simplesamlphp /
simplesamlphp-module-sqlauth
@@ -68,14 +68,14 @@ discard block |
||
| 68 | 68 | // Make sure that all required parameters are present. |
| 69 | 69 | foreach (['dsn', 'username', 'password', 'query'] as $param) { |
| 70 | 70 | if (!array_key_exists($param, $config)) { |
| 71 | - throw new Exception('Missing required attribute \'' . $param . |
|
| 72 | - '\' for authentication source ' . $this->authId); |
|
| 71 | + throw new Exception('Missing required attribute \''.$param. |
|
| 72 | + '\' for authentication source '.$this->authId); |
|
| 73 | 73 | } |
| 74 | 74 | |
| 75 | 75 | if (!is_string($config[$param])) { |
| 76 | - throw new Exception('Expected parameter \'' . $param . |
|
| 77 | - '\' for authentication source ' . $this->authId . |
|
| 78 | - ' to be a string. Instead it was: ' . |
|
| 76 | + throw new Exception('Expected parameter \''.$param. |
|
| 77 | + '\' for authentication source '.$this->authId. |
|
| 78 | + ' to be a string. Instead it was: '. |
|
| 79 | 79 | var_export($config[$param], true)); |
| 80 | 80 | } |
| 81 | 81 | } |
@@ -101,10 +101,10 @@ discard block |
||
| 101 | 101 | $db = new PDO($this->dsn, $this->username, $this->password, $this->options); |
| 102 | 102 | } catch (PDOException $e) { |
| 103 | 103 | // Obfuscate the password if it's part of the dsn |
| 104 | - $obfuscated_dsn = preg_replace('/(user|password)=(.*?([;]|$))/', '${1}=***', $this->dsn); |
|
| 104 | + $obfuscated_dsn = preg_replace('/(user|password)=(.*?([;]|$))/', '${1}=***', $this->dsn); |
|
| 105 | 105 | |
| 106 | - throw new \Exception('sqlauth:' . $this->authId . ': - Failed to connect to \'' . |
|
| 107 | - $obfuscated_dsn . '\': ' . $e->getMessage()); |
|
| 106 | + throw new \Exception('sqlauth:'.$this->authId.': - Failed to connect to \''. |
|
| 107 | + $obfuscated_dsn.'\': '.$e->getMessage()); |
|
| 108 | 108 | } |
| 109 | 109 | |
| 110 | 110 | $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
@@ -148,30 +148,30 @@ discard block |
||
| 148 | 148 | try { |
| 149 | 149 | $sth = $db->prepare($this->query); |
| 150 | 150 | } catch (PDOException $e) { |
| 151 | - throw new Exception('sqlauth:' . $this->authId . |
|
| 152 | - ': - Failed to prepare query: ' . $e->getMessage()); |
|
| 151 | + throw new Exception('sqlauth:'.$this->authId. |
|
| 152 | + ': - Failed to prepare query: '.$e->getMessage()); |
|
| 153 | 153 | } |
| 154 | 154 | |
| 155 | 155 | try { |
| 156 | 156 | $sth->execute(['username' => $username, 'password' => $password]); |
| 157 | 157 | } catch (PDOException $e) { |
| 158 | - throw new Exception('sqlauth:' . $this->authId . |
|
| 159 | - ': - Failed to execute query: ' . $e->getMessage()); |
|
| 158 | + throw new Exception('sqlauth:'.$this->authId. |
|
| 159 | + ': - Failed to execute query: '.$e->getMessage()); |
|
| 160 | 160 | } |
| 161 | 161 | |
| 162 | 162 | try { |
| 163 | 163 | $data = $sth->fetchAll(PDO::FETCH_ASSOC); |
| 164 | 164 | } catch (PDOException $e) { |
| 165 | - throw new Exception('sqlauth:' . $this->authId . |
|
| 166 | - ': - Failed to fetch result set: ' . $e->getMessage()); |
|
| 165 | + throw new Exception('sqlauth:'.$this->authId. |
|
| 166 | + ': - Failed to fetch result set: '.$e->getMessage()); |
|
| 167 | 167 | } |
| 168 | 168 | |
| 169 | - Logger::info('sqlauth:' . $this->authId . ': Got ' . count($data) . |
|
| 169 | + Logger::info('sqlauth:'.$this->authId.': Got '.count($data). |
|
| 170 | 170 | ' rows from database'); |
| 171 | 171 | |
| 172 | 172 | if (count($data) === 0) { |
| 173 | 173 | // No rows returned - invalid username/password |
| 174 | - Logger::error('sqlauth:' . $this->authId . |
|
| 174 | + Logger::error('sqlauth:'.$this->authId. |
|
| 175 | 175 | ': No rows in result set. Probably wrong username/password.'); |
| 176 | 176 | throw new Error\Error('WRONGUSERPASS'); |
| 177 | 177 | } |
@@ -202,7 +202,7 @@ discard block |
||
| 202 | 202 | } |
| 203 | 203 | } |
| 204 | 204 | |
| 205 | - Logger::info('sqlauth:' . $this->authId . ': Attributes: ' . implode(',', array_keys($attributes))); |
|
| 205 | + Logger::info('sqlauth:'.$this->authId.': Attributes: '.implode(',', array_keys($attributes))); |
|
| 206 | 206 | |
| 207 | 207 | return $attributes; |
| 208 | 208 | } |
@@ -172,13 +172,13 @@ discard block |
||
| 172 | 172 | || is_null($row[$this->passwordhashcolumn])) |
| 173 | 173 | { |
| 174 | 174 | \SimpleSAML\Logger::error('sqlauth:'.$this->authId. |
| 175 | - ': column ' . $this->passwordhashcolumn . ' must be in every result tuple.'); |
|
| 175 | + ': column ' . $this->passwordhashcolumn . ' must be in every result tuple.'); |
|
| 176 | 176 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 177 | 177 | } |
| 178 | 178 | if( $pwhash ) { |
| 179 | 179 | if( $pwhash != $row[$this->passwordhashcolumn] ) { |
| 180 | 180 | \SimpleSAML\Logger::error('sqlauth:'.$this->authId. |
| 181 | - ': column ' . $this->passwordhashcolumn . ' must be THE SAME in every result tuple.'); |
|
| 181 | + ': column ' . $this->passwordhashcolumn . ' must be THE SAME in every result tuple.'); |
|
| 182 | 182 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 183 | 183 | } |
| 184 | 184 | } |
@@ -191,7 +191,7 @@ discard block |
||
| 191 | 191 | if( is_null($pwhash)) { |
| 192 | 192 | if( $pwhash != $row[$this->passwordhashcolumn] ) { |
| 193 | 193 | \SimpleSAML\Logger::error('sqlauth:'.$this->authId. |
| 194 | - ': column ' . $this->passwordhashcolumn . ' does not contain a password hash.'); |
|
| 194 | + ': column ' . $this->passwordhashcolumn . ' does not contain a password hash.'); |
|
| 195 | 195 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 196 | 196 | } |
| 197 | 197 | } |
@@ -59,10 +59,10 @@ discard block |
||
| 59 | 59 | // Call the parent constructor first, as required by the interface |
| 60 | 60 | parent::__construct($info, $config); |
| 61 | 61 | |
| 62 | - if( array_key_exists('passwordhashcolumn', $config )) { |
|
| 62 | + if (array_key_exists('passwordhashcolumn', $config)) { |
|
| 63 | 63 | $this->passwordhashcolumn = $config['passwordhashcolumn']; |
| 64 | 64 | } |
| 65 | - if( !$this->passwordhashcolumn ) { |
|
| 65 | + if (!$this->passwordhashcolumn) { |
|
| 66 | 66 | $this->passwordhashcolumn = 'passwordhash'; |
| 67 | 67 | } |
| 68 | 68 | } |
@@ -75,7 +75,7 @@ discard block |
||
| 75 | 75 | * @param array $forbiddenAttributes An array of attributes to never return |
| 76 | 76 | * @return array Associative array with the users attributes. |
| 77 | 77 | */ |
| 78 | - protected function extractAttributes( $data, $forbiddenAttributes = array() ) |
|
| 78 | + protected function extractAttributes($data, $forbiddenAttributes = array()) |
|
| 79 | 79 | { |
| 80 | 80 | $attributes = []; |
| 81 | 81 | foreach ($data as $row) { |
@@ -172,13 +172,13 @@ discard block |
||
| 172 | 172 | || is_null($row[$this->passwordhashcolumn])) |
| 173 | 173 | { |
| 174 | 174 | \SimpleSAML\Logger::error('sqlauth:'.$this->authId. |
| 175 | - ': column ' . $this->passwordhashcolumn . ' must be in every result tuple.'); |
|
| 175 | + ': column '.$this->passwordhashcolumn.' must be in every result tuple.'); |
|
| 176 | 176 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 177 | 177 | } |
| 178 | - if( $pwhash ) { |
|
| 179 | - if( $pwhash != $row[$this->passwordhashcolumn] ) { |
|
| 178 | + if ($pwhash) { |
|
| 179 | + if ($pwhash != $row[$this->passwordhashcolumn]) { |
|
| 180 | 180 | \SimpleSAML\Logger::error('sqlauth:'.$this->authId. |
| 181 | - ': column ' . $this->passwordhashcolumn . ' must be THE SAME in every result tuple.'); |
|
| 181 | + ': column '.$this->passwordhashcolumn.' must be THE SAME in every result tuple.'); |
|
| 182 | 182 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 183 | 183 | } |
| 184 | 184 | } |
@@ -188,10 +188,10 @@ discard block |
||
| 188 | 188 | * This should never happen as the count(data) test above would have already thrown. |
| 189 | 189 | * But checking twice doesn't hurt. |
| 190 | 190 | */ |
| 191 | - if( is_null($pwhash)) { |
|
| 192 | - if( $pwhash != $row[$this->passwordhashcolumn] ) { |
|
| 191 | + if (is_null($pwhash)) { |
|
| 192 | + if ($pwhash != $row[$this->passwordhashcolumn]) { |
|
| 193 | 193 | \SimpleSAML\Logger::error('sqlauth:'.$this->authId. |
| 194 | - ': column ' . $this->passwordhashcolumn . ' does not contain a password hash.'); |
|
| 194 | + ': column '.$this->passwordhashcolumn.' does not contain a password hash.'); |
|
| 195 | 195 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 196 | 196 | } |
| 197 | 197 | } |
@@ -200,13 +200,13 @@ discard block |
||
| 200 | 200 | * VERIFICATION! |
| 201 | 201 | * Now to check if the password the user supplied is actually valid |
| 202 | 202 | */ |
| 203 | - if( !password_verify( $password, $pwhash )) { |
|
| 204 | - \SimpleSAML\Logger::error('sqlauth:'.$this->authId. ': password is incorrect.'); |
|
| 203 | + if (!password_verify($password, $pwhash)) { |
|
| 204 | + \SimpleSAML\Logger::error('sqlauth:'.$this->authId.': password is incorrect.'); |
|
| 205 | 205 | throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); |
| 206 | 206 | } |
| 207 | 207 | |
| 208 | 208 | |
| 209 | - $attributes = $this->extractAttributes( $data, array($this->passwordhashcolumn) ); |
|
| 209 | + $attributes = $this->extractAttributes($data, array($this->passwordhashcolumn)); |
|
| 210 | 210 | |
| 211 | 211 | \SimpleSAML\Logger::info('sqlauth:'.$this->authId.': Attributes: '. |
| 212 | 212 | implode(',', array_keys($attributes))); |
