Skip to content

Commit 99ff04d

Browse files
committed
Update php-saml to 4.3.1
1 parent 6c44b6f commit 99ff04d

File tree

6 files changed

+40
-25
lines changed

6 files changed

+40
-25
lines changed

onelogin-saml-sso/php/lib/Saml2/Auth.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -165,13 +165,13 @@ class Auth
165165
/**
166166
* Initializes the SP SAML instance.
167167
*
168-
* @param array|null $settings Setting data
169-
* @param bool $spValidationOnly Validate or not the IdP data
168+
* @param array|null $settings Setting data
169+
* @param bool $spValidationOnly if true, The library will only validate the SAML SP settings,
170170
*
171171
* @throws Exception
172172
* @throws Error
173173
*/
174-
public function __construct(array $settings = null, $spValidationOnly = false)
174+
public function __construct(?array $settings = null, bool $spValidationOnly = false)
175175
{
176176
$this->_settings = new Settings($settings, $spValidationOnly);
177177
}

onelogin-saml-sso/php/lib/Saml2/Response.php

Lines changed: 27 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -272,7 +272,10 @@ public function isValid($requestId = null)
272272

273273
// Check destination
274274
if ($this->document->documentElement->hasAttribute('Destination')) {
275-
$destination = trim($this->document->documentElement->getAttribute('Destination'));
275+
$destination = $this->document->documentElement->getAttribute('Destination');
276+
if (isset($destination)) {
277+
$destination = trim($destination);
278+
}
276279
if (empty($destination)) {
277280
if (!$security['relaxDestinationValidation']) {
278281
throw new ValidationError(
@@ -298,25 +301,24 @@ public function isValid($requestId = null)
298301
// Check audience
299302
$validAudiences = $this->getAudiences();
300303
if (!empty($validAudiences) && !in_array($spEntityId, $validAudiences, true)) {
304+
$validAudiencesStr = implode(',', $validAudiences);
301305
throw new ValidationError(
302-
sprintf(
303-
"Invalid audience for this Response (expected '%s', got '%s')",
304-
$spEntityId,
305-
implode(',', $validAudiences)
306-
),
306+
"Invalid audience for this Response (expected '".$spEntityId."', got '".$validAudiencesStr."')",
307307
ValidationError::WRONG_AUDIENCE
308308
);
309309
}
310310

311311
// Check the issuers
312312
$issuers = $this->getIssuers();
313313
foreach ($issuers as $issuer) {
314-
$trimmedIssuer = trim($issuer);
315-
if (empty($trimmedIssuer) || $trimmedIssuer !== $idPEntityId) {
316-
throw new ValidationError(
317-
"Invalid issuer in the Assertion/Response (expected '$idPEntityId', got '$trimmedIssuer')",
318-
ValidationError::WRONG_ISSUER
319-
);
314+
if (isset($issuer)) {
315+
$trimmedIssuer = trim($issuer);
316+
if (empty($trimmedIssuer) || $trimmedIssuer !== $idPEntityId) {
317+
throw new ValidationError(
318+
"Invalid issuer in the Assertion/Response (expected '".$idPEntityId."', got '".$trimmedIssuer."')",
319+
ValidationError::WRONG_ISSUER
320+
);
321+
}
320322
}
321323
}
322324

@@ -546,7 +548,10 @@ public function getAudiences()
546548

547549
$entries = $this->_queryAssertion('/saml:Conditions/saml:AudienceRestriction/saml:Audience');
548550
foreach ($entries as $entry) {
549-
$value = trim($entry->textContent);
551+
$value = $entry->textContent;
552+
if (isset($value)) {
553+
$value = trim($value);
554+
}
550555
if (!empty($value)) {
551556
$audiences[] = $value;
552557
}
@@ -651,7 +656,7 @@ public function getNameIdData()
651656
$spEntityId = $spData['entityId'];
652657
if ($spEntityId != $nameId->getAttribute($attr)) {
653658
throw new ValidationError(
654-
"The SPNameQualifier value mistmatch the SP entityID value.",
659+
"The SPNameQualifier value mismatch the SP entityID value.",
655660
ValidationError::SP_NAME_QUALIFIER_NAME_MISMATCH
656661
);
657662
}
@@ -1261,13 +1266,19 @@ public function getErrorException()
12611266
/**
12621267
* After execute a validation process, if fails this method returns the cause
12631268
*
1269+
* @param bool $escape Apply or not htmlentities to the message.
1270+
*
12641271
* @return null|string Error reason
12651272
*/
1266-
public function getError()
1273+
public function getError($escape = true)
12671274
{
12681275
$errorMsg = null;
12691276
if (isset($this->_error)) {
1270-
$errorMsg = htmlentities($this->_error->getMessage());
1277+
if ($escape) {
1278+
$errorMsg = htmlentities($this->_error->getMessage());
1279+
} else {
1280+
$errorMsg = $this->_error->getMessage();
1281+
}
12711282
}
12721283
return $errorMsg;
12731284
}

onelogin-saml-sso/php/lib/Saml2/Settings.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ class Settings
120120
* @throws Error If any settings parameter is invalid
121121
* @throws Exception If Settings is incorrectly supplied
122122
*/
123-
public function __construct(array $settings = null, $spValidationOnly = false)
123+
public function __construct(?array $settings = null,bool $spValidationOnly = false)
124124
{
125125
$this->_spValidationOnly = $spValidationOnly;
126126
$this->_loadPaths();

onelogin-saml-sso/php/lib/Saml2/Utils.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -763,7 +763,7 @@ public static function extractOriginalQueryParam($name)
763763
*/
764764
public static function generateUniqueID()
765765
{
766-
return 'ONELOGIN_' . sha1(uniqid((string)mt_rand(), true));
766+
return 'ONELOGIN_' . sha1(random_bytes(20));
767767
}
768768

769769
/**
@@ -961,7 +961,7 @@ public static function getExpireTime($cacheDuration = null, $validUntil = null)
961961
*
962962
* @return DOMNodeList The queried nodes
963963
*/
964-
public static function query(DOMDocument $dom, $query, DOMElement $context = null)
964+
public static function query(DOMDocument $dom, $query, ?DOMElement $context = null)
965965
{
966966
$xpath = new DOMXPath($dom);
967967
$xpath->registerNamespace('samlp', Constants::NS_SAMLP);

onelogin-saml-sso/php/lib/Saml2/ValidationError.php

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,8 +90,12 @@ public function __construct($msg, $code = 0, $args = array())
9090
if (!isset($args)) {
9191
$args = array();
9292
}
93-
$params = array_merge(array($msg), $args);
94-
$message = call_user_func_array('sprintf', $params);
93+
if (!empty($args)) {
94+
$params = array_merge(array($msg), $args);
95+
$message = call_user_func_array('sprintf', $params);
96+
} else {
97+
$message = $msg;
98+
}
9599

96100
parent::__construct($message, $code);
97101
}
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"php-saml": {
3-
"version": "3.8.1",
3+
"version": "4.3.1",
44
"released": "09/12/2025"
55
}
66
}

0 commit comments

Comments
 (0)