diff --git a/src/Service/Content.php b/src/Service/Content.php
index da2c689..f838565 100644
--- a/src/Service/Content.php
+++ b/src/Service/Content.php
@@ -258,6 +258,7 @@ public static function printWAYF($showremember = true, $samlidps = false)
if (!empty($idphintlist)) {
$useselectedidp = true;
$providerId = $idphintlist[0];
+ $newidps = array();
// Update the IdP selection list to show just the idphintlist.
foreach ($idphintlist as $value) {
$newidps[$value] = $idps[$value];
@@ -885,26 +886,41 @@ public static function printIdPMetadata()
href="http://refeds.org/category/research-and-scholarship">REFEDS
R & S:
' , ($idplist->isREFEDSRandS($idp) ? 'Yes' : 'No') , ' |
- ' ,
- (($eduGainWithoutRandSandSIRTFI &&
- !$idplist->isREFEDSRandS($idp)) ?
- Content::printIcon('warn', 'This IdP does not support both ' .
- 'REFEDS R&S and SIRTFI. CILogon functionality may be limited.') :
- '') ,
- ' |
+ ';
+ if (
+ ($eduGainWithoutRandSandSIRTFI &&
+ !$idplist->isREFEDSRandS($idp))
+ ) {
+ Content::printIcon(
+ 'warn',
+ 'This IdP does not support both ' .
+ 'REFEDS R&S and SIRTFI. ' .
+ 'CILogon functionality may be limited.'
+ );
+ }
+
+ echo ' |
SIRTFI: |
' , ($idplist->isSIRTFI($idp) ? 'Yes' : 'No') , ' |
- ',
- (($eduGainWithoutRandSandSIRTFI &&
- !$idplist->isSIRTFI($idp)) ?
- Content::printIcon('warn', 'This IdP does not support both ' .
- 'REFEDS R&S and SIRTFI. CILogon functionality may be limited.') :
- '') ,
- ' |
+ ';
+
+ if (
+ ($eduGainWithoutRandSandSIRTFI &&
+ !$idplist->isSIRTFI($idp))
+ ) {
+ Content::printIcon(
+ 'warn',
+ 'This IdP does not support both ' .
+ 'REFEDS R&S and SIRTFI. ' .
+ 'CILogon functionality may be limited.'
+ );
+ }
+
+ echo ' |
@@ -1323,7 +1339,7 @@ public static function verifyCurrentUserSession($providerId = '')
* 'submit' variable to be set upon return from the 'getuser'
* script. This is utilized to control the flow of this script
* after 'getuser'. Defaults to 'gotuser'.
- * @param string responseurl (Optional) A response url for redirection
+ * @param string $responseurl (Optional) A response url for redirection
* after successful processing at /secure/getuser/. Defaults to
* the current script directory.
* @param bool $allowsilver Is it okay to request silver assurance in
diff --git a/src/Service/DBProps.php b/src/Service/DBProps.php
index 5952758..77a2207 100644
--- a/src/Service/DBProps.php
+++ b/src/Service/DBProps.php
@@ -122,8 +122,6 @@ public function getHostspec()
*/
public function getDBConnect()
{
- $retval = null;
-
$db = new DB(); // So defined constants get read in
$dsn = array(
'phptype' => $this->dbtype,
diff --git a/src/Service/DBService.php b/src/Service/DBService.php
index e7adf34..9e2a02b 100644
--- a/src/Service/DBService.php
+++ b/src/Service/DBService.php
@@ -128,137 +128,137 @@ class DBService
);
/**
- * @var int $status The returned status code from dbService calls
+ * @var int|null $status The returned status code from dbService calls
*/
public $status;
/**
- * @var string $user_uid The CILogon UID
+ * @var string|null $user_uid The CILogon UID
*/
public $user_uid;
/**
- * @var string $remote_user The HTTP session REMOTE_USER
+ * @var string|null $remote_user The HTTP session REMOTE_USER
*/
public $remote_user;
/**
- * @var string $idp The Identity Provider's entityId
+ * @var string|null $idp The Identity Provider's entityId
*/
public $idp;
/**
- * @var string $idp_display_name The Identity Provider's name
+ * @var string|null $idp_display_name The Identity Provider's name
*/
public $idp_display_name;
/**
- * @var string $first_name User's given name
+ * @var string|null $first_name User's given name
*/
public $first_name;
/**
- * @var string $last_name User's family name
+ * @var string|null $last_name User's family name
*/
public $last_name;
/**
- * @var string $display_name User's full name
+ * @var string|null $display_name User's full name
*/
public $display_name;
/**
- * @var string $email User's email address
+ * @var string|null $email User's email address
*/
public $email;
/**
- * @var string $distinguished_name X.509 DN + email address
+ * @var string|null $distinguished_name X.509 DN + email address
*/
public $distinguished_name;
/**
- * @var string $eppn eduPersonPrincipalName
+ * @var string|null $eppn eduPersonPrincipalName
*/
public $eppn;
/**
- * @var string $eptid eduPersonTargetedID
+ * @var string|null $eptid eduPersonTargetedID
*/
public $eptid;
/**
- * @var string $open_id Old Google OpenID 2.0 identifier
+ * @var string|null $open_id Old Google OpenID 2.0 identifier
*/
public $open_id;
/**
- * @var string $oidc OpenID Connect identifier
+ * @var string|null $oidc OpenID Connect identifier
*/
public $oidc;
/**
- * @var string $affiliation eduPersonScopedAffiliation
+ * @var string|null $affiliation eduPersonScopedAffiliation
*/
public $affiliation;
/**
- * @var string $ou Organizational Unit
+ * @var string|null $ou Organizational Unit
*/
public $ou;
/**
- * @var string $member_of isMemberOf group information
+ * @var string|null $member_of isMemberOf group information
*/
public $member_of;
/**
- * @var string $acr Authentication Context Class Ref
+ * @var string|null $acr Authentication Context Class Ref
*/
public $acr;
/**
- * @var string $entitlement eduPersonEntitlement
+ * @var string|null $entitlement eduPersonEntitlement
*/
public $entitlement;
/**
- * @var string $itrustuin Person's univeristy ID number
+ * @var string|null $itrustuin Person's univeristy ID number
*/
public $itrustuin;
/**
- * @var string $serial_string CILogon serial string (e.g., A34201)
+ * @var string|null $serial_string CILogon serial string (e.g., A34201)
*/
public $serial_string;
/**
- * @var string $create_time Time user entry was created
+ * @var string|null $create_time Time user entry was created
*/
public $create_time;
/**
- * @var string $oauth_token OAuth 2.0 token
+ * @var string|null $oauth_token OAuth 2.0 token
*/
public $oauth_token;
/**
- * @var string $cilogon_callback OAuth 1.0a callback URL
+ * @var string|null $cilogon_callback OAuth 1.0a callback URL
*/
public $cilogon_callback;
/**
- * @var string $cilogon_success OAuth 1.0a success URL
+ * @var string|null $cilogon_success OAuth 1.0a success URL
*/
public $cilogon_success;
/**
- * @var string $cilogon_failure OAuth 1.0a failure URL
+ * @var string|null $cilogon_failure OAuth 1.0a failure URL
*/
public $cilogon_failure;
/**
- * @var string $cilogon_portal_name OAuth client name
+ * @var string|null $cilogon_portal_name OAuth client name
*/
public $cilogon_portal_name;
@@ -268,17 +268,17 @@ class DBService
public $idp_uids;
/**
- * @var string $client_name OAuth 2.0 client name
+ * @var string|null $client_name OAuth 2.0 client name
*/
public $client_name;
/**
- * @var string $client_id OAuth 2.0 client identifier
+ * @var string|null $client_id OAuth 2.0 client identifier
*/
public $client_id;
/**
- * @var string $client_home_uri OAuth 2.0 client home URL
+ * @var string|null $client_home_uri OAuth 2.0 client home URL
*/
public $client_home_uri;
@@ -288,7 +288,7 @@ class DBService
public $client_callback_uris;
/**
- * @var string $dbservice URL The URL to use for the dbService
+ * @var string|null $dbservice URL The URL to use for the dbService
*/
private $dbserviceurl;
@@ -370,7 +370,6 @@ public function clearUser()
$this->oidc = null;
$this->serial_string = null;
$this->create_time = null;
- $this->two_factor = null;
$this->affiliation = null;
$this->ou = null;
$this->member_of = null;
@@ -690,7 +689,7 @@ public function getClient($cid)
*
* @param string $code The 'code' as returned by the OAuth 2.0 server.
* @param string $uid The database user UID.
- * @param int The Unix timestamp of the user authentication.
+ * @param int $authntime The Unix timestamp of the user authentication.
* @param string $loa (Optional) The Level of Assurance: '' = basic,
* 'openid' = OpenID Connect (e.g., Google),
* 'http://incommonfederation.org/assurance/silver' = silver
@@ -829,9 +828,6 @@ public function call($params)
if (preg_match('/cilogon_portal_name=([^\r\n]+)/', $output, $match)) {
$this->cilogon_portal_name = urldecode($match[1]);
}
- if (preg_match('/two_factor=([^\r\n]+)/', $output, $match)) {
- $this->two_factor = urldecode($match[1]);
- }
if (preg_match_all('/idp_uid=([^\r\n]+)/', $output, $match)) {
foreach ($match[1] as $value) {
$this->idp_uids[] = urldecode($value);
@@ -886,7 +882,7 @@ public function dump()
{
if (!is_null($this->status)) {
echo "status=$this->status (" .
- array_search($this->status, static::$STATUS) . ")\n";
+ (string)(array_search($this->status, static::$STATUS)) . ")\n";
}
if (!is_null($this->user_uid)) {
echo "user_uid=$this->user_uid\n";
@@ -966,9 +962,6 @@ public function dump()
if (!is_null($this->cilogon_portal_name)) {
echo "cilogon_portal_name=$this->cilogon_portal_name\n";
}
- if (!is_null($this->two_factor)) {
- echo "two_factor=$this->two_factor\n";
- }
if (count($this->idp_uids) > 0) {
uasort($this->idp_uids, 'strcasecmp');
echo "idp_uids={\n";
diff --git a/src/Service/IdpList.php b/src/Service/IdpList.php
index 6b293e5..d1029b3 100644
--- a/src/Service/IdpList.php
+++ b/src/Service/IdpList.php
@@ -144,9 +144,10 @@ public function readXML()
$retval = false; // Assume read failed
$filename = $this->getFilename();
+ $doc = new DOMDocument();
if (
(is_readable($filename)) &&
- (($dom = DOMDocument::load($filename, LIBXML_NOBLANKS)) !== false)
+ (($dom = $doc->load($filename, LIBXML_NOBLANKS)) !== false)
) {
$this->idpdom = $dom;
$this->idpdom->preserveWhiteSpace = false;
@@ -377,7 +378,8 @@ public function create()
);
// Create a DOMDocument to build up the list of IdPs.
- $dom = DOMImplementation::createDocument(null, 'idps');
+ $domi = new DOMImplementation();
+ $dom = $domi->createDocument(null, 'idps');
$idps = $dom->documentElement; // Top level element
// Loop through the IdPs searching for desired attributes
@@ -696,11 +698,12 @@ public function create()
}
// Read in any test IdPs and add them to the list
+ $doc = new DOMDocument();
if (
(defined('TEST_IDP_XML')) &&
(!empty(TEST_IDP_XML)) &&
(is_readable(TEST_IDP_XML)) &&
- (($dom2 = DOMDocument::load(TEST_IDP_XML)) !== false)
+ (($dom2 = $doc->load(TEST_IDP_XML)) !== false)
) {
$idpnodes = $dom2->getElementsByTagName('idp');
foreach ($idpnodes as $idpnode) {
@@ -1309,8 +1312,8 @@ public function getShibInfo($entityID = '')
* idplist.xml and returns a 2D array where the keys are entityIDs
* and the values are arrays of attributes for each IdP.
*
- * @param DOMDocument The DOM containing the list of IdPs to convert to
- * an array. Returns null on error.
+ * @param DOMDocument $dom The DOM containing the list of IdPs to convert
+ * to an array. Returns null on error.
* @return array An array corresponding to the DOM of the IdPs.
*/
public function DOM2Array($dom)
@@ -1342,7 +1345,7 @@ public function DOM2Array($dom)
* This function takes an array of IdPs (such as idparray) and
* returns a corresponding DOM which can be written to XML.
*
- * @param array $arr An array corresponding to the idplist.
+ * @param array|null $arr An array corresponding to the idplist.
* @return DOMDocument A DOM for the idplist which can be written to XML.
*/
public function array2DOM($arr)
@@ -1350,7 +1353,8 @@ public function array2DOM($arr)
$retdom = null;
if (!is_null($arr)) {
- $dom = DOMImplementation::createDocument(null, 'idps');
+ $domi = new DOMImplementation();
+ $dom = $domi->createDocument(null, 'idps');
$idps = $dom->documentElement; // Top level element
foreach ($arr as $entityID => $attrs) {
diff --git a/src/Service/MyProxy.php b/src/Service/MyProxy.php
index 736fe69..b768a29 100644
--- a/src/Service/MyProxy.php
+++ b/src/Service/MyProxy.php
@@ -94,7 +94,7 @@ public static function getMyProxyCredential(
}
// Run the myproxy-logon command and capture the output and any error
- unset($output);
+ $output = array();
$cmd = '/bin/env ' .
$USER_CERT_ENV . ' ' .
$env . ' ' .
diff --git a/src/Service/OAuth2Provider.php b/src/Service/OAuth2Provider.php
index 435527a..8164179 100644
--- a/src/Service/OAuth2Provider.php
+++ b/src/Service/OAuth2Provider.php
@@ -3,6 +3,7 @@
namespace CILogon\Service;
use CILogon\Service\Util;
+use League\OAuth2\Client\Provider;
use League\OAuth2\Client\Provider\Github;
use League\OAuth2\Client\Provider\Google;
use CILogon\OAuth2\Client\Provider\ORCID;
@@ -32,7 +33,8 @@ class OAuth2Provider
* OAuth2 Client library provider object) and 'authzUrlOpts' (for use
* with getAuthorizationUrl()).
*
- * @param string $idp The Identity Provider to use for OAuth2 connection.
+ * @param string|null $idp The Identity Provider to use for OAuth2
+ * connection.
*/
public function __construct($idp)
{
@@ -41,8 +43,6 @@ public function __construct($idp)
}
$idp = strtolower($idp);
- $client_id = '';
- $client_secret = '';
$classname = '';
$extraparams = array();
diff --git a/src/Service/SessionMgr.php b/src/Service/SessionMgr.php
index 5ac8fa0..63690b5 100644
--- a/src/Service/SessionMgr.php
+++ b/src/Service/SessionMgr.php
@@ -52,12 +52,12 @@
class SessionMgr
{
/**
- * @var DB $db A PEAR DB database connection object
+ * @var DB|null $db A PEAR DB database connection object
*/
protected $db = null;
/**
- * @var string $crc Session data cache id
+ * @var string|null $crc Session data cache id
*/
protected $crc = null;
diff --git a/src/Service/ShibError.php b/src/Service/ShibError.php
index 862888e..1f6a76f 100644
--- a/src/Service/ShibError.php
+++ b/src/Service/ShibError.php
@@ -77,7 +77,7 @@ class ShibError
public function __construct()
{
$this->errorarray = array();
- foreach (static::$errorparams as $param) {
+ foreach (self::$errorparams as $param) {
if (isset($_GET[$param])) {
$this->errorarray[$param] = rtrim($_GET[$param]);
}
diff --git a/src/Service/Skin.php b/src/Service/Skin.php
index f823627..6eb96bc 100644
--- a/src/Service/Skin.php
+++ b/src/Service/Skin.php
@@ -60,7 +60,7 @@ class Skin
protected $skinname;
/**
- * @var SimpleXMLElement $configxml A SimpleXMLElement object for the
+ * @var \SimpleXMLElement $configxml A SimpleXMLElement object for the
* config.xml file
*/
protected $configxml;
@@ -255,11 +255,8 @@ public function getconfigxml()
}
/**
- * Function : getConfigOption
- * Parameters: One or more parameters corresponding to XML blocks
- * (and possible sub-blocks).
- * Returns : A SimpleXMLElement corresponding to the passed-in
- * XML option, or 'null' if no such option exists.
+ * getConfigOption
+ *
* This method returns a SimpleXMLElement block corresponding to
* the passed in arguments. For example, to get the blacklist of
* idps, call $idps = getConfigOption('idpblacklist') and then
@@ -269,16 +266,21 @@ public function getconfigxml()
* (int)getConfigOption('pkcs12','initiallifetime','number'). Note
* that you should explicitly cast the values to int, string,
* float, etc., when you use them.
+ *
+ * @param mixed $args Variable number of parameters corresponding to XML
+ * blocks (and possible sub-blocks).
+ * @return SimpleXMLElement|null A SimpleXMLElement corresponding to the
+ * passed-in XML option, or 'null' if no such option exists.
*/
- public function getConfigOption()
+ public function getConfigOption(...$args)
{
$retval = null;
- $numargs = func_num_args();
+ $numargs = count($args);
if ($numargs > 0) {
$retval = $this->configxml;
}
for ($i = 0; $i < $numargs; $i++) {
- $argval = func_get_arg($i);
+ $argval = $args[$i];
if (empty($retval->$argval)) {
$retval = null;
break;
diff --git a/src/Service/Util.php b/src/Service/Util.php
index bded88c..9bba704 100644
--- a/src/Service/Util.php
+++ b/src/Service/Util.php
@@ -1098,7 +1098,7 @@ public static function unsetAllUserSessionVars()
* an array. The function returns true if the session is verified, so
* that other functions may be called upon return.
*
- * @param function $func The function to call if the current session is
+ * @param callable $func The function to call if the current session is
* successfully verified.
* @param array $params (Optional) An array of parameters to pass to the
* function. Defaults to empty array, meaning zero parameters.