Executes a redirection to the provided url (or return the target url).
public static redirect ( string $url, array $parameters = [], boolean $stay = false ) : string | null | ||
$url | string | The target url |
$parameters | array | Extra parameters to be passed as part of the url |
$stay | boolean | True if we want to stay (returns the url string) False to redirect |
Результат | string | null | $url |
/** * Obtains the SSO URL containing the AuthRequest * message deflated. * * @param OneLogin_Saml2_Settings $settings Settings */ public function getRedirectUrl($returnTo = null) { $settings = $this->auth->getSettings(); $authnRequest = new OneLogin_Saml2_AuthnRequest($settings); $parameters = array('SAMLRequest' => $authnRequest->getRequest()); if (!empty($returnTo)) { $parameters['RelayState'] = $returnTo; } else { $parameters['RelayState'] = OneLogin_Saml2_Utils::getSelfURLNoQuery(); } $url = OneLogin_Saml2_Utils::redirect($this->auth->getSSOurl(), $parameters, true); return $url; }
/** * Tests the OneLogin_Saml2_LogoutRequest Constructor. * The creation of a deflated SAML Logout Request * * @covers OneLogin_Saml2_LogoutRequest */ public function testCreateDeflatedSAMLLogoutRequestURLParameter() { $logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings); $parameters = array('SAMLRequest' => $logoutRequest->getRequest()); $logoutUrl = OneLogin_Saml2_Utils::redirect('http://idp.example.com/SingleLogoutService.php', $parameters, true); $this->assertRegExp('#^http://idp\\.example\\.com\\/SingleLogoutService\\.php\\?SAMLRequest=#', $logoutUrl); parse_str(parse_url($logoutUrl, PHP_URL_QUERY), $exploded); // parse_url already urldecode de params so is not required. $payload = $exploded['SAMLRequest']; $decoded = base64_decode($payload); $inflated = gzinflate($decoded); $this->assertRegExp('#^<samlp:LogoutRequest#', $inflated); }
/** * Tests the OneLogin_Saml2_LogoutResponse Constructor. * The creation of a deflated SAML Logout Response * * @covers OneLogin_Saml2_LogoutResponse */ public function testCreateDeflatedSAMLLogoutResponseURLParameter() { $inResponseTo = 'ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e'; $responseBuilder = new OneLogin_Saml2_LogoutResponse($this->_settings); $responseBuilder->build($inResponseTo); $parameters = array('SAMLResponse' => $responseBuilder->getResponse()); $logoutUrl = OneLogin_Saml2_Utils::redirect('http://idp.example.com/SingleLogoutService.php', $parameters, true); $this->assertRegExp('#^http://idp\\.example\\.com\\/SingleLogoutService\\.php\\?SAMLResponse=#', $logoutUrl); parse_str(parse_url($logoutUrl, PHP_URL_QUERY), $exploded); // parse_url already urldecode de params so is not required. $payload = $exploded['SAMLResponse']; $decoded = base64_decode($payload); $inflated = gzinflate($decoded); $this->assertRegExp('#^<samlp:LogoutResponse#', $inflated); }
/** * Tests the OneLogin_Saml2_AuthnRequest Constructor. * The creation of a deflated SAML Request * * @covers OneLogin_Saml2_AuthnRequest */ public function testCreateEncSAMLRequest() { $settingsDir = TEST_ROOT . '/settings/'; include $settingsDir . 'settings1.php'; $settingsInfo['organization'] = array('es' => array('name' => 'sp_prueba', 'displayname' => 'SP prueba', 'url' => 'http://sp.example.com')); $settingsInfo['security']['wantNameIdEncrypted'] = true; $settings = new OneLogin_Saml2_Settings($settingsInfo); $authnRequest = new OneLogin_Saml2_AuthnRequest($settings); $parameters = array('SAMLRequest' => $authnRequest->getRequest()); $authUrl = OneLogin_Saml2_Utils::redirect('http://idp.example.com/SSOService.php', $parameters, true); $this->assertRegExp('#^http://idp\\.example\\.com\\/SSOService\\.php\\?SAMLRequest=#', $authUrl); parse_str(parse_url($authUrl, PHP_URL_QUERY), $exploded); // parse_url already urldecode de params so is not required. $payload = $exploded['SAMLRequest']; $decoded = base64_decode($payload); $message = gzinflate($decoded); $this->assertRegExp('#^<samlp:AuthnRequest#', $message); $this->assertRegExp('#AssertionConsumerServiceURL="http://stuff.com/endpoints/endpoints/acs.php">#', $message); $this->assertRegExp('#<saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>#', $message); $this->assertRegExp('#Format="urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted"#', $message); $this->assertRegExp('#ProviderName="SP prueba"#', $message); }
* When the user visits this URL, the browser will be redirected to the SSO * IdP with an authorization request. If successful, it will then be * redirected to the consume URL (specified in settings) with the auth * details. */ session_start(); require_once '../_toolkit_loader.php'; if (!isset($_SESSION['samlUserdata'])) { $settings = new OneLogin_Saml2_Settings(); $authRequest = new OneLogin_Saml2_AuthnRequest($settings); $samlRequest = $authRequest->getRequest(); $parameters = array('SAMLRequest' => $samlRequest); $parameters['RelayState'] = OneLogin_Saml2_Utils::getSelfURLNoQuery(); $idpData = $settings->getIdPData(); $ssoUrl = $idpData['singleSignOnService']['url']; $url = OneLogin_Saml2_Utils::redirect($ssoUrl, $parameters, true); header("Location: {$url}"); } else { if (!empty($_SESSION['samlUserdata'])) { $attributes = $_SESSION['samlUserdata']; echo 'You have the following attributes:<br>'; echo '<table><thead><th>Name</th><th>Values</th></thead><tbody>'; foreach ($attributes as $attributeName => $attributeValues) { echo '<tr><td>' . htmlentities($attributeName) . '</td><td><ul>'; foreach ($attributeValues as $attributeValue) { echo '<li>' . htmlentities($attributeValue) . '</li>'; } echo '</ul></td></tr>'; } echo '</tbody></table>'; } else {
/** * Tests the redirect method of the OneLogin_Saml2_Utils * * @covers OneLogin_Saml2_Utils::redirect */ public function testRedirect() { // Check relative and absolute $hostname = OneLogin_Saml2_Utils::getSelfHost(); $url = "http://{$hostname}/example"; $url2 = '/example'; $targetUrl = OneLogin_Saml2_Utils::redirect($url, array(), true); $targetUrl2 = OneLogin_Saml2_Utils::redirect($url2, array(), true); $this->assertEquals($targetUrl, $targetUrl2); // Check that accept http/https and reject other protocols $url3 = "https://{$hostname}/example?test=true"; $url4 = "ftp://{$hostname}/example"; $targetUrl3 = OneLogin_Saml2_Utils::redirect($url3, array(), true); try { $targetUrl4 = OneLogin_Saml2_Utils::redirect($url4, array(), true); $this->assertFalse(true); } catch (Exception $e) { $this->assertContains('Redirect to invalid URL', $e->getMessage()); } // Review parameter prefix $parameters1 = array('value1' => 'a'); $targetUrl5 = OneLogin_Saml2_Utils::redirect($url, $parameters1, true); $this->assertEquals("http://{$hostname}/example?value1=a", $targetUrl5); $targetUrl6 = OneLogin_Saml2_Utils::redirect($url3, $parameters1, true); $this->assertEquals("https://{$hostname}/example?test=true&value1=a", $targetUrl6); // Review parameters $parameters2 = array('alphavalue' => 'a', 'numvalue' => array('1', '2'), 'testing' => null); $targetUrl7 = OneLogin_Saml2_Utils::redirect($url, $parameters2, true); $this->assertEquals("http://{$hostname}/example?alphavalue=a&numvalue[]=1&numvalue[]=2&testing", $targetUrl7); }
/** * Redirects the user to the url past by parameter * or to the url that we defined in our SSO Request. * * @param string $url The target URL to redirect the user. * @param array $parameters Extra parameters to be passed as part of the url */ public function redirectTo($url = '', $parameters = array()) { assert('is_string($url)'); assert('is_array($parameters)'); if (empty($url) && isset($_REQUEST['RelayState'])) { $url = $_REQUEST['RelayState']; } return OneLogin_Saml2_Utils::redirect($url, $parameters); }
<?php /** * SAMPLE Code to demonstrate how to initiate a SAML Authorization request * * When the user visits this URL, the browser will be redirected to the SSO * IdP with an authorization request. If successful, it will then be * redirected to the consume URL (specified in settings) with the auth * details. */ session_start(); require_once '../_toolkit_loader.php'; $auth = new OneLogin_Saml2_Auth(); if (!isset($_SESSION['samlUserdata'])) { $auth->login(); } else { $indexUrl = str_replace('/sso.php', '/index.php', OneLogin_Saml2_Utils::getSelfURLNoQuery()); OneLogin_Saml2_Utils::redirect($indexUrl); }