/** * Constructor for SAML 2 logout request messages. * * @param DOMElement|NULL $xml The input message. * @throws Exception */ public function __construct(DOMElement $xml = NULL) { parent::__construct('LogoutRequest', $xml); $this->sessionIndexes = array(); if ($xml === NULL) { return; } if ($xml->hasAttribute('NotOnOrAfter')) { $this->notOnOrAfter = SAML2_Utils::xsDateTimeToTimestamp($xml->getAttribute('NotOnOrAfter')); } $nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData'); if (empty($nameId)) { throw new Exception('Missing <saml:NameID> or <saml:EncryptedID> in <samlp:LogoutRequest>.'); } elseif (count($nameId) > 1) { throw new Exception('More than one <saml:NameID> or <saml:EncryptedD> in <samlp:LogoutRequest>.'); } $nameId = $nameId[0]; if ($nameId->localName === 'EncryptedData') { /* The NameID element is encrypted. */ $this->encryptedNameId = $nameId; } else { $this->nameId = SAML2_Utils::parseNameId($nameId); } $sessionIndexes = SAML2_Utils::xpQuery($xml, './saml_protocol:SessionIndex'); foreach ($sessionIndexes as $sessionIndex) { $this->sessionIndexes[] = trim($sessionIndex->textContent); } }
/** * Constructor for SAML 2 subject query messages. * * @param string $tagName The tag name of the root element. * @param DOMElement|NULL $xml The input message. */ protected function __construct($tagName, DOMElement $xml = NULL) { parent::__construct($tagName, $xml); if ($xml === NULL) { return; } $this->parseSubject($xml); }
public function __construct(DOMElement $xml = NULL) { parent::__construct('ArtifactResolve', $xml); if (!is_null($xml)) { $results = SAML2_Utils::xpQuery($xml, './saml_protocol:Artifact'); $this->artifact = $results[0]->textContent; } }
/** * Constructor for SAML 2 authentication request messages. * * @param DOMElement|NULL $xml The input message. */ public function __construct(DOMElement $xml = NULL) { parent::__construct('AuthnRequest', $xml); $this->nameIdPolicy = array(); $this->forceAuthn = FALSE; $this->isPassive = FALSE; if ($xml === NULL) { return; } $this->forceAuthn = SAML2_Utils::parseBoolean($xml, 'ForceAuthn', FALSE); $this->isPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', FALSE); if ($xml->hasAttribute('AssertionConsumerServiceURL')) { $this->assertionConsumerServiceURL = $xml->getAttribute('AssertionConsumerServiceURL'); } if ($xml->hasAttribute('ProtocolBinding')) { $this->protocolBinding = $xml->getAttribute('ProtocolBinding'); } $nameIdPolicy = SAML2_Utils::xpQuery($xml, './saml_protocol:NameIDPolicy'); if (!empty($nameIdPolicy)) { $nameIdPolicy = $nameIdPolicy[0]; if ($nameIdPolicy->hasAttribute('Format')) { $this->nameIdPolicy['Format'] = $nameIdPolicy->getAttribute('Format'); } if ($nameIdPolicy->hasAttribute('SPNameQualifier')) { $this->nameIdPolicy['SPNameQualifier'] = $nameIdPolicy->getAttribute('SPNameQualifier'); } if ($nameIdPolicy->hasAttribute('AllowCreate')) { $this->nameIdPolicy['AllowCreate'] = SAML2_Utils::parseBoolean($nameIdPolicy, 'AllowCreate', FALSE); } } $requestedAuthnContext = SAML2_Utils::xpQuery($xml, './saml_protocol:RequestedAuthnContext'); if (!empty($requestedAuthnContext)) { $requestedAuthnContext = $requestedAuthnContext[0]; $rac = array('AuthnContextClassRef' => array(), 'Comparison' => 'exact'); $accr = SAML2_Utils::xpQuery($requestedAuthnContext, './saml_assertion:AuthnContextClassRef'); foreach ($accr as $i) { $rac['AuthnContextClassRef'][] = trim($i->textContent); } if ($requestedAuthnContext->hasAttribute('Comparison')) { $rac['Comparison'] = $requestedAuthnContext->getAttribute('Comparison'); } $this->requestedAuthnContext = $rac; } $idpEntries = SAML2_Utils::xpQuery($xml, './saml_protocol:Scoping/saml_protocol:IDPList/saml_protocol:IDPEntry'); foreach ($idpEntries as $idpEntry) { if (!$idpEntry->hasAttribute('ProviderID')) { throw new Exception("Could not get ProviderID from Scoping/IDPEntry element in AuthnRequest object"); } $this->IDPList[] = $idpEntry->getAttribute('ProviderID'); } }
/** * Constructor for SAML 2 logout request messages. * * @param DOMElement|NULL $xml The input message. */ public function __construct(DOMElement $xml = NULL) { parent::__construct('LogoutRequest', $xml); if ($xml === NULL) { return; } $nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID'); if (empty($nameId)) { throw new Exception('Missing NameID in logout request.'); } $this->nameId = SAML2_Utils::parseNameId($nameId[0]); $sessionIndex = SAML2_Utils::xpQuery($xml, './saml_protocol:SessionIndex'); if (!empty($sessionIndex)) { $this->sessionIndex = trim($sessionIndex[0]->textContent); } }
/** * Constructor for SAML 2 authentication request messages. * * @param DOMElement|NULL $xml The input message. * @throws Exception */ public function __construct(DOMElement $xml = NULL) { parent::__construct('AuthnRequest', $xml); $this->nameIdPolicy = array(); $this->forceAuthn = FALSE; $this->isPassive = FALSE; if ($xml === NULL) { return; } $this->forceAuthn = SAML2_Utils::parseBoolean($xml, 'ForceAuthn', FALSE); $this->isPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', FALSE); if ($xml->hasAttribute('AssertionConsumerServiceURL')) { $this->assertionConsumerServiceURL = $xml->getAttribute('AssertionConsumerServiceURL'); } if ($xml->hasAttribute('ProtocolBinding')) { $this->protocolBinding = $xml->getAttribute('ProtocolBinding'); } if ($xml->hasAttribute('AttributeConsumingServiceIndex')) { $this->attributeConsumingServiceIndex = (int) $xml->getAttribute('AttributeConsumingServiceIndex'); } if ($xml->hasAttribute('AssertionConsumerServiceIndex')) { $this->assertionConsumerServiceIndex = (int) $xml->getAttribute('AssertionConsumerServiceIndex'); } $this->parseSubject($xml); $this->parseNameIdPolicy($xml); $this->parseRequestedAuthnContext($xml); $this->parseScoping($xml); }