/** * @param \Symfony\Component\HttpFoundation\Request $request * @throws \InvalidArgumentException if cannot manage the Request * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo */ public function manage(Request $request) { if (false == $this->supports($request)) { throw new \InvalidArgumentException('Unsupported request'); } $serviceInfo = $this->serviceInfoCollection->findByAS($request->query->get('as')); if (!$serviceInfo) { return new RedirectResponse($this->httpUtils->generateUri($request, $request->attributes->get('discovery_path'))); } $serviceInfo->getSpProvider()->setRequest($request); $spED = $serviceInfo->getSpProvider()->getEntityDescriptor(); $idpED = $serviceInfo->getIdpProvider()->getEntityDescriptor(); $spMeta = $serviceInfo->getSpMetaProvider()->getSpMeta(); $builder = new AuthnRequestBuilder($spED, $idpED, $spMeta); $message = $builder->build(); if ($serviceInfo->getSpSigningProvider()->isEnabled()) { $message->sign($serviceInfo->getSpSigningProvider()->getCertificate(), $serviceInfo->getSpSigningProvider()->getPrivateKey()); } $binding = $this->bindingManager->instantiate($spMeta->getAuthnRequestBinding()); $bindingResponse = $binding->send($message); if ($bindingResponse instanceof \AerialShip\LightSaml\Binding\RedirectResponse) { $result = new RedirectResponse($bindingResponse->getDestination()); } else { if ($bindingResponse instanceof \AerialShip\LightSaml\Binding\PostResponse) { $result = new Response($bindingResponse->render()); } else { throw new \RuntimeException('Unrecognized binding response ' . get_class($bindingResponse)); } } $state = new RequestState(); $state->setId($message->getID()); $state->setDestination($serviceInfo->getIdpProvider()->getEntityDescriptor()->getEntityID()); $this->requestStore->set($state); return $result; }
/** * @param Request $request * @return LogoutResponse * @throws \InvalidArgumentException */ protected function getLogoutResponse(Request $request) { /** @var $logoutResponse LogoutResponse */ $logoutResponse = $this->bindingManager->receive($request); if (!$logoutResponse || !$logoutResponse instanceof LogoutResponse) { throw new \InvalidArgumentException('Did not receive logout response'); } return $logoutResponse; }
protected function getSamlResponse(Request $request) { $bindingType = null; /** @var Response $response */ $response = $this->bindingManager->receive($request, $bindingType); if ($bindingType == Bindings::SAML2_HTTP_REDIRECT) { throw new \RuntimeException('SAML protocol response cannot be sent via binding HTTP REDIRECT'); } if (!$response instanceof Response) { throw new \RuntimeException('Expected Protocol/Response type but got ' . ($response ? get_class($response) : 'nothing')); } return $response; }
/** * @param Request $request * @return LogoutRequest * @throws \InvalidArgumentException */ protected function receiveRequest(Request $request) { /** @var $logoutRequest LogoutRequest */ $logoutRequest = $this->bindingManager->receive($request); if (!$logoutRequest || !$logoutRequest instanceof LogoutRequest) { throw new \InvalidArgumentException('Did not receive logout request'); } return $logoutRequest; }