ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Private Member Functions | Private Attributes
SAML2\Response\Processor Class Reference

(PHPMD.CouplingBetweenObjects) - due to specific exceptions More...

+ Collaboration diagram for SAML2\Response\Processor:

Public Member Functions

 __construct (LoggerInterface $logger)
 
 process (ServiceProvider $serviceProviderConfiguration, IdentityProvider $identityProviderConfiguration, Destination $currentDestination, Response $response)
 

Private Member Functions

 enforcePreconditions (Response $response)
 Checks the preconditions that must be valid in order for the response to be processed. More...
 
 verifySignature (Response $response, IdentityProvider $identityProviderConfiguration)
 
 processAssertions (Response $response)
 

Private Attributes

 $logger
 
 $preconditionValidator
 
 $signatureValidator
 
 $assertionProcessor
 
 $responseIsSigned = false
 

Detailed Description

(PHPMD.CouplingBetweenObjects) - due to specific exceptions

Definition at line 21 of file Processor.php.

Constructor & Destructor Documentation

◆ __construct()

SAML2\Response\Processor::__construct ( LoggerInterface  $logger)
Parameters
\Psr\Log\LoggerInterface$logger

Definition at line 55 of file Processor.php.

References SAML2\Response\Processor\$logger.

56  {
57  $this->logger = $logger;
58 
59  $this->signatureValidator = new Validator($logger);
60  }

Member Function Documentation

◆ enforcePreconditions()

SAML2\Response\Processor::enforcePreconditions ( Response  $response)
private

Checks the preconditions that must be valid in order for the response to be processed.

Parameters
\SAML2\Response$response

Definition at line 96 of file Processor.php.

References $result.

Referenced by SAML2\Response\Processor\process().

97  {
98  $result = $this->preconditionValidator->validate($response);
99 
100  if (!$result->isValid()) {
101  throw PreconditionNotMetException::createFromValidationResult($result);
102  }
103  }
$result
$result
Definition: CleanUpTest.php:463
$response
$response
Definition: proxy_ylocal.php:39
+ Here is the caller graph for this function:

◆ process()

SAML2\Response\Processor::process ( ServiceProvider  $serviceProviderConfiguration,
IdentityProvider  $identityProviderConfiguration,
Destination  $currentDestination,
Response  $response 
)
Parameters
\SAML2\Configuration\ServiceProvider$serviceProviderConfiguration
\SAML2\Configuration\IdentityProvider$identityProviderConfiguration
\SAML2\Configuration\Destination$currentDestination
\SAML2\Response$response
Returns
[] Collection () of objects

Definition at line 70 of file Processor.php.

References SAML2\Response\Processor\enforcePreconditions(), SAML2\Response\Processor\processAssertions(), and SAML2\Response\Processor\verifySignature().

75  {
76  $this->preconditionValidator = new PreconditionValidator($currentDestination);
77  $this->assertionProcessor = ProcessorBuilder::build(
78  $this->logger,
79  $this->signatureValidator,
80  $currentDestination,
81  $identityProviderConfiguration,
82  $serviceProviderConfiguration,
83  $response
84  );
85 
86  $this->enforcePreconditions($response);
87  $this->verifySignature($response, $identityProviderConfiguration);
88  return $this->processAssertions($response);
89  }
SAML2\Response\Processor\processAssertions
processAssertions(Response $response)
Definition: Processor.php:140
SAML2\Response\Processor\enforcePreconditions
enforcePreconditions(Response $response)
Checks the preconditions that must be valid in order for the response to be processed.
Definition: Processor.php:96
SAML2\Response\Processor\verifySignature
verifySignature(Response $response, IdentityProvider $identityProviderConfiguration)
Definition: Processor.php:109
$response
$response
Definition: proxy_ylocal.php:39
+ Here is the call graph for this function:

◆ processAssertions()

SAML2\Response\Processor::processAssertions ( Response  $response)
private
Parameters
\SAML2\Response$response
Returns
[]

Definition at line 140 of file Processor.php.

References SAML2\Response\$assertions, and SAML2\Response\getAssertions().

Referenced by SAML2\Response\Processor\process().

141  {
142  $assertions = $response->getAssertions();
143  if (empty($assertions)) {
144  throw new NoAssertionsFoundException('No assertions found in response from IdP.');
145  }
146 
147  if (!$this->responseIsSigned) {
148  foreach ($assertions as $assertion) {
149  if (!$assertion->getWasSignedAtConstruction()) {
150  throw new UnsignedResponseException(
151  'Both the response and the assertion it contains are not signed.'
152  );
153  }
154  }
155  }
156 
157  return $this->assertionProcessor->processAssertions($assertions);
158  }
$response
$response
Definition: proxy_ylocal.php:39
SAML2\Response\$assertions
$assertions
The assertions in this response.
Definition: Response.php:15
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ verifySignature()

SAML2\Response\Processor::verifySignature ( Response  $response,
IdentityProvider  $identityProviderConfiguration 
)
private
Parameters
\SAML2\Response$response
\SAML2\Configuration\IdentityProvider$identityProviderConfiguration

Definition at line 109 of file Processor.php.

References SAML2\Message\getId(), and SAML2\Message\isMessageConstructedWithSignature().

Referenced by SAML2\Response\Processor\process().

112  {
113  if (!$response->isMessageConstructedWithSignature()) {
114  $this->logger->info(sprintf(
115  'SAMLResponse with id "%s" was not signed at root level, not attempting to verify the signature of the'
116  . ' reponse itself',
117  $response->getId()
118  ));
119 
120  return;
121  }
122 
123  $this->logger->info(sprintf(
124  'Attempting to verify the signature of SAMLResponse with id "%s"',
125  $response->getId()
126  ));
127 
128  $this->responseIsSigned = true;
129 
130  if (!$this->signatureValidator->hasValidSignature($response, $identityProviderConfiguration)) {
131  throw new InvalidResponseException();
132  }
133  }
$response
$response
Definition: proxy_ylocal.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $assertionProcessor

SAML2\Response\Processor::$assertionProcessor
private

Definition at line 41 of file Processor.php.

◆ $logger

SAML2\Response\Processor::$logger
private

Definition at line 26 of file Processor.php.

Referenced by SAML2\Response\Processor\__construct().

◆ $preconditionValidator

SAML2\Response\Processor::$preconditionValidator
private

Definition at line 31 of file Processor.php.

◆ $responseIsSigned

SAML2\Response\Processor::$responseIsSigned = false
private

Definition at line 49 of file Processor.php.

◆ $signatureValidator

SAML2\Response\Processor::$signatureValidator
private

Definition at line 36 of file Processor.php.

The documentation for this class was generated from the following file: