protected function doExecute(ProfileContext $context)
{
$ownEntityDescriptor = $context->getOwnEntityDescriptor();
$criteriaSet = new CriteriaSet([new DescriptorTypeCriteria(SpSsoDescriptor::class), new ServiceTypeCriteria(AssertionConsumerService::class), new BindingCriteria([SamlConstants::BINDING_SAML2_HTTP_POST])]);
$endpoints = $this->endpointResolver->resolve($criteriaSet, $ownEntityDescriptor->getAllEndpoints());
if (empty($endpoints)) {
$message = 'Missing ACS Service with HTTP POST binding in own SP SSO Descriptor';
$this->logger->error($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlContextException($context, $message);
}
MessageContextHelper::asAuthnRequest($context->getOutboundContext())->setAssertionConsumerServiceURL($endpoints[0]->getEndpoint()->getLocation());
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
$authnRequest = MessageContextHelper::asAuthnRequest($context->getInboundContext());
if (false == $authnRequest->getAssertionConsumerServiceURL()) {
return;
}
$spEntityDescriptor = $context->getPartyEntityDescriptor();
foreach ($spEntityDescriptor->getAllSpSsoDescriptors() as $sp) {
if ($sp->getAllAssertionConsumerServicesByUrl($authnRequest->getAssertionConsumerServiceURL())) {
$this->logger->debug(sprintf('AuthnRequest has assertion consumer url "%s" that belongs to entity "%s"', $authnRequest->getAssertionConsumerServiceURL(), $spEntityDescriptor->getEntityID()), LogHelper::getActionContext($context, $this));
return;
}
}
$message = sprintf("Invalid ACS Url '%s' for '%s' entity", $authnRequest->getAssertionConsumerServiceURL(), $spEntityDescriptor->getEntityID());
$this->logger->emergency($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlValidationException($message);
}
