ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Decrypter.php
Go to the documentation of this file.
1<?php
2
4
11
13{
18
23
28
32 private $logger;
33
34 public function __construct(
39 ) {
40 $this->logger = $logger;
41 $this->identityProvider = $identityProvider;
42 $this->serviceProvider = $serviceProvider;
43 $this->privateKeyLoader = $privateKeyLoader;
44 }
45
49 public function isEncryptionRequired()
50 {
51 return $this->identityProvider->isAssertionEncryptionRequired()
52 || $this->serviceProvider->isAssertionEncryptionRequired();
53 }
54
60 public function decrypt(EncryptedAssertion $assertion)
61 {
62 $decryptionKeys = $this->privateKeyLoader->loadDecryptionKeys($this->identityProvider, $this->serviceProvider);
63 $blacklistedKeys = $this->identityProvider->getBlacklistedAlgorithms();
64 if (is_null($blacklistedKeys)) {
65 $blacklistedKeys = $this->serviceProvider->getBlacklistedAlgorithms();
66 }
67
68 // reflects the simplesamlphp behaviour for BC, see
69 // https://github.com/simplesamlphp/simplesamlphp/blob/3d735912342767d391297cc5e13272a76730aca0/modules/saml/lib/Message.php#L369
70 foreach ($decryptionKeys as $index => $key) {
71 try {
72 $decryptedAssertion = $assertion->getAssertion($key, $blacklistedKeys);
73 $this->logger->debug(sprintf('Decrypted Assertion with key "#%d"', $index));
74
75 return $decryptedAssertion;
76 } catch (\Exception $e) {
77 $this->logger->debug(sprintf(
78 'Could not decrypt assertion with key "#%d", "%s" thrown: "%s"',
79 $index,
80 get_class($e),
81 $e->getMessage()
82 ));
83 }
84 }
85
86 throw new NotDecryptedException(sprintf(
87 'Could not decrypt the assertion, tried with "%d" keys. See the debug log for more information',
88 count($decryptionKeys)
89 ));
90 }
91}
An exception for terminatinating execution or to throw for unit testing.
isEncryptionRequired()
Allows for checking whether either the SP or the IdP requires assertion encryption.
Definition: Decrypter.php:49
__construct(LoggerInterface $logger, IdentityProvider $identityProvider, ServiceProvider $serviceProvider, PrivateKeyLoader $privateKeyLoader)
Definition: Decrypter.php:34
decrypt(EncryptedAssertion $assertion)
Definition: Decrypter.php:60
Basic configuration wrapper.
Basic Configuration Wrapper.
getAssertion(XMLSecurityKey $inputKey, array $blacklist=array())
Retrieve the assertion.
$key
Definition: croninfo.php:18
Describes a logger instance.
$index
Definition: metadata.php:60