/**
* Detect Implicit VOs and annotate the Authn Request if they are detected
*
* Heinous abuse of the filter functionality.
*
* @param array $entities
* @throws EngineBlock_Exception
*/
protected function _annotateRequestWithImplicitVo(array $entities)
{
$request = $this->_getRequestInstance();
$spEntityId = $request['saml:Issuer']['__v'];
if (!isset($entities[$spEntityId]['VoContext']) || !$entities[$spEntityId]['VoContext']) {
return $entities;
}
$implicitVo = $entities[$spEntityId]['VoContext'];
// If we ALSO have an explicit VO
if (isset($request[Corto_XmlToArray::PRIVATE_PFX][EngineBlock_Corto_CoreProxy::VO_CONTEXT_PFX])) {
$explicitVo = $request[Corto_XmlToArray::PRIVATE_PFX][EngineBlock_Corto_CoreProxy::VO_CONTEXT_PFX];
// Check if they are unequal (no explicit VO or the same VO is okay)
if (!$implicitVo !== $explicitVo) {
throw new EngineBlock_Exception('Explicit VO does not match implicit VO!');
}
}
// Annotate and store the request
$request[Corto_XmlToArray::PRIVATE_PFX]['VoContextImplicit'] = $implicitVo;
$this->_proxyServer->getBindingsModule()->registerInternalBindingMessage('SAMLRequest', $request);
return $entities;
}
