Skip to content

GitLab

Commit 5f8d03fe authored by Wolfgang Knopki's avatar Wolfgang Knopki
Browse files

added compatibility with simplesamlphp 1.19

parent 8e8e5b35
Show whitespace changes
Inline Side-by-side
lib/Auth/Source/SQL.php
View file @ 5f8d03fe
...@@ -12,8 +12,13 @@ ...@@ -12,8 +12,13 @@
* @package simpleSAMLphp * @package simpleSAMLphp
* @version $Id$ * @version $Id$
*/ */
class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase { /*class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase {*/
namespace SimpleSAML\Module\sqlauthbcrypt\Auth\Source;
class sql extends \SimpleSAML\Module\core\Auth\UserPassBase {
/** /**
* The DSN we should connect to. * The DSN we should connect to.
...@@ -68,12 +73,12 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -68,12 +73,12 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
/* Make sure that all required parameters are present. */ /* Make sure that all required parameters are present. */
foreach (array('dsn', 'username', 'password', 'query', 'pepper') as $param) { foreach (array('dsn', 'username', 'password', 'query', 'pepper') as $param) {
if (!array_key_exists($param, $config)) { if (!array_key_exists($param, $config)) {
throw new Exception('Missing required attribute \'' . $param . throw new \Exception('Missing required attribute \'' . $param .
'\' for authentication source ' . $this->authId); '\' for authentication source ' . $this->authId);
} }
if (!is_string($config[$param])) { if (!is_string($config[$param])) {
throw new Exception('Expected parameter \'' . $param . throw new \Exception('Expected parameter \'' . $param .
'\' for authentication source ' . $this->authId . '\' for authentication source ' . $this->authId .
' to be a string. Instead it was: ' . ' to be a string. Instead it was: ' .
var_export($config[$param], TRUE)); var_export($config[$param], TRUE));
...@@ -96,13 +101,13 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -96,13 +101,13 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
*/ */
private function connect() { private function connect() {
try { try {
$db = new PDO($this->dsn, $this->username, $this->password); $db = new \PDO($this->dsn, $this->username, $this->password);
} catch (PDOException $e) { } catch (\PDOException $e) {
throw new Exception('sqlauthBcrypt:' . $this->authId . throw new \Exception('sqlauthBcrypt:' . $this->authId .
': - Failed to connect to \'' . $this->dsn . '\': '. $e->getMessage()); ': - Failed to connect to \'' . $this->dsn . '\': '. $e->getMessage());
} }
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $db->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
$driver = explode(':', $this->dsn, 2); $driver = explode(':', $this->dsn, 2);
...@@ -137,7 +142,7 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -137,7 +142,7 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
* @param string $password The password the user wrote. * @param string $password The password the user wrote.
* @return array Associative array with the users attributes. * @return array Associative array with the users attributes.
*/ */
protected function login($username, $password) { protected function login(string $username,string $password):array {
assert('is_string($username)'); assert('is_string($username)');
assert('is_string($password)'); assert('is_string($password)');
...@@ -145,33 +150,33 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -145,33 +150,33 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
try { try {
$sth = $db->prepare($this->query); $sth = $db->prepare($this->query);
} catch (PDOException $e) { } catch (\PDOException $e) {
throw new Exception('sqlauthBcrypt:' . $this->authId . throw new \Exception('sqlauthBcrypt:' . $this->authId .
': - Failed to prepare query: ' . $e->getMessage()); ': - Failed to prepare query: ' . $e->getMessage());
} }
try { try {
$res = $sth->execute(array('username' => $username)); $res = $sth->execute(array('username' => $username));
} catch (PDOException $e) { } catch ( \PDOException $e) {
throw new Exception('sqlauthBcrypt:' . $this->authId . throw new \Exception('sqlauthBcrypt:' . $this->authId .
': - Failed to execute query: ' . $e->getMessage()); ': - Failed to execute query: ' . $e->getMessage());
} }
try { try {
$data = $sth->fetchAll(PDO::FETCH_ASSOC); $data = $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) { } catch (\PDOException $e) {
throw new Exception('sqlauth:' . $this->authId . throw new \Exception('sqlauth:' . $this->authId .
': - Failed to fetch result set: ' . $e->getMessage()); ': - Failed to fetch result set: ' . $e->getMessage());
} }
SimpleSAML_Logger::info('sqlauthBcrypt:' . $this->authId . \SimpleSAML\Logger::info('sqlauthBcrypt:' . $this->authId .
': Got ' . count($data) . ' rows from database'); ': Got ' . count($data) . ' rows from database');
if (count($data) === 0) { if (count($data) === 0) {
/* No rows returned - invalid username */ /* No rows returned - invalid username */
SimpleSAML_Logger::error('sqlauthBcrypt:' . $this->authId . \SimpleSAML\Logger::error('sqlauthBcrypt:' . $this->authId .
': No rows in result set. Wrong username or sqlauthBcrypt is misconfigured.'); ': No rows in result set. Wrong username or sqlauthBcrypt is misconfigured.');
throw new SimpleSAML_Error_Error('WRONGUSERPASS'); throw new \SimpleSAML\Error\Error('WRONGUSERPASS');
} }
/* Validate stored password hash (must be in first row of resultset) */ /* Validate stored password hash (must be in first row of resultset) */
...@@ -179,9 +184,9 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -179,9 +184,9 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
if ($password_hash !== crypt($password.$this->pepper, $password_hash)) { if ($password_hash !== crypt($password.$this->pepper, $password_hash)) {
/* Invalid password */ /* Invalid password */
SimpleSAML_Logger::error('sqlauthBcrypt:' . $this->authId . \SimpleSAML\Logger::error('sqlauthBcrypt:' . $this->authId .
': Hash does not match. Wrong password or sqlauthBcrypt is misconfigured.'); ': Hash does not match. Wrong password or sqlauthBcrypt is misconfigured.');
throw new SimpleSAML_Error_Error('WRONGUSERPASS'); throw new \SimpleSAML\Error\Error('WRONGUSERPASS');
} }
/* Extract attributes. We allow the resultset to consist of multiple rows. Attributes /* Extract attributes. We allow the resultset to consist of multiple rows. Attributes
...@@ -216,7 +221,7 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -216,7 +221,7 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
} }
} }
SimpleSAML_Logger::info('sqlauthBcrypt:' . $this->authId . \SimpleSAML\Logger::info('sqlauthBcrypt:' . $this->authId .
': Attributes: ' . implode(',', array_keys($attributes))); ': Attributes: ' . implode(',', array_keys($attributes)));
return $attributes; return $attributes;
...@@ -225,3 +230,4 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase ...@@ -225,3 +230,4 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
} }
?> ?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal