<?php /** * ADFS PRP IDP protocol support for simpleSAMLphp. * * @author Hans Zandbelt, SURFnet bv, <*****@*****.**> * @package simpleSAMLphp */ SimpleSAML_Logger::info('ADFS - IdP.prp: Accessing ADFS IdP endpoint prp'); $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler(); $idpEntityId = $metadata->getMetaDataCurrentEntityID('adfs-idp-hosted'); $idp = SimpleSAML_IdP::getById('adfs:' . $idpEntityId); if (isset($_GET['wa'])) { if ($_GET['wa'] === 'wsignout1.0') { sspmod_adfs_IdP_ADFS::receiveLogoutMessage($idp); } else { if ($_GET['wa'] === 'wsignin1.0') { sspmod_adfs_IdP_ADFS::receiveAuthnRequest($idp); } } assert('FALSE'); } elseif (isset($_GET['assocId'])) { // logout response from ADFS SP $assocId = $_GET['assocId']; /* Association ID of the SP that sent the logout response. */ $relayState = $_GET['relayState']; /* Data that was sent in the logout request to the SP. Can be null. */ $logoutError = NULL; /* NULL on success, or an instance of a SimpleSAML_Error_Exception on failure. */ $idp->handleLogoutResponse($assocId, $relayState, $logoutError); }
public static function sendResponse(array $state) { $spMetadata = $state["SPMetadata"]; $spEntityId = $spMetadata['entityid']; $spMetadata = SimpleSAML_Configuration::loadFromArray($spMetadata, '$metadata[' . var_export($spEntityId, TRUE) . ']'); $attributes = $state['Attributes']; $nameidattribute = $spMetadata->getValue('simplesaml.nameidattribute'); if (!empty($nameidattribute)) { if (!array_key_exists($nameidattribute, $attributes)) { throw new Exception('simplesaml.nameidattribute does not exist in resulting attribute set'); } $nameid = $attributes[$nameidattribute][0]; } else { $nameid = SimpleSAML_Utilities::generateID(); } $idp = SimpleSAML_IdP::getByState($state); $idpMetadata = $idp->getConfig(); $idpEntityId = $idpMetadata->getString('entityid'); $idp->addAssociation(array('id' => 'adfs:' . $spEntityId, 'Handler' => 'sspmod_adfs_IdP_ADFS', 'adfs:entityID' => $spEntityId)); $response = sspmod_adfs_IdP_ADFS::ADFS_GenerateResponse($idpEntityId, $spEntityId, $nameid, $attributes); $privateKeyFile = SimpleSAML_Utilities::resolveCert($idpMetadata->getString('privatekey')); $certificateFile = SimpleSAML_Utilities::resolveCert($idpMetadata->getString('certificate')); $wresult = sspmod_adfs_IdP_ADFS::ADFS_SignResponse($response, $privateKeyFile, $certificateFile); $wctx = $state['adfs:wctx']; sspmod_adfs_IdP_ADFS::ADFS_PostResponse($spMetadata->getValue('prp'), $wresult, $wctx); }