$spMetadata = $source->getMetadata();
if (array_key_exists('SAMLart', $_REQUEST)) {
if (!isset($state['saml:idp'])) {
/* Unsolicited response. */
throw new SimpleSAML_Error_Exception('IdP initiated authentication not supported with the SAML 1.1 SAMLart protocol.');
}
$idpMetadata = $source->getIdPMetadata($state['saml:idp']);
$responseXML = SimpleSAML_Bindings_Shib13_Artifact::receive($spMetadata, $idpMetadata);
$isValidated = TRUE;
/* Artifact binding validated with ssl certificate. */
} elseif (array_key_exists('SAMLResponse', $_REQUEST)) {
$responseXML = $_REQUEST['SAMLResponse'];
$responseXML = base64_decode($responseXML);
$isValidated = FALSE;
/* Must check signature on response. */
} else {
assert('FALSE');
}
$response = new SimpleSAML_XML_Shib13_AuthnResponse();
$response->setXML($responseXML);
$response->setMessageValidated($isValidated);
$response->validate();
$responseIssuer = $response->getIssuer();
$attributes = $response->getAttributes();
if (isset($state['saml:idp']) && $responseIssuer !== $state['saml:idp']) {
throw new SimpleSAML_Error_Exception('The issuer of the response wasn\'t the destination of the request.');
}
$logoutState = array('saml:logout:Type' => 'saml1');
$state['LogoutState'] = $logoutState;
$source->handleResponse($state, $responseIssuer, $attributes);
assert('FALSE');
