setAttributes() public method

Replace all attributes.
public setAttributes ( array $attributes )
$attributes array All new attributes, as an associative array.
Assertion Class Documentation
Example #1
0
 public function transform(Assertion $assertion)
 {
     if (!$this->identityProvider->hasBase64EncodedAttributes()) {
         return $assertion;
     }
     $attributes = $assertion->getAttributes();
     $keys = array_keys($attributes);
     $decoded = array_map(array($this, 'decodeValue'), $attributes);
     $attributes = array_combine($keys, $decoded);
     $assertion->setAttributes($attributes);
 }
Example #2
0
 public static function handleLoginRequest(IPerson $Person)
 {
     try {
         $binding = Binding::getCurrentBinding();
     } catch (Exception $e) {
         return static::throwUnauthorizedError('Cannot obtain SAML2 binding');
     }
     $request = $binding->receive();
     // build response
     $response = new Response();
     $response->setInResponseTo($request->getId());
     $response->setRelayState($request->getRelayState());
     $response->setDestination($request->getAssertionConsumerServiceURL());
     // build assertion
     $assertion = new Assertion();
     $assertion->setIssuer(static::$issuer);
     $assertion->setSessionIndex(ContainerSingleton::getInstance()->generateId());
     $assertion->setNotBefore(time() - 30);
     $assertion->setNotOnOrAfter(time() + 300);
     $assertion->setAuthnContext(SAML2_Constants::AC_PASSWORD);
     // build subject confirmation
     $sc = new SubjectConfirmation();
     $sc->Method = SAML2_Constants::CM_BEARER;
     $sc->SubjectConfirmationData = new SubjectConfirmationData();
     $sc->SubjectConfirmationData->NotOnOrAfter = $assertion->getNotOnOrAfter();
     $sc->SubjectConfirmationData->Recipient = $request->getAssertionConsumerServiceURL();
     $sc->SubjectConfirmationData->InResponseTo = $request->getId();
     $assertion->setSubjectConfirmation([$sc]);
     // set NameID
     $assertion->setNameId(['Format' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', 'Value' => $Person->Username . '@' . static::$issuer]);
     // set additional attributes
     $assertion->setAttributes(['User.Email' => [$Person->Email], 'User.Username' => [$Person->Username]]);
     // attach assertion to response
     $response->setAssertions([$assertion]);
     // create signature
     $privateKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, ['type' => 'private']);
     $privateKey->loadKey(static::$privateKey);
     $response->setSignatureKey($privateKey);
     $response->setCertificates([static::$certificate]);
     // prepare response
     $responseXML = $response->toSignedXML();
     $responseString = $responseXML->ownerDocument->saveXML($responseXML);
     // dump response and quit
     #        header('Content-Type: text/xml');
     #        die($responseString);
     // send response
     $responseBinding = new HTTPPost();
     $responseBinding->send($response);
 }
Example #3
0
 /**
  * Test an assertion with lots of options
  */
 public function testMarshallingUnmarshallingChristmas()
 {
     // Create an assertion
     $assertion = new Assertion();
     $assertion->setIssuer('testIssuer');
     $assertion->setValidAudiences(array('audience1', 'audience2'));
     // deprecated function
     $this->assertNull($assertion->getAuthnContext());
     $assertion->setAuthnContext('someAuthnContext');
     $assertion->setAuthnContextDeclRef('/relative/path/to/document.xml');
     $assertion->setID("_123abc");
     $assertion->setIssueInstant(1234567890);
     $assertion->setAuthnInstant(1234567890 - 1);
     $assertion->setNotBefore(1234567890 - 10);
     $assertion->setNotOnOrAfter(1234567890 + 100);
     $assertion->setSessionNotOnOrAfter(1234568890 + 200);
     $assertion->setSessionIndex("idx1");
     $assertion->setAuthenticatingAuthority(array("idp1", "idp2"));
     $assertion->setAttributes(array("name1" => array("value1", "value2"), "name2" => array(2), "name3" => array(null)));
     $assertion->setAttributeNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
     $assertionElement = $assertion->toXML()->ownerDocument->saveXML();
     $assertionToVerify = new Assertion(DOMDocumentFactory::fromString($assertionElement)->firstChild);
     $this->assertEquals('/relative/path/to/document.xml', $assertionToVerify->getAuthnContextDeclRef());
     $this->assertEquals('_123abc', $assertionToVerify->getId());
     $this->assertEquals(1234567890, $assertionToVerify->getIssueInstant());
     $this->assertEquals(1234567889, $assertionToVerify->getAuthnInstant());
     $this->assertEquals(1234567880, $assertionToVerify->getNotBefore());
     $this->assertEquals(1234567990, $assertionToVerify->getNotOnOrAfter());
     $this->assertEquals(1234569090, $assertionToVerify->getSessionNotOnOrAfter());
     $this->assertEquals('idx1', $assertionToVerify->getSessionIndex());
     $authauth = $assertionToVerify->getAuthenticatingAuthority();
     $this->assertCount(2, $authauth);
     $this->assertEquals("idp2", $authauth[1]);
     $attributes = $assertionToVerify->getAttributes();
     $this->assertCount(3, $attributes);
     $this->assertCount(2, $attributes['name1']);
     $this->assertEquals("value1", $attributes['name1'][0]);
     $this->assertEquals(2, $attributes['name2'][0]);
     // NOTE: nil attribute is currently parsed as string..
     //$this->assertNull($attributes["name3"][0]);
     $this->assertEquals("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", $assertionToVerify->getAttributeNameFormat());
 }