/**
  * Store a NameID to attribute.
  *
  * @param array &$state The request state.
  */
 public function process(&$state)
 {
     assert('is_array($state)');
     if (!isset($state['saml:NameID'][\SAML2\Constants::NAMEID_PERSISTENT])) {
         SimpleSAML\Logger::warning('Unable to generate eduPersonTargetedID because no persistent NameID was available.');
         return;
     }
     $nameID = $state['saml:NameID'][\SAML2\Constants::NAMEID_PERSISTENT];
     if ($this->nameId) {
         $doc = \SAML2\DOMDocumentFactory::create();
         $root = $doc->createElement('root');
         $doc->appendChild($root);
         \SAML2\Utils::addNameId($root, $nameID);
         $value = $doc->saveXML($root->firstChild);
     } else {
         $value = $nameID['Value'];
     }
     $state['Attributes'][$this->attribute] = array($value);
 }
Пример #2
0
 /**
  * Add a Subject-node to the assertion.
  *
  * @param \DOMElement $root The assertion element we should add the subject to.
  */
 private function addSubject(\DOMElement $root)
 {
     if ($this->nameId === null && $this->encryptedNameId === null) {
         /* We don't have anything to create a Subject node for. */
         return;
     }
     $subject = $root->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:Subject');
     $root->appendChild($subject);
     if ($this->encryptedNameId === null) {
         Utils::addNameId($subject, $this->nameId);
     } else {
         $eid = $subject->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:' . 'EncryptedID');
         $subject->appendChild($eid);
         $eid->appendChild($subject->ownerDocument->importNode($this->encryptedNameId, true));
     }
     foreach ($this->SubjectConfirmation as $sc) {
         $sc->toXML($subject);
     }
 }
Пример #3
0
 /**
  * Add a Subject-node to the assertion.
  *
  * @param \DOMElement $root The assertion element we should add the subject to.
  */
 private function addSubject(\DOMElement $root)
 {
     // If there is no nameId (encrypted or not) there is nothing to create a subject for
     if ($this->nameId === null && $this->encryptedNameId === null) {
         return;
     }
     $subject = $root->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:Subject');
     $root->appendChild($subject);
     if ($this->encryptedNameId === null) {
         Utils::addNameId($subject, $this->nameId);
     } else {
         $eid = $subject->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:EncryptedID');
         $eid->appendChild($subject->ownerDocument->importNode($this->encryptedNameId, true));
         $subject->appendChild($eid);
     }
     foreach ($this->subjectConfirmation as $sc) {
         $sc->toXML($subject);
     }
 }
Пример #4
0
 /**
  * Convert this logout request message to an XML element.
  *
  * @return \DOMElement This logout request.
  */
 public function toUnsignedXML()
 {
     $root = parent::toUnsignedXML();
     if ($this->notOnOrAfter !== null) {
         $root->setAttribute('NotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->notOnOrAfter));
     }
     if ($this->encryptedNameId === null) {
         Utils::addNameId($root, $this->nameId);
     } else {
         $eid = $root->ownerDocument->createElementNS(Constants::NS_SAML, 'saml:' . 'EncryptedID');
         $root->appendChild($eid);
         $eid->appendChild($root->ownerDocument->importNode($this->encryptedNameId, true));
     }
     foreach ($this->sessionIndexes as $sessionIndex) {
         Utils::addString($root, Constants::NS_SAMLP, 'SessionIndex', $sessionIndex);
     }
     return $root;
 }
Пример #5
0
 /**
  * Apply filter to add the targeted ID.
  *
  * @param array &$state  The current state.
  */
 public function process(&$state)
 {
     assert('is_array($state)');
     assert('array_key_exists("Attributes", $state)');
     if ($this->attribute === NULL) {
         if (!array_key_exists('UserID', $state)) {
             throw new Exception('core:TargetedID: Missing UserID for this user. Please' . ' check the \'userid.attribute\' option in the metadata against the' . ' attributes provided by the authentication source.');
         }
         $userID = $state['UserID'];
     } else {
         if (!array_key_exists($this->attribute, $state['Attributes'])) {
             throw new Exception('core:TargetedID: Missing attribute \'' . $this->attribute . '\', which is needed to generate the targeted ID.');
         }
         $userID = $state['Attributes'][$this->attribute][0];
     }
     $secretSalt = SimpleSAML\Utils\Config::getSecretSalt();
     if (array_key_exists('Source', $state)) {
         $srcID = self::getEntityId($state['Source']);
     } else {
         $srcID = '';
     }
     if (array_key_exists('Destination', $state)) {
         $dstID = self::getEntityId($state['Destination']);
     } else {
         $dstID = '';
     }
     $uidData = 'uidhashbase' . $secretSalt;
     $uidData .= strlen($srcID) . ':' . $srcID;
     $uidData .= strlen($dstID) . ':' . $dstID;
     $uidData .= strlen($userID) . ':' . $userID;
     $uidData .= $secretSalt;
     $uid = hash('sha1', $uidData);
     if ($this->generateNameId) {
         // Convert the targeted ID to a SAML 2.0 name identifier element
         $nameId = array('Format' => \SAML2\Constants::NAMEID_PERSISTENT, 'Value' => $uid);
         if (isset($state['Source']['entityid'])) {
             $nameId['NameQualifier'] = $state['Source']['entityid'];
         }
         if (isset($state['Destination']['entityid'])) {
             $nameId['SPNameQualifier'] = $state['Destination']['entityid'];
         }
         $doc = \SAML2\DOMDocumentFactory::create();
         $root = $doc->createElement('root');
         $doc->appendChild($root);
         \SAML2\Utils::addNameId($root, $nameId);
         $uid = $doc->saveXML($root->firstChild);
     }
     $state['Attributes']['eduPersonTargetedID'] = array($uid);
 }