/** * @param ServiceInfo $serviceInfo * @param string $nameID * @param string $sessionIndex * @return SSOState[] */ protected function getSSOState(ServiceInfo $serviceInfo, $nameID, $sessionIndex) { if ($sessionIndex) { $result = array(); $state = $this->ssoStore->getOneByNameIDSessionIndex($serviceInfo->getProviderID(), $serviceInfo->getAuthenticationService(), $nameID, $sessionIndex); if ($state) { $result[] = $state; } } else { $result = $this->ssoStore->getAllByNameID($serviceInfo->getProviderID(), $serviceInfo->getAuthenticationService(), $nameID); } return $result; }
/** * @param LogoutRequest $request * @param ServiceInfo $serviceInfo * @return RequestState */ protected function createRequestState(LogoutRequest $request, ServiceInfo $serviceInfo) { $state = new RequestState(); $state->setId($request->getID()); $state->setDestination($serviceInfo->getIdpProvider()->getEntityDescriptor()->getEntityID()); $this->requestStateStore->set($state); return $state; }
/** * @test */ public function shouldAllowGetSpSigningProviderWithValueFromConstructor() { $si = new ServiceInfo($expectedProviderID = 'main', $expectedIDPID = 'idp', $expectedSPProvider = $this->createEntityDescriptorProviderMock(), $expectedIDPProvider = $this->createEntityDescriptorProviderMock(), $expectedSPMeta = $this->createSpMetaProviderMock(), $expectedSigning = $this->createSPSigningProviderMock()); $this->assertEquals($expectedSigning, $si->getSpSigningProvider()); }
/** * @param \AerialShip\SamlSPBundle\Config\ServiceInfo $serviceInfo * @param LogoutRequest $logoutRequest * @throws \RuntimeException */ protected function validateLogoutRequest(ServiceInfo $serviceInfo, LogoutRequest $logoutRequest) { $idp = $serviceInfo->getIdpProvider()->getEntityDescriptor(); $keyDescriptors = $idp->getFirstIdpSsoDescriptor()->getKeyDescriptors(); if (empty($keyDescriptors)) { throw new \RuntimeException('IDP must support signing for logout requests'); } /** @var $signature SignatureValidatorInterface */ $signature = $logoutRequest->getSignature(); if (!$signature) { throw new \RuntimeException('Logout request must be signed'); } $keys = array(); foreach ($keyDescriptors as $keyDescriptor) { $key = KeyHelper::createPublicKey($keyDescriptor->getCertificate()); $keys[] = $key; } $signature->validateMulti($keys); }
/** * @param \AerialShip\SamlSPBundle\Config\ServiceInfo $metaProvider * @return null|\XMLSecurityKey */ protected function getSigningKey(ServiceInfo $metaProvider) { $result = null; $edIDP = $metaProvider->getIdpProvider()->getEntityDescriptor(); if ($edIDP) { $arr = $edIDP->getAllIdpSsoDescriptors(); if ($arr) { $idp = $arr[0]; $arr = $idp->findKeyDescriptors('signing'); if ($arr) { $keyDescriptor = $arr[0]; $certificate = $keyDescriptor->getCertificate(); $result = KeyHelper::createPublicKey($certificate); } } } return $result; }