/** * Test adding multiple elements of a given type with given values. */ public function testGetAddStrings() { $document = SAML2_DOMDocumentFactory::fromString('<root/>'); SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', FALSE, array('value1', 'value2')); $this->assertEquals('<root>' . '<ns:somenode xmlns:ns="testns">value1</ns:somenode>' . '<ns:somenode xmlns:ns="testns">value2</ns:somenode>' . '</root>', $document->saveXML($document->firstChild)); $document->loadXML('<ns:root xmlns:ns="testns"/>'); SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', FALSE, array('value1', 'value2')); $this->assertEquals('<ns:root xmlns:ns="testns">' . '<ns:somenode>value1</ns:somenode>' . '<ns:somenode>value2</ns:somenode>' . '</ns:root>', $document->saveXML($document->firstChild)); $document->loadXML('<root/>'); SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', TRUE, array('en' => 'value (en)', 'no' => 'value (no)')); $this->assertEquals('<root>' . '<ns:somenode xmlns:ns="testns" xml:lang="en">value (en)</ns:somenode>' . '<ns:somenode xmlns:ns="testns" xml:lang="no">value (no)</ns:somenode>' . '</root>', $document->saveXML($document->firstChild)); $document->loadXML('<ns:root xmlns:ns="testns"/>'); SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', TRUE, array('en' => 'value (en)', 'no' => 'value (no)')); $this->assertEquals('<ns:root xmlns:ns="testns">' . '<ns:somenode xml:lang="en">value (en)</ns:somenode>' . '<ns:somenode xml:lang="no">value (no)</ns:somenode>' . '</ns:root>', $document->saveXML($document->firstChild)); }
/** * Convert this element to XML. * * @param DOMElement $parent The element we should append to. */ public function toXML(DOMElement $parent) { assert('is_string($this->registrationAuthority)'); assert('is_int($this->registrationInstant) || is_null($this->registrationInstant)'); assert('is_array($this->RegistrationPolicy)'); $doc = $parent->ownerDocument; $e = $doc->createElementNS(SAML2_XML_mdrpi_Common::NS_MDRPI, 'mdrpi:RegistrationInfo'); $parent->appendChild($e); $e->setAttribute('registrationAuthority', $this->registrationAuthority); if ($this->registrationInstant !== NULL) { $e->setAttribute('registrationInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->registrationInstant)); } SAML2_Utils::addStrings($e, SAML2_XML_mdrpi_Common::NS_MDRPI, 'mdrpi:RegistrationPolicy', TRUE, $this->RegistrationPolicy); return $e; }
/** * Add this PDPDescriptor to an EntityDescriptor. * * @param DOMElement $parent The EntityDescriptor we should append this IDPSSODescriptor to. * @return DOMElement */ public function toXML(DOMElement $parent) { assert('is_array($this->AuthzService)'); assert('!empty($this->AuthzService)'); assert('is_array($this->AssertionIDRequestService)'); assert('is_array($this->NameIDFormat)'); $e = parent::toXML($parent); foreach ($this->AuthzService as $ep) { $ep->toXML($e, 'md:AuthzService'); } foreach ($this->AssertionIDRequestService as $ep) { $ep->toXML($e, 'md:AssertionIDRequestService'); } SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:NameIDFormat', FALSE, $this->NameIDFormat); return $e; }
/** * Convert this Organization to XML. * * @param DOMElement $parent The element we should add this organization to. * @return DOMElement This Organization-element. */ public function toXML(DOMElement $parent) { assert('is_array($this->Extensions)'); assert('is_array($this->OrganizationName)'); assert('!empty($this->OrganizationName)'); assert('is_array($this->OrganizationDisplayName)'); assert('!empty($this->OrganizationDisplayName)'); assert('is_array($this->OrganizationURL)'); assert('!empty($this->OrganizationURL)'); $doc = $parent->ownerDocument; $e = $doc->createElementNS(SAML2_Const::NS_MD, 'md:Organization'); $parent->appendChild($e); SAML2_XML_md_Extensions::addList($e, $this->Extensions); SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:OrganizationName', TRUE, $this->OrganizationName); SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:OrganizationDisplayName', TRUE, $this->OrganizationDisplayName); SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:OrganizationURL', TRUE, $this->OrganizationURL); return $e; }
/** * Convert this DiscoHints to XML. * * @param DOMElement $parent The element we should append to. */ public function toXML(DOMElement $parent) { assert('is_array($this->IPHint)'); assert('is_array($this->DomainHint)'); assert('is_array($this->GeolocationHint)'); assert('is_array($this->children)'); if (!empty($this->IPHint) || !empty($this->DomainHint) || !empty($this->GeolocationHint) || !empty($this->children)) { $doc = $parent->ownerDocument; $e = $doc->createElementNS(self::NS, 'mdui:DiscoHints'); $parent->appendChild($e); if (!empty($this->children)) { foreach ($this->children as $child) { $child->toXML($e); } } SAML2_Utils::addStrings($e, self::NS, 'mdui:IPHint', FALSE, $this->IPHint); SAML2_Utils::addStrings($e, self::NS, 'mdui:DomainHint', FALSE, $this->DomainHint); SAML2_Utils::addStrings($e, self::NS, 'mdui:GeolocationHint', FALSE, $this->GeolocationHint); return $e; } }
/** * Add a AuthnStatement-node to the assertion. * * @param DOMElement $root The assertion element we should add the authentication statement to. */ private function addAuthnStatement(DOMElement $root) { if ($this->authnContext === NULL || $this->authnInstant === NULL) { /* No authentication context or AuthnInstant => no authentication statement. */ return; } $document = $root->ownerDocument; $as = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnStatement'); $root->appendChild($as); $as->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant)); if ($this->sessionNotOnOrAfter !== NULL) { $as->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter)); } if ($this->sessionIndex !== NULL) { $as->setAttribute('SessionIndex', $this->sessionIndex); } $ac = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnContext'); $as->appendChild($ac); SAML2_Utils::addString($ac, SAML2_Const::NS_SAML, 'saml:AuthnContextClassRef', $this->authnContext); SAML2_Utils::addStrings($ac, SAML2_Const::NS_SAML, 'saml:AuthenticatingAuthority', false, $this->AuthenticatingAuthority); }
/** * Convert to DOMElement. * * @param DOMElement $parent The element we should append this AttributeConsumingService to. * @return DOMElement */ public function toXML(DOMElement $parent) { assert('is_int($this->index)'); assert('is_null($this->isDefault) || is_bool($this->isDefault)'); assert('is_array($this->ServiceName)'); assert('is_array($this->ServiceDescription)'); assert('is_array($this->RequestedAttribute)'); $doc = $parent->ownerDocument; $e = $doc->createElementNS(SAML2_Const::NS_MD, 'md:AttributeConsumingService'); $parent->appendChild($e); $e->setAttribute('index', (string) $this->index); if ($this->isDefault === TRUE) { $e->setAttribute('isDefault', 'true'); } elseif ($this->isDefault === FALSE) { $e->setAttribute('isDefault', 'false'); } SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:ServiceName', TRUE, $this->ServiceName); SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:ServiceDescription', TRUE, $this->ServiceDescription); foreach ($this->RequestedAttribute as $ra) { $ra->toXML($e); } return $e; }
/** * Convert this authentication request to an XML element. * * @return DOMElement This authentication request. */ public function toUnsignedXML() { $root = parent::toUnsignedXML(); if ($this->forceAuthn) { $root->setAttribute('ForceAuthn', 'true'); } if ($this->isPassive) { $root->setAttribute('IsPassive', 'true'); } if ($this->assertionConsumerServiceIndex !== NULL) { $root->setAttribute('AssertionConsumerServiceIndex', $this->assertionConsumerServiceIndex); } else { if ($this->assertionConsumerServiceURL !== NULL) { $root->setAttribute('AssertionConsumerServiceURL', $this->assertionConsumerServiceURL); } if ($this->protocolBinding !== NULL) { $root->setAttribute('ProtocolBinding', $this->protocolBinding); } } if ($this->attributeConsumingServiceIndex !== NULL) { $root->setAttribute('AttributeConsumingServiceIndex', $this->attributeConsumingServiceIndex); } if (!empty($this->nameIdPolicy)) { $nameIdPolicy = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'NameIDPolicy'); if (array_key_exists('Format', $this->nameIdPolicy)) { $nameIdPolicy->setAttribute('Format', $this->nameIdPolicy['Format']); } if (array_key_exists('SPNameQualifier', $this->nameIdPolicy)) { $nameIdPolicy->setAttribute('SPNameQualifier', $this->nameIdPolicy['SPNameQualifier']); } if (array_key_exists('AllowCreate', $this->nameIdPolicy) && $this->nameIdPolicy['AllowCreate']) { $nameIdPolicy->setAttribute('AllowCreate', 'true'); } $root->appendChild($nameIdPolicy); } $rac = $this->requestedAuthnContext; if (!empty($rac) && !empty($rac['AuthnContextClassRef'])) { $e = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'RequestedAuthnContext'); $root->appendChild($e); if (isset($rac['Comparison']) && $rac['Comparison'] !== 'exact') { $e->setAttribute('Comparison', $rac['Comparison']); } foreach ($rac['AuthnContextClassRef'] as $accr) { SAML2_Utils::addString($e, SAML2_Const::NS_SAML, 'AuthnContextClassRef', $accr); } } if (!empty($this->extensions)) { SAML2_XML_samlp_Extensions::addList($root, $this->extensions); } if ($this->ProxyCount !== NULL || count($this->IDPList) > 0 || count($this->RequesterID) > 0) { $scoping = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'Scoping'); $root->appendChild($scoping); if ($this->ProxyCount !== NULL) { $scoping->setAttribute('ProxyCount', $this->ProxyCount); } if (count($this->IDPList) > 0) { $idplist = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'IDPList'); foreach ($this->IDPList as $provider) { $idpEntry = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'IDPEntry'); $idpEntry->setAttribute('ProviderID', $provider); $idplist->appendChild($idpEntry); } $scoping->appendChild($idplist); } if (count($this->RequesterID) > 0) { SAML2_Utils::addStrings($scoping, SAML2_Const::NS_SAMLP, 'RequesterID', FALSE, $this->RequesterID); } } return $root; }
/** * Convert this UIInfo to XML. * * @param DOMElement $parent The element we should append to. * @return DOMElement|NULL */ public function toXML(DOMElement $parent) { assert('is_array($this->DisplayName)'); assert('is_array($this->InformationURL)'); assert('is_array($this->PrivacyStatementURL)'); assert('is_array($this->Keywords)'); assert('is_array($this->Logo)'); assert('is_array($this->children)'); $e = NULL; if (!empty($this->DisplayName) || !empty($this->Description) || !empty($this->InformationURL) || !empty($this->PrivacyStatementURL) || !empty($this->Keywords) || !empty($this->Logo) || !empty($this->children)) { $doc = $parent->ownerDocument; $e = $doc->createElementNS(self::NS, 'mdui:UIInfo'); $parent->appendChild($e); SAML2_Utils::addStrings($e, self::NS, 'mdui:DisplayName', TRUE, $this->DisplayName); SAML2_Utils::addStrings($e, self::NS, 'mdui:Description', TRUE, $this->Description); SAML2_Utils::addStrings($e, self::NS, 'mdui:InformationURL', TRUE, $this->InformationURL); SAML2_Utils::addStrings($e, self::NS, 'mdui:PrivacyStatementURL', TRUE, $this->PrivacyStatementURL); if (!empty($this->Keywords)) { foreach ($this->Keywords as $child) { $child->toXML($e); } } if (!empty($this->Logo)) { foreach ($this->Logo as $child) { $child->toXML($e); } } if (!empty($this->children)) { foreach ($this->children as $child) { $child->toXML($e); } } } return $e; }
/** * Add a AuthnStatement-node to the assertion. * * @param DOMElement $root The assertion element we should add the authentication statement to. */ private function addAuthnStatement(DOMElement $root) { if ($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL) { /* No authentication context or AuthnInstant => no authentication statement. */ return; } $document = $root->ownerDocument; $authnStatementEl = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnStatement'); $root->appendChild($authnStatementEl); $authnStatementEl->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant)); if ($this->sessionNotOnOrAfter !== NULL) { $authnStatementEl->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter)); } if ($this->sessionIndex !== NULL) { $authnStatementEl->setAttribute('SessionIndex', $this->sessionIndex); } $authnContextEl = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnContext'); $authnStatementEl->appendChild($authnContextEl); if (!empty($this->authnContextClassRef)) { SAML2_Utils::addString($authnContextEl, SAML2_Const::NS_SAML, 'saml:AuthnContextClassRef', $this->authnContextClassRef); } if (!empty($this->authnContextDecl)) { $this->authnContextDecl->toXML($authnContextEl); } if (!empty($this->authnContextDeclRef)) { SAML2_Utils::addString($authnContextEl, SAML2_Const::NS_SAML, 'saml:AuthnContextDeclRef', $this->authnContextDeclRef); } SAML2_Utils::addStrings($authnContextEl, SAML2_Const::NS_SAML, 'saml:AuthenticatingAuthority', FALSE, $this->AuthenticatingAuthority); }
/** * Add this IDPSSODescriptor to an EntityDescriptor. * * @param DOMElement $parent The EntityDescriptor we should append this IDPSSODescriptor to. */ public function toXML(DOMElement $parent) { assert('is_null($this->WantAuthnRequestsSigned) || is_bool($this->WantAuthnRequestsSigned)'); assert('is_array($this->SingleSignOnService)'); assert('is_array($this->NameIDMappingService)'); assert('is_array($this->AssertionIDRequestService)'); assert('is_array($this->AttributeProfile)'); assert('is_array($this->Attribute)'); $e = parent::toXML($parent); if ($this->WantAuthnRequestsSigned === TRUE) { $e->setAttribute('WantAuthnRequestsSigned', 'true'); } elseif ($this->WantAuthnRequestsSigned === FALSE) { $e->setAttribute('WantAuthnRequestsSigned', 'false'); } foreach ($this->SingleSignOnService as $ep) { $ep->toXML($e, 'md:SingleSignOnService'); } foreach ($this->NameIDMappingService as $ep) { $ep->toXML($e, 'md:NameIDMappingService'); } foreach ($this->AssertionIDRequestService as $ep) { $ep->toXML($e, 'md:AssertionIDRequestService'); } SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:AttributeProfile', FALSE, $this->AttributeProfile); foreach ($this->Attribute as $a) { $a->toXML($e); } return $e; }
/** * Convert this ContactPerson to XML. * * @param DOMElement $parent The element we should add this contact to. * @return DOMElement The new ContactPerson-element. */ public function toXML(DOMElement $parent) { assert('is_string($this->contactType)'); assert('is_array($this->Extensions)'); assert('is_null($this->Company) || is_string($this->Company)'); assert('is_null($this->GivenName) || is_string($this->GivenName)'); assert('is_null($this->SurName) || is_string($this->SurName)'); assert('is_array($this->EmailAddress)'); assert('is_array($this->TelephoneNumber)'); $doc = $parent->ownerDocument; $e = $doc->createElementNS(SAML2_Const::NS_MD, 'md:ContactPerson'); $parent->appendChild($e); $e->setAttribute('contactType', $this->contactType); SAML2_XML_md_Extensions::addList($e, $this->Extensions); if (isset($this->Company)) { SAML2_Utils::addString($e, SAML2_Const::NS_MD, 'md:Company', $this->Company); } if (isset($this->GivenName)) { SAML2_Utils::addString($e, SAML2_Const::NS_MD, 'md:GivenName', $this->GivenName); } if (isset($this->SurName)) { SAML2_Utils::addString($e, SAML2_Const::NS_MD, 'md:SurName', $this->SurName); } if (!empty($this->EmailAddress)) { SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:EmailAddress', FALSE, $this->EmailAddress); } if (!empty($this->TelephoneNumber)) { SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:TelephoneNumber', FALSE, $this->TelephoneNumber); } return $e; }
/** * Add this AffiliationDescriptor to an EntityDescriptor. * * @param DOMElement $parent The EntityDescriptor we should append this endpoint to. * @param string $name The name of the element we should create. */ public function toXML(DOMElement $parent) { assert('is_string($this->affiliationOwnerID)'); assert('is_null($this->ID) || is_string($this->ID)'); assert('is_null($this->validUntil) || is_int($this->validUntil)'); assert('is_null($this->cacheDuration) || is_string($this->cacheDuration)'); assert('is_array($this->Extensions)'); assert('is_array($this->AffiliateMember)'); assert('!empty($this->AffiliateMember)'); assert('is_array($this->KeyDescriptor)'); $e = $parent->ownerDocument->createElementNS(SAML2_Const::NS_MD, 'md:AffiliationDescriptor'); $parent->appendChild($e); $e->setAttribute('affiliationOwnerID', $this->affiliationOwnerID); if (isset($this->ID)) { $e->setAttribute('ID', $this->ID); } if (isset($this->validUntil)) { $e->setAttribute('validUntil', gmdate('Y-m-d\\TH:i:s\\Z', $this->validUntil)); } if (isset($this->cacheDuration)) { $e->setAttribute('cacheDuration', $this->cacheDuration); } SAML2_XML_md_Extensions::addList($e, $this->Extensions); SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:AffiliateMember', FALSE, $this->AffiliateMember); foreach ($this->KeyDescriptor as $kd) { $kd->toXML($e); } $this->signElement($e, $e->firstChild); return $e; }
/** * Add this SSODescriptorType to an EntityDescriptor. * * @param DOMElement $parent The EntityDescriptor we should append this SSODescriptorType to. * @return DOMElement The generated SSODescriptor DOMElement. */ protected function toXML(DOMElement $parent) { assert('is_array($this->ArtifactResolutionService)'); assert('is_array($this->SingleLogoutService)'); assert('is_array($this->ManageNameIDService)'); assert('is_array($this->NameIDFormat)'); $e = parent::toXML($parent); foreach ($this->ArtifactResolutionService as $ep) { $ep->toXML($e, 'md:ArtifactResolutionService'); } foreach ($this->SingleLogoutService as $ep) { $ep->toXML($e, 'md:SingleLogoutService'); } foreach ($this->ManageNameIDService as $ep) { $ep->toXML($e, 'md:ManageNameIDService'); } SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:NameIDFormat', FALSE, $this->NameIDFormat); return $e; }