예제 #1
0
 /**
  * Retrieve the assertion.
  *
  * @param  XMLSecurityKey  $inputKey  The key we should use to decrypt the assertion.
  * @param  array           $blacklist Blacklisted decryption algorithms.
  * @return \SAML2\Assertion The decrypted assertion.
  */
 public function getAssertion(XMLSecurityKey $inputKey, array $blacklist = array())
 {
     $assertionXML = Utils::decryptElement($this->encryptedData, $inputKey, $blacklist);
     Utils::getContainer()->debugMessage($assertionXML, 'decrypt');
     return new Assertion($assertionXML);
 }
예제 #2
0
 /**
  * Decrypt the assertion attributes.
  *
  * @param XMLSecurityKey $key
  * @param array $blacklist
  * @throws \Exception
  */
 public function decryptAttributes(XMLSecurityKey $key, array $blacklist = array())
 {
     if ($this->encryptedAttributes === null) {
         return;
     }
     $firstAttribute = true;
     $attributes = $this->encryptedAttributes;
     foreach ($attributes as $attributeEnc) {
         /*Decrypt node <EncryptedAttribute>*/
         $attribute = Utils::decryptElement($attributeEnc->getElementsByTagName('EncryptedData')->item(0), $key, $blacklist);
         if (!$attribute->hasAttribute('Name')) {
             throw new \Exception('Missing name on <saml:Attribute> element.');
         }
         $name = $attribute->getAttribute('Name');
         if ($attribute->hasAttribute('NameFormat')) {
             $nameFormat = $attribute->getAttribute('NameFormat');
         } else {
             $nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
         }
         if ($firstAttribute) {
             $this->nameFormat = $nameFormat;
             $firstAttribute = false;
         } else {
             if ($this->nameFormat !== $nameFormat) {
                 $this->nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
             }
         }
         if (!array_key_exists($name, $this->attributes)) {
             $this->attributes[$name] = array();
         }
         $this->parseAttributeValue($attribute, $name);
     }
 }
예제 #3
0
 /**
  * Decrypt the NameId of the subject in the assertion.
  *
  * @param XMLSecurityKey $key       The decryption key.
  * @param array          $blacklist Blacklisted decryption algorithms.
  */
 public function decryptNameId(XMLSecurityKey $key, array $blacklist = array())
 {
     if ($this->encryptedNameId === null) {
         /* No NameID to decrypt. */
         return;
     }
     $nameId = Utils::decryptElement($this->encryptedNameId, $key, $blacklist);
     Utils::getContainer()->debugMessage($nameId, 'decrypt');
     $this->nameId = Utils::parseNameId($nameId);
     $this->encryptedNameId = null;
 }