/** * Send a SAML 2 message using the HTTP-POST binding. * * Note: This function never returns. * * @param SAML2_Message $message The message we should send. */ public function send(SAML2_Message $message) { if ($this->destination === NULL) { $destination = $message->getDestination(); } else { $destination = $this->destination; } $relayState = $message->getRelayState(); $msgStr = $message->toSignedXML(); $msgStr = $msgStr->ownerDocument->saveXML($msgStr); SimpleSAML_Utilities::debugMessage($msgStr, 'out'); $msgStr = base64_encode($msgStr); $msgStr = htmlspecialchars($msgStr); if ($message instanceof SAML2_Request) { $msgType = 'SAMLRequest'; } else { $msgType = 'SAMLResponse'; } $destination = htmlspecialchars($destination); if ($relayState !== NULL) { $relayState = '<input type="hidden" name="RelayState" value="' . htmlspecialchars($relayState) . '">'; } else { $relayState = ''; } $out = <<<END <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>POST data</title> </head> <body onload="document.forms[0].submit()"> <noscript> <p><strong>Note:</strong> Since your browser does not support JavaScript, you must press the button below once to proceed.</p> </noscript> <form method="post" action="{$destination}"> <input type="hidden" name="{$msgType}" value="{$msgStr}" /> {$relayState} <noscript><input type="submit" value="Submit" /></noscript> </form> </body> </html> END; echo $out; exit(0); }
/** * Create the redirect URL for a message. * * @param SAML2_Message $message The message. * @return string The URL the user should be redirected to in order to send a message. * @throws Exception */ public function getRedirectURL(SAML2_Message $message) { $store = SimpleSAML_Store::getInstance(); if ($store === FALSE) { throw new Exception('Unable to send artifact without a datastore configured.'); } $generatedId = pack('H*', (string) SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(20))); $artifact = base64_encode("" . sha1($message->getIssuer(), TRUE) . $generatedId); $artifactData = $message->toUnsignedXML(); $artifactDataString = $artifactData->ownerDocument->saveXML($artifactData); $store->set('artifact', $artifact, $artifactDataString, time() + 15 * 60); $params = array('SAMLart' => $artifact); $relayState = $message->getRelayState(); if ($relayState !== NULL) { $params['RelayState'] = $relayState; } return SimpleSAML_Utilities::addURLparameter($message->getDestination(), $params); }
/** * Create the redirect URL for a message. * * @param SAML2_Message $message The message. * @return string The URL the user should be redirected to in order to send a message. */ public function getRedirectURL(SAML2_Message $message) { if ($this->destination === NULL) { $destination = $message->getDestination(); } else { $destination = $this->destination; } $relayState = $message->getRelayState(); $key = $message->getSignatureKey(); $msgStr = $message->toUnsignedXML(); $msgStr = $msgStr->ownerDocument->saveXML($msgStr); SimpleSAML_Utilities::debugMessage($msgStr, 'out'); $msgStr = gzdeflate($msgStr); $msgStr = base64_encode($msgStr); /* Build the query string. */ if ($message instanceof SAML2_Request) { $msg = 'SAMLRequest='; } else { $msg = 'SAMLResponse='; } $msg .= urlencode($msgStr); if ($relayState !== NULL) { $msg .= '&RelayState=' . urlencode($relayState); } if ($key !== NULL) { /* Add the signature. */ $msg .= '&SigAlg=' . urlencode(XMLSecurityKey::RSA_SHA1); $signature = $key->signData($msg); $msg .= '&Signature=' . urlencode(base64_encode($signature)); } if (strpos($destination, '?') === FALSE) { $destination .= '?' . $msg; } else { $destination .= '&' . $msg; } return $destination; }
/** * Send a SAML 2 message using the HTTP-POST binding. * * Note: This function never returns. * * @param SAML2_Message $message The message we should send. */ public function send(SAML2_Message $message) { if ($this->destination === NULL) { $destination = $message->getDestination(); } else { $destination = $this->destination; } $relayState = $message->getRelayState(); $msgStr = $message->toSignedXML(); $msgStr = $msgStr->ownerDocument->saveXML($msgStr); SAML2_Utils::getContainer()->debugMessage($msgStr, 'out'); $msgStr = base64_encode($msgStr); if ($message instanceof SAML2_Request) { $msgType = 'SAMLRequest'; } else { $msgType = 'SAMLResponse'; } $post = array(); $post[$msgType] = $msgStr; if ($relayState !== NULL) { $post['RelayState'] = $relayState; } SAML2_Utils::getContainer()->postRedirect($destination, $post); }