ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Private Attributes
SAML2\Assertion\Decrypter Class Reference
+ Collaboration diagram for SAML2\Assertion\Decrypter:

Public Member Functions

 __construct (LoggerInterface $logger, IdentityProvider $identityProvider, ServiceProvider $serviceProvider, PrivateKeyLoader $privateKeyLoader)
 
 isEncryptionRequired ()
 Allows for checking whether either the SP or the IdP requires assertion encryption. More...
 
 decrypt (EncryptedAssertion $assertion)
 

Private Attributes

 $identityProvider
 
 $serviceProvider
 
 $privateKeyLoader
 
 $logger
 

Detailed Description

Definition at line 12 of file Decrypter.php.

Constructor & Destructor Documentation

◆ __construct()

SAML2\Assertion\Decrypter::__construct ( LoggerInterface  $logger,
IdentityProvider  $identityProvider,
ServiceProvider  $serviceProvider,
PrivateKeyLoader  $privateKeyLoader 
)

Definition at line 34 of file Decrypter.php.

39 {
40 $this->logger = $logger;
41 $this->identityProvider = $identityProvider;
42 $this->serviceProvider = $serviceProvider;
43 $this->privateKeyLoader = $privateKeyLoader;
44 }

References SAML2\Assertion\Decrypter\$identityProvider, SAML2\Assertion\Decrypter\$logger, SAML2\Assertion\Decrypter\$privateKeyLoader, and SAML2\Assertion\Decrypter\$serviceProvider.

Member Function Documentation

◆ decrypt()

SAML2\Assertion\Decrypter::decrypt ( EncryptedAssertion  $assertion)
Parameters
\SAML2\EncryptedAssertion$assertion
Returns
\SAML2\Assertion

Definition at line 60 of file Decrypter.php.

61 {
62 $decryptionKeys = $this->privateKeyLoader->loadDecryptionKeys($this->identityProvider, $this->serviceProvider);
63 $blacklistedKeys = $this->identityProvider->getBlacklistedAlgorithms();
64 if (is_null($blacklistedKeys)) {
65 $blacklistedKeys = $this->serviceProvider->getBlacklistedAlgorithms();
66 }
67
68 // reflects the simplesamlphp behaviour for BC, see
69 // https://github.com/simplesamlphp/simplesamlphp/blob/3d735912342767d391297cc5e13272a76730aca0/modules/saml/lib/Message.php#L369
70 foreach ($decryptionKeys as $index => $key) {
71 try {
72 $decryptedAssertion = $assertion->getAssertion($key, $blacklistedKeys);
73 $this->logger->debug(sprintf('Decrypted Assertion with key "#%d"', $index));
74
75 return $decryptedAssertion;
76 } catch (\Exception $e) {
77 $this->logger->debug(sprintf(
78 'Could not decrypt assertion with key "#%d", "%s" thrown: "%s"',
79 $index,
80 get_class($e),
81 $e->getMessage()
82 ));
83 }
84 }
85
86 throw new NotDecryptedException(sprintf(
87 'Could not decrypt the assertion, tried with "%d" keys. See the debug log for more information',
88 count($decryptionKeys)
89 ));
90 }
$key
$key
Definition: croninfo.php:18
$index
$index
Definition: metadata.php:60

References $index, $key, and SAML2\EncryptedAssertion\getAssertion().

+ Here is the call graph for this function:

◆ isEncryptionRequired()

SAML2\Assertion\Decrypter::isEncryptionRequired ( )

Allows for checking whether either the SP or the IdP requires assertion encryption.

Definition at line 49 of file Decrypter.php.

50 {
51 return $this->identityProvider->isAssertionEncryptionRequired()
52 || $this->serviceProvider->isAssertionEncryptionRequired();
53 }

Field Documentation

◆ $identityProvider

SAML2\Assertion\Decrypter::$identityProvider
private

Definition at line 17 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

◆ $logger

SAML2\Assertion\Decrypter::$logger
private

Definition at line 32 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

◆ $privateKeyLoader

SAML2\Assertion\Decrypter::$privateKeyLoader
private

Definition at line 27 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

◆ $serviceProvider

SAML2\Assertion\Decrypter::$serviceProvider
private

Definition at line 22 of file Decrypter.php.

Referenced by SAML2\Assertion\Decrypter\__construct().

The documentation for this class was generated from the following file: