/** * @param ProfileContext $context */ protected function doExecute(ProfileContext $context) { $message = MessageContextHelper::asSamlMessage($context->getOutboundContext()); $state = new RequestState(); $state->setId($message->getID()); $partyEntityId = $context->getPartyEntityContext() ? $context->getPartyEntityContext()->getEntityId() : ''; if ($context->getPartyEntityContext() && $context->getPartyEntityContext()->getEntityDescriptor()) { $partyEntityId = $context->getPartyEntityContext()->getEntityDescriptor()->getEntityID(); } $state->getParameters()->add([RequestStateParameters::ID => $message->getID(), RequestStateParameters::TYPE => get_class($message), RequestStateParameters::TIMESTAMP => $message->getIssueInstantTimestamp(), RequestStateParameters::PARTY => $partyEntityId, RequestStateParameters::RELAY_STATE => $message->getRelayState()]); if ($message instanceof LogoutRequest) { $state->getParameters()->add([RequestStateParameters::NAME_ID => $message->getNameID()->getValue(), RequestStateParameters::NAME_ID_FORMAT => $message->getNameID()->getFormat(), RequestStateParameters::SESSION_INDEX => $message->getSessionIndex()]); } $this->requestStore->set($state); }
/** * @param ProfileContext $context */ protected function doExecute(ProfileContext $context) { $partyContext = $context->getPartyEntityContext(); if ($partyContext->getEntityDescriptor() && $partyContext->getTrustOptions()) { $this->logger->debug(sprintf('Party EntityDescriptor and TrustOptions already set for "%s"', $partyContext->getEntityDescriptor()->getEntityID()), LogHelper::getActionContext($context, $this, array('partyEntityId' => $partyContext->getEntityDescriptor()->getEntityID()))); return; } $entityId = $partyContext->getEntityDescriptor() ? $partyContext->getEntityDescriptor()->getEntityID() : null; $entityId = $entityId ? $entityId : $partyContext->getEntityId(); if (null == $entityId) { $message = 'EntityID is not set in the party context'; $this->logger->critical($message, LogHelper::getActionErrorContext($context, $this)); throw new LightSamlContextException($context, $message); } if (null == $partyContext->getEntityDescriptor()) { $partyEntityDescriptor = $this->getPartyEntityDescriptor($context, $context->getOwnRole() === ProfileContext::ROLE_IDP ? $this->spEntityDescriptorProvider : $this->idpEntityDescriptorProvider, $context->getPartyEntityContext()->getEntityId()); $partyContext->setEntityDescriptor($partyEntityDescriptor); $this->logger->debug(sprintf('Known issuer resolved: "%s"', $partyEntityDescriptor->getEntityID()), LogHelper::getActionContext($context, $this, array('partyEntityId' => $partyEntityDescriptor->getEntityID()))); } if (null == $partyContext->getTrustOptions()) { $trustOptions = $this->trustOptionsProvider->get($partyContext->getEntityDescriptor()->getEntityID()); if (null === $trustOptions) { $trustOptions = new TrustOptions(); } $partyContext->setTrustOptions($trustOptions); } }
protected function doExecute(ProfileContext $context) { $message = MessageContextHelper::asSamlMessage($context->getInboundContext()); if (null == $message->getIssuer()) { throw new LightSamlContextException($context, 'Inbound messages does not have Issuer'); } $context->getPartyEntityContext()->setEntityId($message->getIssuer()->getValue()); }
/** * @param ProfileContext $context */ protected function doExecute(ProfileContext $context) { $partyContext = $context->getPartyEntityContext(); $partyEntityDescriptor = $this->getPartyEntityDescriptor($context); $partyContext->setEntityId($partyEntityDescriptor->getEntityID())->setEntityDescriptor($partyEntityDescriptor); $trustOptions = $this->trustOptionsProvider->get($partyContext->getEntityDescriptor()->getEntityID()); if (null === $trustOptions) { $trustOptions = new TrustOptions(); } $partyContext->setTrustOptions($trustOptions); }
public function test_creates_default_trust_options_if_none_resolved() { $action = new ResolvePartyEntityIdAction($logger = TestHelper::getLoggerMock($this), $spEntityStore = $this->getEntityDescriptorStoreMock(), $idpEntityStore = $this->getEntityDescriptorStoreMock(), $trustOptionsStore = $this->getTrustOptionsStore()); $context = new ProfileContext(Profiles::SSO_SP_SEND_AUTHN_REQUEST, ProfileContext::ROLE_IDP); $context->getPartyEntityContext()->setEntityDescriptor($entityDescriptor = (new EntityDescriptor())->setEntityID($entityId = 'http://localhost/id')); $spEntityStore->expects($this->never())->method('get'); $idpEntityStore->expects($this->never())->method('get'); $trustOptionsStore->expects($this->once())->method('get')->with($entityId)->willReturn(null); $action->execute($context); $this->assertNotNull($context->getPartyEntityContext()->getTrustOptions()); $this->assertNotNull($context->getPartyEntityContext()->getEntityDescriptor()); }
public function test_calls_session_processor() { $action = new SpSsoStateAction(TestHelper::getLoggerMock($this), $sessionProcessorMock = $this->getSessionProcessorMock()); $context = new ProfileContext(Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST, ProfileContext::ROLE_IDP); $context->getInboundContext()->setMessage($response = new Response()); $response->addAssertion($assertion1 = new Assertion()); $response->addAssertion($assertion2 = new Assertion()); $context->getOwnEntityContext()->setEntityDescriptor(new EntityDescriptor($ownEntityId = 'http://own.entity.id')); $context->getPartyEntityContext()->setEntityDescriptor(new EntityDescriptor($partyEntityId = 'http://party.id')); $sessionProcessorMock->expects($this->once())->method('processAssertions')->with($this->isType('array'), $ownEntityId, $partyEntityId)->willReturnCallback(function (array $assertions, $ownId, $partyId) use($assertion1, $assertion2) { $this->assertSame($assertion1, $assertions[0]); $this->assertSame($assertion2, $assertions[1]); }); $action->execute($context); }
public function test__get_trust_options_returns_from_context() { $profileContext = new ProfileContext(Profiles::METADATA, ProfileContext::ROLE_IDP); $profileContext->getPartyEntityContext()->setTrustOptions($expectedValue = new TrustOptions()); $this->assertSame($expectedValue, $profileContext->getTrustOptions()); }