| public static setBaseURL ( $baseurl ) | ||
| $baseurl | string The base url to be used when constructing URLs | |
/**
* Constructs the Logout Request object.
*
* @param OneLogin_Saml2_Settings $settings Settings
* @param string|null $request A UUEncoded Logout Request.
* @param string|null $nameId The NameID that will be set in the LogoutRequest.
* @param string|null $sessionIndex The SessionIndex (taken from the SAML Response in the SSO process).
* @param string|null $nameIdFormat The NameID Format will be set in the LogoutRequest.
*/
public function __construct(OneLogin_Saml2_Settings $settings, $request = null, $nameId = null, $sessionIndex = null, $nameIdFormat = null)
{
$this->_settings = $settings;
$baseURL = $this->_settings->getBaseURL();
if (!empty($baseURL)) {
OneLogin_Saml2_Utils::setBaseURL($baseURL);
}
if (!isset($request) || empty($request)) {
$spData = $this->_settings->getSPData();
$idpData = $this->_settings->getIdPData();
$security = $this->_settings->getSecurityData();
$id = OneLogin_Saml2_Utils::generateUniqueID();
$this->id = $id;
$nameIdValue = OneLogin_Saml2_Utils::generateUniqueID();
$issueInstant = OneLogin_Saml2_Utils::parseTime2SAML(time());
$cert = null;
if (isset($security['nameIdEncrypted']) && $security['nameIdEncrypted']) {
$cert = $idpData['x509cert'];
}
if (!empty($nameId)) {
if (empty($nameIdFormat)) {
$nameIdFormat = $spData['NameIDFormat'];
}
$spNameQualifier = null;
} else {
$nameId = $idpData['entityId'];
$nameIdFormat = OneLogin_Saml2_Constants::NAMEID_ENTITY;
$spNameQualifier = $spData['entityId'];
}
$nameIdObj = OneLogin_Saml2_Utils::generateNameId($nameId, $spNameQualifier, $nameIdFormat, $cert);
$sessionIndexStr = isset($sessionIndex) ? "<samlp:SessionIndex>{$sessionIndex}</samlp:SessionIndex>" : "";
$logoutRequest = <<<LOGOUTREQUEST
<samlp:LogoutRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="{$id}"
Version="2.0"
IssueInstant="{$issueInstant}"
Destination="{$idpData['singleLogoutService']['url']}">
<saml:Issuer>{$spData['entityId']}</saml:Issuer>
{$nameIdObj}
{$sessionIndexStr}
</samlp:LogoutRequest>
LOGOUTREQUEST;
} else {
$decoded = base64_decode($request);
// We try to inflate
$inflated = @gzinflate($decoded);
if ($inflated != false) {
$logoutRequest = $inflated;
} else {
$logoutRequest = $decoded;
}
$this->id = self::getID($logoutRequest);
}
$this->_logoutRequest = $logoutRequest;
}
/**
* Constructs a Logout Response object (Initialize params from settings and if provided
* load the Logout Response.
*
* @param OneLogin_Saml2_Settings $settings Settings.
* @param string|null $response An UUEncoded SAML Logout response from the IdP.
*/
public function __construct(OneLogin_Saml2_Settings $settings, $response = null)
{
$this->_settings = $settings;
$baseURL = $this->_settings->getBaseURL();
if (!empty($baseURL)) {
OneLogin_Saml2_Utils::setBaseURL($baseURL);
}
if ($response) {
$decoded = base64_decode($response);
$inflated = @gzinflate($decoded);
if ($inflated != false) {
$this->_logoutResponse = $inflated;
} else {
$this->_logoutResponse = $decoded;
}
$this->document = new DOMDocument();
$this->document = OneLogin_Saml2_Utils::loadXML($this->document, $this->_logoutResponse);
}
}
/**
* Constructs the SAML Response object.
*
* @param OneLogin_Saml2_Settings $settings Settings.
* @param string $response A UUEncoded SAML response from the IdP.
*
* @throws Exception
*/
public function __construct(OneLogin_Saml2_Settings $settings, $response)
{
$this->_settings = $settings;
$baseURL = $this->_settings->getBaseURL();
if (!empty($baseURL)) {
OneLogin_Saml2_Utils::setBaseURL($baseURL);
}
$this->response = base64_decode($response);
$this->document = new DOMDocument();
$this->document = OneLogin_Saml2_Utils::loadXML($this->document, $this->response);
if (!$this->document) {
throw new Exception('SAML Response could not be processed');
}
// Quick check for the presence of EncryptedAssertion
$encryptedAssertionNodes = $this->document->getElementsByTagName('EncryptedAssertion');
if ($encryptedAssertionNodes->length !== 0) {
$this->decryptedDocument = clone $this->document;
$this->encrypted = true;
$this->decryptedDocument = $this->_decryptAssertion($this->decryptedDocument);
}
}
/**
* @covers OneLogin_Saml2_Utils::setBaseURL
*/
public function testSetBaseURL()
{
$_SERVER['HTTP_HOST'] = 'sp.example.com';
$_SERVER['HTTPS'] = 'https';
$_SERVER['REQUEST_URI'] = '/example1/route.php?x=test';
$_SERVER['QUERY_STRING'] = '?x=test';
$_SERVER['SCRIPT_NAME'] = '/example1/route.php';
unset($_SERVER['PATH_INFO']);
$expectedUrlNQ = 'https://sp.example.com/example1/route.php';
$expectedRoutedUrlNQ = 'https://sp.example.com/example1/route.php';
$expectedUrl = 'https://sp.example.com/example1/route.php?x=test';
OneLogin_Saml2_Utils::setBaseURL("no-valid-url");
$this->assertEquals('https', OneLogin_Saml2_Utils::getSelfProtocol());
$this->assertEquals('sp.example.com', OneLogin_Saml2_Utils::getSelfHost());
$this->assertNull(OneLogin_Saml2_Utils::getSelfPort());
$this->assertNull(OneLogin_Saml2_Utils::getBaseURLPath());
$this->assertEquals($expectedUrlNQ, OneLogin_Saml2_Utils::getSelfURLNoQuery());
$this->assertEquals($expectedRoutedUrlNQ, OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery());
$this->assertEquals($expectedUrl, OneLogin_Saml2_Utils::getSelfURL());
OneLogin_Saml2_Utils::setBaseURL("http://anothersp.example.com:81/example2/");
$expectedUrlNQ2 = 'http://anothersp.example.com:81/example2/route.php';
$expectedRoutedUrlNQ2 = 'http://anothersp.example.com:81/example2/route.php';
$expectedUrl2 = 'http://anothersp.example.com:81/example2/route.php?x=test';
$this->assertEquals('http', OneLogin_Saml2_Utils::getSelfProtocol());
$this->assertEquals('anothersp.example.com', OneLogin_Saml2_Utils::getSelfHost());
$this->assertEquals('81', OneLogin_Saml2_Utils::getSelfPort());
$this->assertEquals('/example2/', OneLogin_Saml2_Utils::getBaseURLPath());
$this->assertEquals($expectedUrlNQ2, OneLogin_Saml2_Utils::getSelfURLNoQuery());
$this->assertEquals($expectedRoutedUrlNQ2, OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery());
$this->assertEquals($expectedUrl2, OneLogin_Saml2_Utils::getSelfURL());
$_SERVER['PATH_INFO'] = '/test';
$expectedUrlNQ2 = 'http://anothersp.example.com:81/example2/route.php/test';
$this->assertEquals($expectedUrlNQ2, OneLogin_Saml2_Utils::getSelfURLNoQuery());
$this->assertEquals($expectedRoutedUrlNQ2, OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery());
$this->assertEquals($expectedUrl2, OneLogin_Saml2_Utils::getSelfURL());
}
