/** * @param SAML2_Message $samlMessage * @return mixed */ public function serialize(SAML2_Message $samlMessage) { if ($samlMessage->getSignatureKey()) { $samlMessageDomElement = $samlMessage->toSignedXML(); } else { $samlMessageDomElement = $samlMessage->toUnsignedXML(); } return $samlMessageDomElement->ownerDocument->saveXML($samlMessageDomElement); }
/** * Send a SAML 2 message using the SOAP binding. * * Note: This function never returns. * * @param SAML2_Message $message The message we should send. */ public function send(SAML2_Message $message) { header('Content-Type: text/xml', true); $outputFromIdp = '<?xml version="1.0" encoding="UTF-8"?>'; $outputFromIdp .= '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">'; $outputFromIdp .= '<SOAP-ENV:Body>'; $xmlMessage = $message->toUnsignedXML(); $tempOutputFromIdp = $xmlMessage->ownerDocument->saveXML($xmlMessage); $outputFromIdp .= $tempOutputFromIdp; $outputFromIdp .= '</SOAP-ENV:Body>'; $outputFromIdp .= '</SOAP-ENV:Envelope>'; print $outputFromIdp; exit(0); }
/** * Create the redirect URL for a message. * * @param SAML2_Message $message The message. * @return string The URL the user should be redirected to in order to send a message. * @throws Exception */ public function getRedirectURL(SAML2_Message $message) { $store = SimpleSAML_Store::getInstance(); if ($store === FALSE) { throw new Exception('Unable to send artifact without a datastore configured.'); } $generatedId = pack('H*', (string) SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(20))); $artifact = base64_encode("" . sha1($message->getIssuer(), TRUE) . $generatedId); $artifactData = $message->toUnsignedXML(); $artifactDataString = $artifactData->ownerDocument->saveXML($artifactData); $store->set('artifact', $artifact, $artifactDataString, time() + 15 * 60); $params = array('SAMLart' => $artifact); $relayState = $message->getRelayState(); if ($relayState !== NULL) { $params['RelayState'] = $relayState; } return SimpleSAML_Utilities::addURLparameter($message->getDestination(), $params); }
/** * Create the redirect URL for a message. * * @param SAML2_Message $message The message. * @return string The URL the user should be redirected to in order to send a message. */ public function getRedirectURL(SAML2_Message $message) { if ($this->destination === NULL) { $destination = $message->getDestination(); } else { $destination = $this->destination; } $relayState = $message->getRelayState(); $key = $message->getSignatureKey(); $msgStr = $message->toUnsignedXML(); $msgStr = $msgStr->ownerDocument->saveXML($msgStr); SimpleSAML_Utilities::debugMessage($msgStr, 'out'); $msgStr = gzdeflate($msgStr); $msgStr = base64_encode($msgStr); /* Build the query string. */ if ($message instanceof SAML2_Request) { $msg = 'SAMLRequest='; } else { $msg = 'SAMLResponse='; } $msg .= urlencode($msgStr); if ($relayState !== NULL) { $msg .= '&RelayState=' . urlencode($relayState); } if ($key !== NULL) { /* Add the signature. */ $msg .= '&SigAlg=' . urlencode(XMLSecurityKey::RSA_SHA1); $signature = $key->signData($msg); $msg .= '&Signature=' . urlencode(base64_encode($signature)); } if (strpos($destination, '?') === FALSE) { $destination .= '?' . $msg; } else { $destination .= '&' . $msg; } return $destination; }
/** * Convert status response message to an XML element. * * @return DOMElement This status response. */ public function toUnsignedXML() { $root = parent::toUnsignedXML(); if ($this->inResponseTo !== NULL) { $root->setAttribute('InResponseTo', $this->inResponseTo); } if ($this->extensions !== NULL) { if ($this->extensions === TRUE) { $ee = $this->document->createElementNS('http://rnd.feide.no/fedlab-ns', 'UnknownExtension'); } else { $ee = $this->extensions; } $extensions = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'Extensions'); $extensions->appendChild($ee); $root->appendChild($extensions); } $status = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'Status'); $root->appendChild($status); $statusCode = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'StatusCode'); $statusCode->setAttribute('Value', $this->status['Code']); $status->appendChild($statusCode); if (!is_null($this->status['SubCode'])) { $subStatusCode = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'StatusCode'); $subStatusCode->setAttribute('Value', $this->status['SubCode']); $statusCode->appendChild($subStatusCode); } if (!is_null($this->status['Message'])) { SAML2_Utils::addString($status, SAML2_Const::NS_SAMLP, 'StatusMessage', $this->status['Message']); } return $root; }
/** * Convert status response message to an XML element. * * @return DOMElement This status response. */ public function toUnsignedXML() { $root = parent::toUnsignedXML(); if ($this->inResponseTo !== NULL) { $root->setAttribute('InResponseTo', $this->inResponseTo); } $status = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'Status'); $root->appendChild($status); $statusCode = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'StatusCode'); $statusCode->setAttribute('Value', $this->status['Code']); $status->appendChild($statusCode); if (!is_null($this->status['SubCode'])) { $subStatusCode = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'StatusCode'); $subStatusCode->setAttribute('Value', $this->status['SubCode']); $statusCode->appendChild($subStatusCode); } if (!is_null($this->status['Message'])) { SAML2_Utils::addString($status, SAML2_Const::NS_SAMLP, 'StatusMessage', $this->status['Message']); } return $root; }
/** * Dump a string representation of this annotated message used for debugging. * * @return string */ public function __toString() { $vars = get_object_vars($this); $vars['sspMessage'] = $this->sspMessage->toUnsignedXML()->ownerDocument->saveXML(); return json_encode($vars); }