SimpleSAML_Logger::debug('ERROR: NO AUTH STATE');
throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.');
} else {
$authStateId = $_REQUEST['AuthState'];
SimpleSAML_Logger::debug('AUTH STATE: ' . $authStateId);
}
$username = null;
$password = null;
$state = "validate";
if (array_key_exists('form', $_POST) && $_POST['form'] != NULL) {
if (array_key_exists('username', $_POST) && $_POST['username'] != NULL) {
if (array_key_exists('password', $_POST) && $_POST['password'] != NULL) {
//Validation: Username/Password
$username = $_POST['username'];
$password = $_POST['password'];
if (sspmod_InfoCard_UserFunctions::validateUser(array('username' => $username, 'password' => $password), 'UsernamePasswordCredential')) {
$userCredential = $autoconfig->getValue('UserCredential');
if (strcmp($userCredential, 'UsernamePasswordCredential') == 0) {
$ICconfig['InfoCard'] = $Infocard;
$ICconfig['InfoCard']['issuer'] = $autoconfig->getValue('tokenserviceurl');
//sspmod_InfoCard_Utils::getIssuer($sts_crt);
$ICconfig['tokenserviceurl'] = $autoconfig->getValue('tokenserviceurl');
$ICconfig['mexurl'] = $autoconfig->getValue('mexurl');
$ICconfig['sts_key'] = $autoconfig->getValue('sts_key');
$ICconfig['certificates'] = $autoconfig->getValue('certificates');
$ICconfig['UserCredential'] = $autoconfig->getValue('UserCredential');
$ICdata = sspmod_InfoCard_UserFunctions::fillICdata($username, $userCredential);
$IC = sspmod_InfoCard_STS::createCard($ICdata, $ICconfig);
header("Content-Disposition: attachment; filename=\"" . $ICdata['CardName'] . ".crd\"");
header('Content-Type: application/x-informationcard');
header('Content-Length:' . strlen($IC));
break;
case "SelfIssuedCredential":
//Obtener clave simétrica
$encKey = base64_decode($doc->getElementsByTagname('CipherValue')->item(0)->nodeValue);
$sts_key = $autoconfig->getValue('sts_key');
$privkey = openssl_pkey_get_private(file_get_contents($sts_key));
$key = NULL;
openssl_private_decrypt($encKey, $key, $privkey, OPENSSL_PKCS1_OAEP_PADDING);
openssl_free_key($privkey);
//Recuperar información
$encSamlToken = base64_decode($doc->getElementsByTagname('CipherValue')->item(1)->nodeValue);
$samlToken = decryptMcrypt($encSamlToken, $key);
SimpleSAML_Logger::debug('$samlToken' . $samlToken);
$ppid = getppid($samlToken);
SimpleSAML_Logger::debug('PPID: ' . $ppid);
if (sspmod_InfoCard_UserFunctions::validateUser(array('PPID' => $ppid), $ICconfig['UserCredential'])) {
$authenticated = true;
}
break;
default:
break;
}
$messageid = $doc->getElementsByTagname('MessageID')->item(0)->nodeValue;
if ($authenticated) {
$ICconfig['InfoCard'] = $autoconfig->getValue('InfoCard');
$ICconfig['issuer'] = $autoconfig->getValue('issuer');
$ICconfig['sts_crt'] = $autoconfig->getValue('sts_crt');
$ICconfig['sts_key'] = $autoconfig->getValue('sts_key');
$requiredClaims = sspmod_InfoCard_Utils::extractClaims($ICconfig['InfoCard']['schema'], $doc->getElementsByTagname('ClaimType'));
$claimValues = sspmod_InfoCard_UserFunctions::fillClaims($username, $ICconfig['InfoCard']['requiredClaims'], $ICconfig['InfoCard']['optionalClaims'], $requiredClaims);
$response = sspmod_InfoCard_STS::createToken($claimValues, $ICconfig, $messageid);
