/** * Ask PDP for access. * * @return \Pdp_PolicyResponse * @throws \EngineBlock_Exception */ protected function requestAccess() { $httpClient = new Zend_Http_Client($this->baseUrl); try { $result = $httpClient->setConfig(array('timeout' => 15))->setAuth($this->username, $this->password, Zend_Http_Client::AUTH_BASIC)->setRawData($this->policyRequest->toJson())->setEncType('application/json')->request('POST'); if ($result->getStatus() != '200') { $error = "Received invalid HTTP " . $result->getStatus() . "response from PDP"; EngineBlock_ApplicationSingleton::getLog()->error($error); throw new EngineBlock_Exception($error); } } catch (Zend_Http_Client_Exception $e) { EngineBlock_ApplicationSingleton::getLog()->error($e->getMessage()); throw new EngineBlock_Exception($e->getMessage()); } $this->policyResponse = new Pdp_PolicyResponse($result->getBody()); return $this->policyResponse; }
/** * Build the policy request object. * * @param string $subjectId * @param string $idp * @param string $sp * @param array $responseAttributes * @return Pdp_PolicyRequest */ private function buildPolicyRequest($subjectId, $idp, $sp, array $responseAttributes) { $policy_request = new Pdp_PolicyRequest(); $policy_request->addResourceAttribute('SPentityID', $sp); $policy_request->addResourceAttribute('IDPentityID', $idp); $policy_request->addAccessSubject('urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', $subjectId); foreach ($responseAttributes as $id => $values) { foreach ($values as $value) { $policy_request->addAccessSubject($id, $value); } } return $policy_request; }