1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | namespace SimpleSAML\Auth; |
||
6 | |||
7 | use SimpleSAML\Configuration; |
||
8 | use SimpleSAML\Error; |
||
9 | use SimpleSAML\Logger; |
||
10 | use SimpleSAML\Module; |
||
11 | use SimpleSAML\Utils; |
||
12 | |||
13 | /** |
||
14 | * Class for implementing authentication processing chains for IdPs. |
||
15 | * |
||
16 | * This class implements a system for additional steps which should be taken by an IdP before |
||
17 | * submitting a response to a SP. Examples of additional steps can be additional authentication |
||
18 | * checks, or attribute consent requirements. |
||
19 | * |
||
20 | * @author Olav Morken, UNINETT AS. |
||
21 | * @package SimpleSAMLphp |
||
22 | */ |
||
23 | |||
24 | class ProcessingChain |
||
25 | { |
||
26 | /** |
||
27 | * The list of remaining filters which should be applied to the state. |
||
28 | */ |
||
29 | const FILTERS_INDEX = '\SimpleSAML\Auth\ProcessingChain.filters'; |
||
30 | |||
31 | |||
32 | /** |
||
33 | * The stage we use for completed requests. |
||
34 | */ |
||
35 | const COMPLETED_STAGE = '\SimpleSAML\Auth\ProcessingChain.completed'; |
||
36 | |||
37 | |||
38 | /** |
||
39 | * The request parameter we will use to pass the state identifier when we redirect after |
||
40 | * having completed processing of the state. |
||
41 | */ |
||
42 | const AUTHPARAM = 'AuthProcId'; |
||
43 | |||
44 | |||
45 | /** |
||
46 | * All authentication processing filters, in the order they should be applied. |
||
47 | */ |
||
48 | private $filters; |
||
49 | |||
50 | |||
51 | /** |
||
52 | * Initialize an authentication processing chain for the given service provider |
||
53 | * and identity provider. |
||
54 | * |
||
55 | * @param array $idpMetadata The metadata for the IdP. |
||
56 | * @param array $spMetadata The metadata for the SP. |
||
57 | * @param string $mode |
||
58 | */ |
||
59 | public function __construct($idpMetadata, $spMetadata, $mode = 'idp') |
||
60 | { |
||
61 | assert(is_array($idpMetadata)); |
||
62 | assert(is_array($spMetadata)); |
||
63 | |||
64 | $this->filters = []; |
||
65 | |||
66 | $config = Configuration::getInstance(); |
||
67 | $configauthproc = $config->getArray('authproc.' . $mode, null); |
||
68 | |||
69 | if (!empty($configauthproc)) { |
||
70 | $configfilters = self::parseFilterList($configauthproc); |
||
71 | self::addFilters($this->filters, $configfilters); |
||
72 | } |
||
73 | |||
74 | if (array_key_exists('authproc', $idpMetadata)) { |
||
75 | $idpFilters = self::parseFilterList($idpMetadata['authproc']); |
||
76 | self::addFilters($this->filters, $idpFilters); |
||
77 | } |
||
78 | |||
79 | if (array_key_exists('authproc', $spMetadata)) { |
||
80 | $spFilters = self::parseFilterList($spMetadata['authproc']); |
||
81 | self::addFilters($this->filters, $spFilters); |
||
82 | } |
||
83 | |||
84 | Logger::debug('Filter config for ' . $idpMetadata['entityid'] . '->' . |
||
85 | $spMetadata['entityid'] . ': ' . str_replace("\n", '', var_export($this->filters, true))); |
||
86 | } |
||
87 | |||
88 | |||
89 | /** |
||
90 | * Sort & merge filter configuration |
||
91 | * |
||
92 | * Inserts unsorted filters into sorted filter list. This sort operation is stable. |
||
93 | * |
||
94 | * @param array &$target Target filter list. This list must be sorted. |
||
95 | * @param array $src Source filters. May be unsorted. |
||
96 | * @return void |
||
97 | */ |
||
98 | private static function addFilters(array &$target, array $src) |
||
99 | { |
||
100 | foreach ($src as $filter) { |
||
101 | $fp = $filter->priority; |
||
102 | |||
103 | // Find insertion position for filter |
||
104 | for ($i = count($target) - 1; $i >= 0; $i--) { |
||
105 | if ($target[$i]->priority <= $fp) { |
||
106 | // The new filter should be inserted after this one |
||
107 | break; |
||
108 | } |
||
109 | } |
||
110 | /* $i now points to the filter which should preceede the current filter. */ |
||
111 | array_splice($target, $i + 1, 0, [$filter]); |
||
112 | } |
||
113 | } |
||
114 | |||
115 | |||
116 | /** |
||
117 | * Parse an array of authentication processing filters. |
||
118 | * |
||
119 | * @param array $filterSrc Array with filter configuration. |
||
120 | * @return array Array of ProcessingFilter objects. |
||
121 | */ |
||
122 | private static function parseFilterList(array $filterSrc): array |
||
123 | { |
||
124 | $parsedFilters = []; |
||
125 | |||
126 | foreach ($filterSrc as $priority => $filter) { |
||
127 | if (is_string($filter)) { |
||
128 | $filter = ['class' => $filter]; |
||
129 | } |
||
130 | |||
131 | if (!is_array($filter)) { |
||
132 | throw new \Exception('Invalid authentication processing filter configuration: ' . |
||
133 | 'One of the filters wasn\'t a string or an array.'); |
||
134 | } |
||
135 | |||
136 | $parsedFilters[] = self::parseFilter($filter, $priority); |
||
137 | } |
||
138 | |||
139 | return $parsedFilters; |
||
140 | } |
||
141 | |||
142 | |||
143 | /** |
||
144 | * Parse an authentication processing filter. |
||
145 | * |
||
146 | * @param array $config Array with the authentication processing filter configuration. |
||
147 | * @param int $priority The priority of the current filter, (not included in the filter |
||
148 | * definition.) |
||
149 | * @return \SimpleSAML\Auth\ProcessingFilter The parsed filter. |
||
150 | */ |
||
151 | private static function parseFilter(array $config, int $priority): ProcessingFilter |
||
152 | { |
||
153 | if (!array_key_exists('class', $config)) { |
||
154 | throw new \Exception('Authentication processing filter without name given.'); |
||
155 | } |
||
156 | |||
157 | $className = Module::resolveClass( |
||
158 | $config['class'], |
||
159 | 'Auth\Process', |
||
160 | '\SimpleSAML\Auth\ProcessingFilter' |
||
161 | ); |
||
162 | $config['%priority'] = $priority; |
||
163 | unset($config['class']); |
||
164 | |||
165 | /** @var \SimpleSAML\Auth\ProcessingFilter */ |
||
166 | return new $className($config, null); |
||
167 | } |
||
168 | |||
169 | |||
170 | /** |
||
171 | * Process the given state. |
||
172 | * |
||
173 | * This function will only return if processing completes. If processing requires showing |
||
174 | * a page to the user, we will not be able to return from this function. There are two ways |
||
175 | * this can be handled: |
||
176 | * - Redirect to a URL: We will redirect to the URL set in $state['ReturnURL']. |
||
177 | * - Call a function: We will call the function set in $state['ReturnCall']. |
||
178 | * |
||
179 | * If an exception is thrown during processing, it should be handled by the caller of |
||
180 | * this function. If the user has redirected to a different page, the exception will be |
||
181 | * returned through the exception handler defined on the state array. See |
||
182 | * State for more information. |
||
183 | * |
||
184 | * @see State |
||
185 | * @see State::EXCEPTION_HANDLER_URL |
||
186 | * @see State::EXCEPTION_HANDLER_FUNC |
||
187 | * |
||
188 | * @param array &$state The state we are processing. |
||
189 | * @throws \SimpleSAML\Error\Exception |
||
190 | * @throws \SimpleSAML\Error\UnserializableException |
||
191 | * @return void |
||
192 | */ |
||
193 | public function processState(&$state) |
||
194 | { |
||
195 | assert(is_array($state)); |
||
196 | assert(array_key_exists('ReturnURL', $state) || array_key_exists('ReturnCall', $state)); |
||
197 | assert(!array_key_exists('ReturnURL', $state) || !array_key_exists('ReturnCall', $state)); |
||
198 | |||
199 | $state[self::FILTERS_INDEX] = $this->filters; |
||
200 | |||
201 | try { |
||
202 | // TODO: remove this in SSP 2.0 |
||
203 | if (!array_key_exists('UserID', $state)) { |
||
204 | // No unique user ID present. Attempt to add one. |
||
205 | self::addUserID($state); |
||
206 | } |
||
207 | |||
208 | while (count($state[self::FILTERS_INDEX]) > 0) { |
||
209 | $filter = array_shift($state[self::FILTERS_INDEX]); |
||
210 | $filter->process($state); |
||
211 | } |
||
212 | } catch (Error\Exception $e) { |
||
213 | // No need to convert the exception |
||
214 | throw $e; |
||
215 | } catch (\Exception $e) { |
||
216 | /* |
||
217 | * To be consistent with the exception we return after an redirect, |
||
218 | * we convert this exception before returning it. |
||
219 | */ |
||
220 | throw new Error\UnserializableException($e); |
||
221 | } |
||
222 | |||
223 | // Completed |
||
224 | } |
||
225 | |||
226 | |||
227 | /** |
||
228 | * Continues processing of the state. |
||
229 | * |
||
230 | * This function is used to resume processing by filters which for example needed to show |
||
231 | * a page to the user. |
||
232 | * |
||
233 | * This function will never return. Exceptions thrown during processing will be passed |
||
234 | * to whatever exception handler is defined in the state array. |
||
235 | * |
||
236 | * @param array $state The state we are processing. |
||
237 | * @return void |
||
238 | */ |
||
239 | public static function resumeProcessing($state) |
||
240 | { |
||
241 | assert(is_array($state)); |
||
242 | |||
243 | while (count($state[self::FILTERS_INDEX]) > 0) { |
||
244 | $filter = array_shift($state[self::FILTERS_INDEX]); |
||
245 | try { |
||
246 | $filter->process($state); |
||
247 | } catch (Error\Exception $e) { |
||
248 | State::throwException($state, $e); |
||
249 | } catch (\Exception $e) { |
||
250 | $e = new Error\UnserializableException($e); |
||
251 | State::throwException($state, $e); |
||
252 | } |
||
253 | } |
||
254 | |||
255 | // Completed |
||
256 | |||
257 | assert(array_key_exists('ReturnURL', $state) || array_key_exists('ReturnCall', $state)); |
||
258 | assert(!array_key_exists('ReturnURL', $state) || !array_key_exists('ReturnCall', $state)); |
||
259 | |||
260 | |||
261 | if (array_key_exists('ReturnURL', $state)) { |
||
262 | /* |
||
263 | * Save state information, and redirect to the URL specified |
||
264 | * in $state['ReturnURL']. |
||
265 | */ |
||
266 | $id = State::saveState($state, self::COMPLETED_STAGE); |
||
267 | Utils\HTTP::redirectTrustedURL($state['ReturnURL'], [self::AUTHPARAM => $id]); |
||
268 | } else { |
||
269 | /* Pass the state to the function defined in $state['ReturnCall']. */ |
||
270 | |||
271 | // We are done with the state array in the session. Delete it. |
||
272 | State::deleteState($state); |
||
273 | |||
274 | $func = $state['ReturnCall']; |
||
275 | assert(is_callable($func)); |
||
276 | |||
277 | call_user_func($func, $state); |
||
0 ignored issues
–
show
|
|||
278 | assert(false); |
||
279 | } |
||
280 | } |
||
281 | |||
282 | |||
283 | /** |
||
284 | * Process the given state passivly. |
||
285 | * |
||
286 | * Modules with user interaction are expected to throw an \SimpleSAML\Module\saml\Error\NoPassive exception |
||
287 | * which are silently ignored. Exceptions of other types are passed further up the call stack. |
||
288 | * |
||
289 | * This function will only return if processing completes. |
||
290 | * |
||
291 | * @param array &$state The state we are processing. |
||
292 | * @return void |
||
293 | */ |
||
294 | public function processStatePassive(&$state) |
||
295 | { |
||
296 | assert(is_array($state)); |
||
297 | // Should not be set when calling this method |
||
298 | assert(!array_key_exists('ReturnURL', $state)); |
||
299 | |||
300 | // Notify filters about passive request |
||
301 | $state['isPassive'] = true; |
||
302 | |||
303 | $state[self::FILTERS_INDEX] = $this->filters; |
||
304 | |||
305 | // TODO: remove this in SSP 2.0 |
||
306 | if (!array_key_exists('UserID', $state)) { |
||
307 | // No unique user ID present. Attempt to add one. |
||
308 | self::addUserID($state); |
||
309 | } |
||
310 | |||
311 | while (count($state[self::FILTERS_INDEX]) > 0) { |
||
312 | $filter = array_shift($state[self::FILTERS_INDEX]); |
||
313 | try { |
||
314 | $filter->process($state); |
||
315 | } catch (Error\NoPassive $e) { |
||
316 | // @deprecated will be removed in 2.0 |
||
317 | // Ignore \SimpleSAML\Error\NoPassive exceptions |
||
318 | } catch (Module\saml\Error\NoPassive $e) { |
||
319 | // Ignore \SimpleSAML\Module\saml\Error\NoPassive exceptions |
||
320 | } |
||
321 | } |
||
322 | } |
||
323 | |||
324 | /** |
||
325 | * Retrieve a state which has finished processing. |
||
326 | * |
||
327 | * @param string $id The state identifier. |
||
328 | * @see State::parseStateID() |
||
329 | * @return array|null The state referenced by the $id parameter. |
||
330 | */ |
||
331 | public static function fetchProcessedState($id) |
||
332 | { |
||
333 | assert(is_string($id)); |
||
334 | |||
335 | return State::loadState($id, self::COMPLETED_STAGE); |
||
336 | } |
||
337 | |||
338 | |||
339 | /** |
||
340 | * @deprecated This method will be removed in SSP 2.0. |
||
341 | * @param array &$state |
||
342 | * @return void |
||
343 | */ |
||
344 | private static function addUserID(array &$state) |
||
345 | { |
||
346 | assert(array_key_exists('Attributes', $state)); |
||
347 | |||
348 | if (isset($state['Destination']['userid.attribute'])) { |
||
349 | $attributeName = $state['Destination']['userid.attribute']; |
||
350 | Logger::debug("The 'userid.attribute' option has been deprecated."); |
||
351 | } elseif (isset($state['Source']['userid.attribute'])) { |
||
352 | $attributeName = $state['Source']['userid.attribute']; |
||
353 | Logger::debug("The 'userid.attribute' option has been deprecated."); |
||
354 | } else { |
||
355 | // Default attribute |
||
356 | $attributeName = 'eduPersonPrincipalName'; |
||
357 | } |
||
358 | |||
359 | if (!array_key_exists($attributeName, $state['Attributes'])) { |
||
360 | return; |
||
361 | } |
||
362 | |||
363 | $uid = $state['Attributes'][$attributeName]; |
||
364 | if (count($uid) === 0) { |
||
365 | Logger::warning('Empty user id attribute [' . $attributeName . '].'); |
||
366 | return; |
||
367 | } |
||
368 | |||
369 | if (count($uid) > 1) { |
||
370 | Logger::warning('Multiple attribute values for user id attribute [' . $attributeName . '].'); |
||
371 | return; |
||
372 | } |
||
373 | |||
374 | // TODO: the attribute value should be trimmed |
||
375 | $uid = $uid[0]; |
||
376 | |||
377 | if (empty($uid)) { |
||
378 | Logger::warning('Empty value in attribute ' . $attributeName . ". on user. Cannot set UserID."); |
||
379 | return; |
||
380 | } |
||
381 | $state['UserID'] = $uid; |
||
382 | } |
||
383 | } |
||
384 |
$func
can contain request data and is used in code execution context(s) leading to a potential security vulnerability.14 paths for user data to reach this point
in vendor/symfony/http-foundation/ParameterBag.php on line 82
$request->server->get('PATH_INFO')
is assigned to$url
in lib/SimpleSAML/Module.php on line 138
substr()
, andsubstr($url, 1)
is assigned to$module
in lib/SimpleSAML/Module.php on line 149
in lib/SimpleSAML/Module.php on line 157
$reason
in lib/SimpleSAML/Error/NotFound.php on line 32
in lib/SimpleSAML/Error/NotFound.php on line 42
$errorCode
in lib/SimpleSAML/Error/Error.php on line 81
$errorCode
is assigned to property Error::$errorCodein lib/SimpleSAML/Error/Error.php on line 91
$this->errorCode
is returnedin lib/SimpleSAML/Error/Error.php on line 125
$e->getErrorCode()
is assigned to$errorCode
in modules/core/www/loginuserpass.php on line 87
array('code' => $errorCode, 'params' => $errorParams)
is assigned to$state
in modules/core/www/loginuserpass.php on line 89
in modules/core/www/loginuserpass.php on line 93
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$_SERVER['HTTP_HOST']
is assigned to$current
in lib/SimpleSAML/Utils/HTTP.php on line 64$_SERVER['HTTP_HOST']
is assigned to$current
in lib/SimpleSAML/Utils/HTTP.php on line 64
$current
is returnedin lib/SimpleSAML/Utils/HTTP.php on line 80
self::getServerHost()
is assigned to$hostname
in lib/SimpleSAML/Utils/HTTP.php on line 853
$protocol . '://' . $hostname . $port . $_SERVER['REQUEST_URI']
is returnedin lib/SimpleSAML/Utils/HTTP.php on line 856
SimpleSAML\Utils\HTTP::getSelfURL()
is assigned to$url
in lib/SimpleSAML/Error/NotFound.php on line 36
in lib/SimpleSAML/Error/NotFound.php on line 42
$errorCode
in lib/SimpleSAML/Error/Error.php on line 81
$errorCode
is assigned to property Error::$errorCodein lib/SimpleSAML/Error/Error.php on line 91
$this->errorCode
is returnedin lib/SimpleSAML/Error/Error.php on line 125
$e->getErrorCode()
is assigned to$errorCode
in modules/core/www/loginuserpassorg.php on line 112
array('code' => $errorCode, 'params' => $errorParams)
is assigned to$state
in modules/core/www/loginuserpassorg.php on line 114
in modules/core/www/loginuserpassorg.php on line 119
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$_GET,
and Data is passed throughcheckURLAllowed()
, and IdP::doLogoutRedirect() is called in www/saml2/idp/initSLO.php on line 15$_GET,
and Data is passed throughcheckURLAllowed()
, and IdP::doLogoutRedirect() is calledin www/saml2/idp/initSLO.php on line 15
$url
in lib/SimpleSAML/IdP.php on line 548
array('Responder' => array('\SimpleSAML\IdP', 'finishLogoutRedirect'), 'core:Logout:URL' => $url)
is assigned to$state
in lib/SimpleSAML/IdP.php on line 552
in lib/SimpleSAML/IdP.php on line 557
$state
in lib/SimpleSAML/IdP.php on line 484
$this->id
is assigned to$state
in lib/SimpleSAML/IdP.php on line 489
in lib/SimpleSAML/IdP.php on line 499
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($_REQUEST['AuthState'], 'core:Logout:afterbridge')
is assigned to$state
in modules/saml/www/proxy/invalid_session.php on line 24
in modules/saml/www/proxy/invalid_session.php on line 27
$id
in lib/SimpleSAML/IdP.php on line 131
in lib/SimpleSAML/IdP.php on line 139
$id
in lib/SimpleSAML/IdP.php on line 69
$id
is assigned to property IdP::$idin lib/SimpleSAML/IdP.php on line 71
$this->id
is assigned to$state
in lib/SimpleSAML/IdP.php on line 489
in lib/SimpleSAML/IdP.php on line 506
$state
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 47
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 76
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$_REQUEST,
and Data is passed throughcheckURLAllowed()
, and IdP::doLogoutRedirect() is called in www/saml2/idp/SingleLogoutService.php on line 20$_REQUEST,
and Data is passed throughcheckURLAllowed()
, and IdP::doLogoutRedirect() is calledin www/saml2/idp/SingleLogoutService.php on line 20
$url
in lib/SimpleSAML/IdP.php on line 548
array('Responder' => array('\SimpleSAML\IdP', 'finishLogoutRedirect'), 'core:Logout:URL' => $url)
is assigned to$state
in lib/SimpleSAML/IdP.php on line 552
in lib/SimpleSAML/IdP.php on line 557
$state
in lib/SimpleSAML/IdP.php on line 484
in lib/SimpleSAML/IdP.php on line 499
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
substr()
, andsubstr($_SERVER['PATH_INFO'], 1)
is assigned to$sourceId
in modules/saml/www/sp/saml2-acs.php on line 11substr()
, andsubstr($_SERVER['PATH_INFO'], 1)
is assigned to$sourceId
in modules/saml/www/sp/saml2-acs.php on line 11
array('saml:sp:isUnsolicited' => true, 'saml:sp:AuthId' => $sourceId, 'saml:sp:RelayState' => SimpleSAML\Utils\HTTP::checkURLAllowed($spMetadata->getString('RelayState', $response->getRelayState())))
is assigned to$state
in modules/saml/www/sp/saml2-acs.php on line 126
in modules/saml/www/sp/saml2-acs.php on line 166
$state
in lib/SimpleSAML/Auth/State.php on line 356
in lib/SimpleSAML/Auth/State.php on line 363
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$_REQUEST,
and(string)$_REQUEST['RelayState']
is assigned to$relayState
in modules/core/www/idp/logout-iframe-post.php on line 16$_REQUEST,
and(string)$_REQUEST['RelayState']
is assigned to$relayState
in modules/core/www/idp/logout-iframe-post.php on line 16
in modules/core/www/idp/logout-iframe-post.php on line 58
$relayState
in vendor/simplesamlphp/saml2/src/SAML2/Message.php on line 439
$relayState
is assigned to property LogoutRequest::$relayStatein vendor/simplesamlphp/saml2/src/SAML2/Message.php on line 443
$this->relayState
is returnedin vendor/simplesamlphp/saml2/src/SAML2/Message.php on line 429
array('Responder' => array('\SimpleSAML\Module\saml\IdP\SAML2', 'sendLogoutResponse'), 'saml:SPEntityId' => $spEntityId, 'saml:RelayState' => $message->getRelayState(), 'saml:RequestId' => $message->getId())
is assigned to$state
in modules/saml/lib/IdP/SAML2.php on line 663
in modules/saml/lib/IdP/SAML2.php on line 671
$state
in lib/SimpleSAML/IdP.php on line 484
$this->id
is assigned to$state
in lib/SimpleSAML/IdP.php on line 489
in lib/SimpleSAML/IdP.php on line 506
$state
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 47
$associations
is assigned to$state
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 62
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 76
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$protocol . '://' . $hostname . $port . $_SERVER['REQUEST_URI']
is returned in lib/SimpleSAML/Utils/HTTP.php on line 856$protocol . '://' . $hostname . $port . $_SERVER['REQUEST_URI']
is returnedin lib/SimpleSAML/Utils/HTTP.php on line 856
SimpleSAML\Utils\HTTP::getSelfURL()
is assigned to$url
in lib/SimpleSAML/Error/NotFound.php on line 36
in lib/SimpleSAML/Error/NotFound.php on line 42
$errorCode
in lib/SimpleSAML/Error/Error.php on line 81
$errorCode
is assigned to property Error::$errorCodein lib/SimpleSAML/Error/Error.php on line 91
$this->errorCode
is returnedin lib/SimpleSAML/Error/Error.php on line 125
$e->getErrorCode()
is assigned to$errorCode
in modules/core/www/loginuserpass.php on line 87
array('code' => $errorCode, 'params' => $errorParams)
is assigned to$state
in modules/core/www/loginuserpass.php on line 89
in modules/core/www/loginuserpass.php on line 93
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
in modules/multiauth/lib/Auth/Source/MultiAuth.php on line 211
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($authStateId, SimpleSAML\Module\multiauth\Auth\Source\MultiAuth::STAGEID)
is assigned to$state
in modules/multiauth/www/selectsource.php on line 20
$state['multiauth:preselect']
is assigned to$source
in modules/multiauth/www/selectsource.php on line 49
in modules/multiauth/www/selectsource.php on line 50
$authId
in modules/multiauth/lib/Auth/Source/MultiAuth.php on line 186
in modules/multiauth/lib/Auth/Source/MultiAuth.php on line 211
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
in lib/SimpleSAML/Error/CriticalConfigurationError.php on line 64
$reason
in lib/SimpleSAML/Error/ConfigurationError.php on line 38
$reason
is assigned to property ConfigurationError::$reasonin lib/SimpleSAML/Error/ConfigurationError.php on line 52
$this->reason
is returnedin lib/SimpleSAML/Error/ConfigurationError.php on line 66
$exception->getReason()
is assigned to$reason
in lib/SimpleSAML/Error/CriticalConfigurationError.php on line 78
in lib/SimpleSAML/Error/CriticalConfigurationError.php on line 83
$reason
in lib/SimpleSAML/Error/CriticalConfigurationError.php on line 52
in lib/SimpleSAML/Error/CriticalConfigurationError.php on line 64
$reason
in lib/SimpleSAML/Error/ConfigurationError.php on line 38
$reason
is assigned to$params
in lib/SimpleSAML/Error/ConfigurationError.php on line 49
in lib/SimpleSAML/Error/ConfigurationError.php on line 54
$errorCode
in lib/SimpleSAML/Error/Error.php on line 81
$errorCode
is assigned to property Error::$errorCodein lib/SimpleSAML/Error/Error.php on line 91
$this->errorCode
is returnedin lib/SimpleSAML/Error/Error.php on line 125
$e->getErrorCode()
is assigned to$errorCode
in modules/core/www/loginuserpass.php on line 87
array('code' => $errorCode, 'params' => $errorParams)
is assigned to$state
in modules/core/www/loginuserpass.php on line 89
in modules/core/www/loginuserpass.php on line 93
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$_REQUEST,
and(string)$_REQUEST['idp']
is assigned to$idp
in modules/core/www/idp/logout-iframe-post.php on line 6$_REQUEST,
and(string)$_REQUEST['idp']
is assigned to$idp
in modules/core/www/idp/logout-iframe-post.php on line 6
in modules/core/www/idp/logout-iframe-post.php on line 7
$id
in lib/SimpleSAML/IdP.php on line 131
in lib/SimpleSAML/IdP.php on line 139
$id
in lib/SimpleSAML/IdP.php on line 69
$id
is assigned to property IdP::$idin lib/SimpleSAML/IdP.php on line 71
$this->id
is assigned to$state
in lib/SimpleSAML/IdP.php on line 489
in lib/SimpleSAML/IdP.php on line 506
$state
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 47
$associations
is assigned to$state
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 62
in lib/SimpleSAML/IdP/IFrameLogoutHandler.php on line 76
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
substr()
, andself::getBaseURL() . $url_path . substr($_SERVER['REQUEST_URI'], $uri_pos + strlen($url_path))
is returned in lib/SimpleSAML/Utils/HTTP.php on line 859substr()
, andself::getBaseURL() . $url_path . substr($_SERVER['REQUEST_URI'], $uri_pos + strlen($url_path))
is returnedin lib/SimpleSAML/Utils/HTTP.php on line 859
SimpleSAML\Utils\HTTP::getSelfURL()
is assigned to$url
in lib/SimpleSAML/Error/NotFound.php on line 36
in lib/SimpleSAML/Error/NotFound.php on line 42
$errorCode
in lib/SimpleSAML/Error/Error.php on line 81
$errorCode
is assigned to property Error::$errorCodein lib/SimpleSAML/Error/Error.php on line 91
$this->errorCode
is returnedin lib/SimpleSAML/Error/Error.php on line 125
$e->getErrorCode()
is assigned to$errorCode
in modules/core/www/loginuserpassorg.php on line 112
array('code' => $errorCode, 'params' => $errorParams)
is assigned to$state
in modules/core/www/loginuserpassorg.php on line 114
in modules/core/www/loginuserpassorg.php on line 119
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
in lib/SimpleSAML/Auth/ProcessingChain.php on line 266
$state
in lib/SimpleSAML/Auth/State.php on line 205
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
$_SERVER
in lib/SimpleSAML/Utils/HTTP.php on line 119$_SERVER
in lib/SimpleSAML/Utils/HTTP.php on line 119
in modules/core/lib/Auth/UserPassOrgBase.php on line 225
$stage
in lib/SimpleSAML/Auth/State.php on line 205
$stage
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 215
serialize()
, andserialize($state)
is assigned to$serializedState
in lib/SimpleSAML/Auth/State.php on line 218
in lib/SimpleSAML/Auth/State.php on line 220
$data
in lib/SimpleSAML/Session.php on line 888
array('expires' => $expires, 'timeout' => $timeout, 'data' => $data)
is assigned to$dataInfo
in lib/SimpleSAML/Session.php on line 913
$dataInfo
is assigned to property Session::$dataStorein lib/SimpleSAML/Session.php on line 923
$this->dataStore[$type][$id]['data']
is returnedin lib/SimpleSAML/Session.php on line 980
$session->getData('\SimpleSAML\Auth\State', $sid['id'])
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 280
unserialize()
, andunserialize($state)
is assigned to$state
in lib/SimpleSAML/Auth/State.php on line 295
$state
is returnedin lib/SimpleSAML/Auth/State.php on line 319
SimpleSAML\Auth\State::loadState($stateId, 'core:short_sso_interval')
is assigned to$state
in modules/core/lib/Controller/Exception.php on line 151
in modules/core/lib/Controller/Exception.php on line 156
$state
in lib/SimpleSAML/Auth/ProcessingChain.php on line 239
$state['ReturnCall']
is assigned to$func
in lib/SimpleSAML/Auth/ProcessingChain.php on line 274
General Strategies to prevent injection
In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values:
For numeric data, we recommend to explicitly cast the data: