ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Static Public Member Functions
sspmod_saml_IdP_SAML1 Class Reference
+ Collaboration diagram for sspmod_saml_IdP_SAML1:

Static Public Member Functions

static sendResponse (array $state)
 Send a response to the SP. More...
 
static receiveAuthnRequest (SimpleSAML_IdP $idp)
 Receive an authentication request. More...
 

Detailed Description

Definition at line 9 of file SAML1.php.

Member Function Documentation

◆ receiveAuthnRequest()

static sspmod_saml_IdP_SAML1::receiveAuthnRequest ( SimpleSAML_IdP  $idp)
static

Receive an authentication request.

Parameters
SimpleSAML_IdP$idpThe IdP we are receiving it for.

Definition at line 64 of file SAML1.php.

64 {
65
66 if (isset($_REQUEST['cookieTime'])) {
67 $cookieTime = (int)$_REQUEST['cookieTime'];
68 if ($cookieTime + 5 > time()) {
69 /*
70 * Less than five seconds has passed since we were
71 * here the last time. Cookies are probably disabled.
72 */
73 \SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL());
74 }
75 }
76
77 if (!isset($_REQUEST['providerId'])) {
78 throw new SimpleSAML_Error_BadRequest('Missing providerId parameter.');
79 }
80 $spEntityId = (string)$_REQUEST['providerId'];
81
82 if (!isset($_REQUEST['shire'])) {
83 throw new SimpleSAML_Error_BadRequest('Missing shire parameter.');
84 }
85 $shire = (string)$_REQUEST['shire'];
86
87 if (isset($_REQUEST['target'])) {
88 $target = $_REQUEST['target'];
89 } else {
90 $target = NULL;
91 }
92
93 SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Got incoming Shib authnRequest from ' . var_export($spEntityId, TRUE) . '.');
94
95 $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
96 $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');
97
98 $found = FALSE;
99 foreach ($spMetadata->getEndpoints('AssertionConsumerService') as $ep) {
100 if ($ep['Binding'] !== 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post') {
101 continue;
102 }
103 if ($ep['Location'] !== $shire) {
104 continue;
105 }
106 $found = TRUE;
107 break;
108 }
109 if (!$found) {
110 throw new Exception('Invalid AssertionConsumerService for SP ' .
111 var_export($spEntityId, TRUE) . ': ' . var_export($shire, TRUE));
112 }
113
114 SimpleSAML_Stats::log('saml:idp:AuthnRequest', array(
115 'spEntityID' => $spEntityId,
116 'protocol' => 'saml1',
117 ));
118
119 $sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters(
120 \SimpleSAML\Utils\HTTP::getSelfURL(),
121 array('cookieTime' => time()));
122
123 $state = array(
124 'Responder' => array('sspmod_saml_IdP_SAML1', 'sendResponse'),
125 'SPMetadata' => $spMetadata->toArray(),
126 SimpleSAML_Auth_State::RESTART => $sessionLostURL,
127 'saml:shire' => $shire,
128 'saml:target' => $target,
129 'saml:AuthnRequestReceivedAt' => microtime(TRUE),
130 );
131
132 $idp->handleAuthenticationRequest($state);
133 }
$metadata
$metadata['__DYNAMIC:1__']
Definition: adfs-idp-hosted.php:3
$spEntityId
$spEntityId
Definition: attributeserver.php:14
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:201
SimpleSAML\Utils\HTTP\checkSessionCookie
static checkSessionCookie($retryURL=null)
Check for session cookie, and show missing-cookie page if it is missing.
Definition: HTTP.php:287
SimpleSAML_Auth_State\RESTART
const RESTART
The index in the state array which contains the restart URL.
Definition: State.php:57
SimpleSAML_Error_BadRequest
Definition: BadRequest.php:12
SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
Definition: MetaDataStorageHandler.php:40
SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71
$spMetadata
$spMetadata
Definition: logout-iframe-post.php:27
SimpleSAML
Attribute-related utility methods.
$idp
$idp
Definition: prp.php:13

References $idp, $metadata, $spEntityId, $spMetadata, $state, $target, SimpleSAML\Utils\HTTP\checkSessionCookie(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), SimpleSAML\Logger\info(), SimpleSAML_Stats\log(), and SimpleSAML_Auth_State\RESTART.

+ Here is the call graph for this function:

◆ sendResponse()

static sspmod_saml_IdP_SAML1::sendResponse ( array  $state)
static

Send a response to the SP.

Parameters
array$stateThe authentication state.

Definition at line 16 of file SAML1.php.

16 {
17 assert('isset($state["Attributes"])');
18 assert('isset($state["SPMetadata"])');
19 assert('isset($state["saml:shire"])');
20 assert('array_key_exists("saml:target", $state)'); // Can be NULL
21
22 $spMetadata = $state["SPMetadata"];
23 $spEntityId = $spMetadata['entityid'];
24 $spMetadata = SimpleSAML_Configuration::loadFromArray($spMetadata,
25 '$metadata[' . var_export($spEntityId, TRUE) . ']');
26
27 SimpleSAML\Logger::info('Sending SAML 1.1 Response to ' . var_export($spEntityId, TRUE));
28
29 $attributes = $state['Attributes'];
30 $shire = $state['saml:shire'];
31 $target = $state['saml:target'];
32
33 $idp = SimpleSAML_IdP::getByState($state);
34
35 $idpMetadata = $idp->getConfig();
36
37 $config = SimpleSAML_Configuration::getInstance();
38 $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
39
40 $statsData = array(
41 'spEntityID' => $spEntityId,
42 'idpEntityID' => $idpMetadata->getString('entityid'),
43 'protocol' => 'saml1',
44 );
45 if (isset($state['saml:AuthnRequestReceivedAt'])) {
46 $statsData['logintime'] = microtime(TRUE) - $state['saml:AuthnRequestReceivedAt'];
47 }
48 SimpleSAML_Stats::log('saml:idp:Response', $statsData);
49
50 // Generate and send response.
51 $ar = new \SimpleSAML\XML\Shib13\AuthnResponse();
52 $authnResponseXML = $ar->generate($idpMetadata, $spMetadata, $shire, $attributes);
53
54 $httppost = new HTTPPost($config, $metadata);
55 $httppost->sendResponse($authnResponseXML, $idpMetadata, $spMetadata, $target, $shire);
56 }
SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:297
SimpleSAML_Configuration\loadFromArray
static loadFromArray($config, $location='[ARRAY]', $instance=null)
Loads a configuration from the given array.
Definition: Configuration.php:269
SimpleSAML_IdP\getByState
static getByState(array &$state)
Retrieve the IdP "owning" the state.
Definition: IdP.php:152
$idpMetadata
$idpMetadata
Definition: logout-iframe-post.php:26
$attributes
$attributes
Definition: serviceValidate.php:33

References $attributes, $config, $idp, $idpMetadata, $metadata, $spEntityId, $spMetadata, $state, $target, SimpleSAML_IdP\getByState(), SimpleSAML_Configuration\getInstance(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), SimpleSAML\Logger\info(), SimpleSAML_Configuration\loadFromArray(), and SimpleSAML_Stats\log().

+ Here is the call graph for this function:
The documentation for this class was generated from the following file: