Ejemplo n.º 1
0
 /**
  * Receive a SAML 2 message sent using the HTTP-Artifact binding.
  *
  * Throws an exception if it is unable receive the message.
  *
  * @return SAML2_Message The received message.
  * @throws Exception
  */
 public function receive()
 {
     if (array_key_exists('SAMLart', $_REQUEST)) {
         $artifact = base64_decode($_REQUEST['SAMLart']);
         $endpointIndex = bin2hex(substr($artifact, 2, 2));
         $sourceId = bin2hex(substr($artifact, 4, 20));
     } else {
         throw new Exception('Missing SAMLArt parameter.');
     }
     $metadataHandler = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     $idpMetadata = $metadataHandler->getMetaDataConfigForSha1($sourceId, 'saml20-idp-remote');
     if ($idpMetadata === NULL) {
         throw new Exception('No metadata found for remote provider with SHA1 ID: ' . var_export($sourceId, TRUE));
     }
     $endpoint = NULL;
     foreach ($idpMetadata->getEndpoints('ArtifactResolutionService') as $ep) {
         if ($ep['index'] === hexdec($endpointIndex)) {
             $endpoint = $ep;
             break;
         }
     }
     if ($endpoint === NULL) {
         throw new Exception('No ArtifactResolutionService with the correct index.');
     }
     SAML2_Utils::getContainer()->getLogger()->debug("ArtifactResolutionService endpoint being used is := " . $endpoint['Location']);
     //Construct the ArtifactResolve Request
     $ar = new SAML2_ArtifactResolve();
     /* Set the request attributes */
     $ar->setIssuer($this->spMetadata->getString('entityid'));
     $ar->setArtifact($_REQUEST['SAMLart']);
     $ar->setDestination($endpoint['Location']);
     /* Sign the request */
     sspmod_saml_Message::addSign($this->spMetadata, $idpMetadata, $ar);
     // Shoaib - moved from the SOAPClient.
     $soap = new SAML2_SOAPClient();
     // Send message through SoapClient
     /** @var SAML2_ArtifactResponse $artifactResponse */
     $artifactResponse = $soap->send($ar, $this->spMetadata);
     if (!$artifactResponse->isSuccess()) {
         throw new Exception('Received error from ArtifactResolutionService.');
     }
     $xml = $artifactResponse->getAny();
     if ($xml === NULL) {
         /* Empty ArtifactResponse - possibly because of Artifact replay? */
         return NULL;
     }
     $samlResponse = SAML2_Message::fromXML($xml);
     $samlResponse->addValidator(array(get_class($this), 'validateSignature'), $artifactResponse);
     if (isset($_REQUEST['RelayState'])) {
         $samlResponse->setRelayState($_REQUEST['RelayState']);
     }
     return $samlResponse;
 }
/**
 * build and send AttributeQuery
 */
function sendQuery($dataId, $url, $nameId, $attributes, $attributeNameFormat, $src, $dst)
{
    assert('is_string($dataId)');
    assert('is_string($url)');
    assert('is_array($nameId)');
    assert('is_array($attributes)');
    SimpleSAML_Logger::debug('[attributeaggregator] - sending request');
    $query = new SAML2_AttributeQuery();
    $query->setRelayState($dataId);
    $query->setDestination($url);
    $query->setIssuer($src->getValue('entityid'));
    $query->setNameId($nameId);
    $query->setAttributeNameFormat($attributeNameFormat);
    if (!empty($attributes)) {
        $query->setAttributes($attributes);
    }
    sspmod_saml_Message::addSign($src, $dst, $query);
    if (!$query->getSignatureKey()) {
        throw new SimpleSAML_Error_Exception('[attributeaggregator] - Unable to find private key for signing attribute request.');
    }
    SimpleSAML_Logger::debug('[attributeaggregator] - sending attribute query: ' . var_export($query, 1));
    $binding = new SAML2_SOAPClient();
    $result = $binding->send($query, $src);
    return $result;
}