SimpleSAML_Logger::debug('ERROR: NO AUTH STATE'); throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.'); } else { $authStateId = $_REQUEST['AuthState']; SimpleSAML_Logger::debug('AUTH STATE: ' . $authStateId); } $username = null; $password = null; $state = "validate"; if (array_key_exists('form', $_POST) && $_POST['form'] != NULL) { if (array_key_exists('username', $_POST) && $_POST['username'] != NULL) { if (array_key_exists('password', $_POST) && $_POST['password'] != NULL) { //Validation: Username/Password $username = $_POST['username']; $password = $_POST['password']; if (sspmod_InfoCard_UserFunctions::validateUser(array('username' => $username, 'password' => $password), 'UsernamePasswordCredential')) { $userCredential = $autoconfig->getValue('UserCredential'); if (strcmp($userCredential, 'UsernamePasswordCredential') == 0) { $ICconfig['InfoCard'] = $Infocard; $ICconfig['InfoCard']['issuer'] = $autoconfig->getValue('tokenserviceurl'); //sspmod_InfoCard_Utils::getIssuer($sts_crt); $ICconfig['tokenserviceurl'] = $autoconfig->getValue('tokenserviceurl'); $ICconfig['mexurl'] = $autoconfig->getValue('mexurl'); $ICconfig['sts_key'] = $autoconfig->getValue('sts_key'); $ICconfig['certificates'] = $autoconfig->getValue('certificates'); $ICconfig['UserCredential'] = $autoconfig->getValue('UserCredential'); $ICdata = sspmod_InfoCard_UserFunctions::fillICdata($username, $userCredential); $IC = sspmod_InfoCard_STS::createCard($ICdata, $ICconfig); header("Content-Disposition: attachment; filename=\"" . $ICdata['CardName'] . ".crd\""); header('Content-Type: application/x-informationcard'); header('Content-Length:' . strlen($IC));
break; case "SelfIssuedCredential": //Obtener clave simétrica $encKey = base64_decode($doc->getElementsByTagname('CipherValue')->item(0)->nodeValue); $sts_key = $autoconfig->getValue('sts_key'); $privkey = openssl_pkey_get_private(file_get_contents($sts_key)); $key = NULL; openssl_private_decrypt($encKey, $key, $privkey, OPENSSL_PKCS1_OAEP_PADDING); openssl_free_key($privkey); //Recuperar información $encSamlToken = base64_decode($doc->getElementsByTagname('CipherValue')->item(1)->nodeValue); $samlToken = decryptMcrypt($encSamlToken, $key); SimpleSAML_Logger::debug('$samlToken' . $samlToken); $ppid = getppid($samlToken); SimpleSAML_Logger::debug('PPID: ' . $ppid); if (sspmod_InfoCard_UserFunctions::validateUser(array('PPID' => $ppid), $ICconfig['UserCredential'])) { $authenticated = true; } break; default: break; } $messageid = $doc->getElementsByTagname('MessageID')->item(0)->nodeValue; if ($authenticated) { $ICconfig['InfoCard'] = $autoconfig->getValue('InfoCard'); $ICconfig['issuer'] = $autoconfig->getValue('issuer'); $ICconfig['sts_crt'] = $autoconfig->getValue('sts_crt'); $ICconfig['sts_key'] = $autoconfig->getValue('sts_key'); $requiredClaims = sspmod_InfoCard_Utils::extractClaims($ICconfig['InfoCard']['schema'], $doc->getElementsByTagname('ClaimType')); $claimValues = sspmod_InfoCard_UserFunctions::fillClaims($username, $ICconfig['InfoCard']['requiredClaims'], $ICconfig['InfoCard']['optionalClaims'], $requiredClaims); $response = sspmod_InfoCard_STS::createToken($claimValues, $ICconfig, $messageid);