/** * @param string $saml_request Base64 Encoded SAML * * @throws Exception When signature in invalid */ public function load_saml_request($saml_request) { $request_element = SAML2_DOMDocumentFactory::fromString(base64_decode($saml_request))->documentElement; $signature_info = SAML2_Utils::validateElement($request_element); SAML2_Utils::validateSignature($signature_info, $this->security_key); /** @var SAML2_LogoutRequest $request */ $request = SAML2_LogoutRequest::fromXML($request_element); $request->decryptNameId($this->security_key); $name_id = $request->getNameId(); $this->notOnOrAfter = $request->getNotOnOrAfter(); $this->name = $name_id ? $name_id['Value'] : null; $this->session_index = $request->getSessionIndex(); $this->destination = $request->getDestination(); }
/** * Build a logout request based on information in the metadata. * * @param SimpleSAML_Configuration $srcMetadata The metadata of the sender. * @param SimpleSAML_Configuration $dstpMetadata The metadata of the recipient. */ public static function buildLogoutRequest(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata) { $lr = new SAML2_LogoutRequest(); $lr->setIssuer($srcMetadata->getString('entityid')); self::addRedirectSign($srcMetadata, $dstMetadata, $lr); return $lr; }
public function testDecryptingNameId() { $logoutRequest = new SAML2_LogoutRequest($this->logoutRequestElement); $this->assertTrue($logoutRequest->isNameIdEncrypted()); $logoutRequest->decryptNameId(SAML2_CertificatesMock::getPrivateKey()); $nameId = $logoutRequest->getNameId(); $this->assertEquals('TheNameIDValue', $nameId['Value']); }
/** * Build a logout request based on information in the metadata. * * @param SimpleSAML_Configuration $srcMetadata The metadata of the sender. * @param SimpleSAML_Configuration $dstpMetadata The metadata of the recipient. */ public static function buildLogoutRequest(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata) { $dst = $dstMetadata->getDefaultEndpoint('SingleLogoutService', array(SAML2_Const::BINDING_HTTP_REDIRECT)); $dst = $dst['Location']; $lr = new SAML2_LogoutRequest(); $lr->setIssuer($srcMetadata->getString('entityid')); $lr->setDestination($dst); self::addRedirectSign($srcMetadata, $dstMetadata, $lr); return $lr; }