ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Protected Member Functions | Private Member Functions | Private Attributes
SAML2\AuthnRequest Class Reference
+ Inheritance diagram for SAML2\AuthnRequest:
+ Collaboration diagram for SAML2\AuthnRequest:

Public Member Functions

 __construct (\DOMElement $xml=null)
 Constructor for SAML 2 authentication request messages. More...
 
 getNameIdPolicy ()
 Retrieve the NameIdPolicy. More...
 
 setNameIdPolicy (array $nameIdPolicy)
 Set the NameIDPolicy. More...
 
 getForceAuthn ()
 Retrieve the value of the ForceAuthn attribute. More...
 
 setForceAuthn ($forceAuthn)
 Set the value of the ForceAuthn attribute. More...
 
 getProviderName ()
 Retrieve the value of the ProviderName attribute. More...
 
 setProviderName ($ProviderName)
 Set the value of the ProviderName attribute. More...
 
 getIsPassive ()
 Retrieve the value of the IsPassive attribute. More...
 
 setIsPassive ($isPassive)
 Set the value of the IsPassive attribute. More...
 
 setIDPList ($IDPList)
 This function sets the scoping for the request. More...
 
 getIDPList ()
 This function retrieves the list of providerIDs from this authentication request. More...
 
 setProxyCount ($ProxyCount)
 
 getProxyCount ()
 
 setRequesterID (array $RequesterID)
 
 getRequesterID ()
 
 getAssertionConsumerServiceURL ()
 Retrieve the value of the AssertionConsumerServiceURL attribute. More...
 
 setAssertionConsumerServiceURL ($assertionConsumerServiceURL)
 Set the value of the AssertionConsumerServiceURL attribute. More...
 
 getProtocolBinding ()
 Retrieve the value of the ProtocolBinding attribute. More...
 
 setProtocolBinding ($protocolBinding)
 Set the value of the ProtocolBinding attribute. More...
 
 getAttributeConsumingServiceIndex ()
 Retrieve the value of the AttributeConsumingServiceIndex attribute. More...
 
 setAttributeConsumingServiceIndex ($attributeConsumingServiceIndex)
 Set the value of the AttributeConsumingServiceIndex attribute. More...
 
 getAssertionConsumerServiceIndex ()
 Retrieve the value of the AssertionConsumerServiceIndex attribute. More...
 
 setAssertionConsumerServiceIndex ($assertionConsumerServiceIndex)
 Set the value of the AssertionConsumerServiceIndex attribute. More...
 
 getRequestedAuthnContext ()
 Retrieve the RequestedAuthnContext. More...
 
 setRequestedAuthnContext ($requestedAuthnContext)
 Set the RequestedAuthnContext. More...
 
 getNameId ()
 Retrieve the NameId of the subject in the assertion. More...
 
 setNameId ($nameId)
 Set the NameId of the subject in the assertion. More...
 
 encryptNameId (XMLSecurityKey $key)
 Encrypt the NameID in the AuthnRequest. More...
 
 decryptNameId (XMLSecurityKey $key, array $blacklist=array())
 Decrypt the NameId of the subject in the assertion. More...
 
 getSubjectConfirmation ()
 Retrieve the SubjectConfirmation elements we have in our Subject element. More...
 
 setSubjectConfirmation (array $subjectConfirmation)
 Set the SubjectConfirmation elements that should be included in the assertion. More...
 
 toUnsignedXML ()
 Convert this authentication request to an XML element. More...
 
- Public Member Functions inherited from SAML2\Message
 addValidator ($function, $data)
 Add a method for validating this message. More...
 
 validate (XMLSecurityKey $key)
 Validate this message against a public key. More...
 
 getId ()
 Retrieve the identifier of this message. More...
 
 setId ($id)
 Set the identifier of this message. More...
 
 getIssueInstant ()
 Retrieve the issue timestamp of this message. More...
 
 setIssueInstant ($issueInstant)
 Set the issue timestamp of this message. More...
 
 getDestination ()
 Retrieve the destination of this message. More...
 
 setDestination ($destination)
 Set the destination of this message. More...
 
 setConsent ($consent)
 Set the given consent for this message. More...
 
 getConsent ()
 Set the given consent for this message. More...
 
 getIssuer ()
 Retrieve the issuer if this message. More...
 
 setIssuer ($issuer)
 Set the issuer of this message. More...
 
 isMessageConstructedWithSignature ()
 Query whether or not the message contained a signature at the root level when the object was constructed. More...
 
 getRelayState ()
 Retrieve the RelayState associated with this message. More...
 
 setRelayState ($relayState)
 Set the RelayState associated with this message. More...
 
 toUnsignedXML ()
 Convert this message to an unsigned XML document. More...
 
 toSignedXML ()
 Convert this message to a signed XML document. More...
 
 getSignatureKey ()
 Retrieve the private key we should use to sign the message. More...
 
 setSignatureKey (XMLSecurityKey $signatureKey=null)
 Set the private key we should use to sign the message. More...
 
 setCertificates (array $certificates)
 Set the certificates that should be included in the message. More...
 
 getCertificates ()
 Retrieve the certificates that are included in the message. More...
 
 getExtensions ()
 Retrieve the Extensions. More...
 
 setExtensions ($extensions)
 Set the Extensions. More...
 
 getSignatureMethod ()
 

Protected Member Functions

 parseNameIdPolicy (\DOMElement $xml)
 
 parseRequestedAuthnContext (\DOMElement $xml)
 
 parseScoping (\DOMElement $xml)
 
- Protected Member Functions inherited from SAML2\Message
 __construct ($tagName, \DOMElement $xml=null)
 Initialize a message. More...
 

Private Member Functions

 parseSubject (\DOMElement $xml)
 
 addSubject (\DOMElement $root)
 Add a Subject-node to the assertion. More...
 

Private Attributes

 $nameIdPolicy
 
 $forceAuthn
 
 $ProviderName
 
 $isPassive
 
 $IDPList = array()
 
 $ProxyCount = null
 
 $RequesterID = array()
 
 $assertionConsumerServiceURL
 
 $protocolBinding
 
 $attributeConsumingServiceIndex
 
 $assertionConsumerServiceIndex
 
 $requestedAuthnContext
 
 $subjectConfirmation = array()
 
 $encryptedNameId
 
 $nameId
 

Additional Inherited Members

- Static Public Member Functions inherited from SAML2\Message
static fromXML (\DOMElement $xml)
 Convert an XML element into a message. More...
 
- Protected Attributes inherited from SAML2\Message
 $extensions
 
 $document
 
 $messageContainedSignatureUponConstruction = false
 

Detailed Description

Definition at line 15 of file AuthnRequest.php.

Constructor & Destructor Documentation

◆ __construct()

SAML2\AuthnRequest::__construct ( \DOMElement  $xml = null)

Constructor for SAML 2 authentication request messages.

Parameters
\DOMElement | null$xmlThe input message.
Exceptions

Definition at line 132 of file AuthnRequest.php.

References $xml, and array.

133  {
134  parent::__construct('AuthnRequest', $xml);
135 
136  $this->nameIdPolicy = array();
137  $this->forceAuthn = false;
138  $this->isPassive = false;
139 
140  if ($xml === null) {
141  return;
142  }
143 
144  $this->forceAuthn = Utils::parseBoolean($xml, 'ForceAuthn', false);
145  $this->isPassive = Utils::parseBoolean($xml, 'IsPassive', false);
146 
147  if ($xml->hasAttribute('AssertionConsumerServiceURL')) {
148  $this->assertionConsumerServiceURL = $xml->getAttribute('AssertionConsumerServiceURL');
149  }
150 
151  if ($xml->hasAttribute('ProtocolBinding')) {
152  $this->protocolBinding = $xml->getAttribute('ProtocolBinding');
153  }
154 
155  if ($xml->hasAttribute('AttributeConsumingServiceIndex')) {
156  $this->attributeConsumingServiceIndex = (int) $xml->getAttribute('AttributeConsumingServiceIndex');
157  }
158 
159  if ($xml->hasAttribute('AssertionConsumerServiceIndex')) {
160  $this->assertionConsumerServiceIndex = (int) $xml->getAttribute('AssertionConsumerServiceIndex');
161  }
162 
163  if ($xml->hasAttribute('ProviderName')) {
164  $this->ProviderName = $xml->getAttribute('ProviderName');
165  }
166 
167  $this->parseSubject($xml);
168  $this->parseNameIdPolicy($xml);
169  $this->parseRequestedAuthnContext($xml);
170  $this->parseScoping($xml);
171  }
SAML2\AuthnRequest\parseRequestedAuthnContext
parseRequestedAuthnContext(\DOMElement $xml)
Definition: AuthnRequest.php:240
SAML2\AuthnRequest\parseSubject
parseSubject(\DOMElement $xml)
Definition: AuthnRequest.php:178
$xml
$xml
Definition: metadata.php:240
SAML2\Utils\parseBoolean
static parseBoolean(\DOMElement $node, $attributeName, $default=null)
Parse a boolean attribute.
Definition: Utils.php:276
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
SAML2\AuthnRequest\parseNameIdPolicy
parseNameIdPolicy(\DOMElement $xml)
Definition: AuthnRequest.php:218
SAML2\AuthnRequest\parseScoping
parseScoping(\DOMElement $xml)
Definition: AuthnRequest.php:271

Member Function Documentation

◆ addSubject()

SAML2\AuthnRequest::addSubject ( \DOMElement  $root)
private

Add a Subject-node to the assertion.

Parameters
\DOMElement$rootThe assertion element we should add the subject to.

Definition at line 786 of file AuthnRequest.php.

References $sc.

787  {
788  // If there is no nameId (encrypted or not) there is nothing to create a subject for
789  if ($this->nameId === null && $this->encryptedNameId === null) {
790  return;
791  }
792 
793  $subject = $root->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:Subject');
794  $root->appendChild($subject);
795 
796  if ($this->encryptedNameId === null) {
797  $this->nameId->toXML($subject);
798  } else {
799  $eid = $subject->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:EncryptedID');
800  $eid->appendChild($subject->ownerDocument->importNode($this->encryptedNameId, true));
801  $subject->appendChild($eid);
802  }
803 
804  foreach ($this->subjectConfirmation as $sc) {
805  $sc->toXML($subject);
806  }
807  }
SAML2\Constants\NS_SAML
const NS_SAML
The namespace for the SAML 2 assertions.
Definition: Constants.php:220

◆ decryptNameId()

SAML2\AuthnRequest::decryptNameId ( XMLSecurityKey  $key,
array  $blacklist = array() 
)

Decrypt the NameId of the subject in the assertion.

Parameters
XMLSecurityKey$keyThe decryption key.
array$blacklistBlacklisted decryption algorithms.

Definition at line 648 of file AuthnRequest.php.

References $nameId.

649  {
650  if ($this->encryptedNameId === null) {
651  /* No NameID to decrypt. */
652  return;
653  }
654 
655  $nameId = Utils::decryptElement($this->encryptedNameId, $key, $blacklist);
656  Utils::getContainer()->debugMessage($nameId, 'decrypt');
657  $this->nameId = new XML\saml\NameID($nameId);
658 
659  $this->encryptedNameId = null;
660  }
SAML2\Utils\decryptElement
static decryptElement(\DOMElement $encryptedData, XMLSecurityKey $inputKey, array $blacklist=array())
Decrypt an encrypted element.
Definition: Utils.php:558
$key
$key
Definition: croninfo.php:18
SAML2\Utils\getContainer
static getContainer()
Definition: Utils.php:752

◆ encryptNameId()

SAML2\AuthnRequest::encryptNameId ( XMLSecurityKey  $key)

Encrypt the NameID in the AuthnRequest.

Parameters
XMLSecurityKey$keyThe encryption key.

Definition at line 616 of file AuthnRequest.php.

References $nameId.

617  {
618  /* First create a XML representation of the NameID. */
619  $doc = new \DOMDocument();
620  $root = $doc->createElement('root');
621  $doc->appendChild($root);
622  $this->nameId->toXML($root);
623  $nameId = $root->firstChild;
624 
625  Utils::getContainer()->debugMessage($nameId, 'encrypt');
626 
627  /* Encrypt the NameID. */
628  $enc = new XMLSecEnc();
629  $enc->setNode($nameId);
630  // @codingStandardsIgnoreStart
631  $enc->type = XMLSecEnc::Element;
632  // @codingStandardsIgnoreEnd
633 
634  $symmetricKey = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
635  $symmetricKey->generateSessionKey();
636  $enc->encryptKey($key, $symmetricKey);
637 
638  $this->encryptedNameId = $enc->encryptNode($symmetricKey);
639  $this->nameId = null;
640  }
$key
$key
Definition: croninfo.php:18
SAML2\Utils\getContainer
static getContainer()
Definition: Utils.php:752

◆ getAssertionConsumerServiceIndex()

SAML2\AuthnRequest::getAssertionConsumerServiceIndex ( )

Retrieve the value of the AssertionConsumerServiceIndex attribute.

Returns
int|null The AssertionConsumerServiceIndex attribute.

Definition at line 542 of file AuthnRequest.php.

543  {
544  return $this->assertionConsumerServiceIndex;
545  }

◆ getAssertionConsumerServiceURL()

SAML2\AuthnRequest::getAssertionConsumerServiceURL ( )

Retrieve the value of the AssertionConsumerServiceURL attribute.

Returns
string|null The AssertionConsumerServiceURL attribute.

Definition at line 476 of file AuthnRequest.php.

477  {
478  return $this->assertionConsumerServiceURL;
479  }

◆ getAttributeConsumingServiceIndex()

SAML2\AuthnRequest::getAttributeConsumingServiceIndex ( )

Retrieve the value of the AttributeConsumingServiceIndex attribute.

Returns
int|null The AttributeConsumingServiceIndex attribute.

Definition at line 520 of file AuthnRequest.php.

521  {
522  return $this->attributeConsumingServiceIndex;
523  }

◆ getForceAuthn()

SAML2\AuthnRequest::getForceAuthn ( )

Retrieve the value of the ForceAuthn attribute.

Returns
bool The ForceAuthn attribute.

Definition at line 341 of file AuthnRequest.php.

References $forceAuthn.

342  {
343  return $this->forceAuthn;
344  }

◆ getIDPList()

SAML2\AuthnRequest::getIDPList ( )

This function retrieves the list of providerIDs from this authentication request.

Currently we only support a list of ipd ientity id's.

Returns
array List of idp EntityIDs from the request

Definition at line 433 of file AuthnRequest.php.

434  {
435  return $this->IDPList;
436  }

◆ getIsPassive()

SAML2\AuthnRequest::getIsPassive ( )

Retrieve the value of the IsPassive attribute.

Returns
bool The IsPassive attribute.

Definition at line 389 of file AuthnRequest.php.

References $isPassive.

390  {
391  return $this->isPassive;
392  }

◆ getNameId()

SAML2\AuthnRequest::getNameId ( )

Retrieve the NameId of the subject in the assertion.

Returns
|null The name identifier of the assertion.
Exceptions

Definition at line 587 of file AuthnRequest.php.

References $nameId.

588  {
589  if ($this->encryptedNameId !== null) {
590  throw new \Exception('Attempted to retrieve encrypted NameID without decrypting it first.');
591  }
592 
593  return $this->nameId;
594  }

◆ getNameIdPolicy()

SAML2\AuthnRequest::getNameIdPolicy ( )

Retrieve the NameIdPolicy.

See also
::setNameIdPolicy()
Returns
array The NameIdPolicy.

Definition at line 304 of file AuthnRequest.php.

305  {
306  return $this->nameIdPolicy;
307  }

◆ getProtocolBinding()

SAML2\AuthnRequest::getProtocolBinding ( )

Retrieve the value of the ProtocolBinding attribute.

Returns
string|null The ProtocolBinding attribute.

Definition at line 498 of file AuthnRequest.php.

499  {
500  return $this->protocolBinding;
501  }

◆ getProviderName()

SAML2\AuthnRequest::getProviderName ( )

Retrieve the value of the ProviderName attribute.

Returns
string The ProviderName attribute.

Definition at line 365 of file AuthnRequest.php.

366  {
367  return $this->ProviderName;
368  }

◆ getProxyCount()

SAML2\AuthnRequest::getProxyCount ( )
Returns
int

Definition at line 450 of file AuthnRequest.php.

451  {
452  return $this->ProxyCount;
453  }

◆ getRequestedAuthnContext()

SAML2\AuthnRequest::getRequestedAuthnContext ( )

Retrieve the RequestedAuthnContext.

Returns
array|null The RequestedAuthnContext.

Definition at line 564 of file AuthnRequest.php.

565  {
566  return $this->requestedAuthnContext;
567  }

◆ getRequesterID()

SAML2\AuthnRequest::getRequesterID ( )
Returns
array

Definition at line 466 of file AuthnRequest.php.

467  {
468  return $this->RequesterID;
469  }

◆ getSubjectConfirmation()

SAML2\AuthnRequest::getSubjectConfirmation ( )

Retrieve the SubjectConfirmation elements we have in our Subject element.

Returns
[]

Definition at line 667 of file AuthnRequest.php.

668  {
669  return $this->subjectConfirmation;
670  }

◆ parseNameIdPolicy()

SAML2\AuthnRequest::parseNameIdPolicy ( \DOMElement  $xml)
protected
Parameters
\DOMElement$xml
Exceptions

Definition at line 218 of file AuthnRequest.php.

219  {
220  $nameIdPolicy = Utils::xpQuery($xml, './saml_protocol:NameIDPolicy');
221  if (empty($nameIdPolicy)) {
222  return;
223  }
224 
225  $nameIdPolicy = $nameIdPolicy[0];
226  if ($nameIdPolicy->hasAttribute('Format')) {
227  $this->nameIdPolicy['Format'] = $nameIdPolicy->getAttribute('Format');
228  }
229  if ($nameIdPolicy->hasAttribute('SPNameQualifier')) {
230  $this->nameIdPolicy['SPNameQualifier'] = $nameIdPolicy->getAttribute('SPNameQualifier');
231  }
232  if ($nameIdPolicy->hasAttribute('AllowCreate')) {
233  $this->nameIdPolicy['AllowCreate'] = Utils::parseBoolean($nameIdPolicy, 'AllowCreate', false);
234  }
235  }
$xml
$xml
Definition: metadata.php:240
SAML2\Utils\parseBoolean
static parseBoolean(\DOMElement $node, $attributeName, $default=null)
Parse a boolean attribute.
Definition: Utils.php:276
SAML2\Utils\xpQuery
static xpQuery(\DOMNode $node, $query)
Do an XPath query on an XML node.
Definition: Utils.php:191

◆ parseRequestedAuthnContext()

SAML2\AuthnRequest::parseRequestedAuthnContext ( \DOMElement  $xml)
protected
Parameters
\DOMElement$xml

Definition at line 240 of file AuthnRequest.php.

References $i, and array.

241  {
242  $requestedAuthnContext = Utils::xpQuery($xml, './saml_protocol:RequestedAuthnContext');
243  if (empty($requestedAuthnContext)) {
244  return;
245  }
246 
247  $requestedAuthnContext = $requestedAuthnContext[0];
248 
249  $rac = array(
250  'AuthnContextClassRef' => array(),
251  'Comparison' => Constants::COMPARISON_EXACT,
252  );
253 
254  $accr = Utils::xpQuery($requestedAuthnContext, './saml_assertion:AuthnContextClassRef');
255  foreach ($accr as $i) {
256  $rac['AuthnContextClassRef'][] = trim($i->textContent);
257  }
258 
259  if ($requestedAuthnContext->hasAttribute('Comparison')) {
260  $rac['Comparison'] = $requestedAuthnContext->getAttribute('Comparison');
261  }
262 
263  $this->requestedAuthnContext = $rac;
264  }
$xml
$xml
Definition: metadata.php:240
SAML2\Constants\COMPARISON_EXACT
const COMPARISON_EXACT
Request Authentication Context Comparison indicating that the resulting authentication context in the...
Definition: Constants.php:78
SAML2\Utils\xpQuery
static xpQuery(\DOMNode $node, $query)
Do an XPath query on an XML node.
Definition: Utils.php:191
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$i
$i
Definition: disco.tpl.php:19

◆ parseScoping()

SAML2\AuthnRequest::parseScoping ( \DOMElement  $xml)
protected
Parameters
\DOMElement$xml
Exceptions

Definition at line 271 of file AuthnRequest.php.

272  {
273  $scoping = Utils::xpQuery($xml, './saml_protocol:Scoping');
274  if (empty($scoping)) {
275  return;
276  }
277 
278  $scoping = $scoping[0];
279 
280  if ($scoping->hasAttribute('ProxyCount')) {
281  $this->ProxyCount = (int) $scoping->getAttribute('ProxyCount');
282  }
283  $idpEntries = Utils::xpQuery($scoping, './saml_protocol:IDPList/saml_protocol:IDPEntry');
284 
285  foreach ($idpEntries as $idpEntry) {
286  if (!$idpEntry->hasAttribute('ProviderID')) {
287  throw new \Exception("Could not get ProviderID from Scoping/IDPEntry element in AuthnRequest object");
288  }
289  $this->IDPList[] = $idpEntry->getAttribute('ProviderID');
290  }
291 
292  $requesterIDs = Utils::xpQuery($scoping, './saml_protocol:RequesterID');
293  foreach ($requesterIDs as $requesterID) {
294  $this->RequesterID[] = trim($requesterID->textContent);
295  }
296  }
$xml
$xml
Definition: metadata.php:240
SAML2\Utils\xpQuery
static xpQuery(\DOMNode $node, $query)
Do an XPath query on an XML node.
Definition: Utils.php:191

◆ parseSubject()

SAML2\AuthnRequest::parseSubject ( \DOMElement  $xml)
private
Parameters
$xml
Exceptions

Definition at line 178 of file AuthnRequest.php.

References $nameId, and $sc.

179  {
180  $subject = Utils::xpQuery($xml, './saml_assertion:Subject');
181  if (empty($subject)) {
182  return;
183  }
184 
185  if (count($subject) > 1) {
186  throw new \Exception('More than one <saml:Subject> in <saml:AuthnRequest>.');
187  }
188  $subject = $subject[0];
189 
190  $nameId = Utils::xpQuery(
191  $subject,
192  './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData'
193  );
194  if (empty($nameId)) {
195  throw new \Exception('Missing <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.');
196  } elseif (count($nameId) > 1) {
197  throw new \Exception('More than one <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.');
198  }
199  $nameId = $nameId[0];
200  if ($nameId->localName === 'EncryptedData') {
201  /* The NameID element is encrypted. */
202  $this->encryptedNameId = $nameId;
203  } else {
204  $this->nameId = new XML\saml\NameID($nameId);
205  }
206 
207  $subjectConfirmation = Utils::xpQuery($subject, './saml_assertion:SubjectConfirmation');
208  foreach ($subjectConfirmation as $sc) {
209  $this->subjectConfirmation[] = new SubjectConfirmation($sc);
210  }
211  }
$xml
$xml
Definition: metadata.php:240
SAML2\Utils\xpQuery
static xpQuery(\DOMNode $node, $query)
Do an XPath query on an XML node.
Definition: Utils.php:191

◆ setAssertionConsumerServiceIndex()

SAML2\AuthnRequest::setAssertionConsumerServiceIndex (   $assertionConsumerServiceIndex)

Set the value of the AssertionConsumerServiceIndex attribute.

Parameters
int | null$assertionConsumerServiceIndexThe AssertionConsumerServiceIndex attribute.

Definition at line 552 of file AuthnRequest.php.

553  {
554  assert(is_int($assertionConsumerServiceIndex) || is_null($assertionConsumerServiceIndex));
555 
556  $this->assertionConsumerServiceIndex = $assertionConsumerServiceIndex;
557  }

◆ setAssertionConsumerServiceURL()

SAML2\AuthnRequest::setAssertionConsumerServiceURL (   $assertionConsumerServiceURL)

Set the value of the AssertionConsumerServiceURL attribute.

Parameters
string | null$assertionConsumerServiceURLThe AssertionConsumerServiceURL attribute.

Definition at line 486 of file AuthnRequest.php.

487  {
488  assert(is_string($assertionConsumerServiceURL) || is_null($assertionConsumerServiceURL));
489 
490  $this->assertionConsumerServiceURL = $assertionConsumerServiceURL;
491  }

◆ setAttributeConsumingServiceIndex()

SAML2\AuthnRequest::setAttributeConsumingServiceIndex (   $attributeConsumingServiceIndex)

Set the value of the AttributeConsumingServiceIndex attribute.

Parameters
int | null$attributeConsumingServiceIndexThe AttributeConsumingServiceIndex attribute.

Definition at line 530 of file AuthnRequest.php.

531  {
532  assert(is_int($attributeConsumingServiceIndex) || is_null($attributeConsumingServiceIndex));
533 
534  $this->attributeConsumingServiceIndex = $attributeConsumingServiceIndex;
535  }

◆ setForceAuthn()

SAML2\AuthnRequest::setForceAuthn (   $forceAuthn)

Set the value of the ForceAuthn attribute.

Parameters
bool$forceAuthnThe ForceAuthn attribute.

Definition at line 352 of file AuthnRequest.php.

References $forceAuthn.

353  {
354  assert(is_bool($forceAuthn));
355 
356  $this->forceAuthn = $forceAuthn;
357  }

◆ setIDPList()

SAML2\AuthnRequest::setIDPList (   $IDPList)

This function sets the scoping for the request.

See Core 3.4.1.2 for the definition of scoping. Currently we support an IDPList of idpEntries.

Each idpEntries consists of an array, containing keys (mapped to attributes) and corresponding values. Allowed attributes: Loc, Name, ProviderID.

For backward compatibility, an idpEntries can also be a string instead of an array, where each string is mapped to the value of attribute ProviderID.

Definition at line 421 of file AuthnRequest.php.

422  {
423  assert(is_array($IDPList));
424  $this->IDPList = $IDPList;
425  }

◆ setIsPassive()

SAML2\AuthnRequest::setIsPassive (   $isPassive)

Set the value of the IsPassive attribute.

Parameters
bool$isPassiveThe IsPassive attribute.

Definition at line 400 of file AuthnRequest.php.

References $isPassive.

401  {
402  assert(is_bool($isPassive));
403 
404  $this->isPassive = $isPassive;
405  }

◆ setNameId()

SAML2\AuthnRequest::setNameId (   $nameId)

Set the NameId of the subject in the assertion.

Parameters
\SAML2\XML\saml\NameID | null$nameIdThe name identifier of the assertion.

Definition at line 601 of file AuthnRequest.php.

References $nameId.

602  {
603  assert(is_array($nameId) || is_null($nameId) || $nameId instanceof XML\saml\NameID);
604 
605  if (is_array($nameId)) {
606  $nameId = XML\saml\NameID::fromArray($nameId);
607  }
608  $this->nameId = $nameId;
609  }
SAML2\XML\saml\NameIDType\fromArray
static fromArray(array $nameId)
Create a object from an array with its contents.
Definition: NameIDType.php:87

◆ setNameIdPolicy()

SAML2\AuthnRequest::setNameIdPolicy ( array  $nameIdPolicy)

Set the NameIDPolicy.

This function accepts an array with the following options:

  • 'Format' (string)
  • 'SPNameQualifier' (string)
  • 'AllowCreate' (bool)
Parameters
array$nameIdPolicyThe NameIDPolicy.

Definition at line 320 of file AuthnRequest.php.

321  {
322  if (isset($nameIdPolicy['Format']) && !is_string($nameIdPolicy['Format'])) {
323  throw InvalidArgumentException::invalidType('string', $nameIdPolicy['Format']);
324  }
325  if (isset($nameIdPolicy['SPNameQualifier']) && !is_string($nameIdPolicy['SPNameQualifier'])) {
326  throw InvalidArgumentException::invalidType('string', $nameIdPolicy['SPNameQualifier']);
327  }
328  if (isset($nameIdPolicy['AllowCreate']) && !is_bool($nameIdPolicy['AllowCreate'])) {
329  throw InvalidArgumentException::invalidType('bool', $nameIdPolicy['AllowCreate']);
330  }
331 
332  $this->nameIdPolicy = $nameIdPolicy;
333  }

◆ setProtocolBinding()

SAML2\AuthnRequest::setProtocolBinding (   $protocolBinding)

Set the value of the ProtocolBinding attribute.

Parameters
string$protocolBindingThe ProtocolBinding attribute.

Definition at line 508 of file AuthnRequest.php.

509  {
510  assert(is_string($protocolBinding) || is_null($protocolBinding));
511 
512  $this->protocolBinding = $protocolBinding;
513  }

◆ setProviderName()

SAML2\AuthnRequest::setProviderName (   $ProviderName)

Set the value of the ProviderName attribute.

Parameters
string$ProviderNameThe ProviderName attribute.

Definition at line 376 of file AuthnRequest.php.

377  {
378  assert(is_string($ProviderName));
379 
380  $this->ProviderName = $ProviderName;
381  }

◆ setProxyCount()

SAML2\AuthnRequest::setProxyCount (   $ProxyCount)
Parameters
int$ProxyCount

Definition at line 441 of file AuthnRequest.php.

442  {
443  assert(is_int($ProxyCount));
444  $this->ProxyCount = $ProxyCount;
445  }

◆ setRequestedAuthnContext()

SAML2\AuthnRequest::setRequestedAuthnContext (   $requestedAuthnContext)

Set the RequestedAuthnContext.

Parameters
array | null$requestedAuthnContextThe RequestedAuthnContext.

Definition at line 574 of file AuthnRequest.php.

575  {
576  assert(is_array($requestedAuthnContext) || is_null($requestedAuthnContext));
577 
578  $this->requestedAuthnContext = $requestedAuthnContext;
579  }

◆ setRequesterID()

SAML2\AuthnRequest::setRequesterID ( array  $RequesterID)
Parameters
array$RequesterID

Definition at line 458 of file AuthnRequest.php.

459  {
460  $this->RequesterID = $RequesterID;
461  }

◆ setSubjectConfirmation()

SAML2\AuthnRequest::setSubjectConfirmation ( array  $subjectConfirmation)

Set the SubjectConfirmation elements that should be included in the assertion.

Parameters
array[]

Definition at line 677 of file AuthnRequest.php.

678  {
679  $this->subjectConfirmation = $subjectConfirmation;
680  }

◆ toUnsignedXML()

SAML2\AuthnRequest::toUnsignedXML ( )

Convert this authentication request to an XML element.

Returns
This authentication request.

Definition at line 687 of file AuthnRequest.php.

References League\OAuth2\Client\Provider\$provider, and array.

688  {
689  $root = parent::toUnsignedXML();
690 
691  if ($this->forceAuthn) {
692  $root->setAttribute('ForceAuthn', 'true');
693  }
694 
695  if ($this->ProviderName !== null) {
696  $root->setAttribute('ProviderName', $this->ProviderName);
697  }
698 
699  if ($this->isPassive) {
700  $root->setAttribute('IsPassive', 'true');
701  }
702 
703  if ($this->assertionConsumerServiceIndex !== null) {
704  $root->setAttribute('AssertionConsumerServiceIndex', $this->assertionConsumerServiceIndex);
705  } else {
706  if ($this->assertionConsumerServiceURL !== null) {
707  $root->setAttribute('AssertionConsumerServiceURL', $this->assertionConsumerServiceURL);
708  }
709  if ($this->protocolBinding !== null) {
710  $root->setAttribute('ProtocolBinding', $this->protocolBinding);
711  }
712  }
713 
714  if ($this->attributeConsumingServiceIndex !== null) {
715  $root->setAttribute('AttributeConsumingServiceIndex', $this->attributeConsumingServiceIndex);
716  }
717 
718  $this->addSubject($root);
719 
720  if (!empty($this->nameIdPolicy)) {
721  $nameIdPolicy = $this->document->createElementNS(Constants::NS_SAMLP, 'NameIDPolicy');
722  if (array_key_exists('Format', $this->nameIdPolicy)) {
723  $nameIdPolicy->setAttribute('Format', $this->nameIdPolicy['Format']);
724  }
725  if (array_key_exists('SPNameQualifier', $this->nameIdPolicy)) {
726  $nameIdPolicy->setAttribute('SPNameQualifier', $this->nameIdPolicy['SPNameQualifier']);
727  }
728  if (array_key_exists('AllowCreate', $this->nameIdPolicy)) {
729  $nameIdPolicy->setAttribute('AllowCreate', ($this->nameIdPolicy['AllowCreate']) ? 'true' : 'false');
730  }
731  $root->appendChild($nameIdPolicy);
732  }
733 
734  $rac = $this->requestedAuthnContext;
735  if (!empty($rac) && !empty($rac['AuthnContextClassRef'])) {
736  $e = $this->document->createElementNS(Constants::NS_SAMLP, 'RequestedAuthnContext');
737  $root->appendChild($e);
738  if (isset($rac['Comparison']) && $rac['Comparison'] !== Constants::COMPARISON_EXACT) {
739  $e->setAttribute('Comparison', $rac['Comparison']);
740  }
741  foreach ($rac['AuthnContextClassRef'] as $accr) {
742  Utils::addString($e, Constants::NS_SAML, 'AuthnContextClassRef', $accr);
743  }
744  }
745 
746  if ($this->ProxyCount !== null || count($this->IDPList) > 0 || count($this->RequesterID) > 0) {
747  $scoping = $this->document->createElementNS(Constants::NS_SAMLP, 'Scoping');
748  $root->appendChild($scoping);
749  if ($this->ProxyCount !== null) {
750  $scoping->setAttribute('ProxyCount', $this->ProxyCount);
751  }
752  if (count($this->IDPList) > 0) {
753  $idplist = $this->document->createElementNS(Constants::NS_SAMLP, 'IDPList');
754  foreach ($this->IDPList as $provider) {
755  $idpEntry = $this->document->createElementNS(Constants::NS_SAMLP, 'IDPEntry');
756  if (is_string($provider)) {
757  $idpEntry->setAttribute('ProviderID', $provider);
758  } elseif (is_array($provider)) {
759  foreach ($provider as $attribute => $value) {
760  if (in_array($attribute, array(
761  'ProviderID',
762  'Loc',
763  'Name'
764  ))) {
765  $idpEntry->setAttribute($attribute, $value);
766  }
767  }
768  }
769  $idplist->appendChild($idpEntry);
770  }
771  $scoping->appendChild($idplist);
772  }
773  if (count($this->RequesterID) > 0) {
774  Utils::addStrings($scoping, Constants::NS_SAMLP, 'RequesterID', false, $this->RequesterID);
775  }
776  }
777 
778  return $root;
779  }
SAML2\AuthnRequest\addSubject
addSubject(\DOMElement $root)
Add a Subject-node to the assertion.
Definition: AuthnRequest.php:786
SAML2\Constants\COMPARISON_EXACT
const COMPARISON_EXACT
Request Authentication Context Comparison indicating that the resulting authentication context in the...
Definition: Constants.php:78
SAML2\Utils\addStrings
static addStrings(\DOMElement $parent, $namespace, $name, $localized, array $values)
Append string elements.
Definition: Utils.php:659
SAML2\Utils\addString
static addString(\DOMElement $parent, $namespace, $name, $value)
Append string element.
Definition: Utils.php:635
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
SAML2\Constants\NS_SAMLP
const NS_SAMLP
The namespace for the SAML 2 protocol.
Definition: Constants.php:215
SAML2\Constants\NS_SAML
const NS_SAML
The namespace for the SAML 2 assertions.
Definition: Constants.php:220

Field Documentation

◆ $assertionConsumerServiceIndex

SAML2\AuthnRequest::$assertionConsumerServiceIndex
private

Definition at line 97 of file AuthnRequest.php.

◆ $assertionConsumerServiceURL

SAML2\AuthnRequest::$assertionConsumerServiceURL
private

Definition at line 74 of file AuthnRequest.php.

◆ $attributeConsumingServiceIndex

SAML2\AuthnRequest::$attributeConsumingServiceIndex
private

Definition at line 90 of file AuthnRequest.php.

◆ $encryptedNameId

SAML2\AuthnRequest::$encryptedNameId
private

Definition at line 119 of file AuthnRequest.php.

◆ $forceAuthn

SAML2\AuthnRequest::$forceAuthn
private

Definition at line 29 of file AuthnRequest.php.

◆ $IDPList

SAML2\AuthnRequest::$IDPList = array()
private

Definition at line 52 of file AuthnRequest.php.

◆ $isPassive

SAML2\AuthnRequest::$isPassive
private

Definition at line 45 of file AuthnRequest.php.

◆ $nameId

SAML2\AuthnRequest::$nameId
private

Definition at line 124 of file AuthnRequest.php.

◆ $nameIdPolicy

SAML2\AuthnRequest::$nameIdPolicy
private

Definition at line 22 of file AuthnRequest.php.

◆ $protocolBinding

SAML2\AuthnRequest::$protocolBinding
private

Definition at line 82 of file AuthnRequest.php.

◆ $ProviderName

SAML2\AuthnRequest::$ProviderName
private

Definition at line 37 of file AuthnRequest.php.

◆ $ProxyCount

SAML2\AuthnRequest::$ProxyCount = null
private

Definition at line 59 of file AuthnRequest.php.

◆ $requestedAuthnContext

SAML2\AuthnRequest::$requestedAuthnContext
private

Definition at line 109 of file AuthnRequest.php.

◆ $RequesterID

SAML2\AuthnRequest::$RequesterID = array()
private

Definition at line 67 of file AuthnRequest.php.

◆ $subjectConfirmation

SAML2\AuthnRequest::$subjectConfirmation = array()
private

Definition at line 114 of file AuthnRequest.php.

The documentation for this class was generated from the following file: