*/ if (array_key_exists('idpdisco.url', $spmetadata)) { $discservice = $spmetadata['idpdisco.url']; } elseif ($config->getString('idpdisco.url.shib13', NULL) !== NULL) { $discservice = $config->getString('idpdisco.url.shib13'); } else { $discservice = '/' . $config->getBaseURL() . 'shib13/sp/idpdisco.php'; } SimpleSAML_Utilities::redirect($discservice, array('entityID' => $spentityid, 'return' => SimpleSAML_Utilities::selfURL(), 'returnIDParam' => 'idpentityid')); } try { $ar = new SimpleSAML_XML_Shib13_AuthnRequest(); $ar->setIssuer($spentityid); if (isset($_GET['RelayState'])) { $ar->setRelayState($_GET['RelayState']); } SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: SP (' . $spentityid . ') is sending AuthNRequest to IdP (' . $idpentityid . ')'); $url = $ar->createRedirect($idpentityid); SimpleSAML_Utilities::redirect($url); } catch (Exception $exception) { throw new SimpleSAML_Error_Error('CREATEREQUEST', $exception); } } else { $relaystate = $session->getRelayState(); if (isset($relaystate) && !empty($relaystate)) { SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: Already Authenticated, Go back to RelayState'); SimpleSAML_Utilities::redirect($relaystate); } else { throw new SimpleSAML_Error_Error('NORELAYSTATE'); } }
/** * Send a SAML1 SSO request to an IdP. * * @param SimpleSAML_Configuration $idpMetadata The metadata of the IdP. * @param array $state The state array for the current authentication. */ private function startSSO1(SimpleSAML_Configuration $idpMetadata, array $state) { $idpEntityId = $idpMetadata->getString('entityid'); $state['saml:idp'] = $idpEntityId; $ar = new SimpleSAML_XML_Shib13_AuthnRequest(); $ar->setIssuer($this->entityId); $id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso'); $ar->setRelayState($id); $useArtifact = $idpMetadata->getBoolean('saml1.useartifact', NULL); if ($useArtifact === NULL) { $useArtifact = $this->metadata->getBoolean('saml1.useartifact', FALSE); } if ($useArtifact) { $shire = SimpleSAML\Module::getModuleURL('saml/sp/saml1-acs.php/' . $this->authId . '/artifact'); } else { $shire = SimpleSAML\Module::getModuleURL('saml/sp/saml1-acs.php/' . $this->authId); } $url = $ar->createRedirect($idpEntityId, $shire); SimpleSAML\Logger::debug('Starting SAML 1 SSO to ' . var_export($idpEntityId, TRUE) . ' from ' . var_export($this->entityId, TRUE) . '.'); \SimpleSAML\Utils\HTTP::redirectTrustedURL($url); }