Exemplo n.º 1
0
 /**
  * @param \Symfony\Component\HttpFoundation\Request $request
  * @throws \InvalidArgumentException if cannot manage the Request
  * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo
  */
 public function manage(Request $request)
 {
     if (false == $this->supports($request)) {
         throw new \InvalidArgumentException('Unsupported request');
     }
     $serviceInfo = $this->serviceInfoCollection->findByAS($request->query->get('as'));
     if (!$serviceInfo) {
         return new RedirectResponse($this->httpUtils->generateUri($request, $request->attributes->get('discovery_path')));
     }
     $serviceInfo->getSpProvider()->setRequest($request);
     $spED = $serviceInfo->getSpProvider()->getEntityDescriptor();
     $idpED = $serviceInfo->getIdpProvider()->getEntityDescriptor();
     $spMeta = $serviceInfo->getSpMetaProvider()->getSpMeta();
     $builder = new AuthnRequestBuilder($spED, $idpED, $spMeta);
     $message = $builder->build();
     if ($serviceInfo->getSpSigningProvider()->isEnabled()) {
         $message->sign($serviceInfo->getSpSigningProvider()->getCertificate(), $serviceInfo->getSpSigningProvider()->getPrivateKey());
     }
     $binding = $this->bindingManager->instantiate($spMeta->getAuthnRequestBinding());
     $bindingResponse = $binding->send($message);
     if ($bindingResponse instanceof \AerialShip\LightSaml\Binding\RedirectResponse) {
         $result = new RedirectResponse($bindingResponse->getDestination());
     } else {
         if ($bindingResponse instanceof \AerialShip\LightSaml\Binding\PostResponse) {
             $result = new Response($bindingResponse->render());
         } else {
             throw new \RuntimeException('Unrecognized binding response ' . get_class($bindingResponse));
         }
     }
     $state = new RequestState();
     $state->setId($message->getID());
     $state->setDestination($serviceInfo->getIdpProvider()->getEntityDescriptor()->getEntityID());
     $this->requestStore->set($state);
     return $result;
 }
 /**
  * @dataProvider provider
  */
 public function testAuthnRequestBuilder($name, array $idpData, array $spData, array $spMetaData, $expectedSendUrl, $expectedResponseType, $expectedReceiveUrl, $expectedReceiveBinding, $expectedException = null, $expectedExceptionMessage = '')
 {
     if ($expectedException) {
         $this->setExpectedException($expectedException, $expectedExceptionMessage);
     }
     $idp = new IdpSsoDescriptor();
     foreach ($idpData as $data) {
         $idp->addService(new SingleSignOnService($data['binding'], $data['url']));
     }
     $edIDP = new EntityDescriptor('idp');
     $edIDP->addItem($idp);
     $sp = new SpSsoDescriptor();
     foreach ($spData as $data) {
         $sp->addService(new AssertionConsumerService($data['binding'], $data['url']));
     }
     $edSP = new EntityDescriptor('sp');
     $edSP->addItem($sp);
     $spMeta = new SpMeta();
     foreach ($spMetaData as $name => $value) {
         $spMeta->{$name}($value);
     }
     $builder = new AuthnRequestBuilder($edSP, $edIDP, $spMeta);
     $message = $builder->build();
     $response = $builder->send($message);
     $this->assertStringStartsWith($expectedSendUrl, $response->getDestination(), $name);
     $this->assertInstanceOf($expectedResponseType, $response, $name);
     $this->assertEquals($expectedReceiveUrl, $message->getAssertionConsumerServiceURL(), $name);
     $this->assertEquals($expectedReceiveBinding, $message->getProtocolBinding(), $name);
 }
 /**
  * @dataProvider provider
  */
 public function testAuthnRequestBuilder($name, array $idpData, array $spData, array $spMetaData, $expectedSendUrl, $expectedResponseType, $expectedReceiveUrl, $expectedReceiveBinding, $expectedException = null, $expectedExceptionMessage = '')
 {
     if ($expectedException) {
         $this->setExpectedException($expectedException, $expectedExceptionMessage);
     }
     $idp = new IdpSsoDescriptor();
     foreach ($idpData as $data) {
         $idp->addService(new SingleSignOnService($data['binding'], $data['url']));
     }
     $edIDP = new EntityDescriptor('idp');
     $edIDP->addItem($idp);
     $sp = new SpSsoDescriptor();
     foreach ($spData as $data) {
         $sp->addService(new AssertionConsumerService($data['binding'], $data['url']));
     }
     $edSP = new EntityDescriptor('sp');
     $edSP->addItem($sp);
     $spMeta = new SpMeta();
     foreach ($spMetaData as $name => $value) {
         $spMeta->{$name}($value);
     }
     // without signing
     $builder = new AuthnRequestBuilder($edSP, $edIDP, $spMeta);
     $message = $builder->build();
     $response = $builder->send($message);
     $this->assertStringStartsWith($expectedSendUrl, $response->getDestination(), $name);
     $this->assertInstanceOf($expectedResponseType, $response, $name);
     $this->assertEquals($expectedReceiveUrl, $message->getAssertionConsumerServiceURL(), $name);
     $this->assertEquals($expectedReceiveBinding, $message->getProtocolBinding(), $name);
     // with signing
     $signature = new SignatureCreator();
     $certificate = new X509Certificate();
     $certificate->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt');
     $key = new \XMLSecurityKey(\XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     $key->loadKey(__DIR__ . '/../../../../../resources/sample/Certificate/saml.pem', true);
     $signature->setCertificate($certificate);
     $signature->setXmlSecurityKey($key);
     $builder = new AuthnRequestBuilder($edSP, $edIDP, $spMeta, $signature);
     $message = $builder->build();
     $response = $builder->send($message);
     $this->assertStringStartsWith($expectedSendUrl, $response->getDestination(), $name);
     $this->assertInstanceOf($expectedResponseType, $response, $name);
     $this->assertEquals($expectedReceiveUrl, $message->getAssertionConsumerServiceURL(), $name);
     $this->assertEquals($expectedReceiveBinding, $message->getProtocolBinding(), $name);
 }
Exemplo n.º 4
0
 /**
  * @param string $sp
  * @param string $idp
  * @param SpMeta $spMeta
  * @return AuthnRequest
  * @throws \InvalidArgumentException
  */
 public static function buildAuthnRequestFromEntityDescriptors($sp, $idp, SpMeta $spMeta = null)
 {
     if (is_string($sp)) {
         $sp = self::getEntityDescriptorFromXmlFile($sp);
     } else {
         if (!$sp instanceof EntityDescriptor) {
             throw new \InvalidArgumentException('SP parameter must be instance of EntityDescriptor or string');
         }
     }
     if (is_string($idp)) {
         $idp = self::getEntityDescriptorFromXmlFile($idp);
     } else {
         if (!$idp instanceof EntityDescriptor) {
             throw new \InvalidArgumentException('IDP parameter must be instance of EntityDescriptor or string');
         }
     }
     if (!$spMeta) {
         $spMeta = new SpMeta();
         $spMeta->setNameIdFormat(NameIDPolicy::PERSISTENT);
     }
     $builder = new AuthnRequestBuilder($sp, $idp, $spMeta);
     $result = $builder->build();
     return $result;
 }