ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
NameIdDecryptionTransformer.php
Go to the documentation of this file.
1 <?php
2 
4 
13 
18 {
23 
28 
33 
37  private $logger;
38 
39  public function __construct(
42  ) {
43  $this->logger = $logger;
44  $this->privateKeyLoader = $privateKeyLoader;
45  }
46 
47  public function transform(Assertion $assertion)
48  {
49  if (!$assertion->isNameIdEncrypted()) {
50  return $assertion;
51  }
52 
53  $decryptionKeys = $this->privateKeyLoader->loadDecryptionKeys($this->identityProvider, $this->serviceProvider);
54  $blacklistedKeys = $this->identityProvider->getBlacklistedAlgorithms();
55  if (is_null($blacklistedKeys)) {
56  $blacklistedKeys = $this->serviceProvider->getBlacklistedAlgorithms();
57  }
58 
59  foreach ($decryptionKeys as $index => $key) {
60  try {
61  $assertion->decryptNameId($key, $blacklistedKeys);
62  $this->logger->debug(sprintf('Decrypted assertion NameId with key "#%d"', $index));
63  } catch (\Exception $e) {
64  $this->logger->debug(sprintf(
65  'Decrypting assertion NameId with key "#%d" failed, "%s" thrown: "%s"',
66  $index,
67  get_class($e),
68  $e->getMessage()
69  ));
70  }
71  }
72 
73  if ($assertion->isNameIdEncrypted()) {
74  throw new NotDecryptedException(
75  'Could not decrypt the assertion NameId with the configured keys, see the debug log for information'
76  );
77  }
78 
79  return $assertion;
80  }
81 
83  {
84  $this->identityProvider = $identityProvider;
85  }
86 
88  {
89  $this->serviceProvider = $serviceProvider;
90  }
91 }
__construct(LoggerInterface $logger, PrivateKeyLoader $privateKeyLoader)
Basic configuration wrapper.
Basic Configuration Wrapper.
decryptNameId(XMLSecurityKey $key, array $blacklist=array())
Decrypt the NameId of the subject in the assertion.
Definition: Assertion.php:803
$index
Definition: metadata.php:60
isNameIdEncrypted()
Check whether the NameId is encrypted.
Definition: Assertion.php:761
Describes a logger instance.
Interface for triggering setter injection.
Interface for triggering setter injection.
$key
Definition: croninfo.php:18