Exemplo n.º 1
0
 /**
  * Test the extractPersistentAuthState() function.
  */
 public function testExtractPersistentAuthState()
 {
     $mandatory = array('Attributes' => array(), 'Expire' => 1234, 'LogoutState' => 'logoutState', 'AuthInstant' => 123456, 'RememberMe' => true, 'saml:sp:NameID' => 'nameID');
     // check just mandatory parameters
     $state = $mandatory;
     $expected = $mandatory;
     $this->assertEquals($expected, SimpleSAML_Auth_State::extractPersistentAuthState($state), 'Mandatory state attributes did not survive as expected' . print_r($expected, true));
     // check missing mandatory parameters
     unset($state['LogoutState']);
     unset($state['RememberMe']);
     $expected = $state;
     $this->assertEquals($expected, SimpleSAML_Auth_State::extractPersistentAuthState($state), 'Some error occurred with missing mandatory parameters');
     // check additional non-persistent parameters
     $additional = array('additional1' => 1, 'additional2' => 2);
     $state = array_merge($mandatory, $additional);
     $expected = $mandatory;
     $this->assertEquals($expected, SimpleSAML_Auth_State::extractPersistentAuthState($state), 'Additional parameters survived');
     // check additional persistent parameters
     $additional['PersistentAuthData'] = array('additional1');
     $state = array_merge($mandatory, $additional);
     $expected = $state;
     unset($expected['additional2']);
     unset($expected['PersistentAuthData']);
     $this->assertEquals($expected, SimpleSAML_Auth_State::extractPersistentAuthState($state), 'Some error occurred with additional, persistent parameters');
     // check only additional persistent parameters
     $state = $additional;
     $expected = $state;
     unset($expected['additional2']);
     unset($expected['PersistentAuthData']);
     $this->assertEquals($expected, SimpleSAML_Auth_State::extractPersistentAuthState($state), 'Some error occurred with additional, persistent parameters, and no mandatory ones');
 }
Exemplo n.º 2
0
 /**
  * @deprecated This method will be removed in SSP 2.0.
  */
 public static function loginCompleted($state)
 {
     assert('is_array($state)');
     assert('array_key_exists("SimpleSAML_Auth_Default.Return", $state)');
     assert('array_key_exists("SimpleSAML_Auth_Default.id", $state)');
     assert('array_key_exists("Attributes", $state)');
     assert('!array_key_exists("LogoutState", $state) || is_array($state["LogoutState"])');
     $return = $state['SimpleSAML_Auth_Default.Return'];
     /* Save session state. */
     $session = SimpleSAML_Session::getSessionFromRequest();
     $authId = $state['SimpleSAML_Auth_Default.id'];
     $state = SimpleSAML_Auth_State::extractPersistentAuthState($state);
     $session->doLogin($authId, $state);
     if (is_string($return)) {
         /* Redirect... */
         \SimpleSAML\Utils\HTTP::redirectTrustedURL($return);
     } else {
         call_user_func($return, $state);
         assert('FALSE');
     }
 }
Exemplo n.º 3
0
 /**
  * Handle an unsolicited login operations.
  *
  * This method creates a session from the information received. It will then redirect to the given URL. This is used
  * to handle IdP initiated SSO. This method will never return.
  *
  * @param string $authId The id of the authentication source that received the request.
  * @param array $state A state array.
  * @param string $redirectTo The URL we should redirect the user to after updating the session. The function will
  * check if the URL is allowed, so there is no need to manually check the URL on beforehand. Please refer to the
  * 'trusted.url.domains' configuration directive for more information about allowing (or disallowing) URLs.
  */
 public static function handleUnsolicitedAuth($authId, array $state, $redirectTo)
 {
     assert('is_string($authId)');
     assert('is_string($redirectTo)');
     $session = SimpleSAML_Session::getSessionFromRequest();
     $session->doLogin($authId, SimpleSAML_Auth_State::extractPersistentAuthState($state));
     \SimpleSAML\Utils\HTTP::redirectUntrustedURL($redirectTo);
 }