protected function doExecute(ProfileContext $context) { $ownEntityDescriptor = $context->getOwnEntityDescriptor(); $criteriaSet = new CriteriaSet([new DescriptorTypeCriteria(SpSsoDescriptor::class), new ServiceTypeCriteria(AssertionConsumerService::class), new BindingCriteria([SamlConstants::BINDING_SAML2_HTTP_POST])]); $endpoints = $this->endpointResolver->resolve($criteriaSet, $ownEntityDescriptor->getAllEndpoints()); if (empty($endpoints)) { $message = 'Missing ACS Service with HTTP POST binding in own SP SSO Descriptor'; $this->logger->error($message, LogHelper::getActionErrorContext($context, $this)); throw new LightSamlContextException($context, $message); } MessageContextHelper::asAuthnRequest($context->getOutboundContext())->setAssertionConsumerServiceURL($endpoints[0]->getEndpoint()->getLocation()); }
/** * @param ProfileContext $context * * @return void */ protected function doExecute(ProfileContext $context) { $authnRequest = MessageContextHelper::asAuthnRequest($context->getInboundContext()); if (false == $authnRequest->getAssertionConsumerServiceURL()) { return; } $spEntityDescriptor = $context->getPartyEntityDescriptor(); foreach ($spEntityDescriptor->getAllSpSsoDescriptors() as $sp) { if ($sp->getAllAssertionConsumerServicesByUrl($authnRequest->getAssertionConsumerServiceURL())) { $this->logger->debug(sprintf('AuthnRequest has assertion consumer url "%s" that belongs to entity "%s"', $authnRequest->getAssertionConsumerServiceURL(), $spEntityDescriptor->getEntityID()), LogHelper::getActionContext($context, $this)); return; } } $message = sprintf("Invalid ACS Url '%s' for '%s' entity", $authnRequest->getAssertionConsumerServiceURL(), $spEntityDescriptor->getEntityID()); $this->logger->emergency($message, LogHelper::getActionErrorContext($context, $this)); throw new LightSamlValidationException($message); }