PHP Class SimpleSAML_Session, simplesamlphp

The session will have a duration and validity, and also cache information about the different federation protocols, as Shibboleth and SAML 2.0. On the IdP side the Session class holds information about all the currently logged in SPs. This is used when the user initiates a Single-Log-Out.
Author: Andreas Åkre Solberg, UNINETT AS. ([email protected])
ファイルを表示 Open project: simplesamlphp/simplesamlphp Class Usage Examples

Public Methods

Method Description
__destruct ( ) Destroy the session.
addAssociation ( string $idp, array $association ) Add an SP association for an IdP.
cleanup ( ) Save the current session and clean any left overs that could interfere with the normal application behaviour.
createSession ( string $sessionId ) Create a new session and cache it.
deleteData ( string $type, string $id ) Delete data from the data store.
doLogin ( string $authority, array $data = null ) Marks the user as logged in with the specified authority.
doLogout ( string $authority ) Marks the user as logged out.
getAssociations ( string $idp ) : array Retrieve the associations for an IdP.
getAuthData ( string $authority, string $name ) : mixed Retrieve authentication data.
getAuthState ( string $authority ) : array Get the current persistent authentication state.
getAuthorities ( ) : mixed Retrieve a list of authorities (authentication sources) that are currently valid within this session.
getData ( string $type, string | null $id ) : mixed This function retrieves data from the data store.
getDataOfType ( string $type ) : array This function retrieves all data of the specified type from the data store.
getRememberMeExpire ( ) : integer | null Get remember me expire time.
getSession ( string | null $sessionId = null ) : SimpleSAML_Session Get a session from the session handler.
getSessionFromRequest ( ) : SimpleSAML_Session Retrieves the current session. Creates a new session if there's not one.
getSessionId ( ) : string | null Retrieve the session ID of this session.
getTrackID ( ) : string | null Get a unique ID that will be permanent for this session.
hasSessionCookie ( ) : boolean Check whether the session cookie is set.
isTransient ( ) : boolean Retrieve if session is transient.
isValid ( string $authority ) : true Is the session representing an authenticated user, and is the session still alive.
markDirty ( ) Mark this session as dirty.
registerLogoutHandler ( string $authority, string $classname, string $functionname ) This function registers a logout handler.
save ( ) Save the session to the store.
serialize ( ) : string Serialize this session object.
setAuthorityExpire ( string $authority, integer $expire = null ) Set the lifetime for authentication source.
setData ( string $type, string $id, mixed $data, integer | null $timeout = null ) This function stores data in the data store.
setRememberMeExpire ( integer $expire = null ) Set remember me expire time.
terminateAssociation ( string $idp, string $associationId ) Remove an SP association for an IdP.
unserialize ( string $serialized ) Unserialize a session object and load it.
updateSessionCookies ( array $params = null ) Update session cookies.
useTransientSession ( ) Use a transient session.

Private Methods

Method Description
__construct ( boolean $transient = false ) Private constructor that restricts instantiation to either getSessionFromRequest() for the current session or getSession() for a specific one.
callLogoutHandlers ( string $authority ) This function calls all registered logout handlers.
expireData ( ) This function removes expired data from the data store.
load ( SimpleSAML_Session $session ) : SimpleSAML_Session Load a given session as the current one.

Method Details

__destruct() public method

Destructor for this class. It will save the session to the session handler in case the session has been marked as dirty. Do nothing otherwise.
public __destruct ( )

addAssociation() public method

This function is only for use by the SimpleSAML_IdP class.
public addAssociation ( string $idp, array $association )
$idp string The IdP id.
$association array The association we should add.

cleanup() public method

Use this method if you are using PHP sessions in your application *and* in SimpleSAMLphp, *after* you are done using SimpleSAMLphp and before trying to access your application's session again.
public cleanup ( )

createSession() public static method

Create a new session and cache it.
public static createSession ( string $sessionId )
$sessionId string The new session we should create.

deleteData() public method

This function immediately deletes the data with the given type and id from the data store.
public deleteData ( string $type, string $id )
$type string The type of the data.
$id string The identifier of the data.

doLogin() public method

If the user already has logged in, the user will be logged out first.
public doLogin ( string $authority, array $data = null )
$authority string The authority the user logged in with.
$data array The authentication data for this authority.

doLogout() public method

This function will call any registered logout handlers before marking the user as logged out.
public doLogout ( string $authority )
$authority string The authentication source we are logging out of.

getAssociations() public method

This function is only for use by the SimpleSAML_IdP class.
public getAssociations ( string $idp ) : array
$idp string The IdP id.
return array The IdP associations.

getAuthData() public method

Retrieve authentication data.
public getAuthData ( string $authority, string $name ) : mixed
$authority string The authentication source we should retrieve data from.
$name string The name of the data we should retrieve.
return mixed The value, or null if the value wasn't found.

getAuthState() public method

Get the current persistent authentication state.
public getAuthState ( string $authority ) : array
$authority string The authority to retrieve the data from.
return array The current persistent authentication state, or null if not authenticated.

getAuthorities() public method

Retrieve a list of authorities (authentication sources) that are currently valid within this session.
public getAuthorities ( ) : mixed
return mixed An array containing every authority currently valid. Empty if none available.

getData() public method

Note that this will not change when the data stored in the data store will expire. If that is required, the data should be written back with setData.
public getData ( string $type, string | null $id ) : mixed
$type string The type of the data. This must match the type used when adding the data.
$id string | null The identifier of the data. Can be null, in which case null will be returned.
return mixed The data of the given type with the given id or null if the data doesn't exist in the data store.

getDataOfType() public method

The data will be returned as an associative array with the id of the data as the key, and the data as the value of each key. The value will be stored as a copy of the original data. setData must be used to update the data. An empty array will be returned if no data of the given type is found.
public getDataOfType ( string $type ) : array
$type string The type of the data.
return array An associative array with all data of the given type.

getRememberMeExpire() public method

Get remember me expire time.
public getRememberMeExpire ( ) : integer | null
return integer | null The remember me expire time.

getSession() public static method

Get a session from the session handler.
public static getSession ( string | null $sessionId = null ) : SimpleSAML_Session
$sessionId string | null The session we should get, or null to get the current session.
return SimpleSAML_Session The session that is stored in the session handler, or null if the session wasn't found.

getSessionFromRequest() public static method

Retrieves the current session. Creates a new session if there's not one.
public static getSessionFromRequest ( ) : SimpleSAML_Session
return SimpleSAML_Session The current session.

getSessionId() public method

Retrieve the session ID of this session.
public getSessionId ( ) : string | null
return string | null The session ID, or null if this is a transient session.

getTrackID() public method

Used for debugging and tracing log files related to a session.
public getTrackID ( ) : string | null
return string | null The unique ID.

hasSessionCookie() public method

This function will only return false if is is certain that the cookie isn't set.
public hasSessionCookie ( ) : boolean
return boolean true if it was set, false if not.

isTransient() public method

Retrieve if session is transient.
public isTransient ( ) : boolean
return boolean The session transient flag.

isValid() public method

This function will return false after the user has timed out.
public isValid ( string $authority ) : true
$authority string The authentication source that the user should be authenticated with.
return true if the user has a valid session, false if not.

markDirty() public method

This method will register a callback to save the session right before any output is sent to the browser.
public markDirty ( )

registerLogoutHandler() public method

This function registers a logout handler.
public registerLogoutHandler ( string $authority, string $classname, string $functionname )
$authority string The authority for which register the handler.
$classname string The class which contains the logout handler.
$functionname string The logout handler function.

save() public method

This method saves the session to the session handler in case it has been marked as dirty. WARNING: please do not use this method directly unless you really need to and know what you are doing. Use markDirty() instead.
public save ( )

serialize() public method

This method will be invoked by any calls to serialize().
public serialize ( ) : string
return string The serialized representation of this session object.

setAuthorityExpire() public method

Set the lifetime for authentication source.
public setAuthorityExpire ( string $authority, integer $expire = null )
$authority string The authentication source we are setting expire time for.
$expire integer The number of seconds authentication source is valid.

setData() public method

The timeout value can be SimpleSAML_Session::DATA_TIMEOUT_SESSION_END, which indicates that the data should never be deleted.
public setData ( string $type, string $id, mixed $data, integer | null $timeout = null )
$type string The type of the data. This is checked when retrieving data from the store.
$id string The identifier of the data.
$data mixed The data.
$timeout integer | null The number of seconds this data should be stored after its last access. This parameter is optional. The default value is set in 'session.datastore.timeout', and the default is 4 hours.

setRememberMeExpire() public method

Set remember me expire time.
public setRememberMeExpire ( integer $expire = null )
$expire integer Unix timestamp when remember me session cookies expire.

terminateAssociation() public method

This function is only for use by the SimpleSAML_IdP class.
public terminateAssociation ( string $idp, string $associationId )
$idp string The IdP id.
$associationId string The id of the association.

unserialize() public method

. This method will be invoked by any calls to unserialize(), allowing us to restore any data that might not be serializable in its original form (e.g.: DOM objects).
public unserialize ( string $serialized )
$serialized string The serialized representation of a session that we want to restore.

updateSessionCookies() public method

Update session cookies.
public updateSessionCookies ( array $params = null )
$params array The parameters for the cookies.

useTransientSession() public static method

Create a session that should not be saved at the end of the request. Subsequent calls to getInstance() will return this transient session.
public static useTransientSession ( )