/** * @param string $destinationUrl * @param string $assertionConsumerServiceURL * @param string $issuerUrl * @return SAML2_AuthnRequest */ public function create($destinationUrl, $assertionConsumerServiceURL, $issuerUrl) { $request = new SAML2_AuthnRequest(); $request->setDestination($destinationUrl); $request->setAssertionConsumerServiceURL($assertionConsumerServiceURL); $request->setIssuer($issuerUrl); $request->setProtocolBinding(SAML2_Const::BINDING_HTTP_POST); $request->setNameIdPolicy(array('Format' => SAML2_Const::NAMEID_TRANSIENT, 'AllowCreate' => true)); return $request; }
/** * Process unsolicited requests * * @return EngineBlock_Saml2_AuthnRequestAnnotationDecorator */ protected function _createUnsolicitedRequest() { // Entity ID as requested in GET parameters $entityId = !empty($_GET['sp-entity-id']) ? $_GET['sp-entity-id'] : null; // Request optional acs-* parameters $acsLocation = !empty($_GET['acs-location']) ? $_GET['acs-location'] : null; $acsIndex = !empty($_GET['acs-index']) ? $_GET['acs-index'] : null; $binding = !empty($_GET['acs-binding']) ? $_GET['acs-binding'] : null; // Requested relay state $relayState = !empty($_GET['RelayState']) ? $_GET['RelayState'] : null; $sspRequest = new SAML2_AuthnRequest(); $sspRequest->setId($this->_server->getNewId(IdFrame::ID_USAGE_SAML2_REQUEST)); $sspRequest->setIssuer($entityId); $sspRequest->setRelayState($relayState); if ($acsLocation) { $sspRequest->setAssertionConsumerServiceURL($acsLocation); $sspRequest->setProtocolBinding($binding); } if ($acsIndex) { $sspRequest->setAssertionConsumerServiceIndex($acsIndex); } $request = new EngineBlock_Saml2_AuthnRequestAnnotationDecorator($sspRequest); $request->setUnsolicited(); return $request; }
/** * launchkey_form - login form for wp-login.php * * @since 1.1.0 * * @param string $class A space separated list of classes to set on the "class" attribute of a containing DIV for the login button * @param string $id The value to set on the "id" attribute of a containing DIV for the login button * @param string $style A string of HTML style code tto set on the "style" attribute of a containing DIV for the login button */ public function launchkey_form($class = '', $id = '', $style = '') { if (isset($_GET['launchkey_error'])) { $this->wp_facade->_echo($this->template->render_template('error', array('error' => 'Error!', 'message' => 'The LaunchKey request was denied or an issue was detected during authentication. Please try again.'))); } elseif (isset($_GET['launchkey_ssl_error'])) { $this->wp_facade->_echo($this->template->render_template('error', array('error' => 'Error!', 'message' => 'There was an error trying to request the LaunchKey servers. If this persists you may need to disable SSL verification.'))); } elseif (isset($_GET['launchkey_security'])) { $this->wp_facade->_echo($this->template->render_template('error', array('error' => 'Error!', 'message' => 'There was a security issue detected and you have been logged out for your safety. Log back in to ensure a secure session.'))); } $container = SAML2_Utils::getContainer(); $request = new SAML2_AuthnRequest(); $request->setId($container->generateId()); //$request->setProviderName( parse_url( $this->wp_facade->home_url( '/' ), PHP_URL_HOST ) ); $request->setDestination($this->login_url); $request->setIssuer($this->entity_id); $request->setRelayState($this->wp_facade->admin_url()); $request->setAssertionConsumerServiceURL($this->wp_facade->wp_login_url()); $request->setProtocolBinding(SAML2_Const::BINDING_HTTP_POST); $request->setIsPassive(false); $request->setNameIdPolicy(array('Format' => SAML2_Const::NAMEID_PERSISTENT, 'AllowCreate' => true)); // Send it off using the HTTP-Redirect binding $binding = new SAML2_HTTPRedirect(); $binding->setDestination($this->login_url); $this->wp_facade->_echo($this->template->render_template('launchkey-form', array('class' => $class, 'id' => $id, 'style' => $style, 'login_url' => $binding->getRedirectURL($request), 'login_text' => 'Log in with', 'login_with_app_name' => 'LaunchKey', 'size' => in_array($this->wp_facade->get_locale(), array('fr_FR', 'es_ES')) ? 'small' : 'medium'))); }