You are here

function saml_sp_init in SAML Service Provider 7.2

Same name and namespace in other branches
  1. 7.3 saml_sp.module \saml_sp_init()

Implements hook_init().

File

./saml_sp.module, line 26
SAML Service Provider

Code

function saml_sp_init() {
  if (user_access('configure saml sp') && function_exists('openssl_x509_parse') && !empty(variable_get('saml_sp__cert_location', '')) && file_exists(variable_get('saml_sp__cert_location', ''))) {
    $library = _saml_sp__prepare();
    if ($library['installed'] === FALSE) {

      // the library isn't installed, so there is no reason to continue
      return;
    }
    $encoded_cert = trim(file_get_contents(variable_get('saml_sp__cert_location', '')));
    $cert = openssl_x509_parse(OneLogin_Saml2_Utils::formatCert($encoded_cert));
    $test_time = REQUEST_TIME;
    if ($cert['validTo_time_t'] < $test_time) {
      drupal_set_message(t('Your site\'s SAML certificate is expired. Please replace it with another certificate and request an update to your Relying Party Trust (RPT). You can enter in a location for the new certificate/key pair on the <a href="!url">SAML Service Providers</a> page. Until the certificate/key pair is replaced your SAML authentication service will not function.', array(
        '!url' => url('admin/config/people/saml_sp/setup'),
      )), 'error', FALSE);
    }
    else {
      if ($cert['validTo_time_t'] - $test_time < 60 * 60 * 24 * 30) {
        drupal_set_message(t('Your site\'s SAML certificate will expire in %interval. Please replace it with another certificate and request an update to your Relying Party Trust (RPT). You can enter in a location for the new certificate/key pair on the <a href="!url">SAML Service Providers</a> page. Failure to update this certificate and update the Relying Party Trust (RPT) will result in the SAML authentication service not working.', array(
          '%interval' => format_interval($cert['validTo_time_t'] - $test_time, 2),
          '!url' => url('admin/config/people/saml_sp/setup'),
        )), 'warning', FALSE);
      }
    }
  }
}