d1/d98/HTTPArtifact_8php_source.html

 <?php

 namespace SAML2;

 use RobRichards\XMLSecLibs\XMLSecurityKey;
 use SAML2\Utilities\Temporal;
 use SimpleSAML_Configuration;
 use SimpleSAML_Metadata_MetaDataStorageHandler;
 use SimpleSAML_Store;
 use SimpleSAML_Utilities;

 class HTTPArtifact extends Binding
 {
     private $spMetadata;

     public function getRedirectURL(Message $message)
     {
         $store = SimpleSAML_Store::getInstance();
         if ($store === false) {
             throw new \Exception('Unable to send artifact without a datastore configured.');
         }

         $generatedId = pack('H*', ((string) SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(20))));
         $artifact = base64_encode("\x00\x04\x00\x00" . sha1($message->getIssuer(), true) . $generatedId) ;
         $artifactData = $message->toUnsignedXML();
         $artifactDataString = $artifactData->ownerDocument->saveXML($artifactData);

         $store->set('artifact', $artifact, $artifactDataString, Temporal::getTime() + 15*60);

         $params = array(
             'SAMLart' => $artifact,
         );
         $relayState = $message->getRelayState();
         if ($relayState !== null) {
             $params['RelayState'] = $relayState;
         }

         return SimpleSAML_Utilities::addURLparameter($message->getDestination(), $params);
     }

     public function send(Message $message)
     {
         $destination = $this->getRedirectURL($message);
         Utils::getContainer()->redirect($destination);
     }

     public function receive()
     {
         if (array_key_exists('SAMLart', $_REQUEST)) {
             $artifact = base64_decode($_REQUEST['SAMLart']);
             $endpointIndex =  bin2hex(substr($artifact, 2, 2));
             $sourceId = bin2hex(substr($artifact, 4, 20));
         } else {
             throw new \Exception('Missing SAMLart parameter.');
         }

         $metadataHandler = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();

         $idpMetadata = $metadataHandler->getMetaDataConfigForSha1($sourceId, 'saml20-idp-remote');

         if ($idpMetadata === null) {
             throw new \Exception('No metadata found for remote provider with SHA1 ID: ' . var_export($sourceId, true));
         }

         $endpoint = null;
         foreach ($idpMetadata->getEndpoints('ArtifactResolutionService') as $ep) {
             if ($ep['index'] ===  hexdec($endpointIndex)) {
                 $endpoint = $ep;
                 break;
             }
         }

         if ($endpoint === null) {
             throw new \Exception('No ArtifactResolutionService with the correct index.');
         }

         Utils::getContainer()->getLogger()->debug("ArtifactResolutionService endpoint being used is := " . $endpoint['Location']);

         //Construct the ArtifactResolve Request
         $ar = new ArtifactResolve();

         /* Set the request attributes */

         $ar->setIssuer($this->spMetadata->getString('entityid'));
         $ar->setArtifact($_REQUEST['SAMLart']);
         $ar->setDestination($endpoint['Location']);

         /* Sign the request */
         \sspmod_saml_Message::addSign($this->spMetadata, $idpMetadata, $ar); // Shoaib - moved from the SOAPClient.

         $soap = new SOAPClient();

         // Send message through SoapClient
         $artifactResponse = $soap->send($ar, $this->spMetadata);

         if (!$artifactResponse->isSuccess()) {
             throw new \Exception('Received error from ArtifactResolutionService.');
         }

         $xml = $artifactResponse->getAny();
         if ($xml === null) {
             /* Empty ArtifactResponse - possibly because of Artifact replay? */

             return null;
         }

         $samlResponse = Message::fromXML($xml);
         $samlResponse->addValidator(array(get_class($this), 'validateSignature'), $artifactResponse);

         if (isset($_REQUEST['RelayState'])) {
             $samlResponse->setRelayState($_REQUEST['RelayState']);
         }

         return $samlResponse;
     }

     public function setSPMetadata(SimpleSAML_Configuration $sp)
     {
         $this->spMetadata = $sp;
     }

     public static function validateSignature(ArtifactResponse $message, XMLSecurityKey $key)
     {
         return $message->validate($key);
     }
 }
$params
$params
Definition: disable.php:11

SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
Definition: MetaDataStorageHandler.php:40

SAML2
Definition: ArtifactResolve.php:3

SAML2\Message\getRelayState
getRelayState()
Retrieve the RelayState associated with this message.
Definition: Message.php:411

$endpoint
$endpoint
Definition: attributeserver.php:23

$destination
$destination
Definition: saml2-logout.php:50

SAML2\HTTPArtifact
Definition: HTTPArtifact.php:20

SAML2\Message\getIssuer
getIssuer()
Retrieve the issuer if this message.
Definition: Message.php:375

XMLSecurityKey

SAML2\SOAPClient
Definition: SOAPClient.php:16

$store
if(! $oauthconfig->getBoolean('getUserInfo.enable', FALSE)) $store
Definition: getUserInfo.php:11

SAML2\ArtifactResolve
Definition: ArtifactResolve.php:13

SAML2\Message
Base class for all SAML 2 messages.
Definition: Message.php:18

SAML2\HTTPArtifact\$spMetadata
$spMetadata
Definition: HTTPArtifact.php:25

$xml
$xml
Definition: metadata.php:240

SimpleSAML_Store

RobRichards\XMLSecLibs\XMLSecurityKey
xmlseclibs.php
Definition: XMLSecurityKey.php:47

$message
catch(Exception $e) $message
Definition: saml2-logout.php:34

SAML2\ArtifactResponse
Definition: ArtifactResponse.php:11

$sourceId
if(!array_key_exists(sspmod_authfacebook_Auth_Source_Facebook::AUTHID, $state)) $sourceId
Definition: linkback.php:20

SAML2\HTTPArtifact\getRedirectURL
getRedirectURL(Message $message)
Create the redirect URL for a message.
Definition: HTTPArtifact.php:34

SimpleSAML_Utilities\generateRandomBytes
static generateRandomBytes($length)
Definition: Utilities.php:359

$relayState
$relayState
Definition: logout-iframe-post.php:14

SAML2\HTTPArtifact\validateSignature
static validateSignature(ArtifactResponse $message, XMLSecurityKey $key)
A validator which returns true if the ArtifactResponse was signed with the given key.
Definition: HTTPArtifact.php:166

SimpleSAML_Configuration

SAML2\HTTPArtifact\setSPMetadata
setSPMetadata(SimpleSAML_Configuration $sp)
Definition: HTTPArtifact.php:154

sspmod_saml_Message\addSign
static addSign(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, \SAML2\SignedElement $element)
Add signature key and sender certificate to an element (Message or Assertion).
Definition: Message.php:20

$artifact
$artifact
Definition: ArtifactResolutionService.php:51

SAML2\Binding
Definition: Binding.php:10

array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19

SAML2\Message\validate
validate(XMLSecurityKey $key)
Validate this message against a public key.
Definition: Message.php:248

SimpleSAML_Metadata_MetaDataStorageHandler

SAML2\Message\toUnsignedXML
toUnsignedXML()
Convert this message to an unsigned XML document.
Definition: Message.php:435

SimpleSAML_Utilities\stringToHex
static stringToHex($bytes)
Definition: Utilities.php:370

SAML2\HTTPArtifact\send
send(Message $message)
Send a SAML 2 message using the HTTP-Redirect binding.
Definition: HTTPArtifact.php:66

$idpMetadata
$idpMetadata
Definition: logout-iframe-post.php:26

SAML2\Message\getDestination
getDestination()
Retrieve the destination of this message.
Definition: Message.php:323

Temporal

$key
$key
Definition: croninfo.php:18

SimpleSAML_Utilities\addURLparameter
static addURLparameter($url, $parameters)
Definition: Utilities.php:99

$artifactResponse
$artifactResponse
Definition: ArtifactResolutionService.php:63

SimpleSAML_Utilities