function listMetadata($t, $metadata, $extended = FALSE)
{
$now = time();
echo '<ul>';
foreach ($metadata as $entry) {
$flag = NULL;
if (array_key_exists('tags', $entry)) {
if (in_array('norway', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/no.png');
}
if (in_array('denmark', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/dk.png');
}
if (in_array('finland', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/fi.png');
}
if (in_array('sweden', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/se.png');
}
if (in_array('switzerland', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/ch.png');
}
if (in_array('france', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/fr.png');
}
if (in_array('poland', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/pl.png');
}
if (in_array('germany', $entry['tags'])) {
$flag = SimpleSAML_Module::getModuleURL('metalisting/flags/de.png');
}
}
echo '<li>';
if (isset($flag)) {
echo ' <img style="display: inline; margin-right: 5px" src="' . $flag . '" alt="Flag" />';
}
if (array_key_exists('name', $entry)) {
echo $t->getTranslation(SimpleSAML_Utilities::arrayize($entry['name'], 'en'));
} else {
echo $entry['entityid'];
}
// echo('<pre>'); print_r($entry); echo('</pre>');
if ($extended) {
if (array_key_exists('expire', $entry)) {
if ($entry['expire'] < $now) {
echo '<span style="color: #500; font-weight: bold"> (expired ' . number_format(($now - $entry['expire']) / 3600, 1) . ' hours ago)</span>';
} else {
echo '<span style="color: #ccc; "> (expires in ' . number_format(($entry['expire'] - $now) / 3600, 1) . ' hours)</span>';
}
}
}
if (array_key_exists('url', $entry)) {
echo ' [ <a href="' . $t->getTranslation(SimpleSAML_Utilities::arrayize($entry['url'], 'en')) . '">more</a> ]';
}
echo '</li>';
}
echo '</ul>';
echo '</fieldset>';
}
public function checkConfig($req)
{
$err = array();
foreach ($req as $r) {
$rs = SimpleSAML_Utilities::arrayize($r);
if (!$this->location->hasValueOneOf($rs)) {
$err[] = 'one of (' . join(',', $rs) . ')';
}
}
if (count($err) > 0) {
return array(FALSE, 'Missing: ' . join(' | ', $err));
}
return array(TRUE, '');
}
echo '<br />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('{core:frontpage:show_metadata}') . '</a> ]';
echo '</p></dd>';
}
}
echo '</dl>';
if (is_array($this->data['metaentries']['remote']) && count($this->data['metaentries']['remote']) > 0) {
foreach ($this->data['metaentries']['remote'] as $setkey => $set) {
echo '<fieldset class="fancyfieldset"><legend>' . $this->t(mtype($setkey)) . ' (Trusted)</legend>';
echo '<ul>';
foreach ($set as $entry) {
echo '<li>';
echo '<a href="' . htmlspecialchars(SimpleSAML_Module::getModuleURL('core/show_metadata.php', array('entityid' => $entry['entityid'], 'set' => $setkey))) . '">';
if (!empty($entry['name'])) {
echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['name'], 'en')));
} elseif (!empty($entry['OrganizationDisplayName'])) {
echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['OrganizationDisplayName'], 'en')));
} else {
echo htmlspecialchars($entry['entityid']);
}
echo '</a>';
if (array_key_exists('expire', $entry)) {
if ($entry['expire'] < $now) {
echo '<span style="color: #500; font-weight: bold"> (expired ' . number_format(($now - $entry['expire']) / 3600, 1) . ' hours ago)</span>';
} else {
echo ' (expires in ' . number_format(($entry['expire'] - $now) / 3600, 1) . ' hours)';
}
}
echo '</li>';
}
echo '</ul>';
echo '</fieldset>';
}
} else {
$dstName = $this->data['dstMetadata']['entityid'];
}
$attributes = $this->data['attributes'];
$this->data['header'] = $this->t('{consent:consent:consent_header}');
$this->data['head'] = '<link rel="stylesheet" type="text/css" href="/' . $this->data['baseurlpath'] . 'module.php/consent/style.css" />' . "\n";
$this->includeAtTemplateBase('includes/header.php');
?>
<p>
<?php
echo $this->t('{consent:consent:consent_accept}', array('SPNAME' => $dstName, 'IDPNAME' => $srcName));
if (array_key_exists('descr_purpose', $this->data['dstMetadata'])) {
echo '</p><p>' . $this->t('{consent:consent:consent_purpose}', array('SPNAME' => $dstName, 'SPDESC' => $this->getTranslation(SimpleSAML_Utilities::arrayize($this->data['dstMetadata']['descr_purpose'], 'en'))));
}
?>
</p>
<form style="display: inline; margin: 0px; padding: 0px" action="<?php
echo htmlspecialchars($this->data['yesTarget']);
?>
">
<p style="margin: 1em">
<?php
if ($this->data['usestorage']) {
$checked = $this->data['checked'] ? 'checked="checked"' : '';
echo '<input type="checkbox" name="saveconsent" ' . $checked . ' value="1" /> ' . $this->t('{consent:consent:remember}') . '';
public function loadData()
{
$statdir = $this->statconfig->getValue('statdir');
$resarray = array();
$rules = SimpleSAML_Utilities::arrayize($this->ruleid);
foreach ($rules as $rule) {
// Get file and extract results.
$resultFileName = $statdir . '/' . $rule . '-' . $this->timeres . '-' . $this->fileslot . '.stat';
if (!file_exists($resultFileName)) {
throw new Exception('Aggregated statitics file [' . $resultFileName . '] not found.');
}
if (!is_readable($resultFileName)) {
throw new Exception('Could not read statitics file [' . $resultFileName . ']. Bad file permissions?');
}
$resultfile = file_get_contents($resultFileName);
$newres = unserialize($resultfile);
if (empty($newres)) {
throw new Exception('Aggregated statistics in file [' . $resultFileName . '] was empty.');
}
$resarray[] = $newres;
}
$combined = $resarray[0];
if (count($resarray) > 1) {
for ($i = 1; $i < count($resarray); $i++) {
$combined = $this->combine($combined, $resarray[$i]);
}
}
$this->results = $combined;
}
/**
* Add organization element based on metadata array.
*
* @param array $metadata The metadata we should extract the organization information from.
*/
public function addOrganizationInfo(array $metadata)
{
if (empty($metadata['OrganizationName']) || empty($metadata['OrganizationDisplayName']) || empty($metadata['OrganizationURL'])) {
/* Empty or incomplete organization information. */
return;
}
$orgName = SimpleSAML_Utilities::arrayize($metadata['OrganizationName'], 'en');
$orgDisplayName = SimpleSAML_Utilities::arrayize($metadata['OrganizationDisplayName'], 'en');
$orgURL = SimpleSAML_Utilities::arrayize($metadata['OrganizationURL'], 'en');
$this->addOrganization($orgName, $orgDisplayName, $orgURL);
}
}
$requestid = $authnrequest->getId();
$issuer = $authnrequest->getIssuer();
if ($issuer === NULL) {
throw new SimpleSAML_Error_BadRequest('Received message on authentication request endpoint without issuer.');
}
sspmod_saml2_Message::validateMessage($metadata->getMetaDataConfig($issuer, 'saml20-sp-remote'), $metadata->getMetaDataConfig($idpentityid, 'saml20-idp-hosted'), $authnrequest);
/*
* Create an assoc array of the request to store in the session cache.
*/
$requestcache = array('RequestID' => $requestid, 'Issuer' => $issuer, 'RelayState' => $authnrequest->getRelayState());
$spentityid = $requestcache['Issuer'];
$spmetadata = $metadata->getMetaData($spentityid, 'saml20-sp-remote');
$consumerURL = $authnrequest->getAssertionConsumerServiceURL();
if ($consumerURL !== NULL) {
$consumerArray = SimpleSAML_Utilities::arrayize($spmetadata['AssertionConsumerService']);
if (in_array($consumerURL, $consumerArray, TRUE)) {
$requestcache['ConsumerURL'] = $consumerURL;
} else {
SimpleSAML_Logger::warning('Authentication request from ' . var_export($spentityid, TRUE) . ' contains invalid AssertionConsumerService URL. Was ' . var_export($consumerURL, TRUE) . ', could be ' . var_export($consumerArray, TRUE) . '.');
}
}
$IDPList = $authnrequest->getIDPList();
if (array_key_exists('IDPList', $spmetadata)) {
$IDPList = array_unique(array_merge($IDPList, $spmetadata['IDPList']));
}
$requestcache['IDPList'] = $IDPList;
/*
* Handle the ForceAuthn option.
*/
/* The default value is FALSE. */
/**
* Load the given configuration file.
*
* @param string $filename The full path of the configuration file.
* @param bool @required Whether the file is required.
* @return SimpleSAML_Configuration The configuration file. An exception will be thrown if the
* configuration file is missing.
*/
private static function loadFromFile($filename, $required)
{
assert('is_string($filename)');
assert('is_bool($required)');
if (array_key_exists($filename, self::$loadedConfigs)) {
return self::$loadedConfigs[$filename];
}
if (file_exists($filename)) {
$config = 'UNINITIALIZED';
/* The file initializes a variable named '$config'. */
require $filename;
/* Check that $config is initialized to an array. */
if (!is_array($config)) {
throw new Exception('Invalid configuration file: ' . $filename);
}
} elseif ($required) {
/* File does not exist, but is required. */
throw new Exception('Missing configuration file: ' . $filename);
} else {
/* File does not exist, but is optional. */
$config = array();
}
if (array_key_exists('override.host', $config)) {
$host = SimpleSAML_Utilities::getSelfHost();
if (array_key_exists($host, $config['override.host'])) {
$ofs = $config['override.host'][$host];
foreach (SimpleSAML_Utilities::arrayize($ofs) as $of) {
$overrideFile = dirname($filename) . '/' . $of;
if (!file_exists($overrideFile)) {
throw new Exception('Config file [' . $filename . '] requests override for host ' . $host . ' but file does not exists [' . $of . ']');
}
require $overrideFile;
}
}
}
$cfg = new SimpleSAML_Configuration($config, $filename);
$cfg->filename = $filename;
self::$loadedConfigs[$filename] = $cfg;
return $cfg;
}
if (array_key_exists('descr', $hm)) {
echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['descr'], 'en')) . '</strong>';
}
echo '<br />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('show_metadata') . '</a> ]';
echo '</dd>';
}
}
echo '</dl>';
if (is_array($this->data['metaentries']['remote']) && count($this->data['metaentries']['remote']) > 0) {
foreach ($this->data['metaentries']['remote'] as $setkey => $set) {
echo '<fieldset class="fancyfieldset"><legend>' . $this->t(mtype($setkey)) . ' (Trusted)</legend>';
echo '<ul>';
foreach ($set as $entry) {
echo '<li>';
if (array_key_exists('name', $entry)) {
echo $this->getTranslation(SimpleSAML_Utilities::arrayize($entry['name'], 'en'));
} else {
echo $entry['entityid'];
}
if (array_key_exists('expire', $entry)) {
if ($entry['expire'] < $now) {
echo '<span style="color: #500; font-weight: bold"> (expired ' . number_format(($now - $entry['expire']) / 3600, 1) . ' hours ago)</span>';
} else {
echo ' (expires in ' . number_format(($entry['expire'] - $now) / 3600, 1) . ' hours)';
}
}
echo '</li>';
}
echo '</ul>';
echo '</fieldset>';
}
}
} else {
echo '<span style="color: #b4b4b4; font-size: x-small">NA</span>';
}
echo '</td>';
}
$i = 0;
$classes = array('odd', 'even');
# $this->data['results']
foreach ($this->data['sortedOrgIndex'] as $orgkey) {
$ress = $this->data['results'][$orgkey];
foreach ($ress as $i => $res) {
echo '<tr class="' . $classes[$i++ % 2] . '">';
if (array_key_exists('description', $this->data['orgconfig'][$orgkey])) {
echo '<td><a href="?orgtest=' . htmlentities($orgkey) . '">';
echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($this->data['orgconfig'][$orgkey]['description'], 'en')));
if (count($ress) > 1) {
echo ' (location ' . $i . ')';
}
echo '</a></td>';
} else {
echo '<td><span style="color: #b4b4b4; font-size: x-small">NA</span> <tt>' . $orgkey . '</tt></td>';
}
showRes('config', $res, $this);
showRes('ping', $res, $this);
showRes('cert', $res, $this);
echo '<td>' . (isset($res['cert']['expire']) ? $res['cert']['expire'] . '' : '<span style="color: #b4b4b4; font-size: x-small">NA</span>') . '</td>';
echo '<td>' . (isset($res['cert']['expireText']) ? $res['cert']['expireText'] : '<span style="color: #b4b4b4; font-size: x-small">NA</span>') . '</td>';
echo '<td>';
if (isset($res['cert']['issuer']) && isset($res['cert']['subject'])) {
if ($res['cert']['subject'] === $res['cert']['issuer']) {
function listMetadata($t, $entries, $workflowstates, $extended = false)
{
echo '<table width="100%">';
echo '<thead><tr>';
echo '<th width="40px" align="center">' . $t->t('tab_edit_entity_state') . '</th>';
echo '<th width="160px" align="center">' . $t->t('validation_metadata_column') . '</th>';
if (SimpleSAML_Module::isModuleEnabled('x509')) {
echo '<th width="160px" align="center">' . $t->t('validation_certificate_column') . '</th>';
}
echo '<th>' . $t->t('validation_identity_column') . '</th>';
echo '</tr></thead>';
echo '<tbody>';
foreach ($entries as $entry) {
echo '<tr>';
if (isset($workflowstates[$entry['workflow']]['name'][$t->getLanguage()])) {
$workflow_translated = $workflowstates[$entry['workflow']]['name'][$t->getLanguage()];
} else {
$workflow_translated = $workflowstates[$entry['workflow']]['name']['en'];
}
// Workflow colum
echo '<td width="40px" align="center">';
if ($entry['workflow'] == 'prodaccepted') {
echo '<img class="display_inline" src="resources/images/icons/production.png"';
} else {
echo '<img class="display_inline" src="resources/images/icons/test.png"';
}
echo ' title="' . $workflow_translated . '" alt="' . $workflow_translated . '" />';
echo '</td>';
// Metadata column
echo '<td width="160px" align="center">';
if ($entry['invalid_metadata']) {
echo '<img class="display_inline" src="resources/images/icons/reject.png" title="' . $t->t('missing_require_metadata') . implode(" ", $entry['invalid_metadata']) . '" alt="' . $t->t('validation_problem') . '" />';
} else {
echo '<img class="display_inline" src="resources/images/icons/accept.png" title="ok" alt="' . $t->t('validation_success') . '" />';
}
if ($entry['meta_status'] == 'expired') {
echo '<img class="display_inline" src="resources/images/icons/expired.png" title="' . $t->t('hour_expired', array('%META_EXPIRED_TIME%' => number_format($entry['meta_expiration_time'], 1))) . '" alt="' . $t->t('expired') . '">';
} else {
if ($entry['meta_status'] == 'expires soon') {
echo '<img class="display_inline" src="resources/images/icons/almost_expired.png" title="' . $t->t('hour_expires', array('%META_EXPIRES_TIME%' => number_format($entry['meta_expiration_time'], 1))) . '" alt="' . $t->t('no_expired') . '">';
} else {
if ($entry['meta_status'] == 'expires') {
echo '<img class="display_inline" src="resources/images/icons/fresh.png" title="' . $t->t('hour_expires', array('%META_EXPIRES_TIME%' => number_format($entry['meta_expiration_time'], 1))) . '" alt="' . $t->t('no_expired') . '">';
}
}
}
echo '</td>';
// Certificate column
if (SimpleSAML_Module::isModuleEnabled('x509')) {
echo '<td width="160px" align="center">';
if ($entry['invalid_certificate']) {
$title = $t->t('{x509:x509:' . $entry['invalid_certificate'] . '}');
// if in strict certificate validation and validation error response in
// allowed_warnings we display a warning instead of reject
if ($entry['cert_validation'] == 'poor' || $entry['cert_validation'] == 'unknown') {
echo '<img class="display_inline" src="resources/images/icons/warning.png" title="' . $title . '" alt="' . $t->t('validation_warning') . '" />';
} else {
echo '<img class="display_inline" src="resources/images/icons/reject.png" title="' . $title . '" alt="' . $t->t('validation_problem') . '" />';
}
} else {
echo '<img class="display_inline" src="resources/images/icons/accept.png" title="ok" alt="' . $t->t('validation_success') . '" />';
}
if ($entry['cert_status'] == 'expired') {
echo '<img class="display_inline" src="resources/images/icons/expired.png" title="' . $t->t('expired') . '" alt="' . $t->t('expired') . '">';
} else {
if ($entry['cert_status'] == 'expires soon') {
echo '<img class="display_inline" src="resources/images/icons/almost_expired.png" title="' . $t->t('day_expires', array('%CERT_EXPIRES_TIME%' => number_format($entry['cert_expiration_date'], 1))) . '" alt="' . $t->t('no_expired') . '">';
} else {
if ($entry['cert_status'] == 'expires') {
echo '<img class="display_inline" src="resources/images/icons/fresh.png" title="' . $t->t('day_expires', array('%CERT_EXPIRES_TIME%' => number_format($entry['cert_expiration_date'], 1))) . '" alt="' . $t->t('no_expired') . '">';
}
}
}
echo '</td>';
}
// Name column
echo '<td>';
if ($entry['flag'] !== null) {
echo '<img class="metalisting_flag" src="' . $entry['flag'] . '" alt="' . $entry['flag_name'] . '" />';
}
echo $entry['prettyname'];
if ($entry['url'] !== null) {
echo ' [ <a href="' . $t->getTranslation(SimpleSAML_Utilities::arrayize($entry['url'], 'en')) . '">more</a> ]';
}
echo '</td></tr>';
}
echo '</tbody>';
echo '</table>';
}
public function setDisabled($fields)
{
$fields = SimpleSAML_Utilities::arrayize($fields);
$this->disabled = array_merge($this->disabled, $fields);
}
SimpleSAML_Utilities::redirect($authurl, array('RelayState' => $redirectTo, 'AuthId' => $authId, 'protocol' => 'shib13'));
}
}
/*
* We got an request, and we hav a valid session. Then we send an AuthenticationResponse back to the
* service.
*/
try {
$spmetadata = $metadata->getMetaData($requestcache['Issuer'], 'shib13-sp-remote');
/* Validate the Shire the response should be sent to. */
$shire = $requestcache['shire'];
if (!array_key_exists('AssertionConsumerService', $spmetadata)) {
throw new Exception('Could not find [AssertionConsumerService] in Shib 1.3 Service Provider remote metadata.');
}
$foundACS = FALSE;
foreach (SimpleSAML_Utilities::arrayize($spmetadata['AssertionConsumerService']) as $acs) {
if ($acs === $shire) {
SimpleSAML_Logger::info('Shib1.3 - IdP.SSOService: Found AssertionConsumerService: ' . $acs);
$foundACS = TRUE;
break;
}
}
if (!$foundACS) {
throw new Exception('Invalid AssertionConsumerService for SP ' . var_export($spmetadata['entityid'], TRUE) . ': ' . var_export($shire, TRUE));
}
$attributes = $session->getAttributes();
/* Authentication processing operations. */
if (!isset($authProcState)) {
/* Not processed. */
$pc = new SimpleSAML_Auth_ProcessingChain($idpmetadata, $spmetadata, 'idp');
$authProcState = array('core:shib13-idp:requestcache' => $requestcache, 'ReturnURL' => SimpleSAML_Utilities::selfURLNoQuery(), 'Attributes' => $attributes, 'Destination' => $spmetadata, 'Source' => $idpmetadata);
/**
* Search for a DN.
*
* @param string|array $base
* The base, or bases, which to search from.
* @param string|array $attribute
* The attribute name(s) searched for.
* @param string $value
* The attribute value searched for.
* @param bool $allowZeroHits
* Determines if the method will throw an exception if no hits are found.
* Defaults to FALSE.
* @return string
* The DN of the matching element, if found. If no element was found and
* $allowZeroHits is set to FALSE, an exception will be thrown; otherwise
* NULL will be returned.
* @throws SimpleSAML_Error_AuthSource if:
* - LDAP search encounter some problems when searching cataloge
* - Not able to connect to LDAP server
* @throws SimpleSAML_Error_UserNotFound if:
* - $allowZeroHits er TRUE and no result is found
*
*/
public function searchfordn($base, $attribute, $value, $allowZeroHits = FALSE)
{
// Traverse all search bases, returning DN if found.
$bases = SimpleSAML_Utilities::arrayize($base);
$result = NULL;
foreach ($bases as $current) {
try {
// Single base search.
$result = $this->search($current, $attribute, $value);
// We don't hawe to look any futher if user is found
if (!empty($result)) {
return $result;
}
// If search failed, attempt the other base DNs.
} catch (SimpleSAML_Error_UserNotFound $e) {
// Just continue searching
}
}
// Decide what to do for zero entries.
SimpleSAML_Logger::debug('Library - LDAP searchfordn(): No entries found');
if ($allowZeroHits) {
// Zero hits allowed.
return NULL;
} else {
// Zero hits not allowed.
throw $this->makeException('Library - LDAP searchfordn(): LDAP search returned zero entries for filter \'(' . $attribute . ' = ' . $value . ')\' on base(s) \'(' . join(' & ', $bases) . ')\'', 2);
}
}
/**
* Send a SAML2 SSO request to an IdP.
*
* @param SimpleSAML_Configuration $idpMetadata The metadata of the IdP.
* @param array $state The state array for the current authentication.
*/
private function startSSO2(SimpleSAML_Configuration $idpMetadata, array $state)
{
if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] < 0) {
SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_ProxyCountExceeded("ProxyCountExceeded"));
}
$ar = sspmod_saml_Message::buildAuthnRequest($this->metadata, $idpMetadata);
$ar->setAssertionConsumerServiceURL(SimpleSAML_Module::getModuleURL('saml/sp/saml2-acs.php/' . $this->authId));
if (isset($state['SimpleSAML_Auth_Default.ReturnURL'])) {
$ar->setRelayState($state['SimpleSAML_Auth_Default.ReturnURL']);
}
if (isset($state['saml:AuthnContextClassRef'])) {
$accr = SimpleSAML_Utilities::arrayize($state['saml:AuthnContextClassRef']);
$ar->setRequestedAuthnContext(array('AuthnContextClassRef' => $accr));
}
if (isset($state['ForceAuthn'])) {
$ar->setForceAuthn((bool) $state['ForceAuthn']);
}
if (isset($state['isPassive'])) {
$ar->setIsPassive((bool) $state['isPassive']);
}
if (isset($state['saml:NameIDPolicy'])) {
if (is_string($state['saml:NameIDPolicy'])) {
$policy = array('Format' => (string) $state['saml:NameIDPolicy'], 'AllowCreate' => TRUE);
} elseif (is_array($state['saml:NameIDPolicy'])) {
$policy = $state['saml:NameIDPolicy'];
} else {
throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameIDPolicy\'].');
}
$ar->setNameIdPolicy($policy);
}
if (isset($state['saml:IDPList'])) {
$IDPList = $state['saml:IDPList'];
} else {
$IDPList = array();
}
$ar->setIDPList(array_unique(array_merge($this->metadata->getArray('IDPList', array()), $idpMetadata->getArray('IDPList', array()), (array) $IDPList)));
if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] !== null) {
$ar->setProxyCount($state['saml:ProxyCount']);
} elseif ($idpMetadata->getInteger('ProxyCount', null) !== null) {
$ar->setProxyCount($idpMetadata->getInteger('ProxyCount', null));
} elseif ($this->metadata->getInteger('ProxyCount', null) !== null) {
$ar->setProxyCount($this->metadata->getInteger('ProxyCount', null));
}
$requesterID = array();
if (isset($state['saml:RequesterID'])) {
$requesterID = $state['saml:RequesterID'];
}
if (isset($state['core:SP'])) {
$requesterID[] = $state['core:SP'];
}
$ar->setRequesterID($requesterID);
if (isset($state['saml:Extensions'])) {
$ar->setExtensions($state['saml:Extensions']);
}
$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso', TRUE);
$ar->setId($id);
SimpleSAML_Logger::debug('Sending SAML 2 AuthnRequest to ' . var_export($idpMetadata->getString('entityid'), TRUE));
$b = new SAML2_HTTPRedirect();
$this->sendSAML2AuthnRequest($state, $b, $ar);
assert('FALSE');
}
/**
* Add tag to excelude when collecting source metadata.
*
* $exclude May be string or array identifying a tag to exclude.
*/
public function exclude($exclude)
{
$this->excludeTags = array_merge($this->excludeTags, SimpleSAML_Utilities::arrayize($exclude));
}
/**
* Add SAML 1.1 SP metadata.
*
* @param array $metadata The metadata.
*/
public function addMetadataSP11($metadata)
{
assert('is_array($metadata)');
$e = $this->createElement('SPSSODescriptor');
$e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:1.1:protocol');
$this->addCertificate($e, $metadata);
if (array_key_exists('NameIDFormat', $metadata)) {
$t = $this->createElement('NameIDFormat');
$t->appendChild($this->document->createTextNode($metadata['NameIDFormat']));
$e->appendChild($t);
}
$acsIndex = 0;
if (array_key_exists('AssertionConsumerService', $metadata)) {
foreach (SimpleSAML_Utilities::arrayize($metadata['AssertionConsumerService']) as $acs) {
$t = $this->createElement('AssertionConsumerService');
$t->setAttribute('index', (string) $acsIndex);
$t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post');
$t->setAttribute('Location', $acs);
$e->appendChild($t);
$acsIndex += 1;
}
}
if (array_key_exists('AssertionConsumerService.artifact', $metadata)) {
foreach (SimpleSAML_Utilities::arrayize($metadata['AssertionConsumerService.artifact']) as $acs) {
$t = $this->createElement('AssertionConsumerService');
$t->setAttribute('index', (string) $acsIndex);
$t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01');
$t->setAttribute('Location', $acs);
$e->appendChild($t);
$acsIndex += 1;
}
}
$this->entityDescriptor->appendChild($e);
}
