This function performs some sanity checks on XML documents, and optionally validates them against their schema
if the 'validatexml' debugging option is enabled. A warning will be printed to the log if validation fails.
public static checkSAMLMessage ( string $message, string $type ) | ||
$message | string | The SAML document we want to check. |
$type | string | The type of document. Can be one of: - 'saml20' - 'saml11' - 'saml-meta' |
/** * Decode a received response. * * @param array $post POST data received. * @return SimpleSAML_XML_Shib13_AuthnResponse Response. */ public function decodeResponse($post) { assert('is_array($post)'); if (!array_key_exists('SAMLResponse', $post)) { throw new Exception('Missing required SAMLResponse parameter.'); } $rawResponse = $post['SAMLResponse']; $samlResponseXML = base64_decode($rawResponse); \SimpleSAML\Utils\XML::debugSAMLMessage($samlResponseXML, 'in'); \SimpleSAML\Utils\XML::checkSAMLMessage($samlResponseXML, 'saml11'); $samlResponse = new SimpleSAML_XML_Shib13_AuthnResponse(); $samlResponse->setXML($samlResponseXML); if (array_key_exists('TARGET', $post)) { $samlResponse->setRelayState($post['TARGET']); } return $samlResponse; }
<?php require_once '../_include.php'; /* Make sure that the user has admin access rights. */ SimpleSAML\Utils\Auth::requireAdmin(); $config = SimpleSAML_Configuration::getInstance(); if (!empty($_FILES['xmlfile']['tmp_name'])) { $xmldata = file_get_contents($_FILES['xmlfile']['tmp_name']); } elseif (array_key_exists('xmldata', $_POST)) { $xmldata = $_POST['xmldata']; } if (!empty($xmldata)) { \SimpleSAML\Utils\XML::checkSAMLMessage($xmldata, 'saml-meta'); $entities = SimpleSAML_Metadata_SAMLParser::parseDescriptorsString($xmldata); /* Get all metadata for the entities. */ foreach ($entities as &$entity) { $entity = array('shib13-sp-remote' => $entity->getMetadata1xSP(), 'shib13-idp-remote' => $entity->getMetadata1xIdP(), 'saml20-sp-remote' => $entity->getMetadata20SP(), 'saml20-idp-remote' => $entity->getMetadata20IdP()); } /* Transpose from $entities[entityid][type] to $output[type][entityid]. */ $output = SimpleSAML\Utils\Arrays::transpose($entities); /* Merge all metadata of each type to a single string which should be * added to the corresponding file. */ foreach ($output as $type => &$entities) { $text = ''; foreach ($entities as $entityId => $entityMetadata) { if ($entityMetadata === NULL) { continue; } /* Remove the entityDescriptor element because it is unused, and only * makes the output harder to read.
/** * @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\XML::checkSAMLMessage() instead. */ public static function validateXMLDocument($message, $type) { \SimpleSAML\Utils\XML::checkSAMLMessage($message, $type); }