ILIAS
release_5-4 Revision v5.4.26-12-gabc799a52e6
|
Static Public Member Functions | |
static | sendResponse (array $state) |
Send a response to the SP. More... | |
static | handleAuthError (SimpleSAML_Error_Exception $exception, array $state) |
Handle authentication error. More... | |
static | receiveAuthnRequest (SimpleSAML_IdP $idp) |
Receive an authentication request. More... | |
static | processSOAPAuthnRequest (array &$state) |
static | sendLogoutRequest (SimpleSAML_IdP $idp, array $association, $relayState) |
Send a logout request to a given association. More... | |
static | sendLogoutResponse (SimpleSAML_IdP $idp, array $state) |
Send a logout response. More... | |
static | receiveLogoutMessage (SimpleSAML_IdP $idp) |
Receive a logout message. More... | |
static | getLogoutURL (SimpleSAML_IdP $idp, array $association, $relayState) |
Retrieve a logout URL for a given logout association. More... | |
static | getAssociationConfig (SimpleSAML_IdP $idp, array $association) |
Retrieve the metadata for the given SP association. More... | |
Static Private Member Functions | |
static | getAssertionConsumerService (array $supportedBindings, SimpleSAML_Configuration $spMetadata, $AssertionConsumerServiceURL, $ProtocolBinding, $AssertionConsumerServiceIndex) |
Find SP AssertionConsumerService based on parameter in AuthnRequest. More... | |
static | generateNameIdValue (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, array &$state) |
Calculate the NameID value that should be used. More... | |
static | encodeAttributes (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, array $attributes) |
Helper function for encoding attributes. More... | |
static | getAttributeNameFormat (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata) |
Determine which NameFormat we should use for attributes. More... | |
static | buildAssertion (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, array &$state) |
Build an assertion based on information in the metadata. More... | |
static | encryptAssertion (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, \SAML2\Assertion $assertion) |
Encrypt an assertion. More... | |
static | buildLogoutRequest (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, array $association, $relayState) |
Build a logout request based on information in the metadata. More... | |
static | buildResponse (SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata, $consumerURL) |
Build a authentication response based on information in the metadata. More... | |
|
staticprivate |
Build an assertion based on information in the metadata.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
array | &$state | The state array with information about the request. |
SimpleSAML_Error_Exception | In case an error occurs when creating a holder-of-key assertion. |
Definition at line 865 of file SAML2.php.
References $_SERVER, $assertionLifetime, $attributeNameFormat, $attributes, $config, $encryptNameId, $nameId, $nameIdFormat, $nameIdValue, $sc, sspmod_saml_Message\addSign(), SAML2\Constants\CM_BEARER, SAML2\Constants\CM_HOK, SimpleSAML\Utils\Random\generateID(), SimpleSAML_Configuration\getBoolean(), sspmod_saml_Message\getEncryptionKey(), SimpleSAML_Configuration\getInstance(), SimpleSAML_Configuration\getInteger(), SimpleSAML_Configuration\getString(), SAML2\Constants\NAMEID_TRANSIENT, SubjectConfirmationData, and SimpleSAML\Logger\warning().
|
staticprivate |
Build a logout request based on information in the metadata.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
array | $association | The SP association. |
string | null | $relayState | An id that should be carried across the logout. |
Definition at line 1118 of file SAML2.php.
References $assertionLifetime, $encryptNameId, $lr, $relayState, sspmod_saml_Message\buildLogoutRequest(), SimpleSAML_Configuration\getBoolean(), sspmod_saml_Message\getEncryptionKey(), and SimpleSAML_Configuration\getInteger().
|
staticprivate |
Build a authentication response based on information in the metadata.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
string | $consumerURL | The Destination URL of the response. |
Definition at line 1157 of file SAML2.php.
References $r, sspmod_saml_Message\addSign(), SimpleSAML_Configuration\getBoolean(), and SimpleSAML_Configuration\getString().
|
staticprivate |
Helper function for encoding attributes.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
array | $attributes | The attributes of the user. |
SimpleSAML_Error_Exception | In case an unsupported encoding is specified by configuration. |
Definition at line 743 of file SAML2.php.
References $name, $ret, $values, SAML2\DOMDocumentFactory\fromString(), SimpleSAML_Configuration\getArray(), and SimpleSAML_Configuration\getBoolean().
|
staticprivate |
Encrypt an assertion.
This function takes in a and encrypts it if encryption of assertions are enabled in the metadata.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
\SAML2\Assertion | $assertion | The assertion we are encrypting. |
SimpleSAML_Error_Exception | In case the encryption key type is not supported. |
Definition at line 1056 of file SAML2.php.
References $key, $keys, SimpleSAML_Configuration\getBoolean(), SimpleSAML_Configuration\getPublicKeys(), and SimpleSAML_Configuration\getString().
|
staticprivate |
Calculate the NameID value that should be used.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
array | &$state | The authentication state of the user. |
Definition at line 691 of file SAML2.php.
References $attributes, $idpEntityId, $spEntityId, SimpleSAML\Logger\error(), SimpleSAML\Utils\Config\getSecretSalt(), SimpleSAML_Configuration\getString(), and GuzzleHttp\Psr7\hash().
|
staticprivate |
Find SP AssertionConsumerService based on parameter in AuthnRequest.
array | $supportedBindings | The bindings we allow for the response. |
SimpleSAML_Configuration | $spMetadata | The metadata for the SP. |
string | NULL | $AssertionConsumerServiceURL | AssertionConsumerServiceURL from request. |
string | NULL | $ProtocolBinding | ProtocolBinding from request. |
int | NULL | $AssertionConsumerServiceIndex | AssertionConsumerServiceIndex from request. |
Definition at line 162 of file SAML2.php.
References SimpleSAML_Configuration\getDefaultEndpoint(), SimpleSAML_Configuration\getEndpoints(), and SimpleSAML\Logger\warning().
|
static |
Retrieve the metadata for the given SP association.
SimpleSAML_IdP | $idp | The IdP the association belongs to. |
array | $association | The SP association. |
Definition at line 671 of file SAML2.php.
References $metadata, SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), and SimpleSAML_Configuration\loadFromArray().
|
staticprivate |
Determine which NameFormat we should use for attributes.
SimpleSAML_Configuration | $idpMetadata | The metadata of the IdP. |
SimpleSAML_Configuration | $spMetadata | The metadata of the SP. |
Definition at line 824 of file SAML2.php.
References $attributeNameFormat, and SimpleSAML_Configuration\getString().
|
static |
Retrieve a logout URL for a given logout association.
SimpleSAML_IdP | $idp | The IdP we are sending a logout request from. |
array | $association | The association that should be terminated. |
string | NULL | $relayState | An id that should be carried across the logout. |
Definition at line 631 of file SAML2.php.
References $binding, $bindings, $dst, $idpMetadata, $lr, $metadata, PHPMailer\PHPMailer\$params, $relayState, $spMetadata, SimpleSAML_IdP\getConfig(), SimpleSAML_IdP\getId(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), SimpleSAML\Module\getModuleURL(), and SimpleSAML\Logger\info().
|
static |
Handle authentication error.
SimpleSAML_Error_Exception $exception The exception.
array | $state | The error state. |
Definition at line 96 of file SAML2.php.
References $binding, $idp, $idpMetadata, $relayState, $spEntityId, $spMetadata, sspmod_saml_Error\fromException(), SAML2\Binding\getBinding(), SimpleSAML_IdP\getByState(), SimpleSAML_Configuration\loadFromArray(), SimpleSAML_Stats\log(), SimpleSAML_Error_Exception\log(), and SimpleSAML\Logger\warning().
|
static |
Definition at line 443 of file SAML2.php.
References $_SERVER, and SimpleSAML\Logger\error().
|
static |
Receive an authentication request.
SimpleSAML_IdP | $idp | The IdP we are receiving it for. |
SimpleSAML_Error_BadRequest | In case an error occurs when trying to receive the request. |
Definition at line 248 of file SAML2.php.
References $binding, $idpMetadata, $metadata, $relayState, $request, $spEntityId, $spMetadata, $state, SAML2\Constants\BINDING_HOK_SSO, SAML2\Constants\BINDING_HTTP_ARTIFACT, SAML2\Constants\BINDING_PAOS, SimpleSAML\Utils\HTTP\checkSessionCookie(), SimpleSAML_Auth_State\EXCEPTION_HANDLER_FUNC, SimpleSAML_IdP\getConfig(), SAML2\Binding\getCurrentBinding(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), SimpleSAML_IdP\handleAuthenticationRequest(), SimpleSAML\Logger\info(), SimpleSAML_Stats\log(), SimpleSAML_Auth_State\RESTART, and sspmod_saml_Message\validateMessage().
|
static |
Receive a logout message.
SimpleSAML_IdP | $idp | The IdP we are receiving it for. |
SimpleSAML_Error_BadRequest | In case an error occurs while trying to receive the logout message. |
Definition at line 556 of file SAML2.php.
References $assocId, $binding, $idpMetadata, $message, $metadata, $relayState, $spEntityId, $spMetadata, $state, SimpleSAML_IdP\getConfig(), SAML2\Binding\getCurrentBinding(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), sspmod_saml_Message\getResponseError(), SimpleSAML_IdP\handleLogoutRequest(), SimpleSAML_IdP\handleLogoutResponse(), SimpleSAML\Logger\info(), SimpleSAML_Stats\log(), SimpleSAML\Logger\stats(), sspmod_saml_Message\validateMessage(), and SimpleSAML\Logger\warning().
|
static |
Send a logout request to a given association.
SimpleSAML_IdP | $idp | The IdP we are sending a logout request from. |
array | $association | The association that should be terminated. |
string | NULL | $relayState | An id that should be carried across the logout. |
Definition at line 462 of file SAML2.php.
References $binding, $dst, $idpMetadata, $lr, $metadata, $relayState, $spMetadata, SAML2\Binding\getBinding(), SimpleSAML_IdP\getConfig(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), SimpleSAML\Logger\info(), and SimpleSAML_Stats\log().
|
static |
Send a logout response.
SimpleSAML_IdP | $idp | The IdP we are sending a logout request from. |
array | &$state | The logout state array. |
Definition at line 498 of file SAML2.php.
References $binding, $dst, $idpMetadata, $lr, $metadata, $spEntityId, $spMetadata, sspmod_saml_Message\buildLogoutResponse(), SimpleSAML\Logger\debug(), SAML2\Binding\getBinding(), SimpleSAML_IdP\getConfig(), SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler(), SimpleSAML\Logger\info(), and SimpleSAML_Stats\log().
|
static |
Send a response to the SP.
array | $state | The authentication state. |
Definition at line 19 of file SAML2.php.
References $association, $binding, $idp, $idpMetadata, $relayState, $spEntityId, $spMetadata, SAML2\Binding\getBinding(), SimpleSAML_IdP\getByState(), SimpleSAML\Logger\info(), SimpleSAML_Configuration\loadFromArray(), and SimpleSAML_Stats\log().