/**
* @param AssertionContext $context
*
* @return void
*/
protected function doExecute(AssertionContext $context)
{
$partyEntityDescriptor = $context->getProfileContext()->getPartyEntityDescriptor();
$conditions = new Conditions();
$conditions->setNotBefore($this->timeProvider->getTimestamp());
$conditions->setNotOnOrAfter($conditions->getNotBeforeTimestamp() + $this->expirationSeconds);
$audienceRestriction = new AudienceRestriction(array($partyEntityDescriptor->getEntityID()));
$conditions->addItem($audienceRestriction);
$context->getAssertion()->setConditions($conditions);
}
/**
* @param Assertion[] $assertions
* @param string $ownEntityId
* @param string $partyEntityId
*/
public function processAssertions(array $assertions, $ownEntityId, $partyEntityId)
{
$now = $this->timeProvider->getDateTime()->setTimezone(new \DateTimeZone('GMT'));
$ssoState = $this->ssoStateStore->get();
foreach ($assertions as $assertion) {
if ($assertion instanceof Assertion) {
if ($this->supportsSession($assertion)) {
$this->checkSession($ownEntityId, $partyEntityId, $ssoState, $assertion, $now);
}
} else {
throw new \InvalidArgumentException('Expected Assertion');
}
}
$this->ssoStateStore->set($ssoState);
}
/**
* @param AssertionContext $context
*
* @return void
*/
protected function doExecute(AssertionContext $context)
{
$profileContext = $context->getProfileContext();
$inboundMessage = $profileContext->getInboundContext()->getMessage();
$endpoint = $profileContext->getEndpoint();
$data = new SubjectConfirmationData();
if ($inboundMessage) {
$data->setInResponseTo($inboundMessage->getID());
}
$data->setAddress($profileContext->getHttpRequest()->getClientIp());
$data->setNotOnOrAfter($this->timeProvider->getTimestamp() + $this->expirationSeconds);
$data->setRecipient($endpoint->getLocation());
$subjectConfirmation = new SubjectConfirmation();
$subjectConfirmation->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER);
$subjectConfirmation->setSubjectConfirmationData($data);
if (null === $context->getAssertion()->getSubject()) {
$context->getAssertion()->setSubject(new Subject());
}
$context->getAssertion()->getSubject()->addSubjectConfirmation($subjectConfirmation);
}
/**
* @param ProfileContext $context
*/
protected function doExecute(ProfileContext $context)
{
$logoutRequest = MessageContextHelper::asLogoutRequest($context->getOutboundContext());
$logoutRequest->setNotOnOrAfter($this->timeProvider->getTimestamp() + $this->secondsSkew);
}
/**
* @param AssertionContext $context
*
* @return void
*/
protected function doExecute(AssertionContext $context)
{
$this->assertionTimeValidator->validateTimeRestrictions($context->getAssertion(), $this->timeProvider->getTimestamp(), $this->allowedSecondsSkew);
}
/**
* @param AssertionContext $context
*
* @return void
*/
protected function doExecute(AssertionContext $context)
{
$context->getAssertion()->setIssueInstant($this->timeProvider->getTimestamp());
$this->logger->info(sprintf('Assertion IssueInstant set to "%s"', $context->getAssertion()->getIssueInstantString()), LogHelper::getActionContext($context, $this));
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setIssueInstant($this->timeProvider->getTimestamp());
$this->logger->info(sprintf('Message IssueInstant set to "%s"', MessageContextHelper::asSamlMessage($context->getOutboundContext())->getIssueInstantString()), LogHelper::getActionContext($context, $this));
}
