|
1
|
|
|
<?php |
|
2
|
|
|
/* |
|
3
|
|
|
******************************************************************************* |
|
4
|
|
|
* Copyright 2011-2017 DANTE Ltd. and GÉANT on behalf of the GN3, GN3+, GN4-1 |
|
5
|
|
|
* and GN4-2 consortia |
|
6
|
|
|
* |
|
7
|
|
|
* License: see the web/copyright.php file in the file structure |
|
8
|
|
|
******************************************************************************* |
|
9
|
|
|
*/ |
|
10
|
|
|
|
|
11
|
|
|
/** |
|
12
|
|
|
* This file contains class definitions and procedures for |
|
13
|
|
|
* generation of a generic XML description of a 802.1x configurator |
|
14
|
|
|
* |
|
15
|
|
|
* @author Maja Górecka-Wolniewicz <[email protected]> |
|
16
|
|
|
* |
|
17
|
|
|
* @package ModuleWriting |
|
18
|
|
|
*/ |
|
19
|
|
|
namespace devices\xml; |
|
20
|
|
|
/** |
|
21
|
|
|
* base class extended by every element |
|
22
|
|
|
*/ |
|
23
|
|
|
class XMLElement { |
|
24
|
|
|
|
|
25
|
|
|
private $attributes; |
|
26
|
|
|
private $value; |
|
27
|
|
|
|
|
28
|
|
|
protected function getObjectVars($obj) { |
|
29
|
|
|
return get_object_vars($obj); |
|
30
|
|
|
} |
|
31
|
|
|
|
|
32
|
|
|
/** |
|
33
|
|
|
* @var array $AuthMethodElements is used to limit |
|
34
|
|
|
* XML elements present within ServerSideCredentials and |
|
35
|
|
|
* ClientSideCredentials to ones which are relevant |
|
36
|
|
|
* for a given EAP method. |
|
37
|
|
|
* @var array of XLM element names which are allowed |
|
38
|
|
|
* EAP method names are defined in core/EAP.php |
|
39
|
|
|
*/ |
|
40
|
|
|
public static $authMethodElements = [ |
|
41
|
|
|
'server' => [ |
|
42
|
|
|
\core\common\EAP::TLS => ['CA', 'ServerID'], |
|
43
|
|
|
\core\common\EAP::FAST => ['CA', 'ServerID'], |
|
44
|
|
|
\core\common\EAP::PEAP => ['CA', 'ServerID'], |
|
45
|
|
|
\core\common\EAP::TTLS => ['CA', 'ServerID'], |
|
46
|
|
|
\core\common\EAP::PWD => ['ServerID'], |
|
47
|
|
|
], |
|
48
|
|
|
'client' => [ |
|
49
|
|
|
\core\common\EAP::TLS => ['UserName', 'Password', 'ClientCertificate'], |
|
50
|
|
|
\core\common\EAP::MSCHAP2 => ['UserName', 'Password', 'OuterIdentity'], |
|
51
|
|
|
\core\common\EAP::GTC => ['UserName', 'OneTimeToken'], |
|
52
|
|
|
\core\common\EAP::NE_PAP => ['UserName', 'Password', 'OuterIdentity'], |
|
53
|
|
|
\core\common\EAP::NE_SILVERBULLET => ['UserName', 'ClientCertificate'], |
|
54
|
|
|
] |
|
55
|
|
|
]; |
|
56
|
|
|
|
|
57
|
|
|
public function __construct() { |
|
58
|
|
|
$this->attributes = []; |
|
59
|
|
|
$this->value = []; |
|
60
|
|
|
} |
|
61
|
|
|
|
|
62
|
|
|
public function setAttributes($attributes) { |
|
63
|
|
|
$this->attributes = $attributes; |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
public function getAttributes() { |
|
67
|
|
|
return $this->attributes; |
|
68
|
|
|
} |
|
69
|
|
|
|
|
70
|
|
|
public function setValue($value) { |
|
71
|
|
|
$this->value = $value; |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
public function getValue() { |
|
75
|
|
|
return $this->value; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
public function areAttributes() { |
|
79
|
|
|
return empty($this->attributes) ? 0 : 1; |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
/** |
|
83
|
|
|
* adds an attribute with the given value to the set of attributes |
|
84
|
|
|
* @param string $attribute |
|
85
|
|
|
* @param mixed $value |
|
86
|
|
|
*/ |
|
87
|
|
|
public function setAttribute($attribute, $value) { |
|
88
|
|
|
if (!isset($this->attributes)) { |
|
89
|
|
|
$this->attributes = []; |
|
90
|
|
|
} |
|
91
|
|
|
$this->attributes[$attribute] = $value; |
|
92
|
|
|
} |
|
93
|
|
|
|
|
94
|
|
|
/** |
|
95
|
|
|
* |
|
96
|
|
|
* @param string $property |
|
97
|
|
|
* @param mixed $value |
|
98
|
|
|
*/ |
|
99
|
|
|
public function setProperty($property, $value) { |
|
100
|
|
|
$this->$property = $value; |
|
101
|
|
|
} |
|
102
|
|
|
|
|
103
|
|
|
public function getAll() { |
|
104
|
|
|
$elems = get_object_vars($this); |
|
105
|
|
|
$objvars = []; |
|
106
|
|
|
foreach ($elems as $key => $val) { |
|
107
|
|
|
if (($key != 'attributes') && ($key != 'value')) { |
|
108
|
|
|
$objvars[$key] = $val; |
|
109
|
|
|
} |
|
110
|
|
|
} |
|
111
|
|
|
return $objvars; |
|
112
|
|
|
} |
|
113
|
|
|
|
|
114
|
|
|
} |
|
115
|
|
|
|
|
116
|
|
|
class EAPIdentityProvider extends XMLElement { |
|
117
|
|
|
|
|
118
|
|
|
protected $ValidUntil; |
|
119
|
|
|
protected $AuthenticationMethods; |
|
120
|
|
|
protected $ProviderInfo; |
|
121
|
|
|
protected $VendorSpecific; |
|
122
|
|
|
|
|
123
|
|
|
} |
|
124
|
|
|
|
|
125
|
|
|
class AuthenticationMethods extends XMLElement { |
|
126
|
|
|
|
|
127
|
|
|
protected $AuthenticationMethod; |
|
128
|
|
|
|
|
129
|
|
|
} |
|
130
|
|
|
|
|
131
|
|
|
class AuthenticationMethod extends XMLElement { |
|
132
|
|
|
|
|
133
|
|
|
protected $EAPMethod; |
|
134
|
|
|
protected $ServerSideCredential; |
|
135
|
|
|
protected $ClientSideCredential; |
|
136
|
|
|
protected $InnerAuthenticationMethod; |
|
137
|
|
|
|
|
138
|
|
|
} |
|
139
|
|
|
|
|
140
|
|
|
class EAPMethod extends XMLElement { |
|
141
|
|
|
|
|
142
|
|
|
protected $Type; |
|
143
|
|
|
protected $TypeSpecific; |
|
144
|
|
|
protected $VendorSpecific; |
|
145
|
|
|
|
|
146
|
|
|
} |
|
147
|
|
|
|
|
148
|
|
|
class NonEAPAuthMethod extends XMLElement { |
|
149
|
|
|
|
|
150
|
|
|
protected $Type; |
|
151
|
|
|
protected $TypeSpecific; |
|
152
|
|
|
protected $VendorSpecific; |
|
153
|
|
|
|
|
154
|
|
|
} |
|
155
|
|
|
|
|
156
|
|
|
class Type extends XMLElement { |
|
157
|
|
|
|
|
158
|
|
|
} |
|
159
|
|
|
|
|
160
|
|
|
class TypeSpecific extends XMLElement { |
|
161
|
|
|
|
|
162
|
|
|
} |
|
163
|
|
|
|
|
164
|
|
|
class VendorSpecific extends XMLElement { |
|
165
|
|
|
|
|
166
|
|
|
} |
|
167
|
|
|
|
|
168
|
|
|
class ServerSideCredential extends XMLElement { |
|
169
|
|
|
|
|
170
|
|
|
protected $CA; // multi |
|
171
|
|
|
protected $ServerID; //multi |
|
172
|
|
|
protected $EAPType; |
|
173
|
|
|
|
|
174
|
|
|
public function getAll() { |
|
175
|
|
|
if (isset(XMLElement::$authMethodElements['server'][$this->EAPType]) && XMLElement::$authMethodElements['server'][$this->EAPType]) { |
|
176
|
|
|
$element = XMLElement::$authMethodElements['server'][$this->EAPType]; |
|
177
|
|
|
$objectVariables = get_object_vars($this); |
|
178
|
|
|
$outArray = []; |
|
179
|
|
|
foreach ($objectVariables as $o => $v) { |
|
180
|
|
|
if (in_array($o, $element)) { |
|
181
|
|
|
$outArray[$o] = $v; |
|
182
|
|
|
} |
|
183
|
|
|
} |
|
184
|
|
|
return($outArray); |
|
185
|
|
|
} |
|
186
|
|
|
} |
|
187
|
|
|
|
|
188
|
|
|
} |
|
189
|
|
|
|
|
190
|
|
|
class ServerID extends XMLElement { |
|
191
|
|
|
|
|
192
|
|
|
} |
|
193
|
|
|
|
|
194
|
|
|
class ClientSideCredential extends XMLElement { |
|
195
|
|
|
|
|
196
|
|
|
protected $OuterIdentity; |
|
197
|
|
|
protected $UserName; |
|
198
|
|
|
protected $Password; |
|
199
|
|
|
protected $ClientCertificate; |
|
200
|
|
|
protected $Passphrase; |
|
201
|
|
|
protected $PAC; |
|
202
|
|
|
protected $ProvisionPAC; |
|
203
|
|
|
protected $EAPType; |
|
204
|
|
|
|
|
205
|
|
|
|
|
206
|
|
|
public function getAll() { |
|
207
|
|
|
if (isset(XMLElement::$authMethodElements['client'][$this->EAPType]) && XMLElement::$authMethodElements['client'][$this->EAPType]) { |
|
208
|
|
|
$element = XMLElement::$authMethodElements['client'][$this->EAPType]; |
|
209
|
|
|
$objectVars = get_object_vars($this); |
|
210
|
|
|
$outputArray = []; |
|
211
|
|
|
foreach ($objectVars as $name => $value) { |
|
212
|
|
|
if (in_array($name, $element)) { |
|
213
|
|
|
$outputArray[$name] = $value; |
|
214
|
|
|
} |
|
215
|
|
|
} |
|
216
|
|
|
return($outputArray); |
|
217
|
|
|
} |
|
218
|
|
|
} |
|
219
|
|
|
|
|
220
|
|
|
} |
|
221
|
|
|
|
|
222
|
|
|
class ClientCertificate extends XMLElement { |
|
223
|
|
|
|
|
224
|
|
|
} |
|
225
|
|
|
|
|
226
|
|
|
class CA extends XMLElement { |
|
227
|
|
|
|
|
228
|
|
|
} |
|
229
|
|
|
|
|
230
|
|
|
class InnerAuthenticationMethod extends XMLElement { |
|
231
|
|
|
|
|
232
|
|
|
protected $EAPMethod; |
|
233
|
|
|
protected $NonEAPAuthMethod; |
|
234
|
|
|
protected $ServerSideCredential; |
|
235
|
|
|
protected $ClientSideCredential; |
|
236
|
|
|
|
|
237
|
|
|
} |
|
238
|
|
|
|
|
239
|
|
|
class ProviderInfo extends XMLElement { |
|
240
|
|
|
|
|
241
|
|
|
protected $DisplayName; |
|
242
|
|
|
protected $Description; |
|
243
|
|
|
protected $ProviderLocation; |
|
244
|
|
|
protected $ProviderLogo; |
|
245
|
|
|
protected $TermsOfUse; |
|
246
|
|
|
protected $Helpdesk; |
|
247
|
|
|
|
|
248
|
|
|
} |
|
249
|
|
|
|
|
250
|
|
|
class DisplayName extends XMLElement { |
|
251
|
|
|
|
|
252
|
|
|
} |
|
253
|
|
|
|
|
254
|
|
|
class Description extends XMLElement { |
|
255
|
|
|
|
|
256
|
|
|
} |
|
257
|
|
|
|
|
258
|
|
|
class ProviderLocation extends XMLElement { |
|
259
|
|
|
|
|
260
|
|
|
protected $Longitude; |
|
261
|
|
|
protected $Latitude; |
|
262
|
|
|
|
|
263
|
|
|
} |
|
264
|
|
|
|
|
265
|
|
|
class ProviderLogo extends XMLElement { |
|
266
|
|
|
|
|
267
|
|
|
} |
|
268
|
|
|
|
|
269
|
|
|
class TermsOfUse extends XMLElement { |
|
270
|
|
|
|
|
271
|
|
|
} |
|
272
|
|
|
|
|
273
|
|
|
class Helpdesk extends XMLElement { |
|
274
|
|
|
|
|
275
|
|
|
protected $EmailAddress; |
|
276
|
|
|
protected $WebAddress; |
|
277
|
|
|
protected $Phone; |
|
278
|
|
|
|
|
279
|
|
|
} |
|
280
|
|
|
|
|
281
|
|
|
class EmailAddress extends XMLElement { |
|
282
|
|
|
|
|
283
|
|
|
} |
|
284
|
|
|
|
|
285
|
|
|
class WebAddress extends XMLElement { |
|
286
|
|
|
|
|
287
|
|
|
} |
|
288
|
|
|
|
|
289
|
|
|
class Phone extends XMLElement { |
|
290
|
|
|
|
|
291
|
|
|
} |
|
292
|
|
|
|
|
293
|
|
|
/* |
|
|
|
|
|
|
294
|
|
|
class CompatibleUses extends XMLElement { |
|
295
|
|
|
protected $IEEE80211; |
|
296
|
|
|
protected $IEEE8023; |
|
297
|
|
|
protected $ABFAB; |
|
298
|
|
|
} |
|
299
|
|
|
class IEEE80211 extends XMLElement { |
|
300
|
|
|
protected $SSID; |
|
301
|
|
|
protected $ConsortiumOID; |
|
302
|
|
|
protected $MinRSNProto; |
|
303
|
|
|
} |
|
304
|
|
|
|
|
305
|
|
|
class IEEE8023 extends XMLElement { |
|
306
|
|
|
protected $NetworkID; |
|
307
|
|
|
} |
|
308
|
|
|
class ABFAB extends XMLElement { |
|
309
|
|
|
protected $ServiceIdentifier; |
|
310
|
|
|
} |
|
311
|
|
|
|
|
312
|
|
|
*/ |
|
313
|
|
|
|
|
314
|
|
|
/** |
|
315
|
|
|
* |
|
316
|
|
|
* @param \SimpleXMLElement $key |
|
317
|
|
|
* @param \SimpleXMLElement $value |
|
318
|
|
|
*/ |
|
319
|
|
|
function SimpleXMLElement_append($key, $value) { |
|
320
|
|
|
if (trim((string) $value) == '') { |
|
321
|
|
|
$element = $key->addChild($value->getName()); |
|
322
|
|
|
foreach ($value->attributes() as $attKey => $attValue) { |
|
323
|
|
|
$element->addAttribute($attKey, $attValue); |
|
324
|
|
|
} |
|
325
|
|
|
foreach ($value->children() as $child) { |
|
326
|
|
|
SimpleXMLElement_append($element, $child); |
|
327
|
|
|
} |
|
328
|
|
|
} else { |
|
329
|
|
|
$element = $key->addChild($value->getName(), trim((string) $value)); |
|
|
|
|
|
|
330
|
|
|
} |
|
331
|
|
|
} |
|
332
|
|
|
|
|
333
|
|
|
/** |
|
334
|
|
|
* |
|
335
|
|
|
* @param \SimpleXMLElement $node |
|
336
|
|
|
* @param EAPIdentityProvider $object |
|
337
|
|
|
* @return void |
|
338
|
|
|
*/ |
|
339
|
|
|
function marshalObject($node, $object) { |
|
340
|
|
|
$val = ''; |
|
341
|
|
|
$qualClassName = get_class($object); |
|
342
|
|
|
// remove namespace qualifier |
|
343
|
|
|
$pos = strrpos($qualClassName, '\\'); |
|
344
|
|
|
$className = substr($qualClassName, $pos + 1); |
|
345
|
|
|
$name = preg_replace("/_/", "-", $className); |
|
346
|
|
|
if ($object->getValue()) { |
|
347
|
|
|
$val = $object->getValue(); |
|
348
|
|
|
} |
|
349
|
|
|
$simplexmlelement = NULL; |
|
350
|
|
|
if ($val instanceof \SimpleXMLElement) { |
|
351
|
|
|
$simplexmlelement = $val; |
|
352
|
|
|
$val = ''; |
|
353
|
|
|
} |
|
354
|
|
|
if ($val) { |
|
355
|
|
|
if (getType($val) == 'string') { |
|
356
|
|
|
$val = preg_replace('/&/', '&', $val); |
|
357
|
|
|
} |
|
358
|
|
|
$node = $node->addChild($name, $val); |
|
|
|
|
|
|
359
|
|
|
} else { |
|
360
|
|
|
$node = $node->addChild($name); |
|
361
|
|
|
} |
|
362
|
|
|
if ($object->areAttributes()) { |
|
363
|
|
|
$attrs = $object->getAttributes(); |
|
364
|
|
|
foreach ($attrs as $attrt => $attrv) { |
|
365
|
|
|
$node->addAttribute($attrt, $attrv); |
|
366
|
|
|
} |
|
367
|
|
|
} |
|
368
|
|
|
if ($simplexmlelement !== NULL) { |
|
369
|
|
|
SimpleXMLElement_append($node, $simplexmlelement); |
|
370
|
|
|
return; |
|
371
|
|
|
} |
|
372
|
|
|
$fields = $object->getAll(); |
|
373
|
|
|
if (empty($fields)) { |
|
374
|
|
|
return; |
|
375
|
|
|
} |
|
376
|
|
|
|
|
377
|
|
|
foreach ($fields as $name => $value) { |
|
378
|
|
|
if (getType($value) == 'string' || getType($value) == 'integer' || getType($value) == 'double') { |
|
379
|
|
|
$node->addChild($name, $value); |
|
380
|
|
|
} else { |
|
381
|
|
|
if (getType($value) == 'array') { |
|
382
|
|
|
foreach ($value as $insideValue) { |
|
383
|
|
|
if (is_object($insideValue)) { |
|
384
|
|
|
marshalObject($node, $insideValue); |
|
385
|
|
|
} |
|
386
|
|
|
} |
|
387
|
|
|
} else { |
|
388
|
|
|
if (getType($value) == 'object') { |
|
389
|
|
|
marshalObject($node, $value); |
|
390
|
|
|
} |
|
391
|
|
|
} |
|
392
|
|
|
} |
|
393
|
|
|
} |
|
394
|
|
|
} |
|
395
|
|
|
|
GEANT /
CAT
Loading history...
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.