4chdir(dirname(__FILE__));
 
   19if(!file_exists(getcwd() . 
'/ilias.ini.php'))
 
   21        die(
'Please ensure ILIAS is installed!');
 
   26if(isset(
$_GET[
"client_id"]))
 
   38require_once 
'Services/Context/classes/class.ilContext.php';
 
   41require_once 
'Services/Init/classes/class.ilInitialisation.php';
 
   46require_once 
'Services/Saml/classes/class.ilSamlAuthFactory.php';
 
   52if (!array_key_exists(
'PATH_INFO', 
$_SERVER)) {
 
   54        $DIC->logger()->root()->warning(
'Missing "PATH_INFO" variable. This could be a false positive log entry, but you have to ensure a valid "PATH_INFO" setting for your HTTP server.');
 
   58if (
$config->getBoolean(
'admin.protectmetadata', 
false)) {
 
   81        SAML2\Constants::BINDING_HTTP_REDIRECT,
 
   82        SAML2\Constants::BINDING_SOAP,
 
  102        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
 
  103        'urn:oasis:names:tc:SAML:1.0:profiles:browser-post',
 
  104        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
 
  105        'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01',
 
  108if (
$spconfig->getString(
'ProtocolBinding', 
'') == 
'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser') {
 
  118        $acsArray = array(
'index' => 
$index);
 
  120                case 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':
 
  123                        $acsArray[
'Location'] = 
$iliasHttpPath . 
"/saml2-acs.php/{$sourceId}/" . CLIENT_ID;
 
  126                case 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post':
 
  127                        $acsArray[
'Binding'] = 
'urn:oasis:names:tc:SAML:1.0:profiles:browser-post';
 
  129                        $acsArray[
'Location'] = 
$iliasHttpPath . 
"/saml1-acs.php/{$sourceId}/" . CLIENT_ID;
 
  131                case 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact':
 
  132                        $acsArray[
'Binding'] = 
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact';
 
  134                        $acsArray[
'Location'] = 
$iliasHttpPath . 
"/saml2-acs.php/{$sourceId}/" . CLIENT_ID;
 
  137                case 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01':
 
  138                        $acsArray[
'Binding'] = 
'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01';
 
  140                        $acsArray[
'Location'] = 
$iliasHttpPath . 
"/saml1-acs.php/{$sourceId}/artifact/" . CLIENT_ID;
 
  143                case 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser':
 
  144                        $acsArray[
'Binding'] = 
'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser';
 
  146                        $acsArray[
'Location'] = 
$iliasHttpPath . 
"/saml2-acs.php/{$sourceId}/" . CLIENT_ID;
 
  165                'type'            => 
'X509Certificate',
 
  167                'encryption'      => 
true,
 
  168                'X509Certificate' => 
$certInfo[
'certData'],
 
  179                'type'            => 
'X509Certificate',
 
  181                'encryption'      => ($hasNewCert ? 
false : 
true),
 
  182                'X509Certificate' => 
$certInfo[
'certData'],
 
  210        $nameFormat = 
$spconfig->getString(
'attributes.NameFormat', 
null);
 
  211        if ($nameFormat !== 
null) {
 
  221        $metaArray20[
'OrganizationDisplayName'] = 
$spconfig->getLocalizedString(
'OrganizationDisplayName', 
null);
 
  233        $contacts = 
$spconfig->getArray(
'contacts');
 
  234        foreach ($contacts as $contact) {
 
  240$email = 
$config->getString(
'technicalcontact_email', 
'na@example.org', 
false);
 
  242        $techcontact[
'emailAddress'] = 
$email;
 
  243        $techcontact[
'name'] = 
$config->getString(
'technicalcontact_name', 
null);
 
  244        $techcontact[
'contactType'] = 
'technical';
 
  249if (count(
$keys) === 1) {
 
  251} elseif (count(
$keys) > 1) {
 
  256if (
$spconfig->hasValue(
'EntityAttributes')) {
 
  266if (
$spconfig->hasValue(
'RegistrationInfo')) {
 
  271if (
$spconfig->hasValue(
'WantAssertionsSigned')) {
 
  274if (
$spconfig->hasValue(
'redirect.sign')) {
 
  276} elseif (
$spconfig->hasValue(
'sign.authnrequest')) {
 
  303if (array_key_exists(
'output', $_REQUEST) && $_REQUEST[
'output'] == 
'xhtml') {
 
  307        $t->data[
'clipboard.js'] = 
true;
 
  308        $t->data[
'header'] = 
'saml20-sp';
 
  309        $t->data[
'metadata'] = htmlspecialchars(
$xml);
 
  312        $t->data[
'metaurl'] = 
$iliasHttpPath . 
"/metadata.php{$sourceId}/" . CLIENT_ID;
 
  316        header(
'Content-Type: application/samlmetadata+xml');
 
  318        header(
"Content-Disposition:attachment; filename=\"".
$ascii_filename.
"\"");
 
An exception for terminatinating execution or to throw for unit testing.
const BINDING_HTTP_REDIRECT
The URN for the HTTP-Redirect binding.
const BINDING_HTTP_POST
The URN for the HTTP-POST binding.
static getInstance()
Retrieve our singleton instance.
static requireAdmin()
Require admin access to the current page.
static loadPublicKey(\SimpleSAML_Configuration $metadata, $required=false, $prefix='')
Get public key or certificate from metadata.
static getById($authId, $type=null)
Retrieve authentication source.
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
static init($a_type)
Init context by type.
static initILIAS()
ilias initialisation
static getASCIIFilename($a_filename)
convert utf8 to ascii filename
Attribute-related utility methods.
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']