/** * Create a ECP Request element. * * @param DOMElement|NULL $xml The XML element we should load. */ public function __construct(DOMElement $xml = NULL) { if ($xml === NULL) { return; } if ($this->checkXML($xml) !== TRUE) { throw new Exception($this->checkXML($xml)); } if ($xml->hasAttribute('ProviderName')) { $this->ProviderName = $xml->getAttribute('ProviderName'); } $this->IsPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', NULL); $issuer = SAML2_Utils::xpQuery($xml, './saml_assertion:Issuer'); if (empty($issuer)) { throw new Exception('Missing <saml:Issuer> in <ecp:Request>.'); } elseif (count($issuer) > 1) { throw new Exception('More than one <saml:Issuer> in <ecp:Request>.'); } $this->Issuer = trim($issuer[0]->textContent); $idpList = SAML2_Utils::xpQuery($xml, './saml_protocol:IDPList'); if (count($idpList) === 1) { $this->IDPList = new SAML2_XML_samlp_IDPList($idpList[0]); } elseif (count($idpList) > 1) { throw new Exception('More than one <samlp:IDPList> in ECP Request.'); } }
/** * Create a Scope. * * @param DOMElement|NULL $xml The XML element we should load. */ public function __construct(DOMElement $xml = NULL) { if ($xml === NULL) { return; } $this->scope = $xml->textContent; $this->regexp = SAML2_Utils::parseBoolean($xml, 'regexp', NULL); }
/** * Initialize an RequestedAttribute. * * @param DOMElement|NULL $xml The XML element we should load. */ public function __construct(DOMElement $xml = NULL) { parent::__construct($xml); if ($xml === NULL) { return; } $this->isRequired = SAML2_Utils::parseBoolean($xml, 'isRequired', NULL); }
/** * Initialize an IndexedEndpointType. * * @param DOMElement|NULL $xml The XML element we should load. */ public function __construct(DOMElement $xml = NULL) { parent::__construct($xml); if ($xml === NULL) { return; } if (!$xml->hasAttribute('index')) { throw new Exception('Missing index on ' . $xml->tagName); } $this->index = (int) $xml->getAttribute('index'); $this->isDefault = SAML2_Utils::parseBoolean($xml, 'isDefault', NULL); }
/** * Initialize a SPSSODescriptor. * * @param DOMElement|NULL $xml The XML element we should load. */ public function __construct(DOMElement $xml = NULL) { parent::__construct('md:SPSSODescriptor', $xml); if ($xml === NULL) { return; } $this->AuthnRequestsSigned = SAML2_Utils::parseBoolean($xml, 'AuthnRequestsSigned', NULL); $this->WantAssertionsSigned = SAML2_Utils::parseBoolean($xml, 'WantAssertionsSigned', NULL); foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AssertionConsumerService') as $ep) { $this->AssertionConsumerService[] = new SAML2_XML_md_IndexedEndpointType($ep); } foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AttributeConsumingService') as $acs) { $this->AttributeConsumingService[] = new SAML2_XML_md_AttributeConsumingService($acs); } }
/** * Initialize / parse an AttributeConsumingService. * * @param DOMElement|NULL $xml The XML element we should load. * @throws Exception */ public function __construct(DOMElement $xml = NULL) { if ($xml === NULL) { return; } if (!$xml->hasAttribute('index')) { throw new Exception('Missing index on AttributeConsumingService.'); } $this->index = (int) $xml->getAttribute('index'); $this->isDefault = SAML2_Utils::parseBoolean($xml, 'isDefault', NULL); $this->ServiceName = SAML2_Utils::extractLocalizedStrings($xml, SAML2_Const::NS_MD, 'ServiceName'); if (empty($this->ServiceName)) { throw new Exception('Missing ServiceName in AttributeConsumingService.'); } $this->ServiceDescription = SAML2_Utils::extractLocalizedStrings($xml, SAML2_Const::NS_MD, 'ServiceDescription'); foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:RequestedAttribute') as $ra) { $this->RequestedAttribute[] = new SAML2_XML_md_RequestedAttribute($ra); } }
/** * Initialize an IDPSSODescriptor. * * @param DOMElement|NULL $xml The XML element we should load. */ public function __construct(DOMElement $xml = NULL) { parent::__construct('md:IDPSSODescriptor', $xml); if ($xml === NULL) { return; } $this->WantAuthnRequestsSigned = SAML2_Utils::parseBoolean($xml, 'WantAuthnRequestsSigned', NULL); foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:SingleSignOnService') as $ep) { $this->SingleSignOnService[] = new SAML2_XML_md_EndpointType($ep); } foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:NameIDMappingService') as $ep) { $this->NameIDMappingService[] = new SAML2_XML_md_EndpointType($ep); } foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AssertionIDRequestService') as $ep) { $this->AssertionIDRequestService[] = new SAML2_XML_md_EndpointType($airs); } $this->AttributeProfile = SAML2_Utils::extractStrings($xml, './saml_metadata:AttributeProfile'); foreach (SAML2_Utils::xpQuery($xml, './saml_assertion:Attribute') as $a) { $this->Attribute[] = new SAML2_XML_saml_Attribute($a); } }
/** * Constructor for SAML 2 authentication request messages. * * @param DOMElement|NULL $xml The input message. */ public function __construct(DOMElement $xml = NULL) { parent::__construct('AuthnRequest', $xml); $this->nameIdPolicy = array(); $this->forceAuthn = FALSE; $this->isPassive = FALSE; if ($xml === NULL) { return; } $this->forceAuthn = SAML2_Utils::parseBoolean($xml, 'ForceAuthn', FALSE); $this->isPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', FALSE); if ($xml->hasAttribute('AssertionConsumerServiceURL')) { $this->assertionConsumerServiceURL = $xml->getAttribute('AssertionConsumerServiceURL'); } if ($xml->hasAttribute('ProtocolBinding')) { $this->protocolBinding = $xml->getAttribute('ProtocolBinding'); } $nameIdPolicy = SAML2_Utils::xpQuery($xml, './saml_protocol:NameIDPolicy'); if (!empty($nameIdPolicy)) { $nameIdPolicy = $nameIdPolicy[0]; if ($nameIdPolicy->hasAttribute('Format')) { $this->nameIdPolicy['Format'] = $nameIdPolicy->getAttribute('Format'); } if ($nameIdPolicy->hasAttribute('SPNameQualifier')) { $this->nameIdPolicy['SPNameQualifier'] = $nameIdPolicy->getAttribute('SPNameQualifier'); } if ($nameIdPolicy->hasAttribute('AllowCreate')) { $this->nameIdPolicy['AllowCreate'] = SAML2_Utils::parseBoolean($nameIdPolicy, 'AllowCreate', FALSE); } } $requestedAuthnContext = SAML2_Utils::xpQuery($xml, './saml_protocol:RequestedAuthnContext'); if (!empty($requestedAuthnContext)) { $requestedAuthnContext = $requestedAuthnContext[0]; $rac = array('AuthnContextClassRef' => array(), 'Comparison' => 'exact'); $accr = SAML2_Utils::xpQuery($requestedAuthnContext, './saml_assertion:AuthnContextClassRef'); foreach ($accr as $i) { $rac['AuthnContextClassRef'][] = trim($i->textContent); } if ($requestedAuthnContext->hasAttribute('Comparison')) { $rac['Comparison'] = $requestedAuthnContext->getAttribute('Comparison'); } $this->requestedAuthnContext = $rac; } $idpEntries = SAML2_Utils::xpQuery($xml, './saml_protocol:Scoping/saml_protocol:IDPList/saml_protocol:IDPEntry'); foreach ($idpEntries as $idpEntry) { if (!$idpEntry->hasAttribute('ProviderID')) { throw new Exception("Could not get ProviderID from Scoping/IDPEntry element in AuthnRequest object"); } $this->IDPList[] = $idpEntry->getAttribute('ProviderID'); } }
/** * @param DOMElement $xml * * @throws Exception */ protected function parseNameIdPolicy(DOMElement $xml) { $nameIdPolicy = SAML2_Utils::xpQuery($xml, './saml_protocol:NameIDPolicy'); if (empty($nameIdPolicy)) { return; } $nameIdPolicy = $nameIdPolicy[0]; if ($nameIdPolicy->hasAttribute('Format')) { $this->nameIdPolicy['Format'] = $nameIdPolicy->getAttribute('Format'); } if ($nameIdPolicy->hasAttribute('SPNameQualifier')) { $this->nameIdPolicy['SPNameQualifier'] = $nameIdPolicy->getAttribute('SPNameQualifier'); } if ($nameIdPolicy->hasAttribute('AllowCreate')) { $this->nameIdPolicy['AllowCreate'] = SAML2_Utils::parseBoolean($nameIdPolicy, 'AllowCreate', FALSE); } }