - has sufficient length |
| 252 | - $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8) . '-'; |
|
| 253 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4) . '-'; |
|
| 254 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4) . '-'; |
|
| 255 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4) . '-'; |
|
| 252 | + $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8).'-'; |
|
| 253 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4).'-'; |
|
| 254 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4).'-'; |
|
| 255 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4).'-'; |
|
| 256 | 256 | $uuid .= /** @scrutinizer ignore-type */ substr($chars, 20, 12); |
| 257 | - return $prefix . $uuid; |
|
| 257 | + return $prefix.$uuid; |
|
| 258 | 258 | } |
| 259 | 259 | |
| 260 | 260 | /** |
@@ -295,7 +295,7 @@ discard block |
||
| 295 | 295 | for ($i = count($trace); $i--; $i > 0) { |
| 296 | 296 | if (isset($trace[$i - 1]['class']) && preg_match('/Entity/', $trace[$i - 1]['class'])) { |
| 297 | 297 | if ($showTrace) { |
| 298 | - echo "FOUND caller: " . /** @scrutinizer ignore-type */ print_r($trace[$i], true) . " - class is " . $trace[$i]['class']; |
|
| 298 | + echo "FOUND caller: "./** @scrutinizer ignore-type */ print_r($trace[$i], true)." - class is ".$trace[$i]['class']; |
|
| 299 | 299 | } |
| 300 | 300 | $caller = $trace[$i]; |
| 301 | 301 | break; |
@@ -305,8 +305,8 @@ discard block |
||
| 305 | 305 | // otherwise, on the filename relative to ROOT |
| 306 | 306 | $myName = $caller['class'] ?? substr($caller['file'], strlen(ROOT)); |
| 307 | 307 | if ($showTrace === TRUE) { |
| 308 | - echo "<pre>" . /** @scrutinizer ignore-type */ print_r($trace, true) . "</pre>"; |
|
| 309 | - echo "CLASS = " . $myName . "<br/>"; |
|
| 308 | + echo "<pre>"./** @scrutinizer ignore-type */ print_r($trace, true)."</pre>"; |
|
| 309 | + echo "CLASS = ".$myName."<br/>"; |
|
| 310 | 310 | } |
| 311 | 311 | if (preg_match("/diag/", $myName) == 1) { |
| 312 | 312 | $ret = "diagnostics"; |
@@ -340,10 +340,10 @@ discard block |
||
| 340 | 340 | if ($catalogue === NULL) { |
| 341 | 341 | $theCatalogue = Entity::determineOwnCatalogue($trace); |
| 342 | 342 | textdomain($theCatalogue); |
| 343 | - bindtextdomain($theCatalogue, ROOT . "/translation/"); |
|
| 343 | + bindtextdomain($theCatalogue, ROOT."/translation/"); |
|
| 344 | 344 | } else { |
| 345 | 345 | textdomain($catalogue); |
| 346 | - bindtextdomain($catalogue, ROOT . "/translation/"); |
|
| 346 | + bindtextdomain($catalogue, ROOT."/translation/"); |
|
| 347 | 347 | } |
| 348 | 348 | } |
| 349 | 349 | |
@@ -105,9 +105,9 @@ discard block |
||
| 105 | 105 | |
| 106 | 106 | $attributesLowLevel = array_merge($this->deviceLevelAttributes, $this->eapLevelAttributes); |
| 107 | 107 | |
| 108 | - $this->loggerInstance->debug(5, "Device-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($this->deviceLevelAttributes, true)); |
|
| 109 | - $this->loggerInstance->debug(5, "EAP-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($this->eapLevelAttributes, true)); |
|
| 110 | - $this->loggerInstance->debug(5, "All low-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 108 | + $this->loggerInstance->debug(5, "Device-Level Attributes: "./** @scrutinizer ignore-type */ print_r($this->deviceLevelAttributes, true)); |
|
| 109 | + $this->loggerInstance->debug(5, "EAP-Level Attributes: "./** @scrutinizer ignore-type */ print_r($this->eapLevelAttributes, true)); |
|
| 110 | + $this->loggerInstance->debug(5, "All low-Level Attributes: "./** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 111 | 111 | |
| 112 | 112 | // now fetch and merge profile-level attributes if not already set on deeper level |
| 113 | 113 | |
@@ -137,7 +137,7 @@ discard block |
||
| 137 | 137 | } |
| 138 | 138 | } |
| 139 | 139 | |
| 140 | - $this->loggerInstance->debug(5, "Merged Attributes: " . /** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 140 | + $this->loggerInstance->debug(5, "Merged Attributes: "./** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 141 | 141 | |
| 142 | 142 | // now, fetch and merge IdP-wide attributes |
| 143 | 143 | |
@@ -152,7 +152,7 @@ discard block |
||
| 152 | 152 | // add the internal attribute to that effect |
| 153 | 153 | |
| 154 | 154 | if (isset($this->attributes['media:openroaming_always'])) { |
| 155 | - $this->attributes = array_merge($this->attributes, $this->addInternalAttributes([ "internal:openroaming" => TRUE ] )); |
|
| 155 | + $this->attributes = array_merge($this->attributes, $this->addInternalAttributes(["internal:openroaming" => TRUE])); |
|
| 156 | 156 | } |
| 157 | 157 | |
| 158 | 158 | $this->loggerInstance->debug(3, "--- END Constructing new Profile object ... ---\n"); |
@@ -200,7 +200,7 @@ discard block |
||
| 200 | 200 | "row" => $attributeQuery->row, |
| 201 | 201 | "flag" => $optinfo['flag'], |
| 202 | 202 | "device" => ($devicesOrEAPMethods == "DEVICES" ? $attributeQuery->deviceormethod : NULL), |
| 203 | - "eapmethod" => ($devicesOrEAPMethods == "DEVICES" ? 0 : (new \core\common\EAP($attributeQuery->deviceormethod))->getArrayRep() )]; |
|
| 203 | + "eapmethod" => ($devicesOrEAPMethods == "DEVICES" ? 0 : (new \core\common\EAP($attributeQuery->deviceormethod))->getArrayRep())]; |
|
| 204 | 204 | } |
| 205 | 205 | return $temparray; |
| 206 | 206 | } |
@@ -309,7 +309,7 @@ discard block |
||
| 309 | 309 | */ |
| 310 | 310 | public function setAnonymousIDSupport($shallwe) |
| 311 | 311 | { |
| 312 | - $this->databaseHandle->exec("UPDATE profile SET use_anon_outer = " . ($shallwe === true ? "1" : "0") . " WHERE profile_id = $this->identifier"); |
|
| 312 | + $this->databaseHandle->exec("UPDATE profile SET use_anon_outer = ".($shallwe === true ? "1" : "0")." WHERE profile_id = $this->identifier"); |
|
| 313 | 313 | } |
| 314 | 314 | |
| 315 | 315 | /** Toggle special username for realm checks |
@@ -319,7 +319,7 @@ discard block |
||
| 319 | 319 | * @return void |
| 320 | 320 | */ |
| 321 | 321 | public function setRealmCheckUser($shallwe, $localpart = NULL) { |
| 322 | - $this->databaseHandle->exec("UPDATE profile SET checkuser_outer = " . ($shallwe === true ? "1" : "0") . " WHERE profile_id = $this->identifier"); |
|
| 322 | + $this->databaseHandle->exec("UPDATE profile SET checkuser_outer = ".($shallwe === true ? "1" : "0")." WHERE profile_id = $this->identifier"); |
|
| 323 | 323 | if ($localpart !== NULL) { |
| 324 | 324 | $this->databaseHandle->exec("UPDATE profile SET checkuser_value = ? WHERE profile_id = $this->identifier", "s", $localpart); |
| 325 | 325 | } |
@@ -334,8 +334,8 @@ discard block |
||
| 334 | 334 | */ |
| 335 | 335 | public function setInputVerificationPreference($verify, $hint) |
| 336 | 336 | { |
| 337 | - $this->databaseHandle->exec("UPDATE profile SET verify_userinput_suffix = " . ($verify === true ? "1" : "0") . |
|
| 338 | - ", hint_userinput_suffix = " . ($hint === true ? "1" : "0") . |
|
| 337 | + $this->databaseHandle->exec("UPDATE profile SET verify_userinput_suffix = ".($verify === true ? "1" : "0"). |
|
| 338 | + ", hint_userinput_suffix = ".($hint === true ? "1" : "0"). |
|
| 339 | 339 | " WHERE profile_id = $this->identifier"); |
| 340 | 340 | } |
| 341 | 341 | |
@@ -62,24 +62,24 @@ discard block |
||
| 62 | 62 | case "EXTERNAL": |
| 63 | 63 | case "FRONTEND": |
| 64 | 64 | case "DIAGNOSTICS": |
| 65 | - if (!isset(self::${"instance" . $theDb})) { |
|
| 65 | + if (!isset(self::${"instance".$theDb})) { |
|
| 66 | 66 | $class = __CLASS__; |
| 67 | - self::${"instance" . $theDb} = new $class($database); |
|
| 68 | - DBConnection::${"instance" . $theDb}->databaseInstance = $theDb; |
|
| 67 | + self::${"instance".$theDb} = new $class($database); |
|
| 68 | + DBConnection::${"instance".$theDb}->databaseInstance = $theDb; |
|
| 69 | 69 | } |
| 70 | - return self::${"instance" . $theDb}; |
|
| 70 | + return self::${"instance".$theDb}; |
|
| 71 | 71 | case "RADIUS": |
| 72 | - if (!isset(self::${"instance" . $theDb})) { |
|
| 72 | + if (!isset(self::${"instance".$theDb})) { |
|
| 73 | 73 | $class = __CLASS__; |
| 74 | 74 | foreach (\config\ConfAssistant::DB as $name => $oneRadiusAuthDb) { |
| 75 | 75 | $theInstance = new $class($name); |
| 76 | - self::${"instance" . $theDb}[] = $theInstance; |
|
| 76 | + self::${"instance".$theDb}[] = $theInstance; |
|
| 77 | 77 | $theInstance->databaseInstance = $theDb; |
| 78 | 78 | } |
| 79 | 79 | } |
| 80 | - return self::${"instance" . $theDb}; |
|
| 80 | + return self::${"instance".$theDb}; |
|
| 81 | 81 | default: |
| 82 | - throw new Exception("This type of database (" . strtoupper($database) . ") is not known!"); |
|
| 82 | + throw new Exception("This type of database (".strtoupper($database).") is not known!"); |
|
| 83 | 83 | } |
| 84 | 84 | } |
| 85 | 85 | |
@@ -121,18 +121,18 @@ discard block |
||
| 121 | 121 | } |
| 122 | 122 | } |
| 123 | 123 | // log exact query to debug log, if log level is at 5 |
| 124 | - $this->loggerInstance->debug(5, "DB ATTEMPT: " . $querystring . "\n"); |
|
| 124 | + $this->loggerInstance->debug(5, "DB ATTEMPT: ".$querystring."\n"); |
|
| 125 | 125 | if ($types !== NULL) { |
| 126 | - $this->loggerInstance->debug(5, "Argument type sequence: $types, parameters are: " . /** @scrutinizer ignore-type */ print_r($arguments, true)); |
|
| 126 | + $this->loggerInstance->debug(5, "Argument type sequence: $types, parameters are: "./** @scrutinizer ignore-type */ print_r($arguments, true)); |
|
| 127 | 127 | } |
| 128 | 128 | |
| 129 | 129 | if ($this->connection->connect_error) { |
| 130 | - throw new Exception("ERROR: Cannot send query to $this->databaseInstance database (no connection, error number" . $this->connection->connect_error . ")!"); |
|
| 130 | + throw new Exception("ERROR: Cannot send query to $this->databaseInstance database (no connection, error number".$this->connection->connect_error.")!"); |
|
| 131 | 131 | } |
| 132 | 132 | if ($types === NULL) { |
| 133 | 133 | $result = $this->connection->query($querystring); |
| 134 | 134 | if ($result === FALSE) { |
| 135 | - throw new Exception("DB: Unable to execute simple statement! Error was --> " . $this->connection->error . " <--"); |
|
| 135 | + throw new Exception("DB: Unable to execute simple statement! Error was --> ".$this->connection->error." <--"); |
|
| 136 | 136 | } |
| 137 | 137 | } else { |
| 138 | 138 | // fancy! prepared statement with dedicated argument list |
@@ -148,7 +148,7 @@ discard block |
||
| 148 | 148 | } |
| 149 | 149 | $prepResult = $statementObject->prepare($querystring); |
| 150 | 150 | if ($prepResult === FALSE) { |
| 151 | - throw new Exception("DB: Unable to prepare statement! Statement was --> $querystring <--, error was --> " . $statementObject->error . " <--."); |
|
| 151 | + throw new Exception("DB: Unable to prepare statement! Statement was --> $querystring <--, error was --> ".$statementObject->error." <--."); |
|
| 152 | 152 | } |
| 153 | 153 | $this->preparedStatements[$querystring] = $statementObject; |
| 154 | 154 | } |
@@ -161,11 +161,11 @@ discard block |
||
| 161 | 161 | array_unshift($localArray, $types); |
| 162 | 162 | $retval = call_user_func_array([$statementObject, "bind_param"], $localArray); |
| 163 | 163 | if ($retval === FALSE) { |
| 164 | - throw new Exception("DB: Unable to bind parameters to prepared statement! Argument array was --> " . var_export($localArray, TRUE) . " <--. Error was --> " . $statementObject->error . " <--"); |
|
| 164 | + throw new Exception("DB: Unable to bind parameters to prepared statement! Argument array was --> ".var_export($localArray, TRUE)." <--. Error was --> ".$statementObject->error." <--"); |
|
| 165 | 165 | } |
| 166 | 166 | $result = $statementObject->execute(); |
| 167 | 167 | if ($result === FALSE) { |
| 168 | - throw new Exception("DB: Unable to execute prepared statement! Error was --> " . $statementObject->error . " <--"); |
|
| 168 | + throw new Exception("DB: Unable to execute prepared statement! Error was --> ".$statementObject->error." <--"); |
|
| 169 | 169 | } |
| 170 | 170 | $selectResult = $statementObject->get_result(); |
| 171 | 171 | if ($selectResult !== FALSE) { |
@@ -175,14 +175,14 @@ discard block |
||
| 175 | 175 | |
| 176 | 176 | // all cases where $result could be FALSE have been caught earlier |
| 177 | 177 | if ($this->connection->errno) { |
| 178 | - throw new Exception("ERROR: Cannot execute query in $this->databaseInstance database - (hopefully escaped) query was '$querystring', errno was " . $this->connection->errno . "!"); |
|
| 178 | + throw new Exception("ERROR: Cannot execute query in $this->databaseInstance database - (hopefully escaped) query was '$querystring', errno was ".$this->connection->errno."!"); |
|
| 179 | 179 | } |
| 180 | 180 | |
| 181 | 181 | |
| 182 | 182 | if ($isMoreThanSelect) { |
| 183 | - $this->loggerInstance->writeSQLAudit("[DB: " . strtoupper($this->databaseInstance) . "] " . $querystring); |
|
| 183 | + $this->loggerInstance->writeSQLAudit("[DB: ".strtoupper($this->databaseInstance)."] ".$querystring); |
|
| 184 | 184 | if ($types !== NULL) { |
| 185 | - $this->loggerInstance->writeSQLAudit("Argument type sequence: $types, parameters are: " . /** @scrutinizer ignore-type */ print_r($arguments, true)); |
|
| 185 | + $this->loggerInstance->writeSQLAudit("Argument type sequence: $types, parameters are: "./** @scrutinizer ignore-type */ print_r($arguments, true)); |
|
| 186 | 186 | } |
| 187 | 187 | } |
| 188 | 188 | return $result; |
@@ -277,13 +277,13 @@ discard block |
||
| 277 | 277 | if (isset(\config\Master::DB[$databaseCapitalised])) { |
| 278 | 278 | $this->connection = new \mysqli(\config\Master::DB[$databaseCapitalised]['host'], \config\Master::DB[$databaseCapitalised]['user'], \config\Master::DB[$databaseCapitalised]['pass'], \config\Master::DB[$databaseCapitalised]['db']); |
| 279 | 279 | if ($this->connection->connect_error) { |
| 280 | - throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number " . $this->connection->connect_errno . ")."); |
|
| 280 | + throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number ".$this->connection->connect_errno.")."); |
|
| 281 | 281 | } |
| 282 | 282 | $this->readOnly = \config\Master::DB[$databaseCapitalised]['readonly']; |
| 283 | 283 | } else { // one of the RADIUS DBs |
| 284 | 284 | $this->connection = new \mysqli(\config\ConfAssistant::DB[$databaseCapitalised]['host'], \config\ConfAssistant::DB[$databaseCapitalised]['user'], \config\ConfAssistant::DB[$databaseCapitalised]['pass'], \config\ConfAssistant::DB[$databaseCapitalised]['db']); |
| 285 | 285 | if ($this->connection->connect_error) { |
| 286 | - throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number " . $this->connection->connect_errno . ")."); |
|
| 286 | + throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number ".$this->connection->connect_errno.")."); |
|
| 287 | 287 | } |
| 288 | 288 | $this->readOnly = \config\ConfAssistant::DB[$databaseCapitalised]['readonly']; |
| 289 | 289 | } |
@@ -134,7 +134,7 @@ discard block |
||
| 134 | 134 | protected function saveDownloadDetails($idpIdentifier, $profileId, $deviceId, $area, $lang, $eapType) |
| 135 | 135 | { |
| 136 | 136 | if (\config\Master::PATHS['logdir']) { |
| 137 | - $file = fopen(\config\Master::PATHS['logdir'] . "/download_details.log", "a"); |
|
| 137 | + $file = fopen(\config\Master::PATHS['logdir']."/download_details.log", "a"); |
|
| 138 | 138 | if ($file === FALSE) { |
| 139 | 139 | throw new Exception("Unable to open file for append: $file"); |
| 140 | 140 | } |
@@ -181,7 +181,7 @@ discard block |
||
| 181 | 181 | } |
| 182 | 182 | foreach ($new->getAttributes("eap:server_name") as $newName) { |
| 183 | 183 | if (!in_array($newName['value'], $baselineNames)) { |
| 184 | - $retval[AbstractProfile::SERVERNAME_ADDED] .= "#New server name '" . $newName['value'] . "' added"; |
|
| 184 | + $retval[AbstractProfile::SERVERNAME_ADDED] .= "#New server name '".$newName['value']."' added"; |
|
| 185 | 185 | } |
| 186 | 186 | } |
| 187 | 187 | return $retval; |
@@ -205,7 +205,7 @@ discard block |
||
| 205 | 205 | $eaptype = new common\EAP($eapQuery->eap_method_id); |
| 206 | 206 | $eapTypeArray[] = $eaptype; |
| 207 | 207 | } |
| 208 | - $this->loggerInstance->debug(4, "This profile supports the following EAP types:\n" . /** @scrutinizer ignore-type */ print_r($eapTypeArray, true)); |
|
| 208 | + $this->loggerInstance->debug(4, "This profile supports the following EAP types:\n"./** @scrutinizer ignore-type */ print_r($eapTypeArray, true)); |
|
| 209 | 209 | return $eapTypeArray; |
| 210 | 210 | } |
| 211 | 211 | |
@@ -287,16 +287,16 @@ discard block |
||
| 287 | 287 | if (count($this->getAttributes("internal:checkuser_outer")) > 0) { |
| 288 | 288 | // we are supposed to use a specific outer username for checks, |
| 289 | 289 | // which is different from the outer username we put into installers |
| 290 | - return $this->getAttributes("internal:checkuser_value")[0]['value'] . "@" . $realm; |
|
| 290 | + return $this->getAttributes("internal:checkuser_value")[0]['value']."@".$realm; |
|
| 291 | 291 | } |
| 292 | 292 | if (count($this->getAttributes("internal:use_anon_outer")) > 0) { |
| 293 | 293 | // no special check username, but there is an anon outer ID for |
| 294 | 294 | // installers - so let's use that one |
| 295 | - return $this->getAttributes("internal:anon_local_value")[0]['value'] . "@" . $realm; |
|
| 295 | + return $this->getAttributes("internal:anon_local_value")[0]['value']."@".$realm; |
|
| 296 | 296 | } |
| 297 | 297 | // okay, no guidance on outer IDs at all - but we need *something* to |
| 298 | 298 | // test with for the RealmChecks. So: |
| 299 | - return "@" . $realm; |
|
| 299 | + return "@".$realm; |
|
| 300 | 300 | } |
| 301 | 301 | |
| 302 | 302 | /** |
@@ -747,7 +747,7 @@ discard block |
||
| 747 | 747 | public function prepShowtime() |
| 748 | 748 | { |
| 749 | 749 | $properConfig = $this->readyForShowtime(); |
| 750 | - $this->databaseHandle->exec("UPDATE profile SET sufficient_config = " . ($properConfig ? "TRUE" : "FALSE") . " WHERE profile_id = " . $this->identifier); |
|
| 750 | + $this->databaseHandle->exec("UPDATE profile SET sufficient_config = ".($properConfig ? "TRUE" : "FALSE")." WHERE profile_id = ".$this->identifier); |
|
| 751 | 751 | |
| 752 | 752 | $attribs = $this->getCollapsedAttributes(); |
| 753 | 753 | // if not enough info to go live, set FALSE |
@@ -325,7 +325,7 @@ discard block |
||
| 325 | 325 | $invitationObject = new SilverbulletInvitation($token); |
| 326 | 326 | $profile = new ProfileSilverbullet($invitationObject->profile); |
| 327 | 327 | $inst = new IdP($profile->institution); |
| 328 | - $loggerInstance->debug(5, "tokenStatus: done, got " . $invitationObject->invitationTokenStatus . ", " . $invitationObject->profile . ", " . $invitationObject->userId . ", " . $invitationObject->expiry . ", " . $invitationObject->invitationTokenString . "\n"); |
|
| 328 | + $loggerInstance->debug(5, "tokenStatus: done, got ".$invitationObject->invitationTokenStatus.", ".$invitationObject->profile.", ".$invitationObject->userId.", ".$invitationObject->expiry.", ".$invitationObject->invitationTokenString."\n"); |
|
| 329 | 329 | if ($invitationObject->invitationTokenStatus != SilverbulletInvitation::SB_TOKENSTATUS_VALID && $invitationObject->invitationTokenStatus != SilverbulletInvitation::SB_TOKENSTATUS_PARTIALLY_REDEEMED) { |
| 330 | 330 | throw new Exception("Attempt to generate a SilverBullet installer with an invalid/redeemed/expired token. The user should never have gotten that far!"); |
| 331 | 331 | } |
@@ -338,12 +338,12 @@ discard block |
||
| 338 | 338 | throw new Exception("Despite a valid token, the corresponding user was not found in database or database query error!"); |
| 339 | 339 | } |
| 340 | 340 | $expiryObject = mysqli_fetch_object(/** @scrutinizer ignore-type */ $userrow); |
| 341 | - $loggerInstance->debug(5, "EXP: " . $expiryObject->expiry . "\n"); |
|
| 341 | + $loggerInstance->debug(5, "EXP: ".$expiryObject->expiry."\n"); |
|
| 342 | 342 | $expiryDateObject = date_create_from_format("Y-m-d H:i:s", $expiryObject->expiry); |
| 343 | 343 | if ($expiryDateObject === FALSE) { |
| 344 | 344 | throw new Exception("The expiry date we got from the DB is bogus!"); |
| 345 | 345 | } |
| 346 | - $loggerInstance->debug(5, $expiryDateObject->format("Y-m-d H:i:s") . "\n"); |
|
| 346 | + $loggerInstance->debug(5, $expiryDateObject->format("Y-m-d H:i:s")."\n"); |
|
| 347 | 347 | // date_create with no parameters can't fail, i.e. is never FALSE |
| 348 | 348 | $validity = date_diff(/** @scrutinizer ignore-type */ date_create(), $expiryDateObject); |
| 349 | 349 | $expiryDays = $validity->days + 1; |
@@ -382,7 +382,7 @@ discard block |
||
| 382 | 382 | $certString = ""; |
| 383 | 383 | openssl_x509_export($cert, $certString); |
| 384 | 384 | $parsedCert = $x509->processCertificate($certString); |
| 385 | - $loggerInstance->debug(5, "CERTINFO: " . /** @scrutinizer ignore-type */ print_r($parsedCert['full_details'], true)); |
|
| 385 | + $loggerInstance->debug(5, "CERTINFO: "./** @scrutinizer ignore-type */ print_r($parsedCert['full_details'], true)); |
|
| 386 | 386 | $realExpiryDate = date_create_from_format("U", $parsedCert['full_details']['validTo_time_t'])->format("Y-m-d H:i:s"); |
| 387 | 387 | |
| 388 | 388 | // store new cert info in DB |
@@ -442,7 +442,7 @@ discard block |
||
| 442 | 442 | $username = ""; |
| 443 | 443 | while ($usernameIsUnique === FALSE) { |
| 444 | 444 | $usernameLocalPart = common\Entity::randomString(64 - 1 - strlen($realm), "0123456789abcdefghijklmnopqrstuvwxyz"); |
| 445 | - $username = $usernameLocalPart . "@" . $realm; |
|
| 445 | + $username = $usernameLocalPart."@".$realm; |
|
| 446 | 446 | $uniquenessQuery = $databaseHandle->exec("SELECT cn from silverbullet_certificate WHERE cn = ? AND ca_type = ?", "ss", $username, $certtype); |
| 447 | 447 | // SELECT -> resource, not boolean |
| 448 | 448 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $uniquenessQuery) == 0) { |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -75,19 +75,19 @@ discard block |
||
| 75 | 75 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 76 | 76 | try { |
| 77 | 77 | $altArray = [# Array mit den Subject Alternative Names |
| 78 | - "email:" . $csr["USERNAME"] |
|
| 78 | + "email:".$csr["USERNAME"] |
|
| 79 | 79 | ]; |
| 80 | 80 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 81 | 81 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 82 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 85 | 85 | $this->loggerInstance->debug(5, $altArray); |
| 86 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 87 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 88 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 89 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 90 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
| 86 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 87 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 88 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 89 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 90 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
| 91 | 91 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 92 | 92 | $soapNewRequest = $soapPub->newRequest( |
| 93 | 93 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -109,11 +109,11 @@ discard block |
||
| 109 | 109 | } catch (Exception $e) { |
| 110 | 110 | // PHP 7.1 can do this much better |
| 111 | 111 | if (is_soap_fault($e)) { |
| 112 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 112 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 113 | 113 | $e->faultstring |
| 114 | 114 | }\n"); |
| 115 | 115 | } |
| 116 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 116 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 117 | 117 | } |
| 118 | 118 | try { |
| 119 | 119 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | $soapReqnum, [ |
| 126 | 126 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 127 | 127 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 128 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 129 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 128 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 129 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 130 | 130 | "NotBefore" => (new \DateTime())->format('c'), |
| 131 | 131 | "NotAfter" => $expiry->format('c'), |
| 132 | 132 | ] |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 146 | 146 | // rather than just using the string. Grr. |
| 147 | 147 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 148 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 148 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 149 | 149 | // retrieve our RA cert from filesystem |
| 150 | 150 | // the RA certificates are not needed right now because we |
| 151 | 151 | // have resorted to S/MIME signatures with openssl command-line |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 158 | 158 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 159 | 159 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 160 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 160 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 161 | 161 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 162 | 162 | $output = []; |
| 163 | 163 | $return = 999; |
@@ -166,14 +166,14 @@ discard block |
||
| 166 | 166 | throw new Exception("Non-zero return value from openssl smime!"); |
| 167 | 167 | } |
| 168 | 168 | // and get the signature blob back from the filesystem |
| 169 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 169 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 170 | 170 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 171 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 172 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 171 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 172 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 174 | 174 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 175 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 176 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 175 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 176 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 177 | 177 | if ($soapIssueCert === FALSE) { |
| 178 | 178 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 179 | 179 | } |
@@ -210,9 +210,9 @@ discard block |
||
| 210 | 210 | throw new Exception("CAInfo has no root certificate for us!"); |
| 211 | 211 | } |
| 212 | 212 | } catch (SoapFault $e) { |
| 213 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 213 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 214 | 214 | } catch (Exception $e) { |
| 215 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 215 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 216 | 216 | } |
| 217 | 217 | return [ |
| 218 | 218 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 246 | 246 | // rather than just using the string. Grr. |
| 247 | 247 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 248 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 248 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 249 | 249 | // retrieve our RA cert from filesystem |
| 250 | 250 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 251 | 251 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 252 | 252 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 253 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 253 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 254 | 254 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 255 | 255 | $output = []; |
| 256 | 256 | $return = 999; |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | throw new Exception("Non-zero return value from openssl smime!"); |
| 260 | 260 | } |
| 261 | 261 | // and get the signature blob back from the filesystem |
| 262 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 262 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 263 | 263 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 264 | 264 | if ($soapIssueRev === FALSE) { |
| 265 | 265 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -267,9 +267,9 @@ discard block |
||
| 267 | 267 | } catch (Exception $e) { |
| 268 | 268 | // PHP 7.1 can do this much better |
| 269 | 269 | if (is_soap_fault($e)) { |
| 270 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 270 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 271 | 271 | } |
| 272 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 272 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 273 | 273 | } |
| 274 | 274 | } |
| 275 | 275 | |
@@ -369,9 +369,9 @@ discard block |
||
| 369 | 369 | */ |
| 370 | 370 | public function soapToXmlInteger($x) |
| 371 | 371 | { |
| 372 | - return '<' . $x[0] . '>' |
|
| 372 | + return '<'.$x[0].'>' |
|
| 373 | 373 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 374 | - . '</' . $x[0] . '>'; |
|
| 374 | + . '</'.$x[0].'>'; |
|
| 375 | 375 | } |
| 376 | 376 | |
| 377 | 377 | /** |
@@ -390,9 +390,9 @@ discard block |
||
| 390 | 390 | // dump private key into directory |
| 391 | 391 | $outstring = ""; |
| 392 | 392 | openssl_pkey_export($privateKey, $outstring); |
| 393 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 393 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 394 | 394 | // PHP can only do one DC in the Subject. But we need three. |
| 395 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 395 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 396 | 396 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 397 | 397 | $output = []; |
| 398 | 398 | $return = 999; |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPkiServer extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "Radius Server SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -99,19 +99,19 @@ discard block |
||
| 99 | 99 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 100 | 100 | try { |
| 101 | 101 | $altArray = [# Array mit den Subject Alternative Names |
| 102 | - "email:" . $csr["USERMAIL"] |
|
| 102 | + "email:".$csr["USERMAIL"] |
|
| 103 | 103 | ]; |
| 104 | 104 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 105 | 105 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 106 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPkiServer::EDUPKI_RA_ID . "\n"); |
|
| 107 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 106 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPkiServer::EDUPKI_RA_ID."\n"); |
|
| 107 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 108 | 108 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 109 | 109 | $this->loggerInstance->debug(5, $altArray); |
| 110 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE . "\n"); |
|
| 111 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 112 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 113 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n"); |
|
| 114 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
| 110 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE."\n"); |
|
| 111 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 112 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 113 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n"); |
|
| 114 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
| 115 | 115 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 116 | 116 | $soapNewRequest = $soapPub->newRequest( |
| 117 | 117 | CertificationAuthorityEduPkiServer::EDUPKI_RA_ID, # RA-ID |
@@ -133,11 +133,11 @@ discard block |
||
| 133 | 133 | } catch (Exception $e) { |
| 134 | 134 | // PHP 7.1 can do this much better |
| 135 | 135 | if (is_soap_fault($e)) { |
| 136 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 136 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 137 | 137 | $e->faultstring |
| 138 | 138 | }\n"); |
| 139 | 139 | } |
| 140 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 140 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 141 | 141 | } |
| 142 | 142 | try { |
| 143 | 143 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -171,7 +171,7 @@ discard block |
||
| 171 | 171 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 172 | 172 | // rather than just using the string. Grr. |
| 173 | 173 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 174 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 174 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 175 | 175 | // retrieve our RA cert from filesystem |
| 176 | 176 | // the RA certificates are not needed right now because we |
| 177 | 177 | // have resorted to S/MIME signatures with openssl command-line |
@@ -183,7 +183,7 @@ discard block |
||
| 183 | 183 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 184 | 184 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 185 | 185 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 186 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 186 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 187 | 187 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 188 | 188 | $output = []; |
| 189 | 189 | $return = 999; |
@@ -192,21 +192,21 @@ discard block |
||
| 192 | 192 | throw new Exception("Non-zero return value from openssl smime!"); |
| 193 | 193 | } |
| 194 | 194 | // and get the signature blob back from the filesystem |
| 195 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 195 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 196 | 196 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 197 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 198 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 199 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 197 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 198 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 199 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 200 | 200 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 201 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 202 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 201 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 202 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 203 | 203 | if ($soapIssueCert === FALSE) { |
| 204 | 204 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 205 | 205 | } |
| 206 | 206 | } catch (SoapFault $e) { |
| 207 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 207 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 208 | 208 | } catch (Exception $e) { |
| 209 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 209 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 210 | 210 | } |
| 211 | 211 | return $soapReqnum; |
| 212 | 212 | } |
@@ -258,9 +258,9 @@ discard block |
||
| 258 | 258 | throw new Exception("CAInfo has no root certificate for us!"); |
| 259 | 259 | } |
| 260 | 260 | } catch (SoapFault $e) { |
| 261 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 261 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 262 | 262 | } catch (Exception $e) { |
| 263 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 263 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 264 | 264 | } |
| 265 | 265 | return [ |
| 266 | 266 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -293,12 +293,12 @@ discard block |
||
| 293 | 293 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 294 | 294 | // rather than just using the string. Grr. |
| 295 | 295 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 296 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 296 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 297 | 297 | // retrieve our RA cert from filesystem |
| 298 | 298 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 299 | 299 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 300 | 300 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 301 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 301 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 302 | 302 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 303 | 303 | $output = []; |
| 304 | 304 | $return = 999; |
@@ -307,7 +307,7 @@ discard block |
||
| 307 | 307 | throw new Exception("Non-zero return value from openssl smime!"); |
| 308 | 308 | } |
| 309 | 309 | // and get the signature blob back from the filesystem |
| 310 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 310 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 311 | 311 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 312 | 312 | if ($soapIssueRev === FALSE) { |
| 313 | 313 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -315,9 +315,9 @@ discard block |
||
| 315 | 315 | } catch (Exception $e) { |
| 316 | 316 | // PHP 7.1 can do this much better |
| 317 | 317 | if (is_soap_fault($e)) { |
| 318 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 318 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 319 | 319 | } |
| 320 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 320 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 321 | 321 | } |
| 322 | 322 | } |
| 323 | 323 | |
@@ -417,9 +417,9 @@ discard block |
||
| 417 | 417 | */ |
| 418 | 418 | public function soapToXmlInteger($x) |
| 419 | 419 | { |
| 420 | - return '<' . $x[0] . '>' |
|
| 420 | + return '<'.$x[0].'>' |
|
| 421 | 421 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 422 | - . '</' . $x[0] . '>'; |
|
| 422 | + . '</'.$x[0].'>'; |
|
| 423 | 423 | } |
| 424 | 424 | |
| 425 | 425 | /** |
@@ -438,9 +438,9 @@ discard block |
||
| 438 | 438 | // dump private key into directory |
| 439 | 439 | $outstring = ""; |
| 440 | 440 | openssl_pkey_export($privateKey, $outstring); |
| 441 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 441 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 442 | 442 | // PHP can only do one DC in the Subject. But we need three. |
| 443 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 443 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 444 | 444 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 445 | 445 | $output = []; |
| 446 | 446 | $return = 999; |
