ILIAS
release_5-4 Revision v5.4.26-12-gabc799a52e6
◀ ilDoc Overview
ExpectedAuthnContextClassRef.php
Go to the documentation of this file.
1
<?
php
2
3
19
class
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef
extends
SimpleSAML_Auth_ProcessingFilter
20
{
21
26
private
$accepted
;
27
28
33
private
$AuthnContextClassRef
;
34
35
44
public
function
__construct
(
$config
, $reserved)
45
{
46
parent::__construct(
$config
, $reserved);
47
48
assert(is_array(
$config
));
49
if
(empty(
$config
[
'accepted'
])) {
50
SimpleSAML\Logger::error
(
51
'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.'
52
);
53
throw
new
SimpleSAML_Error_Exception
(
54
'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.'
55
);
56
}
57
$this->accepted =
$config
[
'accepted'
];
58
}
59
60
65
public
function
process
(&
$request
)
66
{
67
assert(is_array(
$request
));
68
assert(array_key_exists(
'Attributes'
,
$request
));
69
70
$this->AuthnContextClassRef =
$request
[
'saml:sp:State'
][
'saml:sp:AuthnContext'
];
71
72
if
(!in_array($this->AuthnContextClassRef, $this->accepted,
true
)) {
73
$this->
unauthorized
(
$request
);
74
}
75
}
76
77
90
protected
function
unauthorized
(&
$request
)
91
{
92
SimpleSAML\Logger::error
(
93
'ExpectedAuthnContextClassRef: Invalid authentication context: '
.$this->AuthnContextClassRef.
94
'. Accepted values are: '
.var_export($this->accepted,
true
)
95
);
96
97
$id
=
SimpleSAML_Auth_State::saveState
(
$request
,
'saml:ExpectedAuthnContextClassRef:unauthorized'
);
98
$url
=
SimpleSAML\Module::getModuleURL
(
99
'saml/sp/wrong_authncontextclassref.php'
100
);
101
\SimpleSAML\Utils\HTTP::redirectTrustedURL
(
$url
, array(
'StateId'
=> $id));
102
}
103
}
$config
$config
Definition:
bootstrap.php:15
$request
foreach($paths as $path) $request
Definition:
asyncclient.php:32
SimpleSAML_Error_Exception
Definition:
Exception.php:12
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition:
expirywarning.php:14
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\$AuthnContextClassRef
$AuthnContextClassRef
Definition:
ExpectedAuthnContextClassRef.php:33
SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition:
HTTP.php:959
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition:
Module.php:220
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\__construct
__construct($config, $reserved)
Initialize this filter, parse configuration.
Definition:
ExpectedAuthnContextClassRef.php:44
SimpleSAML\Logger\error
static error($string)
Definition:
Logger.php:166
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\process
process(&$request)
Definition:
ExpectedAuthnContextClassRef.php:65
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\unauthorized
unauthorized(&$request)
When the process logic determines that the user is not authorized for this service, then forward the user to an 403 unauthorized page.
Definition:
ExpectedAuthnContextClassRef.php:90
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef
Definition:
ExpectedAuthnContextClassRef.php:19
php
$url
$url
Definition:
proxy_ylocal.php:28
SimpleSAML_Auth_ProcessingFilter
Definition:
ProcessingFilter.php:21
sspmod_saml_Auth_Process_ExpectedAuthnContextClassRef\$accepted
$accepted
Definition:
ExpectedAuthnContextClassRef.php:26
SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition:
State.php:194
libs
composer
vendor
simplesamlphp
simplesamlphp
modules
saml
lib
Auth
Process
ExpectedAuthnContextClassRef.php
Generated on Thu Feb 27 2025 19:01:33 for ILIAS by
1.8.13 (using
Doxyfile
)
1.8.13 (using Doxyfile) 1.8.13 (using Doxyfile)