/**
* @param ProfileContext $context
*/
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getOutboundContext());
$state = new RequestState();
$state->setId($message->getID());
$partyEntityId = $context->getPartyEntityContext() ? $context->getPartyEntityContext()->getEntityId() : '';
if ($context->getPartyEntityContext() && $context->getPartyEntityContext()->getEntityDescriptor()) {
$partyEntityId = $context->getPartyEntityContext()->getEntityDescriptor()->getEntityID();
}
$state->getParameters()->add([RequestStateParameters::ID => $message->getID(), RequestStateParameters::TYPE => get_class($message), RequestStateParameters::TIMESTAMP => $message->getIssueInstantTimestamp(), RequestStateParameters::PARTY => $partyEntityId, RequestStateParameters::RELAY_STATE => $message->getRelayState()]);
if ($message instanceof LogoutRequest) {
$state->getParameters()->add([RequestStateParameters::NAME_ID => $message->getNameID()->getValue(), RequestStateParameters::NAME_ID_FORMAT => $message->getNameID()->getFormat(), RequestStateParameters::SESSION_INDEX => $message->getSessionIndex()]);
}
$this->requestStore->set($state);
}
/**
* @param ProfileContext $context
*/
protected function doExecute(ProfileContext $context)
{
$partyContext = $context->getPartyEntityContext();
if ($partyContext->getEntityDescriptor() && $partyContext->getTrustOptions()) {
$this->logger->debug(sprintf('Party EntityDescriptor and TrustOptions already set for "%s"', $partyContext->getEntityDescriptor()->getEntityID()), LogHelper::getActionContext($context, $this, array('partyEntityId' => $partyContext->getEntityDescriptor()->getEntityID())));
return;
}
$entityId = $partyContext->getEntityDescriptor() ? $partyContext->getEntityDescriptor()->getEntityID() : null;
$entityId = $entityId ? $entityId : $partyContext->getEntityId();
if (null == $entityId) {
$message = 'EntityID is not set in the party context';
$this->logger->critical($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlContextException($context, $message);
}
if (null == $partyContext->getEntityDescriptor()) {
$partyEntityDescriptor = $this->getPartyEntityDescriptor($context, $context->getOwnRole() === ProfileContext::ROLE_IDP ? $this->spEntityDescriptorProvider : $this->idpEntityDescriptorProvider, $context->getPartyEntityContext()->getEntityId());
$partyContext->setEntityDescriptor($partyEntityDescriptor);
$this->logger->debug(sprintf('Known issuer resolved: "%s"', $partyEntityDescriptor->getEntityID()), LogHelper::getActionContext($context, $this, array('partyEntityId' => $partyEntityDescriptor->getEntityID())));
}
if (null == $partyContext->getTrustOptions()) {
$trustOptions = $this->trustOptionsProvider->get($partyContext->getEntityDescriptor()->getEntityID());
if (null === $trustOptions) {
$trustOptions = new TrustOptions();
}
$partyContext->setTrustOptions($trustOptions);
}
}
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getInboundContext());
if (null == $message->getIssuer()) {
throw new LightSamlContextException($context, 'Inbound messages does not have Issuer');
}
$context->getPartyEntityContext()->setEntityId($message->getIssuer()->getValue());
}
/**
* @param ProfileContext $context
*/
protected function doExecute(ProfileContext $context)
{
$partyContext = $context->getPartyEntityContext();
$partyEntityDescriptor = $this->getPartyEntityDescriptor($context);
$partyContext->setEntityId($partyEntityDescriptor->getEntityID())->setEntityDescriptor($partyEntityDescriptor);
$trustOptions = $this->trustOptionsProvider->get($partyContext->getEntityDescriptor()->getEntityID());
if (null === $trustOptions) {
$trustOptions = new TrustOptions();
}
$partyContext->setTrustOptions($trustOptions);
}
public function test_creates_default_trust_options_if_none_resolved()
{
$action = new ResolvePartyEntityIdAction($logger = TestHelper::getLoggerMock($this), $spEntityStore = $this->getEntityDescriptorStoreMock(), $idpEntityStore = $this->getEntityDescriptorStoreMock(), $trustOptionsStore = $this->getTrustOptionsStore());
$context = new ProfileContext(Profiles::SSO_SP_SEND_AUTHN_REQUEST, ProfileContext::ROLE_IDP);
$context->getPartyEntityContext()->setEntityDescriptor($entityDescriptor = (new EntityDescriptor())->setEntityID($entityId = 'http://localhost/id'));
$spEntityStore->expects($this->never())->method('get');
$idpEntityStore->expects($this->never())->method('get');
$trustOptionsStore->expects($this->once())->method('get')->with($entityId)->willReturn(null);
$action->execute($context);
$this->assertNotNull($context->getPartyEntityContext()->getTrustOptions());
$this->assertNotNull($context->getPartyEntityContext()->getEntityDescriptor());
}
public function test_calls_session_processor()
{
$action = new SpSsoStateAction(TestHelper::getLoggerMock($this), $sessionProcessorMock = $this->getSessionProcessorMock());
$context = new ProfileContext(Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST, ProfileContext::ROLE_IDP);
$context->getInboundContext()->setMessage($response = new Response());
$response->addAssertion($assertion1 = new Assertion());
$response->addAssertion($assertion2 = new Assertion());
$context->getOwnEntityContext()->setEntityDescriptor(new EntityDescriptor($ownEntityId = 'http://own.entity.id'));
$context->getPartyEntityContext()->setEntityDescriptor(new EntityDescriptor($partyEntityId = 'http://party.id'));
$sessionProcessorMock->expects($this->once())->method('processAssertions')->with($this->isType('array'), $ownEntityId, $partyEntityId)->willReturnCallback(function (array $assertions, $ownId, $partyId) use($assertion1, $assertion2) {
$this->assertSame($assertion1, $assertions[0]);
$this->assertSame($assertion2, $assertions[1]);
});
$action->execute($context);
}
public function test__get_trust_options_returns_from_context()
{
$profileContext = new ProfileContext(Profiles::METADATA, ProfileContext::ROLE_IDP);
$profileContext->getPartyEntityContext()->setTrustOptions($expectedValue = new TrustOptions());
$this->assertSame($expectedValue, $profileContext->getTrustOptions());
}
