CLI runmode not taken into account and breaks on enforce.

[DonutsNL]

Hi there,

I noticed that the plugin is not taking the CRON automation into account. When Front/cron.php is CRON enabled the cron.php will include the inc/includes.php file. This file by default will load the GLPI enabled plugins and as a result the phpsaml is loaded as well.

The then loaded setup.php included in the PHP Saml does not take the CLI runmode into account. For instance it is using various $_SERVER properties that are not validated or checked, properties that will not be populated when running from the CLI. Also when enforcing the plugin in its options, this will break the CRON tasks because authentication is not provided by the CRON. Disabling the enforce option will fix the error condition. This errorcondition is not logged in the CRON log or PHP errorlog and seems to be missing in the logic as well.

p.s. using GLPI10. Populated the SAML database schema manually during install because it is not populated during install using GLPI10. Using PHP SAML version 1.1.3.

Regards,

[DonutsNL]

Suggestion not use requesturi to identify but :

if (php_sapi_name() == "cli") { return; }else{ //perform the $_SERVER['request_uri'] alternatives for exceptions. }

[derricksmith]

What version plugin are you referencing? This functionality was added in 1.2.0.

[chris-gralike-AMIS]

1.1.3, i expect the current implementation using $_SERVER is not properly detecting the cron.php because the used $_SERVER attributes are not populated in sapi cli execution context.

[derricksmith]

Ah yes, versions 1.2.0 and 1.2.1 use php_sapi. We he latest version has not been updated on marketplace but you can download on GitHub.

[DonutsNL]

was quite early with updating the plugin. I updated it and it works as expected. Thanks 👍