62    private $consent = Constants::CONSENT_UNSPECIFIED;
 
  100    protected $messageContainedSignatureUponConstruction = 
false;
 
  138        assert(is_string($tagName));
 
  139        $this->tagName = $tagName;
 
  141        $this->
id = Utils::getContainer()->generateId();
 
  143        $this->certificates = array();
 
  144        $this->validators = array();
 
  150        if (!
$xml->hasAttribute(
'ID')) {
 
  151            throw new \Exception(
'Missing ID attribute on SAML message.');
 
  153        $this->
id = 
$xml->getAttribute(
'ID');
 
  155        if (
$xml->getAttribute(
'Version') !== 
'2.0') {
 
  157            throw new \Exception(
'Unsupported version: '.
$xml->getAttribute(
'Version'));
 
  160        $this->issueInstant = Utils::xsDateTimeToTimestamp(
$xml->getAttribute(
'IssueInstant'));
 
  162        if (
$xml->hasAttribute(
'Destination')) {
 
  163            $this->destination = 
$xml->getAttribute(
'Destination');
 
  166        if (
$xml->hasAttribute(
'Consent')) {
 
  167            $this->consent = 
$xml->getAttribute(
'Consent');
 
  170        $issuer = Utils::xpQuery(
$xml, 
'./saml_assertion:Issuer');
 
  173            if ($this->issuer->Format === Constants::NAMEID_ENTITY) {
 
  174                $this->issuer = $this->issuer->value;
 
  178        $this->validateSignature(
$xml);
 
  180        $this->extensions = Extensions::getList(
$xml);
 
  193    private function validateSignature(\DOMElement 
$xml)
 
  197            $signatureMethod = Utils::xpQuery(
$xml, 
'./ds:Signature/ds:SignedInfo/ds:SignatureMethod/@Algorithm');
 
  199            $sig = Utils::validateElement(
$xml);
 
  201            if ($sig !== 
false) {
 
  202                $this->messageContainedSignatureUponConstruction = 
true;
 
  203                $this->certificates = $sig[
'Certificates'];
 
  204                $this->validators[] = array(
 
  205                    'Function' => array(
'\SAML2\Utils', 
'validateSignature'),
 
  208                $this->signatureMethod = $signatureMethod[0]->value;
 
  210        } 
catch (\Exception $e) {
 
  229        $this->validators[] = array(
 
  250        if (count($this->validators) === 0) {
 
  256        foreach ($this->validators as $validator) {
 
  258            $data = $validator[
'Data'];
 
  265            } 
catch (\Exception $e) {
 
  291        assert(is_string(
$id));
 
  303        return $this->issueInstant;
 
  313        assert(is_int($issueInstant));
 
  315        $this->issueInstant = $issueInstant;
 
  351        assert(is_string($consent));
 
  353        $this->consent = $consent;
 
  367        return $this->consent;
 
  377        if (is_string($this->issuer) || $this->issuer instanceof XML\saml\Issuer) {
 
  403        return $this->messageContainedSignatureUponConstruction;
 
  437        $this->document = DOMDocumentFactory::create();
 
  439        $root = $this->document->createElementNS(Constants::NS_SAMLP, 
'samlp:'.$this->tagName);
 
  440        $this->document->appendChild($root);
 
  443        $root->setAttributeNS(Constants::NS_SAML, 
'saml:tmp', 
'tmp');
 
  444        $root->removeAttributeNS(Constants::NS_SAML, 
'tmp');
 
  446        $root->setAttribute(
'ID', $this->
id);
 
  447        $root->setAttribute(
'Version', 
'2.0');
 
  448        $root->setAttribute(
'IssueInstant', gmdate(
'Y-m-d\TH:i:s\Z', $this->issueInstant));
 
  450        if ($this->destination !== 
null) {
 
  451            $root->setAttribute(
'Destination', $this->destination);
 
  453        if ($this->consent !== 
null && $this->consent !== Constants::CONSENT_UNSPECIFIED) {
 
  454            $root->setAttribute(
'Consent', $this->consent);
 
  457        if ($this->issuer !== 
null) {
 
  458            if (is_string($this->issuer)) {
 
  459                Utils::addString($root, Constants::NS_SAML, 
'saml:Issuer', $this->issuer);
 
  460            } elseif ($this->issuer instanceof XML\saml\Issuer) {
 
  461                $this->issuer->toXML($root);
 
  465        if (!empty($this->extensions)) {
 
  466            Extensions::addList($root, $this->extensions);
 
  483        $root = $this->toUnsignedXML();
 
  485        if ($this->signatureKey === 
null) {
 
  492        if ($this->issuer !== 
null) {
 
  497            $issuerNode = $root->firstChild;
 
  498            $insertBefore = $issuerNode->nextSibling;
 
  501            $insertBefore = $root->firstChild;
 
  504        Utils::insertSignature($this->signatureKey, $this->certificates, $root, $insertBefore);
 
  516        return $this->signatureKey;
 
  528        $this->signatureKey = $signatureKey;
 
  564        if (
$xml->namespaceURI !== Constants::NS_SAMLP) {
 
  565            throw new \Exception(
'Unknown namespace of SAML message: '.var_export(
$xml->namespaceURI, 
true));
 
  568        switch (
$xml->localName) {
 
  569            case 'AttributeQuery':
 
  573            case 'LogoutResponse':
 
  575            case 'LogoutRequest':
 
  579            case 'ArtifactResponse':
 
  581            case 'ArtifactResolve':
 
  584                throw new \Exception(
'Unknown SAML message: '.var_export(
$xml->localName, 
true));
 
  595        return $this->extensions;
 
  605        assert(is_array($extensions) || is_null($extensions));
 
  607        $this->extensions = $extensions;
 
  615        return $this->signatureMethod;
 
catch(Exception $e) if(!($request instanceof \SAML2\ArtifactResolve)) $issuer
An exception for terminatinating execution or to throw for unit testing.
Base class for all SAML 2 messages.
toUnsignedXML()
Convert this message to an unsigned XML document.
getRelayState()
Retrieve the RelayState associated with this message.
setRelayState($relayState)
Set the RelayState associated with this message.
getSignatureKey()
Retrieve the private key we should use to sign the message.
setCertificates(array $certificates)
Set the certificates that should be included in the message.
isMessageConstructedWithSignature()
Query whether or not the message contained a signature at the root level when the object was construc...
getExtensions()
Retrieve the Extensions.
__construct($tagName, \DOMElement $xml=null)
Initialize a message.
validate(XMLSecurityKey $key)
Validate this message against a public key.
setConsent($consent)
Set the given consent for this message.
toSignedXML()
Convert this message to a signed XML document.
getIssueInstant()
Retrieve the issue timestamp of this message.
getDestination()
Retrieve the destination of this message.
getId()
Retrieve the identifier of this message.
getCertificates()
Retrieve the certificates that are included in the message.
addValidator($function, $data)
Add a method for validating this message.
getIssuer()
Retrieve the issuer if this message.
setIssuer($issuer)
Set the issuer of this message.
setIssueInstant($issueInstant)
Set the issue timestamp of this message.
setSignatureKey(XMLSecurityKey $signatureKey=null)
Set the private key we should use to sign the message.
setDestination($destination)
Set the destination of this message.
static fromXML(\DOMElement $xml)
Convert an XML element into a message.
setId($id)
Set the identifier of this message.
getConsent()
Set the given consent for this message.
setExtensions($extensions)
Set the Extensions.
if(!array_key_exists('StateId', $_REQUEST)) $id