summaryrefslogtreecommitdiffstats
path: root/inc/simplesamlphp/bin
diff options
context:
space:
mode:
authorJérôme Schneider <jschneider@entrouvert.com>2013-06-07 10:19:28 (GMT)
committerJérôme Schneider <jschneider@entrouvert.com>2013-06-07 10:19:28 (GMT)
commit148696b03f7679dbb4d10caf1c03b40b00294bc6 (patch)
tree099a7906d27653c9bb31dfc8accd768285f75395 /inc/simplesamlphp/bin
parentbf196f5d5d1b87bab633394aca23d77b43621d4e (diff)
downloadspip-saml-148696b03f7679dbb4d10caf1c03b40b00294bc6.zip
spip-saml-148696b03f7679dbb4d10caf1c03b40b00294bc6.tar.gz
spip-saml-148696b03f7679dbb4d10caf1c03b40b00294bc6.tar.bz2
include simplesamlphp and fix sso
Diffstat (limited to 'inc/simplesamlphp/bin')
-rwxr-xr-xinc/simplesamlphp/bin/build-release.sh34
-rwxr-xr-xinc/simplesamlphp/bin/ldapattrschemaparser.pl102
-rwxr-xr-xinc/simplesamlphp/bin/memcacheSync.php165
-rwxr-xr-xinc/simplesamlphp/bin/pack.php77
-rwxr-xr-xinc/simplesamlphp/bin/pwgen.php48
-rwxr-xr-xinc/simplesamlphp/bin/translation.php192
6 files changed, 618 insertions, 0 deletions
diff --git a/inc/simplesamlphp/bin/build-release.sh b/inc/simplesamlphp/bin/build-release.sh
new file mode 100755
index 0000000..3e77c88
--- /dev/null
+++ b/inc/simplesamlphp/bin/build-release.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+set -e
+
+TAG=$1
+if ! shift; then
+ echo "$0: Missing required tag parameter." >&2
+ exit 1
+fi
+
+if [ -z "$TAG" ]; then
+ echo "$0: Empty tag parameter." >&2
+ exit 1
+fi
+
+cd /tmp
+
+REPOPATH="http://simplesamlphp.googlecode.com/svn/tags/$TAG/"
+
+if [ -a "$TAG" ]; then
+ echo "$0: Destination already exists: $TAG" >&2
+ exit 1
+fi
+
+umask 0022
+
+svn export "$REPOPATH"
+mkdir -p "$TAG/config" "$TAG/metadata"
+cp -rv "$TAG/config-templates/"* "$TAG/config/"
+cp -rv "$TAG/metadata-templates/"* "$TAG/metadata/"
+tar --owner 0 --group 0 -cvzf "$TAG.tar.gz" "$TAG"
+rm -rf "$TAG"
+
+echo "Created: /tmp/$TAG.tar.gz"
diff --git a/inc/simplesamlphp/bin/ldapattrschemaparser.pl b/inc/simplesamlphp/bin/ldapattrschemaparser.pl
new file mode 100755
index 0000000..11af4b5
--- /dev/null
+++ b/inc/simplesamlphp/bin/ldapattrschemaparser.pl
@@ -0,0 +1,102 @@
+#!/usr/bin/env perl
+use strict;
+use warnings;
+
+my @valid_formats = (
+ 'simple',
+ 'oid2name',
+ 'oid2urn',
+ 'name2oid',
+ 'name2urn',
+ 'urn2oid',
+ 'urn2name',
+ );
+
+my $format = shift;
+unless (defined($format)) {
+ print(STDERR "Usage: simpleparser.pl FORMAT <FILES>\n");
+ print(STDERR "Valid formats: ", join(' ', @valid_formats), "\n");
+ exit(1);
+}
+
+unless (grep { $_ eq $format } @valid_formats) {
+ print(STDERR "Invalid format: $format\n");
+ print(STDERR "Valid formats: ", join(' ', @valid_formats), "\n");
+ exit(1);
+}
+
+
+# Load file
+my $text = join('', <>);
+
+# Strip comments
+$text =~ s/#.*$//gm;
+
+my %oids;
+my %names;
+
+while ($text =~ m"attributetype\s*\(\s*([\d.]+).*?NAME\s+(?:'(.*?)'|(\(.*?\)))"sg) {
+ my $oid = $1;
+ my @attributes;
+ if (defined($2)) {
+ # Single attribute
+ @attributes = ($2);
+ } else {
+ # Multiple attributes
+ my $input = $3;
+ while ($input =~ m"'(.*?)'"gs) {
+ push(@attributes, $1);
+ }
+ }
+
+ foreach my $attrname (@attributes) {
+ $names{$attrname} = $oid;
+ }
+ $oids{$oid} = [ @attributes ];
+}
+
+
+if ($format eq 'simple') {
+ foreach my $oid (sort keys %oids) {
+ my @names = @{$oids{$oid}};
+ print "$oid ", join(' ', @names), "\n";
+ }
+ exit(0);
+}
+
+print "<?php\n";
+print "\$attributemap = array(\n";
+
+if ($format eq 'oid2name') {
+ foreach my $oid (sort keys %oids) {
+ my $name = $oids{$oid}->[0];
+ print "\t'urn:oid:$oid' => '$name',\n";
+ }
+} elsif ($format eq 'oid2urn') {
+ foreach my $oid (sort keys %oids) {
+ my $name = $oids{$oid}->[0];
+ print "\t'urn:oid:$oid' => 'urn:mace:dir:attribute-def:$name',\n";
+ }
+} elsif ($format eq 'name2oid') {
+ foreach my $name (sort keys %names) {
+ my $oid = $names{$name};
+ print "\t'$name' => 'urn:oid:$oid',\n";
+ }
+} elsif ($format eq 'name2urn') {
+ foreach my $name (sort keys %names) {
+ print "\t'$name' => 'urn:mace:dir:attribute-def:$name',\n";
+ }
+} elsif ($format eq 'urn2oid') {
+ foreach my $name (sort keys %names) {
+ my $oid = $names{$name};
+ print "\t'urn:mace:dir:attribute-def:$name' => 'urn:oid:$oid',\n";
+ }
+} elsif ($format eq 'urn2name') {
+ foreach my $name (sort keys %names) {
+ print "\t'urn:mace:dir:attribute-def:$name' => '$name',\n";
+ }
+}
+
+print ");\n";
+print "?>";
+
diff --git a/inc/simplesamlphp/bin/memcacheSync.php b/inc/simplesamlphp/bin/memcacheSync.php
new file mode 100755
index 0000000..26c9cf7
--- /dev/null
+++ b/inc/simplesamlphp/bin/memcacheSync.php
@@ -0,0 +1,165 @@
+#!/usr/bin/env php
+<?php
+
+
+/* Check that the memcache library is enabled. */
+if(!class_exists('Memcache')) {
+ echo("Error: the memcache library appears to be unavailable.\n");
+ echo("\n");
+ echo("This is most likely because PHP doesn't load it for the command line\n");
+ echo("version. You probably need to enable it somehow.\n");
+ echo("\n");
+ if(is_dir('/etc/php5/cli/conf.d')) {
+ echo("It is possible that running the following command as root will fix it:\n");
+ echo(" echo 'extension=memcache.so' >/etc/php5/cli/conf.d/memcache.ini\n");
+ }
+
+ exit(1);
+}
+
+/* This is the base directory of the simpleSAMLphp installation. */
+$baseDir = dirname(dirname(__FILE__));
+
+/* Add library autoloader. */
+require_once($baseDir . '/lib/_autoload.php');
+
+/* Initialize the configuration. */
+$configdir = $baseDir . '/config';
+SimpleSAML_Configuration::setConfigDir($configdir);
+
+/* Things we should warn the user about. */
+$warnServerDown = 0;
+$warnBigSlab = 0;
+
+/* We use the stats interface to determine which servers exists. */
+$stats = SimpleSAML_Memcache::getRawStats();
+
+$keys = array();
+foreach($stats as $group) {
+ foreach($group as $server => $state) {
+
+ if($state === FALSE) {
+ echo("WARNING: Server " . $server . " is down.\n");
+ $warnServerDown++;
+ continue;
+ }
+
+ $items = $state['curr_items'];
+ echo("Server " . $server . " has " . $items . " items.\n");
+ $serverKeys = getServerKeys($server);
+ $keys = array_merge($keys, $serverKeys);
+ }
+}
+
+echo("Total number of keys: " . count($keys) . "\n");
+$keys = array_unique($keys);
+echo("Total number of unique keys: " . count($keys) . "\n");
+
+echo("Starting synchronization.\n");
+
+$skipped = 0;
+$sync = 0;
+foreach($keys as $key) {
+ $res = SimpleSAML_Memcache::get($key);
+ if($res === NULL) {
+ $skipped += 1;
+ } else {
+ $sync += 1;
+ }
+}
+
+
+echo("Synchronization done.\n");
+echo($sync . " keys in sync.\n");
+if($skipped > 0) {
+ echo($skipped . " keys skipped.\n");
+ echo("Keys are skipped because they are either expired, or are of a type unknown\n");
+ echo("to simpleSAMLphp.\n");
+}
+
+if($warnServerDown > 0) {
+ echo("WARNING: " . $warnServerDown . " server(s) down. Not all servers are synchronized.\n");
+}
+
+if($warnBigSlab > 0) {
+ echo("WARNING: " . $warnBigSlab . " slab(s) may have contained more keys than we were told about.\n");
+}
+
+/**
+ * Fetch all keys available in an server.
+ *
+ * @param $server The server, as a string with <hostname>:<port>.
+ * @return An array with all the keys available on the server.
+ */
+function getServerKeys($server) {
+ $server = explode(':', $server);
+ $host = $server[0];
+ $port = (int)$server[1];
+
+ echo("Connecting to: " . $host . ":" . $port . "\n");
+ $socket = fsockopen($host, $port);
+ echo("Connected. Finding keys.\n");
+
+ if(fwrite($socket, "stats slabs\r\n") === FALSE) {
+ echo("Error requesting slab dump from server.\n");
+ exit(1);
+ }
+
+ /* Read list of slabs. */
+ $slabs = array();
+ while( ($line = fgets($socket)) !== FALSE) {
+ $line = rtrim($line);
+ if($line === 'END') {
+ break;
+ }
+
+ if(preg_match('/^STAT (\d+):/', $line, $matches)) {
+ $slab = (int)$matches[1];
+ if(!in_array($slab, $slabs, TRUE)) {
+ $slabs[] = $slab;
+ }
+ }
+ }
+
+ /* Dump keys in slabs. */
+ $keys = array();
+ foreach($slabs as $slab) {
+
+ if(fwrite($socket, "stats cachedump " . $slab . " 1000000\r\n") === FALSE) {
+ echo("Error requesting cache dump from server.\n");
+ exit(1);
+ }
+
+ /* We keep track of the result size, to be able to warn the user if it is
+ * so big that keys may have been lost.
+ */
+ $resultSize = 0;
+
+ while( ($line = fgets($socket)) !== FALSE) {
+ $resultSize += strlen($line);
+
+ $line = rtrim($line);
+ if($line === 'END') {
+ break;
+ }
+
+ if(preg_match('/^ITEM (.*) \[\d+ b; \d+ s\]/', $line, $matches)) {
+ $keys[] = $matches[1];
+ } else {
+ echo("Unknown result from cache dump: " . $line . "\n");
+ }
+ }
+ if($resultSize > 1900000 || count($keys) >= 1000000) {
+ echo("WARNING: Slab " . $slab . " on server " . $host . ":" . $port .
+ " may have contained more keys than we were told about.\n");
+ $GLOBALS['warnBigSlab'] += 1;
+ }
+ }
+
+ echo("Found " . count($keys) . " key(s).\n");
+ fclose($socket);
+
+ return $keys;
+}
+
+?> \ No newline at end of file
diff --git a/inc/simplesamlphp/bin/pack.php b/inc/simplesamlphp/bin/pack.php
new file mode 100755
index 0000000..f69cafb
--- /dev/null
+++ b/inc/simplesamlphp/bin/pack.php
@@ -0,0 +1,77 @@
+#!/usr/bin/env php
+<?php
+
+/* This is the base directory of the simpleSAMLphp installation. */
+$baseDir = dirname(dirname(__FILE__));
+
+/* Add library autoloader. */
+require_once($baseDir . '/lib/_autoload.php');
+
+if (count($argv) < 1) {
+ echo "Wrong number of parameters. Run: " . $argv[0] . " [install,show] url [branch]\n"; exit;
+}
+
+// Needed in order to make session_start to be called before output is printed.
+$session = SimpleSAML_Session::getInstance();
+$config = SimpleSAML_Configuration::getConfig('config.php');
+
+
+$action = $argv[1];
+
+
+function getModinfo() {
+ global $argv;
+ if (count($argv) < 2)
+ throw new Exception('Missing second parameter: URL/ID');
+ return sspmod_core_ModuleDefinition::load($argv[2]);
+}
+
+function getBranch() {
+ global $argv;
+ if (isset($argv[3])) return $argv[3];
+ return NULL;
+}
+
+switch($action) {
+ case 'install':
+ $mod = getModinfo();
+ $installer = new sspmod_core_ModuleInstaller($mod);
+ $installer->install(getBranch());
+ break;
+
+ case 'remove':
+ $mod = getModinfo();
+ $installer = new sspmod_core_ModuleInstaller($mod);
+ $installer->remove(getBranch());
+ break;
+
+ case 'upgrade':
+ $mod = getModinfo();
+ $installer = new sspmod_core_ModuleInstaller($mod);
+ $installer->upgrade(getBranch());
+ break;
+
+ case 'upgrade-all' :
+ $mdir = scandir($config->getBaseDir() . 'modules/');
+ foreach($mdir AS $md) {
+ if (!sspmod_core_ModuleDefinition::validId($md)) continue;
+ if (!sspmod_core_ModuleDefinition::isDefined($md)) continue;
+ $moduledef = sspmod_core_ModuleDefinition::load($md, 'remote');
+ $installer = new sspmod_core_ModuleInstaller($moduledef);
+
+ if ($moduledef->updateExists() || $moduledef->alwaysUpdate()) {
+ echo "Upgrading [" . $md . "]\n";
+ $installer->upgrade();
+ } else {
+ echo "No updates available for [" . $md . "]\n";
+ }
+ }
+ break;
+
+ default:
+ throw new Exception('Unknown action [' . $action . ']');
+}
+
+
+
+
diff --git a/inc/simplesamlphp/bin/pwgen.php b/inc/simplesamlphp/bin/pwgen.php
new file mode 100755
index 0000000..31a8eb9
--- /dev/null
+++ b/inc/simplesamlphp/bin/pwgen.php
@@ -0,0 +1,48 @@
+#!/usr/bin/env php
+<?php
+/*
+ * $Id$
+ * Interactive script to generate password hashes.
+ *
+ */
+
+
+/* This is the base directory of the simpleSAMLphp installation. */
+$baseDir = dirname(dirname(__FILE__));
+
+/* Add library autoloader. */
+require_once($baseDir . '/lib/_autoload.php');
+
+
+echo "Enter password: ";
+$password = trim(fgets(STDIN));
+
+if(empty($password)) {
+ echo "Need at least one character for a password\n";
+ exit(1);
+}
+
+$table = '';
+foreach (array_chunk(hash_algos(), 6) as $chunk) {
+ foreach($chunk as $algo) {
+ $table .= sprintf('%-13s', $algo);
+ }
+ $table .= "\n";
+}
+
+echo "The following hashing algorithms are available:\n" . $table . "\n";
+echo "Which one do you want? [sha256] ";
+$algo = trim(fgets(STDIN));
+if(empty($algo)) {
+ $algo = 'sha256';
+}
+
+if(!in_array(strtolower($algo), hash_algos())) {
+ echo "Hashing algorithm '$algo' is not supported\n";
+ exit(1);
+}
+
+echo "Do you want to use a salt? (yes/no) [yes] ";
+$s = (trim(fgets(STDIN)) == 'no') ? '' : 'S';
+
+echo "\n " . SimpleSAML_Utils_Crypto::pwHash($password, strtoupper( $s . $algo ) ). "\n\n";
diff --git a/inc/simplesamlphp/bin/translation.php b/inc/simplesamlphp/bin/translation.php
new file mode 100755
index 0000000..4359d1a
--- /dev/null
+++ b/inc/simplesamlphp/bin/translation.php
@@ -0,0 +1,192 @@
+#!/usr/bin/env php
+<?php
+
+/* This is the base directory of the simpleSAMLphp installation. */
+$baseDir = dirname(dirname(__FILE__));
+
+/* Add library autoloader. */
+require_once($baseDir . '/lib/_autoload.php');
+
+if (count($argv) !== 3) {
+ echo "Wrong number of parameters. Run: " . $argv[0] . " [pulldef,push,pull] filename\n"; exit;
+}
+
+$action = $argv[1];
+$file = $argv[2];
+
+$translationconfig = SimpleSAML_Configuration::getConfig('translation.php');
+
+$application = $translationconfig->getString('application', 'simplesamlphp');
+$base = $translationconfig->getString('baseurl') . '/module.php/translationportal/';
+
+if (!preg_match('/^(.*?)(?:\.(definition|translation))?\.(json|php)/', $file, $match))
+ throw new Exception('Illlegal file name. Must end on (definition|translation).json');
+$fileWithoutExt = $match[1];
+if (!empty($match[2])) {
+ $type = $match[2];
+} else {
+ $type = 'definition';
+}
+
+$basefile = basename($fileWithoutExt);
+
+
+echo 'Action: [' . $action. ']' . "\n";
+echo 'Application: [' . $application. ']' . "\n";
+echo 'File orig: [' . $file . ']'. "\n";
+echo 'File base: [' . $basefile . ']'. "\n";
+
+
+switch($action) {
+ case 'pulldef':
+
+ $content = SimpleSAML_Utilities::fetch($base . 'export.php?aid=' . $application . '&type=def&file=' . $basefile);
+ file_put_contents($fileWithoutExt . '.definition.json' , $content);
+ break;
+
+ case 'pull':
+
+ $content = SimpleSAML_Utilities::fetch($base . 'export.php?aid=' . $application . '&type=translation&file=' . $basefile);
+ file_put_contents($fileWithoutExt . '.translation.json' , $content);
+ break;
+
+ case 'push':
+
+ #$content = file_get_contents($base . 'export.php?aid=' . $application . '&type=translation&file=' . $basefile);
+ #file_put_contents($fileWithoutExt . '.translation.json' , $content);
+ push($file, $basefile, $application, $type);
+
+ break;
+
+ case 'convert':
+
+ include($file);
+ $definition = json_format(convert_definition($lang));
+ $translation = json_format(convert_translation($lang)) . "\n";
+ file_put_contents($fileWithoutExt . '.definition.json' , $definition);
+ file_put_contents($fileWithoutExt . '.translation.json' , $translation);
+ break;
+
+
+ default:
+ throw new Exception('Unknown action [' . $action . ']');
+}
+
+function ssp_readline($prompt = '') {
+ echo $prompt;
+ return rtrim( fgets( STDIN ), "\n" );
+}
+
+function convert_definition($data) {
+ $new = array();
+ foreach($data AS $key => $value) {
+ $new[$key] = array('en' => $value['en']);
+ }
+ return $new;
+}
+
+function convert_translation($data) {
+ foreach ($data as &$value) {
+ unset($value['en']);
+ }
+ return $data;
+}
+
+function push($file, $fileWithoutExt, $aid, $type) {
+
+ if (!file_exists($file)) throw new Exception('Could not find file: ' . $file);
+
+ $fileContent = file_get_contents($file);
+
+
+ global $baseDir;
+
+ require_once($baseDir . '/modules/oauth/libextinc/OAuth.php');
+
+
+
+ $translationconfig = SimpleSAML_Configuration::getConfig('translation.php');
+
+ $baseurl = $translationconfig->getString('baseurl');
+ $key = $translationconfig->getString('key');
+ $secret = $translationconfig->getString('secret');
+
+ echo 'Using OAuth to authenticate you to the translation portal' . "\n";
+ $consumer = new sspmod_oauth_Consumer($key, $secret);
+
+
+
+ $storage = new sspmod_core_Storage_SQLPermanentStorage('oauth_clientcache');
+
+ $cachedAccessToken = $storage->get('accesstoken', 'translation', '');
+ $accessToken = NULL;
+ if (empty($cachedAccessToken)) {
+
+ // Get the request token
+ $requestToken = $consumer->getRequestToken($baseurl . '/module.php/oauth/requestToken.php');
+ echo "Got a request token from the OAuth service provider [" . $requestToken->key . "] with the secret [" . $requestToken->secret . "]\n";
+
+ // Authorize the request token
+ $url = $consumer->getAuthorizeRequest($baseurl . '/module.php/oauth/authorize.php', $requestToken, FALSE);
+
+ echo('Go to this URL to authenticate/authorize the request: ' . $url . "\n");
+ system('open ' . $url);
+
+ ssp_readline('Click enter when you have completed the authorization step using your web browser...');
+
+ // Replace the request token with an access token
+ $accessToken = $consumer->getAccessToken( $baseurl . '/module.php/oauth/accessToken.php', $requestToken);
+ echo "Got an access token from the OAuth service provider [" . $accessToken->key . "] with the secret [" . $accessToken->secret . "]\n";
+
+ $storage->set('accesstoken', 'translation', '', $accessToken);
+
+ } else {
+ $accessToken = $cachedAccessToken['value'];
+ echo 'Successfully read OAuth Access Token from cache [' . $accessToken->key . ']' . "\n";
+ }
+
+ $pushURL = $baseurl . '/module.php/translationportal/push.php';
+ $request = array('data' => base64_encode($fileContent), 'file' => $fileWithoutExt, 'aid' => $aid, 'type' => $type);
+
+ $result = $consumer->postRequest($pushURL, $accessToken, $request);
+
+ echo $result;
+
+
+}
+
+/**
+ * Format an associative array as a json string.
+ *
+ * @param mixed $data The data that should be json encoded.
+ * @param string $indentation The current indentation level. Optional.
+ * @return string The json encoded data.
+ */
+function json_format($data, $indentation = '') {
+ assert('is_string($indentation)');
+
+ if (!is_array($data)) {
+ return json_encode($data);
+ }
+
+ $ret = "{";
+ $first = TRUE;
+ foreach ($data as $k => $v) {
+ $k = json_encode((string)$k);
+ $v = json_format($v, $indentation . "\t");
+
+ if ($first) {
+ $ret .= "\n";
+ $first = FALSE;
+ } else {
+ $ret .= ",\n";
+ }
+
+ $ret .= $indentation . "\t" . $k . ': ' . $v;
+ }
+ $ret .= "\n" . $indentation . '}';
+
+ return $ret;
+}
+
+?> \ No newline at end of file