/** * @param EngineBlock_Http_Request $httpRequest * @return string * @throws Exception */ private function getParameterFromHttpRequest(EngineBlock_Http_Request $httpRequest) { $parameter = $httpRequest->getPostParameter('SAMLResponse'); if (empty($parameter)) { throw new Exception('No SAMLResponse parameter'); } return $parameter; }
protected function _bootstrapTranslations() { $translate = new Zend_Translate('Array', ENGINEBLOCK_FOLDER_ROOT . '/languages/en.php', 'en'); $translate->addTranslation(array('content' => ENGINEBLOCK_FOLDER_ROOT . '/languages/nl.php', 'locale' => 'nl')); // If the URL has &lang=nl in it or the lang var is posted, or a lang cookie was set, then use that locale $cookieLang = $this->_httpRequest->getCookie('lang'); $getLang = $this->_httpRequest->getQueryParameter('lang'); $postLang = $this->_httpRequest->getPostParameter('lang'); $lang = null; if ($getLang) { $lang = strtolower($getLang); } else { if ($postLang) { $lang = strtolower($postLang); } else { $lang = strtolower($cookieLang); } } $langCookieConfig = $this->getConfigurationValue('cookie')->lang; $cookieDomain = $langCookieConfig->domain; $cookieExpiry = null; if (isset($langCookieConfig->expiry) && $langCookieConfig->expiry > 0) { $cookieExpiry = time() + $langCookieConfig->expiry; } if ($lang && $translate->getAdapter()->isAvailable($lang)) { $translate->setLocale($lang); $this->_httpResponse->setCookie('lang', $lang, $cookieExpiry, '/', $cookieDomain); } else { $translate->setLocale('en'); $this->_httpResponse->setCookie('lang', 'en', $cookieExpiry, '/', $cookieDomain); } $this->_translator = $translate; }
public function testSendAuthenticationRequestWithoutIdP() { $application = EngineBlock_ApplicationSingleton::getInstance(); // Mock an authentication request $request = new EngineBlock_Http_Request(); $samlRequest = 'nZJBbxoxEIX%2Fysr33TUEsqwFSDSoKlLaoEBz6KXyrodgyR5vPbNp%2B%2B9rllShPXDIyfLMvOfnTzMn7' . 'V2nVj0f8RF%2B9ECc%2FfIOSQ2NhegjqqDJkkLtgRS3arf6fK%2FGhVRdDBza4MSF5LpCE0FkG1Bkm%2FVCfAeoG2kOlZzW41lz' . 'OwXZTCqoZ9royWwqD%2Bb2phrJCowU2RNESsqFSEZJTtTDBok1cirJkcxllY%2Fr%2FWiqbmo1mnwT2Tr9xqLmQXVk7kiVJTQFNAZ' . 'eCgQuvbZYksVnBzv7jA%2B4g%2FhiWxDZ6m%2FSu4DUe4ivna%2BP929eRAV1F3ZkfefghKH0wfQOiu7YlcOdzuc41y0NVQMH3TvO' . 'qRPZ9hXkB4smhbnOsDkPkfq032%2Fz7cNuL5bzk7camMTl%2B9J54ESd9X%2Fh5uWl9fy8Ll9SqM16G5xtf2cfQ%2FSar2c%2BVaz' . 'JD8Oo4qiRLCAnzM6Fn3cRNMNCcOxBlMvzk%2F8u5fIP'; $relayState = 'https%3A%2F%2Fss.sp.ebdev.net%2Fsimplesaml%2Fmodule.php%2Fcore%2Fauthenticate.php%3Fas%3Ddefault-sp'; $request->setQueryString('SAMLRequest=' . $samlRequest . '&RelayState=' . $relayState); $request->setHostName('test.engineblock.example.com'); $request->setProtocol(false); $application->setHttpRequest($request); // Initiate response object $response = new EngineBlock_Http_Response(); $application->setHttpResponse($response); // CALL CONTROLLER $controller = new Authentication_Controller_IdentityProvider('test', 'IdentityProvider'); $controller->singleSignOnAction(); // Try getting a Redirect URL from the response object $url = $response->getRedirectUrl(); $urlParsed = parse_url($url); $this->assertEquals("/authentication/proxy/wayf", $urlParsed['path'], "Calling SSO without IdP leads to redirect to WAYF"); }
protected function _bootstrapHttpCommunication() { $httpRequest = EngineBlock_Http_Request::createFromEnvironment(); $this->_application->getLogInstance()->info(sprintf('Handling incoming request: %s %s', $httpRequest->getMethod(), $httpRequest->getUri())); $this->_application->setHttpRequest($httpRequest); $response = new EngineBlock_Http_Response(); $response->setHeader('Strict-Transport-Security', 'max-age=15768000; includeSubDomains'); // workaround, P3P is needed to support iframes like iframe gadgets in portals $response->setHeader('P3P', self::P3P_HEADER); $this->_application->setHttpResponse($response); }
/** * This method takes the POST parameters of a request and returns * the GET parameters that can be used to reload the page. The * following transformations are done on the SAMLRequest value: * * - base64 decode * - gzip message * - base64 encode * * This allows the SSO service to use 'receiveMessageFromHttpRedirect' to * parse the message, while initially 'receiveMessageFromHttpPost' was used. * * @param EngineBlock_Http_Request $request * @return array $params */ protected static function _getQueryParametersFromPost(EngineBlock_Http_Request $request) { $params = $request->getPostParameters(); if (!empty($params['SAMLRequest'])) { $message = base64_decode($params['SAMLRequest']); $params['SAMLRequest'] = base64_encode(gzdeflate($message)); } return $params; }