/** * Initialize the helper class. * * @param \DOMElement|null $xml The XML element which may be signed. */ protected function __construct(\DOMElement $xml = null) { $this->certificates = array(); $this->validators = array(); if ($xml === null) { return; } /* Validate the signature element of the message. */ try { $sig = Utils::validateElement($xml); if ($sig !== false) { $this->certificates = $sig['Certificates']; $this->validators[] = array('Function' => array('\\SAML2\\Utils', 'validateSignature'), 'Data' => $sig); } } catch (\Exception $e) { /* Ignore signature validation errors. */ } }
/** * Initialize a message. * * This constructor takes an optional parameter with a \DOMElement. If this * parameter is given, the message will be initialized with data from that * XML element. * * If no XML element is given, the message is initialized with suitable * default values. * * @param string $tagName The tag name of the root element. * @param \DOMElement|null $xml The input message. * @throws \Exception */ protected function __construct($tagName, \DOMElement $xml = null) { assert('is_string($tagName)'); $this->tagName = $tagName; $this->id = Utils::getContainer()->generateId(); $this->issueInstant = Temporal::getTime(); $this->certificates = array(); $this->validators = array(); if ($xml === null) { return; } if (!$xml->hasAttribute('ID')) { throw new \Exception('Missing ID attribute on SAML message.'); } $this->id = $xml->getAttribute('ID'); if ($xml->getAttribute('Version') !== '2.0') { /* Currently a very strict check. */ throw new \Exception('Unsupported version: ' . $xml->getAttribute('Version')); } $this->issueInstant = Utils::xsDateTimeToTimestamp($xml->getAttribute('IssueInstant')); if ($xml->hasAttribute('Destination')) { $this->destination = $xml->getAttribute('Destination'); } if ($xml->hasAttribute('Consent')) { $this->consent = $xml->getAttribute('Consent'); } $issuer = Utils::xpQuery($xml, './saml_assertion:Issuer'); if (!empty($issuer)) { $this->issuer = trim($issuer[0]->textContent); } /* Validate the signature element of the message. */ try { $sig = Utils::validateElement($xml); if ($sig !== false) { $this->messageContainedSignatureUponConstruction = true; $this->certificates = $sig['Certificates']; $this->validators[] = array('Function' => array('\\SAML2\\Utils', 'validateSignature'), 'Data' => $sig); } } catch (\Exception $e) { /* Ignore signature validation errors. */ } $this->extensions = Extensions::getList($xml); }
/** * Validate the signature element of a SAML message, and configure this object appropriately to perform the * signature verification afterwards. * * Please note this method does NOT verify the signature, it just validates the signature construction and prepares * this object to do the verification. * * @param \DOMElement $xml The SAML message whose signature we want to validate. */ private function validateSignature(\DOMElement $xml) { try { /** @var null|\DOMAttr $signatureMethod */ $signatureMethod = Utils::xpQuery($xml, './ds:Signature/ds:SignedInfo/ds:SignatureMethod/@Algorithm'); $sig = Utils::validateElement($xml); if ($sig !== false) { $this->messageContainedSignatureUponConstruction = true; $this->certificates = $sig['Certificates']; $this->validators[] = array('Function' => array('\\SAML2\\Utils', 'validateSignature'), 'Data' => $sig); $this->signatureMethod = $signatureMethod[0]->value; } } catch (\Exception $e) { // ignore signature validation errors } }
/** * Parse signature on assertion. * * @param \DOMElement $xml The assertion XML element. */ private function parseSignature(\DOMElement $xml) { /** @var null|\DOMAttr $signatureMethod */ $signatureMethod = Utils::xpQuery($xml, './ds:Signature/ds:SignedInfo/ds:SignatureMethod/@Algorithm'); /* Validate the signature element of the message. */ $sig = Utils::validateElement($xml); if ($sig !== false) { $this->wasSignedAtConstruction = true; $this->certificates = $sig['Certificates']; $this->signatureData = $sig; $this->signatureMethod = $signatureMethod[0]->value; } }
/** * Parse signature on assertion. * * @param \DOMElement $xml The assertion XML element. */ private function parseSignature(\DOMElement $xml) { /* Validate the signature element of the message. */ $sig = Utils::validateElement($xml); if ($sig !== false) { $this->wasSignedAtConstruction = true; $this->certificates = $sig['Certificates']; $this->signatureData = $sig; } }