ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Private Attributes
SAML2\Assertion\Decrypter Class Reference
+ Collaboration diagram for SAML2\Assertion\Decrypter:

Public Member Functions

 __construct (LoggerInterface $logger, IdentityProvider $identityProvider, ServiceProvider $serviceProvider, PrivateKeyLoader $privateKeyLoader)
 
 isEncryptionRequired ()
 Allows for checking whether either the SP or the IdP requires assertion encryption. More...
 
 decrypt (EncryptedAssertion $assertion)
 

Private Attributes

 $identityProvider
 
 $serviceProvider
 
 $privateKeyLoader
 
 $logger
 

Detailed Description

Definition at line 12 of file Decrypter.php.

Constructor & Destructor Documentation

◆ __construct()

SAML2\Assertion\Decrypter::__construct ( LoggerInterface  $logger,
IdentityProvider  $identityProvider,
ServiceProvider  $serviceProvider,
PrivateKeyLoader  $privateKeyLoader 
)

Definition at line 34 of file Decrypter.php.

References SAML2\Assertion\Decrypter\$identityProvider, SAML2\Assertion\Decrypter\$logger, SAML2\Assertion\Decrypter\$privateKeyLoader, and SAML2\Assertion\Decrypter\$serviceProvider.

39  {
40  $this->logger = $logger;
41  $this->identityProvider = $identityProvider;
42  $this->serviceProvider = $serviceProvider;
43  $this->privateKeyLoader = $privateKeyLoader;
44  }

Member Function Documentation

◆ decrypt()

SAML2\Assertion\Decrypter::decrypt ( EncryptedAssertion  $assertion)
Parameters
\SAML2\EncryptedAssertion$assertion
Returns

Definition at line 60 of file Decrypter.php.

References $index, $key, and SAML2\EncryptedAssertion\getAssertion().

61  {
62  $decryptionKeys = $this->privateKeyLoader->loadDecryptionKeys($this->identityProvider, $this->serviceProvider);
63  $blacklistedKeys = $this->identityProvider->getBlacklistedAlgorithms();
64  if (is_null($blacklistedKeys)) {
65  $blacklistedKeys = $this->serviceProvider->getBlacklistedAlgorithms();
66  }
67 
68  // reflects the simplesamlphp behaviour for BC, see
69  // https://github.com/simplesamlphp/simplesamlphp/blob/3d735912342767d391297cc5e13272a76730aca0/modules/saml/lib/Message.php#L369
70  foreach ($decryptionKeys as $index => $key) {
71  try {
72  $decryptedAssertion = $assertion->getAssertion($key, $blacklistedKeys);
73  $this->logger->debug(sprintf('Decrypted Assertion with key "#%d"', $index));
74 
75  return $decryptedAssertion;
76  } catch (\Exception $e) {
77  $this->logger->debug(sprintf(
78  'Could not decrypt assertion with key "#%d", "%s" thrown: "%s"',
79  $index,
80  get_class($e),
81  $e->getMessage()
82  ));
83  }
84  }
85 
86  throw new NotDecryptedException(sprintf(
87  'Could not decrypt the assertion, tried with "%d" keys. See the debug log for more information',
88  count($decryptionKeys)
89  ));
90  }
$index
$index
Definition: metadata.php:60
$key
$key
Definition: croninfo.php:18
+ Here is the call graph for this function:

◆ isEncryptionRequired()

SAML2\Assertion\Decrypter::isEncryptionRequired ( )

Allows for checking whether either the SP or the IdP requires assertion encryption.

Definition at line 49 of file Decrypter.php.

50  {
51  return $this->identityProvider->isAssertionEncryptionRequired()
52  || $this->serviceProvider->isAssertionEncryptionRequired();
53  }

Field Documentation

◆ $identityProvider

SAML2\Assertion\Decrypter::$identityProvider
private

Definition at line 17 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

◆ $logger

SAML2\Assertion\Decrypter::$logger
private

Definition at line 32 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

◆ $privateKeyLoader

SAML2\Assertion\Decrypter::$privateKeyLoader
private

Definition at line 27 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

◆ $serviceProvider

SAML2\Assertion\Decrypter::$serviceProvider
private

Definition at line 22 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

The documentation for this class was generated from the following file: