ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
HTTPArtifact.php
Go to the documentation of this file.
1<?php
2
3namespace SAML2;
4
9use SimpleSAML_Store;
11
20class HTTPArtifact extends Binding
21{
25 private $spMetadata;
26
35 {
36 $store = SimpleSAML_Store::getInstance();
37 if ($store === false) {
38 throw new \Exception('Unable to send artifact without a datastore configured.');
39 }
40
42 $artifact = base64_encode("\x00\x04\x00\x00" . sha1($message->getIssuer(), true) . $generatedId) ;
43 $artifactData = $message->toUnsignedXML();
44 $artifactDataString = $artifactData->ownerDocument->saveXML($artifactData);
45
46 $store->set('artifact', $artifact, $artifactDataString, Temporal::getTime() + 15*60);
47
48 $params = array(
49 'SAMLart' => $artifact,
50 );
51 $relayState = $message->getRelayState();
52 if ($relayState !== null) {
53 $params['RelayState'] = $relayState;
54 }
55
57 }
58
66 public function send(Message $message)
67 {
68 $destination = $this->getRedirectURL($message);
69 Utils::getContainer()->redirect($destination);
70 }
71
80 public function receive()
81 {
82 if (array_key_exists('SAMLart', $_REQUEST)) {
83 $artifact = base64_decode($_REQUEST['SAMLart']);
84 $endpointIndex = bin2hex(substr($artifact, 2, 2));
85 $sourceId = bin2hex(substr($artifact, 4, 20));
86 } else {
87 throw new \Exception('Missing SAMLart parameter.');
88 }
89
91
92 $idpMetadata = $metadataHandler->getMetaDataConfigForSha1($sourceId, 'saml20-idp-remote');
93
94 if ($idpMetadata === null) {
95 throw new \Exception('No metadata found for remote provider with SHA1 ID: ' . var_export($sourceId, true));
96 }
97
98 $endpoint = null;
99 foreach ($idpMetadata->getEndpoints('ArtifactResolutionService') as $ep) {
100 if ($ep['index'] === hexdec($endpointIndex)) {
101 $endpoint = $ep;
102 break;
103 }
104 }
105
106 if ($endpoint === null) {
107 throw new \Exception('No ArtifactResolutionService with the correct index.');
108 }
109
110 Utils::getContainer()->getLogger()->debug("ArtifactResolutionService endpoint being used is := " . $endpoint['Location']);
111
112 //Construct the ArtifactResolve Request
113 $ar = new ArtifactResolve();
114
115 /* Set the request attributes */
116
117 $ar->setIssuer($this->spMetadata->getString('entityid'));
118 $ar->setArtifact($_REQUEST['SAMLart']);
119 $ar->setDestination($endpoint['Location']);
120
121 /* Sign the request */
122 \sspmod_saml_Message::addSign($this->spMetadata, $idpMetadata, $ar); // Shoaib - moved from the SOAPClient.
123
124 $soap = new SOAPClient();
125
126 // Send message through SoapClient
128 $artifactResponse = $soap->send($ar, $this->spMetadata);
129
130 if (!$artifactResponse->isSuccess()) {
131 throw new \Exception('Received error from ArtifactResolutionService.');
132 }
133
134 $xml = $artifactResponse->getAny();
135 if ($xml === null) {
136 /* Empty ArtifactResponse - possibly because of Artifact replay? */
137
138 return null;
139 }
140
141 $samlResponse = Message::fromXML($xml);
142 $samlResponse->addValidator(array(get_class($this), 'validateSignature'), $artifactResponse);
143
144 if (isset($_REQUEST['RelayState'])) {
145 $samlResponse->setRelayState($_REQUEST['RelayState']);
146 }
147
148 return $samlResponse;
149 }
150
155 {
156 $this->spMetadata = $sp;
157 }
158
167 {
168 return $message->validate($key);
169 }
170}
getTime()
Definition: MetaLoader.php:492
$endpoint
if(!array_key_exists(sspmod_authfacebook_Auth_Source_Facebook::AUTHID, $state)) $sourceId
Definition: linkback.php:20
An exception for terminatinating execution or to throw for unit testing.
getRedirectURL(Message $message)
Create the redirect URL for a message.
static validateSignature(ArtifactResponse $message, XMLSecurityKey $key)
A validator which returns true if the ArtifactResponse was signed with the given key.
setSPMetadata(SimpleSAML_Configuration $sp)
send(Message $message)
Send a SAML 2 message using the HTTP-Redirect binding.
Base class for all SAML 2 messages.
Definition: Message.php:19
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
static stringToHex($bytes)
Definition: Utilities.php:370
static addURLparameter($url, $parameters)
Definition: Utilities.php:99
static generateRandomBytes($length)
Definition: Utilities.php:359
static addSign(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, \SAML2\SignedElement $element)
Add signature key and sender certificate to an element (Message or Assertion).
Definition: Message.php:20
$key
Definition: croninfo.php:18
if(! $oauthconfig->getBoolean('getUserInfo.enable', FALSE)) $store
Definition: getUserInfo.php:11
catch(Exception $e) $message
$destination
$relayState
$idpMetadata