/**
* Constructor for SAML 2 logout request messages.
*
* @param DOMElement|NULL $xml The input message.
* @throws Exception
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('LogoutRequest', $xml);
$this->sessionIndexes = array();
if ($xml === NULL) {
return;
}
if ($xml->hasAttribute('NotOnOrAfter')) {
$this->notOnOrAfter = SAML2_Utils::xsDateTimeToTimestamp($xml->getAttribute('NotOnOrAfter'));
}
$nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData');
if (empty($nameId)) {
throw new Exception('Missing <saml:NameID> or <saml:EncryptedID> in <samlp:LogoutRequest>.');
} elseif (count($nameId) > 1) {
throw new Exception('More than one <saml:NameID> or <saml:EncryptedD> in <samlp:LogoutRequest>.');
}
$nameId = $nameId[0];
if ($nameId->localName === 'EncryptedData') {
/* The NameID element is encrypted. */
$this->encryptedNameId = $nameId;
} else {
$this->nameId = SAML2_Utils::parseNameId($nameId);
}
$sessionIndexes = SAML2_Utils::xpQuery($xml, './saml_protocol:SessionIndex');
foreach ($sessionIndexes as $sessionIndex) {
$this->sessionIndexes[] = trim($sessionIndex->textContent);
}
}
/**
* Constructor for SAML 2 subject query messages.
*
* @param string $tagName The tag name of the root element.
* @param DOMElement|NULL $xml The input message.
*/
protected function __construct($tagName, DOMElement $xml = NULL)
{
parent::__construct($tagName, $xml);
if ($xml === NULL) {
return;
}
$this->parseSubject($xml);
}
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('ArtifactResolve', $xml);
if (!is_null($xml)) {
$results = SAML2_Utils::xpQuery($xml, './saml_protocol:Artifact');
$this->artifact = $results[0]->textContent;
}
}
/**
* Constructor for SAML 2 authentication request messages.
*
* @param DOMElement|NULL $xml The input message.
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('AuthnRequest', $xml);
$this->nameIdPolicy = array();
$this->forceAuthn = FALSE;
$this->isPassive = FALSE;
if ($xml === NULL) {
return;
}
$this->forceAuthn = SAML2_Utils::parseBoolean($xml, 'ForceAuthn', FALSE);
$this->isPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', FALSE);
if ($xml->hasAttribute('AssertionConsumerServiceURL')) {
$this->assertionConsumerServiceURL = $xml->getAttribute('AssertionConsumerServiceURL');
}
if ($xml->hasAttribute('ProtocolBinding')) {
$this->protocolBinding = $xml->getAttribute('ProtocolBinding');
}
$nameIdPolicy = SAML2_Utils::xpQuery($xml, './saml_protocol:NameIDPolicy');
if (!empty($nameIdPolicy)) {
$nameIdPolicy = $nameIdPolicy[0];
if ($nameIdPolicy->hasAttribute('Format')) {
$this->nameIdPolicy['Format'] = $nameIdPolicy->getAttribute('Format');
}
if ($nameIdPolicy->hasAttribute('SPNameQualifier')) {
$this->nameIdPolicy['SPNameQualifier'] = $nameIdPolicy->getAttribute('SPNameQualifier');
}
if ($nameIdPolicy->hasAttribute('AllowCreate')) {
$this->nameIdPolicy['AllowCreate'] = SAML2_Utils::parseBoolean($nameIdPolicy, 'AllowCreate', FALSE);
}
}
$requestedAuthnContext = SAML2_Utils::xpQuery($xml, './saml_protocol:RequestedAuthnContext');
if (!empty($requestedAuthnContext)) {
$requestedAuthnContext = $requestedAuthnContext[0];
$rac = array('AuthnContextClassRef' => array(), 'Comparison' => 'exact');
$accr = SAML2_Utils::xpQuery($requestedAuthnContext, './saml_assertion:AuthnContextClassRef');
foreach ($accr as $i) {
$rac['AuthnContextClassRef'][] = trim($i->textContent);
}
if ($requestedAuthnContext->hasAttribute('Comparison')) {
$rac['Comparison'] = $requestedAuthnContext->getAttribute('Comparison');
}
$this->requestedAuthnContext = $rac;
}
$idpEntries = SAML2_Utils::xpQuery($xml, './saml_protocol:Scoping/saml_protocol:IDPList/saml_protocol:IDPEntry');
foreach ($idpEntries as $idpEntry) {
if (!$idpEntry->hasAttribute('ProviderID')) {
throw new Exception("Could not get ProviderID from Scoping/IDPEntry element in AuthnRequest object");
}
$this->IDPList[] = $idpEntry->getAttribute('ProviderID');
}
}
/**
* Constructor for SAML 2 logout request messages.
*
* @param DOMElement|NULL $xml The input message.
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('LogoutRequest', $xml);
if ($xml === NULL) {
return;
}
$nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID');
if (empty($nameId)) {
throw new Exception('Missing NameID in logout request.');
}
$this->nameId = SAML2_Utils::parseNameId($nameId[0]);
$sessionIndex = SAML2_Utils::xpQuery($xml, './saml_protocol:SessionIndex');
if (!empty($sessionIndex)) {
$this->sessionIndex = trim($sessionIndex[0]->textContent);
}
}
/**
* Constructor for SAML 2 authentication request messages.
*
* @param DOMElement|NULL $xml The input message.
* @throws Exception
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('AuthnRequest', $xml);
$this->nameIdPolicy = array();
$this->forceAuthn = FALSE;
$this->isPassive = FALSE;
if ($xml === NULL) {
return;
}
$this->forceAuthn = SAML2_Utils::parseBoolean($xml, 'ForceAuthn', FALSE);
$this->isPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', FALSE);
if ($xml->hasAttribute('AssertionConsumerServiceURL')) {
$this->assertionConsumerServiceURL = $xml->getAttribute('AssertionConsumerServiceURL');
}
if ($xml->hasAttribute('ProtocolBinding')) {
$this->protocolBinding = $xml->getAttribute('ProtocolBinding');
}
if ($xml->hasAttribute('AttributeConsumingServiceIndex')) {
$this->attributeConsumingServiceIndex = (int) $xml->getAttribute('AttributeConsumingServiceIndex');
}
if ($xml->hasAttribute('AssertionConsumerServiceIndex')) {
$this->assertionConsumerServiceIndex = (int) $xml->getAttribute('AssertionConsumerServiceIndex');
}
$this->parseSubject($xml);
$this->parseNameIdPolicy($xml);
$this->parseRequestedAuthnContext($xml);
$this->parseScoping($xml);
}
