checkSAMLMessage() public static method

This function performs some sanity checks on XML documents, and optionally validates them against their schema if the 'validatexml' debugging option is enabled. A warning will be printed to the log if validation fails.
Author: Olav Morken, UNINETT AS (olav.morken@uninett.no)
Author: Jaime Perez, UNINETT AS (jaime.perez@uninett.no)
public static checkSAMLMessage ( string $message, string $type )
$message string The SAML document we want to check.
$type string The type of document. Can be one of: - 'saml20' - 'saml11' - 'saml-meta'
Exemplo n.º 1
0
 /**
  * Decode a received response.
  *
  * @param array $post  POST data received.
  * @return SimpleSAML_XML_Shib13_AuthnResponse  Response.
  */
 public function decodeResponse($post)
 {
     assert('is_array($post)');
     if (!array_key_exists('SAMLResponse', $post)) {
         throw new Exception('Missing required SAMLResponse parameter.');
     }
     $rawResponse = $post['SAMLResponse'];
     $samlResponseXML = base64_decode($rawResponse);
     \SimpleSAML\Utils\XML::debugSAMLMessage($samlResponseXML, 'in');
     \SimpleSAML\Utils\XML::checkSAMLMessage($samlResponseXML, 'saml11');
     $samlResponse = new SimpleSAML_XML_Shib13_AuthnResponse();
     $samlResponse->setXML($samlResponseXML);
     if (array_key_exists('TARGET', $post)) {
         $samlResponse->setRelayState($post['TARGET']);
     }
     return $samlResponse;
 }
<?php

require_once '../_include.php';
/* Make sure that the user has admin access rights. */
SimpleSAML\Utils\Auth::requireAdmin();
$config = SimpleSAML_Configuration::getInstance();
if (!empty($_FILES['xmlfile']['tmp_name'])) {
    $xmldata = file_get_contents($_FILES['xmlfile']['tmp_name']);
} elseif (array_key_exists('xmldata', $_POST)) {
    $xmldata = $_POST['xmldata'];
}
if (!empty($xmldata)) {
    \SimpleSAML\Utils\XML::checkSAMLMessage($xmldata, 'saml-meta');
    $entities = SimpleSAML_Metadata_SAMLParser::parseDescriptorsString($xmldata);
    /* Get all metadata for the entities. */
    foreach ($entities as &$entity) {
        $entity = array('shib13-sp-remote' => $entity->getMetadata1xSP(), 'shib13-idp-remote' => $entity->getMetadata1xIdP(), 'saml20-sp-remote' => $entity->getMetadata20SP(), 'saml20-idp-remote' => $entity->getMetadata20IdP());
    }
    /* Transpose from $entities[entityid][type] to $output[type][entityid]. */
    $output = SimpleSAML\Utils\Arrays::transpose($entities);
    /* Merge all metadata of each type to a single string which should be
     * added to the corresponding file.
     */
    foreach ($output as $type => &$entities) {
        $text = '';
        foreach ($entities as $entityId => $entityMetadata) {
            if ($entityMetadata === NULL) {
                continue;
            }
            /* Remove the entityDescriptor element because it is unused, and only
             * makes the output harder to read.
Exemplo n.º 3
0
 /**
  * @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\XML::checkSAMLMessage() instead.
  */
 public static function validateXMLDocument($message, $type)
 {
     \SimpleSAML\Utils\XML::checkSAMLMessage($message, $type);
 }