/**
* Constructor for SAML 2 response messages.
*
* @param string $tagName The tag name of the root element.
* @param \DOMElement|null $xml The input message.
* @throws \Exception
*/
protected function __construct($tagName, \DOMElement $xml = null)
{
parent::__construct($tagName, $xml);
$this->status = array('Code' => Constants::STATUS_SUCCESS, 'SubCode' => null, 'Message' => null);
if ($xml === null) {
return;
}
if ($xml->hasAttribute('InResponseTo')) {
$this->inResponseTo = $xml->getAttribute('InResponseTo');
}
$status = Utils::xpQuery($xml, './saml_protocol:Status');
if (empty($status)) {
throw new \Exception('Missing status code on response.');
}
$status = $status[0];
$statusCode = Utils::xpQuery($status, './saml_protocol:StatusCode');
if (empty($statusCode)) {
throw new \Exception('Missing status code in status element.');
}
$statusCode = $statusCode[0];
$this->status['Code'] = $statusCode->getAttribute('Value');
$subCode = Utils::xpQuery($statusCode, './saml_protocol:StatusCode');
if (!empty($subCode)) {
$this->status['SubCode'] = $subCode[0]->getAttribute('Value');
}
$message = Utils::xpQuery($status, './saml_protocol:StatusMessage');
if (!empty($message)) {
$this->status['Message'] = trim($message[0]->textContent);
}
}
public function testMarshalling()
{
$attributeQuery = new AttributeQuery();
$attributeQuery->setNameID(array('Value' => 'NameIDValue'));
$attributeQuery->setAttributes(array('test1' => array('test1_attrv1', 'test1_attrv2'), 'test2' => array('test2_attrv1', 'test2_attrv2', 'test2_attrv3'), 'test3' => array()));
$attributeQueryElement = $attributeQuery->toUnsignedXML();
// Test Attribute Names
$attributes = Utils::xpQuery($attributeQueryElement, './saml_assertion:Attribute');
$this->assertCount(3, $attributes);
$this->assertEquals('test1', $attributes[0]->getAttribute('Name'));
$this->assertEquals('test2', $attributes[1]->getAttribute('Name'));
$this->assertEquals('test3', $attributes[2]->getAttribute('Name'));
// Test Attribute Values for Attribute 1
$av1 = Utils::xpQuery($attributes[0], './saml_assertion:AttributeValue');
$this->assertCount(2, $av1);
$this->assertEquals('test1_attrv1', $av1[0]->textContent);
$this->assertEquals('test1_attrv2', $av1[1]->textContent);
// Test Attribute Values for Attribute 2
$av2 = Utils::xpQuery($attributes[1], './saml_assertion:AttributeValue');
$this->assertCount(3, $av2);
$this->assertEquals('test2_attrv1', $av2[0]->textContent);
$this->assertEquals('test2_attrv2', $av2[1]->textContent);
$this->assertEquals('test2_attrv3', $av2[2]->textContent);
// Test Attribute Values for Attribute 3
$av3 = Utils::xpQuery($attributes[2], './saml_assertion:AttributeValue');
$this->assertCount(0, $av3);
}
public function __construct(\DOMElement $xml = null)
{
parent::__construct('ArtifactResolve', $xml);
if (!is_null($xml)) {
$results = Utils::xpQuery($xml, './saml_protocol:Artifact');
$this->artifact = $results[0]->textContent;
}
}
public function testMarshalling()
{
$response = new Response();
$response->setConsent(Constants::CONSENT_EXPLICIT);
$response->setIssuer('SomeIssuer');
$responseElement = $response->toUnsignedXML();
$this->assertTrue($responseElement->hasAttribute('Consent'));
$this->assertEquals($responseElement->getAttribute('Consent'), Constants::CONSENT_EXPLICIT);
$issuerElements = Utils::xpQuery($responseElement, './saml_assertion:Issuer');
$this->assertCount(1, $issuerElements);
$this->assertEquals('SomeIssuer', $issuerElements[0]->textContent);
}
/**
* Test querying a SAML XML document.
*/
public function testXpQuery()
{
$aq = new AttributeQuery();
$aq->setNameID(array('Value' => 'NameIDValue', 'Format' => 'SomeNameIDFormat', 'NameQualifier' => 'OurNameQualifier', 'SPNameQualifier' => 'TheSPNameQualifier'));
$xml = $aq->toUnsignedXML();
$nameID = Utils::xpQuery($xml, './saml_assertion:Subject/saml_assertion:NameID');
$this->assertTrue(count($nameID) === 1);
$this->assertEquals('SomeNameIDFormat', $nameID[0]->getAttribute("Format"));
$this->assertEquals('OurNameQualifier', $nameID[0]->getAttribute("NameQualifier"));
$this->assertEquals('TheSPNameQualifier', $nameID[0]->getAttribute("SPNameQualifier"));
$this->assertEquals('NameIDValue', $nameID[0]->textContent);
}
/**
* Receive a SAML 2 message sent using the HTTP-POST binding.
*
* Throws an exception if it is unable receive the message.
*
* @return \SAML2\Message The received message.
* @throws \Exception
*/
public function receive()
{
$postText = file_get_contents('php://input');
if (empty($postText)) {
throw new \Exception('Invalid message received to AssertionConsumerService endpoint.');
}
$document = DOMDocumentFactory::fromString($postText);
$xml = $document->firstChild;
Utils::getContainer()->debugMessage($xml, 'in');
$results = Utils::xpQuery($xml, '/soap-env:Envelope/soap-env:Body/*[1]');
return Message::fromXML($results[0]);
}
public function testMarshalling()
{
$response = new Response();
$response->setStatus(array('Code' => 'OurStatusCode', 'SubCode' => 'OurSubStatusCode', 'Message' => 'OurMessageText'));
$responseElement = $response->toUnsignedXML();
$statusElements = Utils::xpQuery($responseElement, './saml_protocol:Status');
$this->assertCount(1, $statusElements);
$statusCodeElements = Utils::xpQuery($statusElements[0], './saml_protocol:StatusCode');
$this->assertCount(1, $statusCodeElements);
$this->assertEquals('OurStatusCode', $statusCodeElements[0]->getAttribute("Value"));
$nestedStatusCodeElements = Utils::xpQuery($statusCodeElements[0], './saml_protocol:StatusCode');
$this->assertCount(1, $nestedStatusCodeElements);
$this->assertEquals('OurSubStatusCode', $nestedStatusCodeElements[0]->getAttribute("Value"));
$statusMessageElements = Utils::xpQuery($statusElements[0], './saml_protocol:StatusMessage');
$this->assertCount(1, $statusMessageElements);
$this->assertEquals('OurMessageText', $statusMessageElements[0]->textContent);
}
public function __construct(\DOMElement $xml = null)
{
parent::__construct('ArtifactResponse', $xml);
if (!is_null($xml)) {
$status = Utils::xpQuery($xml, './saml_protocol:Status');
assert('!empty($status)');
/* Will have failed during StatusResponse parsing. */
$status = $status[0];
for ($any = $status->nextSibling; $any !== null; $any = $any->nextSibling) {
if ($any instanceof \DOMElement) {
$this->any = $any;
break;
}
/* Ignore comments and text nodes. */
}
}
}
/**
* Parse subject in query.
*
* @param \DOMElement $xml The SubjectQuery XML element.
* @throws \Exception
*/
private function parseSubject(\DOMElement $xml)
{
$subject = Utils::xpQuery($xml, './saml_assertion:Subject');
if (empty($subject)) {
/* No Subject node. */
throw new \Exception('Missing subject in subject query.');
} elseif (count($subject) > 1) {
throw new \Exception('More than one <saml:Subject> in <saml:Assertion>.');
}
$subject = $subject[0];
$nameId = Utils::xpQuery($subject, './saml_assertion:NameID');
if (empty($nameId)) {
throw new \Exception('Missing <saml:NameID> in <saml:Subject>.');
} elseif (count($nameId) > 1) {
throw new \Exception('More than one <saml:NameID> in <saml:Subject>.');
}
$nameId = $nameId[0];
$this->nameId = Utils::parseNameId($nameId);
}
/**
* Constructor for SAML 2 attribute query messages.
*
* @param \DOMElement|null $xml The input message.
* @throws \Exception
*/
public function __construct(\DOMElement $xml = null)
{
parent::__construct('AttributeQuery', $xml);
$this->attributes = array();
$this->nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
if ($xml === null) {
return;
}
$firstAttribute = true;
$attributes = Utils::xpQuery($xml, './saml_assertion:Attribute');
foreach ($attributes as $attribute) {
if (!$attribute->hasAttribute('Name')) {
throw new \Exception('Missing name on <saml:Attribute> element.');
}
$name = $attribute->getAttribute('Name');
if ($attribute->hasAttribute('NameFormat')) {
$nameFormat = $attribute->getAttribute('NameFormat');
} else {
$nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
}
if ($firstAttribute) {
$this->nameFormat = $nameFormat;
$firstAttribute = false;
} else {
if ($this->nameFormat !== $nameFormat) {
$this->nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
}
}
if (!array_key_exists($name, $this->attributes)) {
$this->attributes[$name] = array();
}
$values = Utils::xpQuery($attribute, './saml_assertion:AttributeValue');
foreach ($values as $value) {
$this->attributes[$name][] = trim($value->textContent);
}
}
}
public function testEncryptedNameId()
{
$logoutRequest = new LogoutRequest();
$logoutRequest->setNameID(array('Value' => 'NameIDValue'));
$logoutRequest->encryptNameId(CertificatesMock::getPublicKey());
$logoutRequestElement = $logoutRequest->toUnsignedXML();
$this->assertCount(1, Utils::xpQuery($logoutRequestElement, './saml_assertion:EncryptedID/xenc:EncryptedData'));
}
