/** * Convert this AdditionalMetadataLocation to XML. * * @param \DOMElement $parent The element we should append to. * @return \DOMElement This AdditionalMetadataLocation-element. */ public function toXML(\DOMElement $parent) { assert('is_string($this->namespace)'); assert('is_string($this->location)'); $e = Utils::addString($parent, Constants::NS_MD, 'md:AdditionalMetadataLocation', $this->location); $e->setAttribute('namespace', $this->namespace); return $e; }
/** * Convert this ContactPerson to XML. * * @param \DOMElement $parent The element we should add this contact to. * @return \DOMElement The new ContactPerson-element. */ public function toXML(\DOMElement $parent) { assert('is_string($this->contactType)'); assert('is_array($this->Extensions)'); assert('is_null($this->Company) || is_string($this->Company)'); assert('is_null($this->GivenName) || is_string($this->GivenName)'); assert('is_null($this->SurName) || is_string($this->SurName)'); assert('is_array($this->EmailAddress)'); assert('is_array($this->TelephoneNumber)'); $doc = $parent->ownerDocument; $e = $doc->createElementNS(Constants::NS_MD, 'md:ContactPerson'); $parent->appendChild($e); $e->setAttribute('contactType', $this->contactType); Extensions::addList($e, $this->Extensions); if (isset($this->Company)) { Utils::addString($e, Constants::NS_MD, 'md:Company', $this->Company); } if (isset($this->GivenName)) { Utils::addString($e, Constants::NS_MD, 'md:GivenName', $this->GivenName); } if (isset($this->SurName)) { Utils::addString($e, Constants::NS_MD, 'md:SurName', $this->SurName); } if (!empty($this->EmailAddress)) { Utils::addStrings($e, Constants::NS_MD, 'md:EmailAddress', false, $this->EmailAddress); } if (!empty($this->TelephoneNumber)) { Utils::addStrings($e, Constants::NS_MD, 'md:TelephoneNumber', false, $this->TelephoneNumber); } return $e; }
/** * Convert this message to an unsigned XML document. * * This method does not sign the resulting XML document. * * @return \DOMElement The root element of the DOM tree. */ public function toUnsignedXML() { $this->document = DOMDocumentFactory::create(); $root = $this->document->createElementNS(Constants::NS_SAMLP, 'samlp:' . $this->tagName); $this->document->appendChild($root); /* Ugly hack to add another namespace declaration to the root element. */ $root->setAttributeNS(Constants::NS_SAML, 'saml:tmp', 'tmp'); $root->removeAttributeNS(Constants::NS_SAML, 'tmp'); $root->setAttribute('ID', $this->id); $root->setAttribute('Version', '2.0'); $root->setAttribute('IssueInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->issueInstant)); if ($this->destination !== null) { $root->setAttribute('Destination', $this->destination); } if ($this->consent !== null && $this->consent !== Constants::CONSENT_UNSPECIFIED) { $root->setAttribute('Consent', $this->consent); } if ($this->issuer !== null) { Utils::addString($root, Constants::NS_SAML, 'saml:Issuer', $this->issuer); } if (!empty($this->extensions)) { Extensions::addList($root, $this->extensions); } return $root; }
/** * Convert this KeyName element to XML. * * @param \DOMElement $parent The element we should append this KeyName element to. * @return \DOMElement */ public function toXML(\DOMElement $parent) { assert('is_string($this->name)'); return Utils::addString($parent, XMLSecurityDSig::XMLDSIGNS, 'ds:KeyName', $this->name); }
/** * Convert this X509Certificate element to XML. * * @param \DOMElement $parent The element we should append this X509Certificate element to. * @return \DOMElement */ public function toXML(\DOMElement $parent) { assert('is_string($this->certificate)'); return Utils::addString($parent, XMLSecurityDSig::XMLDSIGNS, 'ds:X509Certificate', $this->certificate); }
/** * Add a AuthnStatement-node to the assertion. * * @param \DOMElement $root The assertion element we should add the authentication statement to. */ private function addAuthnStatement(\DOMElement $root) { if ($this->authnInstant === null || $this->authnContextClassRef === null && $this->authnContextDecl === null && $this->authnContextDeclRef === null) { /* No authentication context or AuthnInstant => no authentication statement. */ return; } $document = $root->ownerDocument; $authnStatementEl = $document->createElementNS(Constants::NS_SAML, 'saml:AuthnStatement'); $root->appendChild($authnStatementEl); $authnStatementEl->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant)); if ($this->sessionNotOnOrAfter !== null) { $authnStatementEl->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter)); } if ($this->sessionIndex !== null) { $authnStatementEl->setAttribute('SessionIndex', $this->sessionIndex); } $authnContextEl = $document->createElementNS(Constants::NS_SAML, 'saml:AuthnContext'); $authnStatementEl->appendChild($authnContextEl); if (!empty($this->authnContextClassRef)) { Utils::addString($authnContextEl, Constants::NS_SAML, 'saml:AuthnContextClassRef', $this->authnContextClassRef); } if (!empty($this->authnContextDecl)) { $this->authnContextDecl->toXML($authnContextEl); } if (!empty($this->authnContextDeclRef)) { Utils::addString($authnContextEl, Constants::NS_SAML, 'saml:AuthnContextDeclRef', $this->authnContextDeclRef); } Utils::addStrings($authnContextEl, Constants::NS_SAML, 'saml:AuthenticatingAuthority', false, $this->AuthenticatingAuthority); }
/** * Create a NameID element. * * The NameId array can have the following elements: 'Value', 'Format', * 'NameQualifier, 'SPNameQualifier' * * Only the 'Value'-element is required. * * @param \DOMElement $node The DOM node we should append the NameId to. * @param array $nameId The name identifier. */ public static function addNameId(\DOMElement $node, array $nameId) { assert('array_key_exists("Value", $nameId)'); $xml = Utils::addString($node, Constants::NS_SAML, 'saml:NameID', $nameId['Value']); if (array_key_exists('NameQualifier', $nameId) && $nameId['NameQualifier'] !== null) { $xml->setAttribute('NameQualifier', $nameId['NameQualifier']); } if (array_key_exists('SPNameQualifier', $nameId) && $nameId['SPNameQualifier'] !== null) { $xml->setAttribute('SPNameQualifier', $nameId['SPNameQualifier']); } if (array_key_exists('Format', $nameId) && $nameId['Format'] !== null) { $xml->setAttribute('Format', $nameId['Format']); } }
/** * Convert this authentication request to an XML element. * * @return \DOMElement This authentication request. */ public function toUnsignedXML() { $root = parent::toUnsignedXML(); if ($this->forceAuthn) { $root->setAttribute('ForceAuthn', 'true'); } if ($this->ProviderName !== null) { $root->setAttribute('ProviderName', $this->ProviderName); } if ($this->isPassive) { $root->setAttribute('IsPassive', 'true'); } if ($this->assertionConsumerServiceIndex !== null) { $root->setAttribute('AssertionConsumerServiceIndex', $this->assertionConsumerServiceIndex); } else { if ($this->assertionConsumerServiceURL !== null) { $root->setAttribute('AssertionConsumerServiceURL', $this->assertionConsumerServiceURL); } if ($this->protocolBinding !== null) { $root->setAttribute('ProtocolBinding', $this->protocolBinding); } } if ($this->attributeConsumingServiceIndex !== null) { $root->setAttribute('AttributeConsumingServiceIndex', $this->attributeConsumingServiceIndex); } $this->addSubject($root); if (!empty($this->nameIdPolicy)) { $nameIdPolicy = $this->document->createElementNS(Constants::NS_SAMLP, 'NameIDPolicy'); if (array_key_exists('Format', $this->nameIdPolicy)) { $nameIdPolicy->setAttribute('Format', $this->nameIdPolicy['Format']); } if (array_key_exists('SPNameQualifier', $this->nameIdPolicy)) { $nameIdPolicy->setAttribute('SPNameQualifier', $this->nameIdPolicy['SPNameQualifier']); } if (array_key_exists('AllowCreate', $this->nameIdPolicy) && is_bool($this->nameIdPolicy['AllowCreate'])) { $nameIdPolicy->setAttribute('AllowCreate', $this->nameIdPolicy['AllowCreate'] ? 'true' : 'false'); } $root->appendChild($nameIdPolicy); } $rac = $this->requestedAuthnContext; if (!empty($rac) && !empty($rac['AuthnContextClassRef'])) { $e = $this->document->createElementNS(Constants::NS_SAMLP, 'RequestedAuthnContext'); $root->appendChild($e); if (isset($rac['Comparison']) && $rac['Comparison'] !== Constants::COMPARISON_EXACT) { $e->setAttribute('Comparison', $rac['Comparison']); } foreach ($rac['AuthnContextClassRef'] as $accr) { Utils::addString($e, Constants::NS_SAML, 'AuthnContextClassRef', $accr); } } if ($this->ProxyCount !== null || count($this->IDPList) > 0 || count($this->RequesterID) > 0) { $scoping = $this->document->createElementNS(Constants::NS_SAMLP, 'Scoping'); $root->appendChild($scoping); if ($this->ProxyCount !== null) { $scoping->setAttribute('ProxyCount', $this->ProxyCount); } if (count($this->IDPList) > 0) { $idplist = $this->document->createElementNS(Constants::NS_SAMLP, 'IDPList'); foreach ($this->IDPList as $provider) { $idpEntry = $this->document->createElementNS(Constants::NS_SAMLP, 'IDPEntry'); if (is_string($provider)) { $idpEntry->setAttribute('ProviderID', $provider); } elseif (is_array($provider)) { foreach ($provider as $attribute => $value) { if (in_array($attribute, array('ProviderID', 'Loc', 'Name'))) { $idpEntry->setAttribute($attribute, $value); } } } $idplist->appendChild($idpEntry); } $scoping->appendChild($idplist); } if (count($this->RequesterID) > 0) { Utils::addStrings($scoping, Constants::NS_SAMLP, 'RequesterID', false, $this->RequesterID); } } return $root; }
/** * Convert this logout request message to an XML element. * * @return \DOMElement This logout request. */ public function toUnsignedXML() { $root = parent::toUnsignedXML(); if ($this->notOnOrAfter !== null) { $root->setAttribute('NotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->notOnOrAfter)); } if ($this->encryptedNameId === null) { Utils::addNameId($root, $this->nameId); } else { $eid = $root->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:' . 'EncryptedID'); $root->appendChild($eid); $eid->appendChild($root->ownerDocument->importNode($this->encryptedNameId, true)); } foreach ($this->sessionIndexes as $sessionIndex) { Utils::addString($root, Constants::NS_SAMLP, 'SessionIndex', $sessionIndex); } return $root; }