/**
* @param \Symfony\Component\HttpFoundation\Request $request
* @throws \InvalidArgumentException if cannot manage the Request
* @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo
*/
public function manage(Request $request)
{
if (false == $this->supports($request)) {
throw new \InvalidArgumentException('Unsupported request');
}
$serviceInfo = $this->serviceInfoCollection->findByAS($request->query->get('as'));
if (!$serviceInfo) {
return new RedirectResponse($this->httpUtils->generateUri($request, $request->attributes->get('discovery_path')));
}
$serviceInfo->getSpProvider()->setRequest($request);
$spED = $serviceInfo->getSpProvider()->getEntityDescriptor();
$idpED = $serviceInfo->getIdpProvider()->getEntityDescriptor();
$spMeta = $serviceInfo->getSpMetaProvider()->getSpMeta();
$builder = new AuthnRequestBuilder($spED, $idpED, $spMeta);
$message = $builder->build();
if ($serviceInfo->getSpSigningProvider()->isEnabled()) {
$message->sign($serviceInfo->getSpSigningProvider()->getCertificate(), $serviceInfo->getSpSigningProvider()->getPrivateKey());
}
$binding = $this->bindingManager->instantiate($spMeta->getAuthnRequestBinding());
$bindingResponse = $binding->send($message);
if ($bindingResponse instanceof \AerialShip\LightSaml\Binding\RedirectResponse) {
$result = new RedirectResponse($bindingResponse->getDestination());
} else {
if ($bindingResponse instanceof \AerialShip\LightSaml\Binding\PostResponse) {
$result = new Response($bindingResponse->render());
} else {
throw new \RuntimeException('Unrecognized binding response ' . get_class($bindingResponse));
}
}
$state = new RequestState();
$state->setId($message->getID());
$state->setDestination($serviceInfo->getIdpProvider()->getEntityDescriptor()->getEntityID());
$this->requestStore->set($state);
return $result;
}
/**
* @param LogoutRequest $request
* @param ServiceInfo $serviceInfo
* @return RequestState
*/
protected function createRequestState(LogoutRequest $request, ServiceInfo $serviceInfo)
{
$state = new RequestState();
$state->setId($request->getID());
$state->setDestination($serviceInfo->getIdpProvider()->getEntityDescriptor()->getEntityID());
$this->requestStateStore->set($state);
return $state;
}
/**
* @param LogoutResponse $logoutResponse
* @throws \RuntimeException
*/
protected function validateRequestState(LogoutResponse $logoutResponse)
{
$state = $this->requestStore->get($logoutResponse->getInResponseTo());
if (!$state) {
throw new \RuntimeException('Got response to a request that was not made');
}
if ($state->getDestination() != $logoutResponse->getIssuer()) {
throw new \RuntimeException('Got response from different issuer');
}
$this->requestStore->remove($state);
}