/**
* Create a DiscoHints element.
*
* @param \DOMElement|null $xml The XML element we should load.
*/
public function __construct(\DOMElement $xml = null)
{
if ($xml === null) {
return;
}
$this->IPHint = Utils::extractStrings($xml, self::NS, 'IPHint');
$this->DomainHint = Utils::extractStrings($xml, self::NS, 'DomainHint');
$this->GeolocationHint = Utils::extractStrings($xml, self::NS, 'GeolocationHint');
foreach (Utils::xpQuery($xml, "./*[namespace-uri()!='" . self::NS . "']") as $node) {
$this->children[] = new Chunk($node);
}
}
/**
* Initialize an IDPSSODescriptor.
*
* @param \DOMElement|null $xml The XML element we should load.
* @throws \Exception
*/
public function __construct(\DOMElement $xml = null)
{
parent::__construct('md:AuthnAuthorityDescriptor', $xml);
if ($xml === null) {
return;
}
foreach (Utils::xpQuery($xml, './saml_metadata:AuthnQueryService') as $ep) {
$this->AuthnQueryService[] = new EndpointType($ep);
}
if (empty($this->AuthnQueryService)) {
throw new \Exception('Must have at least one AuthnQueryService in AuthnAuthorityDescriptor.');
}
foreach (Utils::xpQuery($xml, './saml_metadata:AssertionIDRequestService') as $ep) {
$this->AssertionIDRequestService[] = new EndpointType($ep);
}
$this->NameIDFormat = Utils::extractStrings($xml, Constants::NS_MD, 'NameIDFormat');
}
/**
* Initialize a SSODescriptor.
*
* @param string $elementName The name of this element.
* @param \DOMElement|null $xml The XML element we should load.
*/
protected function __construct($elementName, \DOMElement $xml = null)
{
assert('is_string($elementName)');
parent::__construct($elementName, $xml);
if ($xml === null) {
return;
}
foreach (Utils::xpQuery($xml, './saml_metadata:ArtifactResolutionService') as $ep) {
$this->ArtifactResolutionService[] = new IndexedEndpointType($ep);
}
foreach (Utils::xpQuery($xml, './saml_metadata:SingleLogoutService') as $ep) {
$this->SingleLogoutService[] = new EndpointType($ep);
}
foreach (Utils::xpQuery($xml, './saml_metadata:ManageNameIDService') as $ep) {
$this->ManageNameIDService[] = new EndpointType($ep);
}
$this->NameIDFormat = Utils::extractStrings($xml, Constants::NS_MD, 'NameIDFormat');
}
/**
* Initialize an IDPSSODescriptor.
*
* @param \DOMElement|null $xml The XML element we should load.
*/
public function __construct(\DOMElement $xml = null)
{
parent::__construct('md:IDPSSODescriptor', $xml);
if ($xml === null) {
return;
}
$this->WantAuthnRequestsSigned = Utils::parseBoolean($xml, 'WantAuthnRequestsSigned', null);
foreach (Utils::xpQuery($xml, './saml_metadata:SingleSignOnService') as $ep) {
$this->SingleSignOnService[] = new EndpointType($ep);
}
foreach (Utils::xpQuery($xml, './saml_metadata:NameIDMappingService') as $ep) {
$this->NameIDMappingService[] = new EndpointType($ep);
}
foreach (Utils::xpQuery($xml, './saml_metadata:AssertionIDRequestService') as $ep) {
$this->AssertionIDRequestService[] = new EndpointType($ep);
}
$this->AttributeProfile = Utils::extractStrings($xml, Constants::NS_MD, 'AttributeProfile');
foreach (Utils::xpQuery($xml, './saml_assertion:Attribute') as $a) {
$this->Attribute[] = new Attribute($a);
}
}
/**
* Parse AuthnContext in AuthnStatement.
*
* @param \DOMElement $authnStatementEl
* @throws \Exception
*/
private function parseAuthnContext(\DOMElement $authnStatementEl)
{
// Get the AuthnContext element
$authnContexts = Utils::xpQuery($authnStatementEl, './saml_assertion:AuthnContext');
if (count($authnContexts) > 1) {
throw new \Exception('More than one <saml:AuthnContext> in <saml:AuthnStatement>.');
} elseif (empty($authnContexts)) {
throw new \Exception('Missing required <saml:AuthnContext> in <saml:AuthnStatement>.');
}
$authnContextEl = $authnContexts[0];
// Get the AuthnContextDeclRef (if available)
$authnContextDeclRefs = Utils::xpQuery($authnContextEl, './saml_assertion:AuthnContextDeclRef');
if (count($authnContextDeclRefs) > 1) {
throw new \Exception('More than one <saml:AuthnContextDeclRef> found?');
} elseif (count($authnContextDeclRefs) === 1) {
$this->setAuthnContextDeclRef(trim($authnContextDeclRefs[0]->textContent));
}
// Get the AuthnContextDecl (if available)
$authnContextDecls = Utils::xpQuery($authnContextEl, './saml_assertion:AuthnContextDecl');
if (count($authnContextDecls) > 1) {
throw new \Exception('More than one <saml:AuthnContextDecl> found?');
} elseif (count($authnContextDecls) === 1) {
$this->setAuthnContextDecl(new Chunk($authnContextDecls[0]));
}
// Get the AuthnContextClassRef (if available)
$authnContextClassRefs = Utils::xpQuery($authnContextEl, './saml_assertion:AuthnContextClassRef');
if (count($authnContextClassRefs) > 1) {
throw new \Exception('More than one <saml:AuthnContextClassRef> in <saml:AuthnContext>.');
} elseif (count($authnContextClassRefs) === 1) {
$this->setAuthnContextClassRef(trim($authnContextClassRefs[0]->textContent));
}
// Constraint from XSD: MUST have one of the three
if (empty($this->authnContextClassRef) && empty($this->authnContextDecl) && empty($this->authnContextDeclRef)) {
throw new \Exception('Missing either <saml:AuthnContextClassRef> or <saml:AuthnContextDeclRef> or <saml:AuthnContextDecl>');
}
$this->AuthenticatingAuthority = Utils::extractStrings($authnContextEl, Constants::NS_SAML, 'AuthenticatingAuthority');
}
/**
* Initialize a AffiliationDescriptor.
*
* @param \DOMElement|null $xml The XML element we should load.
* @throws \Exception
*/
public function __construct(\DOMElement $xml = null)
{
parent::__construct($xml);
if ($xml === null) {
return;
}
if (!$xml->hasAttribute('affiliationOwnerID')) {
throw new \Exception('Missing affiliationOwnerID on AffiliationDescriptor.');
}
$this->affiliationOwnerID = $xml->getAttribute('affiliationOwnerID');
if ($xml->hasAttribute('ID')) {
$this->ID = $xml->getAttribute('ID');
}
if ($xml->hasAttribute('validUntil')) {
$this->validUntil = Utils::xsDateTimeToTimestamp($xml->getAttribute('validUntil'));
}
if ($xml->hasAttribute('cacheDuration')) {
$this->cacheDuration = $xml->getAttribute('cacheDuration');
}
$this->Extensions = Extensions::getList($xml);
$this->AffiliateMember = Utils::extractStrings($xml, Constants::NS_MD, 'AffiliateMember');
if (empty($this->AffiliateMember)) {
throw new \Exception('Missing AffiliateMember in AffiliationDescriptor.');
}
foreach (Utils::xpQuery($xml, './saml_metadata:KeyDescriptor') as $kd) {
$this->KeyDescriptor[] = new KeyDescriptor($kd);
}
}
