ILIAS
release_5-3 Revision v5.3.23-19-g915713cf615
◀ ilDoc Overview
ExpectedAuthnContextClassRef.php
Go to the documentation of this file.
1
<?
php
2
3
19
class
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef
extends
SimpleSAML_Auth_ProcessingFilter
20
{
21
26
private
$accepted
;
27
28
33
private
$AuthnContextClassRef
;
34
35
44
public
function
__construct
(
$config
, $reserved)
45
{
46
parent::__construct(
$config
, $reserved);
47
48
assert(
'is_array($config)'
);
49
if
(empty(
$config
[
'accepted'
])) {
50
SimpleSAML\Logger::error
(
51
'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.'
52
);
53
throw
new
SimpleSAML_Error_Exception
(
54
'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.'
55
);
56
}
57
$this->accepted =
$config
[
'accepted'
];
58
}
59
60
65
public
function
process
(&$request)
66
{
67
assert(
'is_array($request)'
);
68
assert(
'array_key_exists("Attributes", $request)'
);
69
70
$this->AuthnContextClassRef = $request[
'saml:sp:State'
][
'saml:sp:AuthnContext'
];
71
72
if
(!in_array($this->AuthnContextClassRef, $this->accepted,
true
)) {
73
$this->
unauthorized
($request);
74
}
75
}
76
77
90
protected
function
unauthorized
(&$request)
91
{
92
SimpleSAML\Logger::error
(
93
'ExpectedAuthnContextClassRef: Invalid authentication context: '
.$this->AuthnContextClassRef.
94
'. Accepted values are: '
.var_export($this->accepted,
true
)
95
);
96
97
$id
=
SimpleSAML_Auth_State::saveState
($request,
'saml:ExpectedAuthnContextClassRef:unauthorized'
);
98
$url
=
SimpleSAML\Module::getModuleURL
(
99
'saml/sp/wrong_authncontextclassref.php'
100
);
101
\SimpleSAML\Utils\HTTP::redirectTrustedURL
(
$url
, array(
'StateId'
=>
$id
));
102
}
103
}
php
An exception for terminatinating execution or to throw for unit testing.
SimpleSAML\Logger\error
static error($string)
Definition:
Logger.php:168
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition:
Module.php:303
SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition:
HTTP.php:962
SimpleSAML_Auth_ProcessingFilter
Definition:
ProcessingFilter.php:21
SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition:
State.php:194
SimpleSAML_Error_Exception
Definition:
Exception.php:13
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef
Definition:
ExpectedAuthnContextClassRef.php:20
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\$AuthnContextClassRef
$AuthnContextClassRef
Definition:
ExpectedAuthnContextClassRef.php:33
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\unauthorized
unauthorized(&$request)
When the process logic determines that the user is not authorized for this service,...
Definition:
ExpectedAuthnContextClassRef.php:90
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\__construct
__construct($config, $reserved)
Initialize this filter, parse configuration.
Definition:
ExpectedAuthnContextClassRef.php:44
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\$accepted
$accepted
Definition:
ExpectedAuthnContextClassRef.php:26
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\process
process(&$request)
Definition:
ExpectedAuthnContextClassRef.php:65
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition:
expirywarning.php:14
$config
$config
Definition:
flush-definition-cache.php:23
$url
$url
Definition:
proxy_ylocal.php:28
libs
composer
vendor
simplesamlphp
simplesamlphp
modules
saml
lib
Auth
Process
ExpectedAuthnContextClassRef.php
Generated on Tue Oct 28 2025 19:01:01 for ILIAS by
1.9.4 (using
Doxyfile
)
1.9.4 (using Doxyfile) 1.9.4 (using Doxyfile)