dc/d8e/SAML1_8php_source.html

 <?php
 use SimpleSAML\Bindings\Shib13\HTTPPost;

 class sspmod_saml_IdP_SAML1
 {
     public static function sendResponse(array $state)
     {
         assert(isset($state['Attributes']));
         assert(isset($state['SPMetadata']));
         assert(isset($state['saml:shire']));
         assert(array_key_exists('saml:target', $state)); // Can be NULL

         $spMetadata = $state["SPMetadata"];
         $spEntityId = $spMetadata['entityid'];
         $spMetadata = SimpleSAML_Configuration::loadFromArray($spMetadata,
             '$metadata[' . var_export($spEntityId, true) . ']');

         SimpleSAML\Logger::info('Sending SAML 1.1 Response to ' . var_export($spEntityId, true));

         $attributes = $state['Attributes'];
         $shire = $state['saml:shire'];
         $target = $state['saml:target'];

         $idp = SimpleSAML_IdP::getByState($state);

         $idpMetadata = $idp->getConfig();

         $config = SimpleSAML_Configuration::getInstance();
         $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();

         $statsData = array(
             'spEntityID' => $spEntityId,
             'idpEntityID' => $idpMetadata->getString('entityid'),
             'protocol' => 'saml1',
         );
         if (isset($state['saml:AuthnRequestReceivedAt'])) {
             $statsData['logintime'] = microtime(true) - $state['saml:AuthnRequestReceivedAt'];
         }
         SimpleSAML_Stats::log('saml:idp:Response', $statsData);

         // Generate and send response.
         $ar = new \SimpleSAML\XML\Shib13\AuthnResponse();
         $authnResponseXML = $ar->generate($idpMetadata, $spMetadata, $shire, $attributes);

         $httppost = new HTTPPost($config, $metadata);
         $httppost->sendResponse($authnResponseXML, $idpMetadata, $spMetadata, $target, $shire);
     }


     public static function receiveAuthnRequest(SimpleSAML_IdP $idp)
     {
         if (isset($_REQUEST['cookieTime'])) {
             $cookieTime = (int)$_REQUEST['cookieTime'];
             if ($cookieTime + 5 > time()) {
                 /*
                  * Less than five seconds has passed since we were
                  * here the last time. Cookies are probably disabled.
                  */
                 \SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL());
             }
         }

         if (!isset($_REQUEST['providerId'])) {
             throw new SimpleSAML_Error_BadRequest('Missing providerId parameter.');
         }
         $spEntityId = (string)$_REQUEST['providerId'];

         if (!isset($_REQUEST['shire'])) {
             throw new SimpleSAML_Error_BadRequest('Missing shire parameter.');
         }
         $shire = (string)$_REQUEST['shire'];

         if (isset($_REQUEST['target'])) {
             $target = $_REQUEST['target'];
         } else {
             $target = null;
         }

         SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Got incoming Shib authnRequest from ' . var_export($spEntityId, true) . '.');

         $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
         $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');

         $found = false;
         foreach ($spMetadata->getEndpoints('AssertionConsumerService') as $ep) {
             if ($ep['Binding'] !== 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post') {
                 continue;
             }
             if ($ep['Location'] !== $shire) {
                 continue;
             }
             $found = true;
             break;
         }
         if (!$found) {
             throw new Exception('Invalid AssertionConsumerService for SP ' .
                 var_export($spEntityId, true) . ': ' . var_export($shire, true));
         }

         SimpleSAML_Stats::log('saml:idp:AuthnRequest', array(
             'spEntityID' => $spEntityId,
             'protocol' => 'saml1',
         ));

         $sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters(
             \SimpleSAML\Utils\HTTP::getSelfURL(),
             array('cookieTime' => time()));

         $state = array(
             'Responder' => array('sspmod_saml_IdP_SAML1', 'sendResponse'),
             'SPMetadata' => $spMetadata->toArray(),
             SimpleSAML_Auth_State::RESTART => $sessionLostURL,
             'saml:shire' => $shire,
             'saml:target' => $target,
             'saml:AuthnRequestReceivedAt' => microtime(true),
         );

         $idp->handleAuthenticationRequest($state);
     }
 }
SimpleSAML_IdP\handleAuthenticationRequest
handleAuthenticationRequest(array &$state)
Process authentication requests.
Definition: IdP.php:377

SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
Definition: MetaDataStorageHandler.php:40

SimpleSAML_Auth_State\RESTART
const RESTART
The index in the state array which contains the restart URL.
Definition: State.php:57

SimpleSAML_IdP\getByState
static getByState(array &$state)
Retrieve the IdP "owning" the state.
Definition: IdP.php:145

$config
$config
Definition: bootstrap.php:15

HTTPPost

$spEntityId
$spEntityId
Definition: attributeserver.php:14

$spMetadata
$spMetadata
Definition: logout-iframe-post.php:27

$metadata
$metadata['__DYNAMIC:1__']
Definition: adfs-idp-hosted.php:3

sspmod_saml_IdP_SAML1\receiveAuthnRequest
static receiveAuthnRequest(SimpleSAML_IdP $idp)
Receive an authentication request.
Definition: SAML1.php:65

$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10

SimpleSAML
Attribute-related utility methods.

SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:199

SimpleSAML_Error_BadRequest
Definition: BadRequest.php:12

$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85

SimpleSAML_IdP
Definition: IdP.php:10

SimpleSAML\Bindings\Shib13\HTTPPost
Definition: HTTPPost.php:20

$idp
$idp
Definition: prp.php:13

$idpMetadata
$idpMetadata
Definition: logout-iframe-post.php:26

SimpleSAML\Utils\HTTP\checkSessionCookie
static checkSessionCookie($retryURL=null)
Check for session cookie, and show missing-cookie page if it is missing.
Definition: HTTP.php:286

sspmod_saml_IdP_SAML1\sendResponse
static sendResponse(array $state)
Send a response to the SP.
Definition: SAML1.php:16

php

$target
$target
Definition: test.php:19

sspmod_saml_IdP_SAML1
Definition: SAML1.php:9

SimpleSAML_Configuration\loadFromArray
static loadFromArray($config, $location='[ARRAY]', $instance=null)
Loads a configuration from the given array.
Definition: Configuration.php:297

SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:325

Exception

SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71