dc/d8e/SAML1_8php_source.html

<?php

use SimpleSAML\Bindings\Shib13\HTTPPost;


class sspmod_saml_IdP_SAML1

{

    public static function sendResponse(array $state)

    {

        assert(isset($state['Attributes']));

        assert(isset($state['SPMetadata']));

        assert(isset($state['saml:shire']));

        assert(array_key_exists('saml:target', $state)); // Can be NULL


        $spMetadata = $state["SPMetadata"];

        $spEntityId = $spMetadata['entityid'];

        $spMetadata = SimpleSAML_Configuration::loadFromArray($spMetadata,

            '$metadata[' . var_export($spEntityId, true) . ']');


        SimpleSAML\Logger::info('Sending SAML 1.1 Response to ' . var_export($spEntityId, true));


        $attributes = $state['Attributes'];

        $shire = $state['saml:shire'];

        $target = $state['saml:target'];


        $idp = SimpleSAML_IdP::getByState($state);


        $idpMetadata = $idp->getConfig();


        $config = SimpleSAML_Configuration::getInstance();

        $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();


        $statsData = array(

            'spEntityID' => $spEntityId,

            'idpEntityID' => $idpMetadata->getString('entityid'),

            'protocol' => 'saml1',

        );

        if (isset($state['saml:AuthnRequestReceivedAt'])) {

            $statsData['logintime'] = microtime(true) - $state['saml:AuthnRequestReceivedAt'];

        }

        SimpleSAML_Stats::log('saml:idp:Response', $statsData);


        // Generate and send response.

        $ar = new \SimpleSAML\XML\Shib13\AuthnResponse();

        $authnResponseXML = $ar->generate($idpMetadata, $spMetadata, $shire, $attributes);


        $httppost = new HTTPPost($config, $metadata);

        $httppost->sendResponse($authnResponseXML, $idpMetadata, $spMetadata, $target, $shire);

    }


    public static function receiveAuthnRequest(SimpleSAML_IdP $idp)

    {

        if (isset($_REQUEST['cookieTime'])) {

            $cookieTime = (int)$_REQUEST['cookieTime'];

            if ($cookieTime + 5 > time()) {

                /*

                 * Less than five seconds has passed since we were

                 * here the last time. Cookies are probably disabled.

                 */

                \SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL());

            }

        }


        if (!isset($_REQUEST['providerId'])) {

            throw new SimpleSAML_Error_BadRequest('Missing providerId parameter.');

        }

        $spEntityId = (string)$_REQUEST['providerId'];


        if (!isset($_REQUEST['shire'])) {

            throw new SimpleSAML_Error_BadRequest('Missing shire parameter.');

        }

        $shire = (string)$_REQUEST['shire'];


        if (isset($_REQUEST['target'])) {

            $target = $_REQUEST['target'];

        } else {

            $target = null;

        }


        SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Got incoming Shib authnRequest from ' . var_export($spEntityId, true) . '.');


        $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();

        $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');


        $found = false;

        foreach ($spMetadata->getEndpoints('AssertionConsumerService') as $ep) {

            if ($ep['Binding'] !== 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post') {

                continue;

            }

            if ($ep['Location'] !== $shire) {

                continue;

            }

            $found = true;

            break;

        }

        if (!$found) {

            throw new Exception('Invalid AssertionConsumerService for SP ' .

                var_export($spEntityId, true) . ': ' . var_export($shire, true));

        }


        SimpleSAML_Stats::log('saml:idp:AuthnRequest', array(

            'spEntityID' => $spEntityId,

            'protocol' => 'saml1',

        ));


        $sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters(

            \SimpleSAML\Utils\HTTP::getSelfURL(),

            array('cookieTime' => time()));


        $state = array(

            'Responder' => array('sspmod_saml_IdP_SAML1', 'sendResponse'),

            'SPMetadata' => $spMetadata->toArray(),

            SimpleSAML_Auth_State::RESTART => $sessionLostURL,

            'saml:shire' => $shire,

            'saml:target' => $target,

            'saml:AuthnRequestReceivedAt' => microtime(true),

        );


        $idp->handleAuthenticationRequest($state);

    }

}

$metadata
$metadata['__DYNAMIC:1__']
Definition: adfs-idp-hosted.php:3

$spEntityId
$spEntityId
Definition: attributeserver.php:14

$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10

php
An exception for terminatinating execution or to throw for unit testing.

SimpleSAML\Bindings\Shib13\HTTPPost
Definition: HTTPPost.php:21

SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:199

SimpleSAML\Utils\HTTP\checkSessionCookie
static checkSessionCookie($retryURL=null)
Check for session cookie, and show missing-cookie page if it is missing.
Definition: HTTP.php:286

SimpleSAML_Auth_State\RESTART
const RESTART
The index in the state array which contains the restart URL.
Definition: State.php:57

SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:325

SimpleSAML_Configuration\loadFromArray
static loadFromArray($config, $location='[ARRAY]', $instance=null)
Loads a configuration from the given array.
Definition: Configuration.php:297

SimpleSAML_Error_BadRequest
Definition: BadRequest.php:13

SimpleSAML_IdP
Definition: IdP.php:11

SimpleSAML_IdP\getByState
static getByState(array &$state)
Retrieve the IdP "owning" the state.
Definition: IdP.php:145

SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
Definition: MetaDataStorageHandler.php:40

SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71

sspmod_saml_IdP_SAML1
Definition: SAML1.php:10

sspmod_saml_IdP_SAML1\receiveAuthnRequest
static receiveAuthnRequest(SimpleSAML_IdP $idp)
Receive an authentication request.
Definition: SAML1.php:65

sspmod_saml_IdP_SAML1\sendResponse
static sendResponse(array $state)
Send a response to the SP.
Definition: SAML1.php:16

$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85

$config
$config
Definition: bootstrap.php:15

$idpMetadata
$idpMetadata
Definition: logout-iframe-post.php:26

$spMetadata
$spMetadata
Definition: logout-iframe-post.php:27

$target
$target
Definition: test.php:19

SimpleSAML
Attribute-related utility methods.

$idp
$idp
Definition: prp.php:13