public static formatDOMElement ( DOMElement $root, $indentBase = '' ) | ||
$root | DOMElement |
/** * Retrieve the EntityDescriptor as text. * * This function serializes this EntityDescriptor, and returns it as text. * * @param bool $formatted Whether the returned EntityDescriptor should be * formatted first. * @return string The serialized EntityDescriptor. */ public function getEntityDescriptorText($formatted = TRUE) { assert('is_bool($formatted)'); if ($formatted) { SimpleSAML_Utilities::formatDOMElement($this->entityDescriptor); } return $this->document->saveXML(); }
if ($_SERVER['REQUEST_METHOD'] === 'GET') { $message = @gzinflate($message); if ($message === FALSE) { throw new SimpleSAML_Error_BadRequest('Unable to gzinflate message.'); } } $document = new DOMDocument(); if (!$document->loadXML($message)) { throw new SimpleSAML_Error_BadRequest('Unable to parse XML.'); } $root = $document->firstChild; if (!$root->hasAttribute('Destination')) { throw new SimpleSAML_Error_BadRequest('Missing Destination-attribute on root element.'); } $realDestination = $root->getAttribute('Destination'); SimpleSAML_Utilities::formatDOMElement($root); $message = $document->saveXML($root); switch ($_SERVER['REQUEST_METHOD']) { case 'GET': $queryString = $_SERVER['QUERY_STRING']; if (strpos($realDestination, '?') === FALSE) { $url = $realDestination . '?' . $queryString; } else { $url = $realDestination . '&' . $queryString; } $t = new SimpleSAML_XHTML_Template($globalConfig, 'httpredirect-debug.php'); $t->data['url'] = $url; $t->data['message'] = htmlspecialchars($message); $t->show(); exit; case 'POST':
if (!array_key_exists('id', $_GET)) { $t = new SimpleSAML_XHTML_Template($config, 'aggregator:list.php'); $t->data['sources'] = $aggregators->getOptions(); $t->show(); exit; } $id = $_GET['id']; if (!in_array($id, $aggregators->getOptions())) { throw new SimpleSAML_Error_NotFound('No aggregator with id ' . var_export($id, TRUE) . ' found.'); } $aConfig = $aggregators->getConfigItem($id); $aggregator = new sspmod_aggregator_Aggregator($gConfig, $aConfig, $id); if (isset($_REQUEST['set'])) { $aggregator->limitSets($_REQUEST['set']); } if (isset($_REQUEST['exclude'])) { $aggregator->exclude($_REQUEST['exclude']); } $xml = $aggregator->getMetadataDocument(); $mimetype = 'application/samlmetadata+xml'; $allowedmimetypes = array('text/plain', 'application/samlmetadata-xml', 'application/xml'); if (isset($_GET['mimetype']) && in_array($_GET['mimetype'], $allowedmimetypes)) { $mimetype = $_GET['mimetype']; } if ($mimetype === 'text/plain') { SimpleSAML_Utilities::formatDOMElement($xml); } $metadata = '<?xml version="1.0"?>' . "\n" . $xml->ownerDocument->saveXML($xml); header('Content-Type: ' . $mimetype); header('Content-Length: ' . strlen($metadata)); echo $metadata;
} /* Make sure that the request isn't suspicious (contains references to current * directory or parent directory or anything like that. Searching for './' in the * URL will detect both '../' and './'. Searching for '\' will detect attempts to * use Windows-style paths. */ if (strpos($attributemap, '\\') !== FALSE) { throw new SimpleSAML_Error_BadRequest('Requested URL contained a backslash.'); } elseif (strpos($attributemap, './') !== FALSE) { throw new SimpleSAML_Error_BadRequest('Requested URL contained \'./\'.'); } $arp = new sspmod_aggregator_ARP($md, $attributemap, $prefix, $suffix); $arpxml = $arp->getXML(); $xml = new DOMDocument(); $xml->loadXML($arpxml); $firstelement = $xml->firstChild; if ($aggregator->shouldSign()) { $signinfo = $aggregator->getSigningInfo(); $signer = new SimpleSAML_XML_Signer($signinfo); $signer->sign($firstelement, $firstelement, $firstelement->firstChild); } $mimetype = 'application/samlmetadata-xml'; $allowedmimetypes = array('text/plain', 'application/samlmetadata-xml', 'application/xml'); if (isset($_GET['mimetype']) && in_array($_GET['mimetype'], $allowedmimetypes)) { $mimetype = $_GET['mimetype']; } if ($mimetype === 'text/plain') { SimpleSAML_Utilities::formatDOMElement($xml->documentElement); } header('Content-Type: ' . $mimetype); echo $xml->saveXML();