CILogon\Service\Skin

Complexity

Total Complexity

76

Size/Duplication

Total Lines	588
Duplicated Lines	0 %

Test Coverage

Coverage

0%

Importance

Changes	8
Bugs	0	Features	0

17 Methods

Rating	Name	Duplication	Size	Complexity
A	idpBlacklisted()	0	13	4
B	setMyProxyInfo()	0	40	8
B	readSkinFromDatabase()	0	52	9
A	hasIdpWhitelist()	0	8	3
A	printSkinCSS()	0	8	2
A	inPortalList()	0	13	4
A	readDefaultSkin()	0	17	3
A	idpWhitelisted()	0	17	5
A	hasIdpBlacklist()	0	8	3
A	getConfigOption()	0	17	4
F	readSkinConfig()	0	55	12
B	readSkinFromFile()	0	32	7
A	idpAvailable()	0	10	3
A	hasPortalList()	0	8	3
A	init()	0	12	2
A	__construct()	0	3	1
A	getForceSkin()	0	11	3

<?php

namespace CILogon\Service;

use CILogon\Service\Util;
use tubalmartin\CssMin\Minifier as CSSmin;
use PEAR;
use DB;
use Config;

/**
 * Skin
 *
 * This class reads in CSS and configuration options
 * for a 'skin'. The skin is set by passing the
 * '?skin=...' (or '?cilogon_skin=...') query parameter.
 * If found, the assoicated config XML and CSS are read
 * in from either the filesystem (under the /skin/NAME
 * directory) or the database. It also sets a PHP
 * session variable so that the skin name is remembered
 * across page loads. If no skin name is found, then the
 * default /skin/config.xml file is read in.
 *
 * Note that this class uses the SimpleXML class to parse
 * the config XML. This stores the XML in a special
 * SimpleXMLElement object, which is NOT an array. But
 * you can iterate over elements in the structure. See
 * the PHP SimpleXML online manual 'Basic Usage' for
 * more information.
 *
 * This class provides a getConfigOption() method to
 * access XML (sub)blocks to get at a config value.
 * It is important to rememeber that the values returned
 * by the getConfigOption() method must be typecast to
 * native datatypes in order to be used effectively.
 *
 * An example configuration file (with all available options) is at
 *     /var/www/html/skin/config-example.xml
 *
 * Example usage:
 *   require_once 'Skin.php';
 *   $skin = new Skin();
 *   // While outputting the <head> HTML block...
 *   $skin->printSkinCSS();
 *   // Get the value of a configuration option
 *   $idpwhitelist = $skin->getConfigOption('idpwhitelist');
 *   // Now, process entries in the $idpwhitelist
 *   if ((!is_null($idpwhitelist)) && (!empty($idpwhitelist->idp))) {
 *       foreach ($idpwhitelist->idp as $entityID) {
 *           echo '<p>' , (string)$entityID , "<\p>\n";
 *       }
 *   }
 *   // Check to see if <hideportalinfo> is set
 *   $hideportalinfo = false;
 *   $hpi=$skin->getConfigOption('portallistaction','hideportalinfo');
 *   if ((!is_null($hpi)) && ((int)$hpi > 0)) {
 *       $hideportalinfo = true;
 *   }
 */
class Skin
{
    /**
     * @var string $skinname The name of the skin
     */
    protected $skinname;

    /**
     * @var \SimpleXMLElement $configxml A SimpleXMLElement object for the
     *      config.xml file
     */
    protected $configxml;

    /**
     * @var string $css The un-minified CSS for the skin
     */
    protected $css;

    /**
     * @var array $forcearray An array of (URI,skinname) pairs for forcing
     *      skin application
     */
    protected $forcearray;

    /**
     *  __construct
     *
     * Default constructor. Calls init() to do the actual work.
     *
     * @return Skin A new Skin object.
     */
    public function __construct()
    {
        $this->init();
    }

    /**
     * init
     *
     * This function does the work of (re)initializing the skin object.
     * It finds the name of the skin (if any) and reads in the skin's
     * config XML file (if found). Call this function to reset the
     * skin in case of possible forced skin due to IdP or portal
     * callbackURL.
     *
     * @param bool $reset True to reset the 'cilogon_skin' PHP session var
     *        to blank so that readSkinConfig doesn't check for it.
     *        Defaults to 'false'.
     */
    public function init($reset = false)
    {
        if ($reset) {
            Util::unsetSessionVar('cilogon_skin');
        }

        $this->skinname = '';
        $this->configxml = null;
        $this->css = '';
        $this->forcearray = FORCE_SKIN_ARRAY;

The constant CILogon\Service\FORCE_SKIN_ARRAY was not found. Maybe you did not declare it correctly or list all dependencies?

        $this->readSkinConfig();
        $this->setMyProxyInfo();
    }

    /**
     * readSkinConfig
     *
     * This function checks for the name of the skin in several places:
     * (1) The FORCE_SKIN_ARRAY for a matching IdP entityID or portal
     * callbackURL, (2) in a URL parameter (can be '?skin=',
     * '?cilogon_skin=', '?vo='), (3) cilogon_vo form input variable
     * (POST for ECP case), or (4) 'cilogon_skin' PHP session
     * variable.  If it finds the skin name in any of these, it then
     * checks to see if such a named skin exists, either on the filesystem
     * or in the database. If found, the class variable $skinname AND the
     * 'cilogon_skin' PHP session variable (for use on future page
     * loads by the user) are set. It then reads in the config XML and the
     * CSS and stores them in the class variables $configxml and $css.
     * If no skin name is found, read in the default /skin/config.xml file.
     *
     * Side Effect: Sets the 'cilogon_skin' session variable if needed.
     */
    protected function readSkinConfig()
    {
        $skinvar = '';

        // Check for matching IdP, callbackURI (OAuth1),
        // redirect_uri (OAuth2), or client_id (OAuth2)
        // in the FORCE_SKIN_ARRAY.
        $uristocheck = array(
            Util::getGetVar('redirect_uri'),
            Util::getGetVar('client_id'),
            Util::getSessionVar('callbackuri'),
            Util::getSessionVar('idp')
        );

        foreach ($uristocheck as $value) {
            if (strlen($value) > 0) {
                $skin = $this->getForceSkin($value);
                if (strlen($skin) > 0) {
                    $skinvar = $skin;
                    break;
                }
            }
        }

        // If no force skin found, check GET and POST parameters, as well as
        // previously set cilogon_skin PHP session variable.
        if (strlen($skinvar) == 0) {
            // First, look for '?skin=...'
            $skinvar = Util::getGetVar('skin');
        }
        if (strlen($skinvar) == 0) {
            // Next, look for '?cilogon_skin=...'
            $skinvar = Util::getGetVar('cilogon_skin');
        }
        if (strlen($skinvar) == 0) {
            // Next, look for '?vo=...'
            $skinvar = Util::getGetVar('vo');
        }
        if (strlen($skinvar) == 0) {
            // Next, check 'cilogon_vo' form input variable
            $skinvar = Util::getPostVar('cilogon_vo');
        }
        if (strlen($skinvar) == 0) {
            // Finally, check 'cilogon_skin' PHP session variable
            $skinvar = Util::getSessionVar('cilogon_skin');
        }

        // If we found $skinvar, attempt to read the skin config/css from
        // either the filesystem or the database, or failing that, read the
        // default /skin/config.xml file.
        if (strlen($skinvar) > 0) {
            $skinvar = strtolower($skinvar); // All skin dirs are lowercase
            $this->readSkinFromFile($skinvar) ||
                $this->readSkinFromDatabase($skinvar) ||
                $this->readDefaultSkin();
        }
    }

    /**
     * readSkinFromFile
     *
     * This function reads in the skin config XML and CSS from the
     * filesystem into the class variables $configxml and $css.
     *
     * @param string $skinvar The name of the skin as found by
     *        readSkinConfig().
     * @return bool True if at least one of config.xml or skin.css could
     *         be found (and read in) for the skin (i.e., the skin
     *         directory exists and isn't empty). False otherwise.
     */
    protected function readSkinFromFile($skinvar)
    {
        $readin = false; // Make sure we read in either XML or CSS (or both)

        $skindir = Util::getServerVar('DOCUMENT_ROOT') . "/skin/$skinvar";
        if (is_dir($skindir)) {
            // Read in the config XML
            $skinconf = $skindir . '/config.xml';
            if (is_readable($skinconf)) {
                if (($xml = @simplexml_load_file($skinconf)) !== false) {
                    $this->configxml = $xml;
                    $readin = true;
                }
            }
            //Read in the CSS
            $skincss = $skindir . '/skin.css';
            if (is_readable($skincss)) {
                if (($css = file_get_contents($skincss)) !== false) {
                    $this->css = $css;
                    $readin = true;
                }
            }
        }

        if ($readin) {
            $this->skinname = $skinvar;
            Util::setSessionVar('cilogon_skin', $skinvar);
        } else {
            Util::unsetSessionVar('cilogon_skin');
        }

        return $readin;
    }

    /**
     * readSkinFromDatabase
     *
     * This function reads in the skin config XML and CSS from the
     * database into the class variables $configxml and $css.
     *
     * @param string $skinvar The name of the skin as found by
     *        readSkinConfig().
     * @return bool True if at least one of config XML or CSS could
     *         be read from the database for the skin. False otherwise.
     */
    protected function readSkinFromDatabase($skinvar)
    {
        $readin = false; // Make sure we read in either XML or CSS (or both)

        if (strlen($skinvar) > 0) {
            $dsn = array(
                'phptype'  => 'mysqli',
                'username' => MYSQLI_USERNAME,

The constant CILogon\Service\MYSQLI_USERNAME was not found. Maybe you did not declare it correctly or list all dependencies?

                'password' => MYSQLI_PASSWORD,

The constant CILogon\Service\MYSQLI_PASSWORD was not found. Maybe you did not declare it correctly or list all dependencies?

                'database' => 'ciloa2',
                'hostspec' => 'localhost'
            );

            $opts = array(
                'persistent'  => true,
                'portability' => DB_PORTABILITY_ALL
            );

            $db = DB::connect($dsn, $opts);
            if (!PEAR::isError($db)) {
                $data = $db->getRow(
                    'SELECT * from skins WHERE name = ?',
                    array($skinvar),
                    DB_FETCHMODE_ASSOC
                );
                if ((!DB::isError($data)) && (!empty($data))) {
                    // Read in the config XML
                    if (
                        (strlen(@$data['config']) > 0) &&
                        (($xml = @simple_xml_load_string($data['config'])) !== false)

The function simple_xml_load_string was not found. Maybe you did not declare it correctly or list all dependencies?

                    ) {
                        $this->configxml = $xml;
                        $readin = true;
                    }
                    //Read in the CSS
                    if (strlen(@$data['css']) > 0) {
                        $this->css = $data['css'];
                        $readin = true;
                    }
                }
                $db->disconnect();
            }
        }

        if ($readin) {
            $this->skinname = $skinvar;
            Util::setSessionVar('cilogon_skin', $skinvar);
        } else {
            Util::unsetSessionVar('cilogon_skin');
        }

        return $readin;
    }

    /**
     * readDefaultSkin
     *
     * If we don't read a skin from the filesystem or the database, then
     * read in the default "/skin/config.xml" file.
     *
     * @return bool True if the default config.xml file was read in.
     *         False otherwise.
     */
    protected function readDefaultSkin()
    {
        $readin = false;

        $this->skinname = '';
        $this->css = '';
        Util::unsetSessionVar('cilogon_skin');

        $skinconf = Util::getServerVar('DOCUMENT_ROOT') . '/skin/config.xml';
        if (is_readable($skinconf)) {
            if (($xml = @simplexml_load_file($skinconf)) !== false) {
                $this->configxml = $xml;
                $readin = true;
            }
        }

        return $readin;
    }

    /**
     * getConfigOption
     *
     * This method returns a SimpleXMLElement block corresponding to
     * the passed in arguments.  For example, to get the blacklist of
     * idps, call $idps = getConfigOption('idpblacklist') and then
     * iterate over $idps with foreach($idps as $idp) { ... }.  To get
     * a single subblock value such as the initial lifetime number for
     * the PKCS12 download option, call $life =
     * (int)getConfigOption('pkcs12','initiallifetime','number'). Note
     * that you should explicitly cast the values to int, string,
     * float, etc., when you use them.
     *
     * @param mixed $args Variable number of parameters corresponding to XML
     *              blocks (and possible sub-blocks).
     * @return \SimpleXMLElement|null A SimpleXMLElement corresponding to the
     *         passed-in XML option, or 'null' if no such option exists.
     */
    public function getConfigOption(...$args)
    {
        $retval = null;
        $numargs = count($args);
        if ($numargs > 0) {
            $retval = $this->configxml;
        }
        for ($i = 0; $i < $numargs; $i++) {
            $argval = $args[$i];
            if (empty($retval->$argval)) {
                $retval = null;
                break;
            } else {
                $retval = $retval->$argval;
            }
        }
        return $retval;
    }

    /**
     * printSkinCSS
     *
     * Call this function in the HTML <head> block to print out the
     * <style> tag for the internal CSS of the skin. The CSS is minified
     * to remove whitespace. Note that you should call readSkinConfig
     * to set the contents of $css.
     */
    public function printSkinCSS()
    {
        if (strlen($this->css) > 0) {
            $cssmin = new CSSmin();
            $cssmin->removeImportantComments();
            $cssmin->setLineBreakPosition(255);
            $outputcss = $cssmin->run($this->css);
            echo "<style>$outputcss</style>";
        }
    }

    /**
     * hasIdpWhitelist
     *
     * This function checks for the presence of a <idpwhitelist> block
     * in the skin's config file.  There must be at least one <idp>
     * in the <idpwhitelist>.
     *
     * @return bool True if skin has a non-empty <idpwhitelist>.
     */
    public function hasIdpWhitelist()
    {
        $retval = false;  // Assume no <idpwhitelist> configured
        $idpwhitelist = $this->getConfigOption('idpwhitelist');
        if ((!is_null($idpwhitelist)) && (!empty($idpwhitelist->idp))) {
            $retval = true;
        }
        return $retval;
    }

    /**
     * hasIdpBlacklist
     *
     * This function checks for the presence of a <idpblacklist> block
     * in the skin's config file.  There must be at least one <idp>
     * in the <idpblacklist>.
     *
     * @return bool True if skin has a non-empty <idpblacklist>.
     */
    public function hasIdpBlacklist()
    {
        $retval = false;  // Assume no <idpblacklist> configured
        $idpblacklist = $this->getConfigOption('idpblacklist');
        if ((!is_null($idpblacklist)) && (!empty($idpblacklist->idp))) {
            $retval = true;
        }
        return $retval;
    }

    /**
     * idpWhitelisted
     *
     * This method checks to see if a given entityId of an IdP
     * is whitelisted. 'Whitelisted' in this case means either (a) the
     * entityId is in the skin's <idpwhitelist> list or (b) the skin
     * doesn't have a <idpwhitelist> at all.  In the second case, all
     * IdPs are by default 'whitelisted'.  If you want to find if an
     * IdP should be listed in the WAYF, use 'idpAvailable' which
     * checks the whitelist AND the blacklist.
     *
     * @param string $entityId The entityId of an IdP to check for
     *        whitelisting.
     * @return bool True if the given IdP entityId is in the skin's
     *         whitelist (or if the skin doesn't have a whitelist).
     */
    public function idpWhitelisted($entityId)
    {
        $retval = true;  // Assume the entityId is 'whitelisted'
        if ($this->hasIdpWhitelist()) {
            $idpwhitelist = $this->getConfigOption('idpwhitelist');
            $found = false;
            foreach ($idpwhitelist->idp as $whiteidp) {
                if ($entityId == ((string)$whiteidp)) {
                    $found = true;
                    break;
                }
            }
            if (!$found) {
                $retval = false;
            }
        }
        return $retval;
    }

    /**
     * idpBlacklisted
     *
     * This method checks to see if a given entityId of an IdP
     * appears in the skin's <idpblacklist>.
     *
     * @param string $entityId The entityId of an IdP to check for
     *        blacklisting.
     * @return bool True if the given IdP entityId is in the skin's
     *         blacklist.
     */
    public function idpBlacklisted($entityId)
    {
        $retval = false;  // Assume entityId is NOT in the idpblacklist
        if ($this->hasIdpBlacklist()) {
            $idpblacklist = $this->getConfigOption('idpblacklist');
            foreach ($idpblacklist->idp as $blackidp) {
                if ($entityId == ((string)$blackidp)) {
                    $retval = true;
                    break;
                }
            }
        }
        return $retval;
    }

    /**
     * idpAvailable
     *
     * This method combines idpWhitelisted and idpBlacklisted to return
     * a 'yes/no' for if a given IdP should be made available for
     * selection in the WAYF.  It first checks to see if the IdP is
     * whitelisted.  If not, it returns false. Otherwise, it then
     * checks if the IdP is blacklisted.  If not, it returns true.
     *
     * @param string $entityId The entityId of an IdP to check to see if it
     *        should be available in the WAYF.
     * @return bool True if the given IdP entityId is available to be
     *         selected in the WAYF.
     */
    public function idpAvailable($entityId)
    {
        $retval = false;   // Assume IdP is not available in the WAYF
        if (
            ($this->idpWhitelisted($entityId)) &&
            (!$this->idpBlacklisted($entityId))
        ) {
            $retval = true;
        }
        return $retval;
    }

    /**
     * setMyProxyInfo
     *
     * This method sets the 'myproxyinfo' PHP session variable.  The
     * variable has the form 'info:key1=value1,key2=value2,...' and is
     * passed to the 'myproxy-logon' command as part of the username
     * when fetching a credential.  The MyProxy server will do extra
     * processing based on the content of this 'info:...' tag.  If the
     * skinname is not empty, that is added to the info tag.  Also,
     * the apache REMOTE_ADDR is added.  For other key=value pairs that
     * get added, see the code below.
     */
    public function setMyProxyInfo()
    {
        $infostr = '';

        // Add the skinname if available
        if (strlen($this->skinname) > 0) {
            $infostr .= 'cilogon_skin=' . $this->skinname;
        }

        // Add the REMOTE_ADDR
        $remoteaddr = Util::getServerVar('REMOTE_ADDR');
        if (strlen($remoteaddr) > 0) {
            $infostr .= (strlen($infostr) > 0 ? ',' : '') .
                        "remote_addr=$remoteaddr";
        }

        // Add eppn, eptid, open_id, and oidc if available
        // Note that these values are lowercase after an update to make
        // them the same as those used by the dbService. BUT, MyProxy
        // expects the old versions. So this array maps the new lowercase
        // versions back into the old ones.
        $mpid = array(
            'eppn' => 'ePPN',
            'eptid' => 'ePTID',
            'open_id' => 'openidID',
            'oidc' => 'oidcID'
        );
        foreach (array('eppn','eptid','open_id','oidc') as $id) {
            $sessvar = Util::getSessionVar($id);
            if (strlen($sessvar) > 0) {
                $infostr .= (strlen($infostr) > 0 ? ',' : '') .
                    $mpid[$id] . "=" . $sessvar;
            }
        }

        // Finally, set the 'myproxyinfo' PHP session variable
        if (strlen($infostr) > 0) {
            Util::setSessionVar('myproxyinfo', 'info:' . $infostr);
        } else {
            Util::unsetSessionVar('myproxyinfo');
        }
    }

    /**
     * hasPortalList
     *
     * This function checks for the presence of a <portallist> block in
     * the skin's config file.  There must be at least one <portal> in
     * the <portallist>.
     *
     * @return bool True if skin has a non-empty <portallist>.
     */
    public function hasPortalList()
    {
        $retval = false;  // Assume no <portallist> configured
        $portallist = $this->getConfigOption('portallist');
        if ((!is_null($portallist)) && (!empty($portallist->portal))) {
            $retval = true;
        }
        return $retval;
    }

    /**
     * inPortalList
     *
     * This function takes in a 'callback' URL of a portal passed to
     * the CILogon Delegate service.  It then looks through the list
     * of <portal> patterns in the skin's <portallist>.  If the
     * callback URL matches any of these patterns, true is returned.
     * This is used to hide the 'Site Name / Site URL / Service URL'
     * box on the delegation WAYF page, for example.
     *
     * @param string $portalurl A 'callback' URL of a portal accessing the
     *        delegate service.
     * @return bool True if the callback URL matches one of the patterns
     *         in the skin's <portallist>.  False otherwise.
     */
    public function inPortalList($portalurl)
    {
        $retval = false;  // Assume the portalurl not a listed <portal>
        if ($this->hasPortalList()) {
            $portallist = $this->getConfigOption('portallist');
            foreach ($portallist->portal as $portalmatch) {
                if (preg_match(((string)$portalmatch), $portalurl)) {
                    $retval = true;
                    break;
                }
            }
        }
        return $retval;
    }

    /**
     * getForceSkin
     *
     * The FORCE_SKIN_ARRAY contains 'uripattern'=>'skinname' pairs
     * corresponding to IdP entityIDs, portal callbackurls, or client_ids
     * that should have a particular skin force-applied. This function
     * looks in the FORCE_SKIN_ARRAY for a pattern-matched URI and returns
     * the corresponding skin name if found. If not found, empty
     * string is returned.
     *
     * @param string $uri A URI to search for in the FORCE_SKIN_ARRAY.
     * @return string The skin name for the URI, or empty string if not
     *         found.
     */
    protected function getForceSkin($uri)
    {
        $retval = '';  // Assume uri is not in FORCE_SKIN_ARRAY

        foreach ($this->forcearray as $key => $value) {
            if (preg_match($key, $uri)) {
                $retval = $value;
                break;
            }
        }
        return $retval;
    }
}