/** * @param \Symfony\Component\HttpFoundation\Request $request * @throws \RuntimeException * @throws \InvalidArgumentException if cannot manage the Request * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null */ public function manage(Request $request) { if (!$this->supports($request)) { throw new \InvalidArgumentException('Unsupported request'); } $logoutRequest = $this->receiveRequest($request); $serviceInfo = $this->getServiceInfo($logoutRequest); $this->validateLogoutRequest($serviceInfo, $logoutRequest); $arrStates = $this->getSSOState($serviceInfo, $logoutRequest->getNameID()->getValue(), $logoutRequest->getSessionIndex()); $this->deleteSSOState($arrStates); $logoutResponse = new LogoutResponse(); $logoutResponse->setID(Helper::generateID()); $logoutResponse->setIssuer($serviceInfo->getSpProvider()->getEntityDescriptor()->getEntityID()); $logoutResponse->setInResponseTo($logoutRequest->getID()); $arrSLO = $serviceInfo->getIdpProvider()->getEntityDescriptor()->getFirstIdpSsoDescriptor()->findSingleLogoutServices(); /** @var $slo SingleLogoutService */ $slo = array_pop($arrSLO); $logoutResponse->setDestination($slo->getLocation()); $status = new Status(); $status->setSuccess(); $logoutResponse->setStatus($status); $context = new SerializationContext(); $logoutResponse->getXml($context->getDocument(), $context); $xml = $context->getDocument()->saveXML(); return new Response($xml, 200, array('Content-Type' => 'application/xml')); }
/** * @return AuthnRequest */ public function build() { $result = new AuthnRequest(); $edSP = $this->getEdSP(); $result->setID(Helper::generateID()); $result->setDestination($this->getDestination()); $result->setIssueInstant(time()); $asc = $this->getAssertionConsumerService(); $result->setAssertionConsumerServiceURL($asc->getLocation()); $result->setProtocolBinding($asc->getBinding()); $result->setIssuer($edSP->getEntityID()); if ($this->spMeta->getNameIdFormat()) { $result->setNameIdPolicyFormat($this->spMeta->getNameIdFormat()); } return $result; }
/** * @param \Symfony\Component\HttpFoundation\Request $request * @throws \RuntimeException * @throws \InvalidArgumentException if cannot manage the Request * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null */ public function manage(Request $request) { if (!$this->supports($request)) { throw new \InvalidArgumentException('Unsupported request'); } $logoutRequest = $this->receiveRequest($request); $serviceInfo = $this->getServiceInfo($logoutRequest, $request); $this->validateLogoutRequest($serviceInfo, $logoutRequest); $arrStates = $this->getSSOState($serviceInfo, $logoutRequest->getNameID()->getValue(), $logoutRequest->getSessionIndex()); $this->deleteSSOState($arrStates); $logoutResponse = new LogoutResponse(); $logoutResponse->setID(Helper::generateID()); $logoutResponse->setIssuer($serviceInfo->getSpProvider()->getEntityDescriptor()->getEntityID()); $logoutResponse->setInResponseTo($logoutRequest->getID()); $logoutResponse->setRelayState($logoutRequest->getRelayState()); $arrSLO = $serviceInfo->getIdpProvider()->getEntityDescriptor()->getFirstIdpSsoDescriptor()->findSingleLogoutServices(); /** @var $slo SingleLogoutService */ $slo = array_pop($arrSLO); $logoutResponse->setDestination($slo->getLocation()); $status = new Status(); $status->setSuccess(); $logoutResponse->setStatus($status); // Log the user out $request->getSession()->invalidate(); $this->securityContext->setToken(null); // Return the response to SLO Service $bindingType = $serviceInfo->getSpMetaProvider()->getSpMeta()->getResponseBinding(); if ($bindingType) { $detector = new BindingDetector(); $binding = $detector->instantiate($bindingType); } else { $binding = new HttpRedirect(); } $bindingResponse = $binding->send($logoutResponse); if ($bindingResponse instanceof PostResponse) { return new Response($bindingResponse->render()); } else { if ($bindingResponse instanceof RedirectResponse) { return new RedirectResponse($bindingResponse->getDestination()); } else { $context = new SerializationContext(); $logoutResponse->getXml($context->getDocument(), $context); $xml = $context->getDocument()->saveXML(); return new Response($xml, 200, array('Content-Type' => 'application/xml')); } } }
/** * @param string $nameIDValue * @param string|null $nameIDFormat * @param string|null $sessionIndex * @param string|null $reason * @return LogoutRequest */ public function build($nameIDValue, $nameIDFormat = null, $sessionIndex = null, $reason = null) { $result = new LogoutRequest(); $edSP = $this->getEdSP(); $result->setID(Helper::generateID()); $result->setDestination($this->getDestination()); $result->setIssueInstant(time()); if ($reason) { $result->setReason($reason); } if ($sessionIndex) { $result->setSessionIndex($sessionIndex); } $nameID = new NameID(); $nameID->setValue($nameIDValue); if ($nameIDFormat) { $nameID->setFormat($nameIDFormat); } $result->setNameID($nameID); $result->setIssuer($edSP->getEntityID()); return $result; }
protected function prepareForXml() { if (!$this->getID()) { $this->setId(Helper::generateID()); } if (!$this->getIssueInstant()) { $this->setIssueInstant(time()); } if (!$this->getIssuer()) { throw new InvalidAssertionException('Issuer not set in Assertion'); } if (!$this->getSubject()) { throw new InvalidAssertionException('Subject not set in Assertion'); } if (!$this->getNotBefore()) { $this->setNotBefore(time()); } if (!$this->getNotOnOrAfter()) { $this->setNotOnOrAfter(time()); } if (!$this->getAuthnStatement()) { $this->setAuthnStatement(new AuthnStatement()); } }