protected function doExecute(ProfileContext $context)
{
if ($context->getRelayState()) {
$this->logger->debug(sprintf('RelayState from context set to outbound message: "%s"', $context->getRelayState()), LogHelper::getActionContext($context, $this));
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setRelayState($context->getRelayState());
}
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
$ownEntityDescriptor = $context->getOwnEntityDescriptor();
$issuer = new Issuer($ownEntityDescriptor->getEntityID());
$issuer->setFormat(SamlConstants::NAME_ID_FORMAT_ENTITY);
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setIssuer($issuer);
$this->logger->debug(sprintf('Issuer set to "%s"', $ownEntityDescriptor->getEntityID()), LogHelper::getActionContext($context, $this));
}
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getInboundContext());
if (null == $message->getIssuer()) {
throw new LightSamlContextException($context, 'Inbound messages does not have Issuer');
}
$context->getPartyEntityContext()->setEntityId($message->getIssuer()->getValue());
}
/**
* @param ProfileContext $context
*/
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getOutboundContext());
$state = new RequestState();
$state->setId($message->getID());
$state->setNonce($message);
$this->requestStore->set($state);
}
protected function doExecute(ProfileContext $context)
{
$shouldSign = $this->shouldSignMessage($context);
if ($shouldSign) {
$signature = $this->signatureResolver->getSignature($context);
if ($signature) {
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setSignature($signature);
$this->logger->debug(sprintf('Message signed with fingerprint "%s"', $signature->getCertificate()->getFingerprint()), LogHelper::getActionContext($context, $this, array('certificate' => $signature->getCertificate()->getInfo())));
} else {
$this->logger->critical('No signature resolved, although signing enabled', LogHelper::getActionErrorContext($context, $this, array()));
}
} else {
$this->logger->debug('Signing disabled', LogHelper::getActionContext($context, $this));
}
}
/**
* @param ProfileContext $context
*/
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getOutboundContext());
$state = new RequestState();
$state->setId($message->getID());
$partyEntityId = $context->getPartyEntityContext() ? $context->getPartyEntityContext()->getEntityId() : '';
if ($context->getPartyEntityContext() && $context->getPartyEntityContext()->getEntityDescriptor()) {
$partyEntityId = $context->getPartyEntityContext()->getEntityDescriptor()->getEntityID();
}
$state->getParameters()->add([RequestStateParameters::ID => $message->getID(), RequestStateParameters::TYPE => get_class($message), RequestStateParameters::TIMESTAMP => $message->getIssueInstantTimestamp(), RequestStateParameters::PARTY => $partyEntityId, RequestStateParameters::RELAY_STATE => $message->getRelayState()]);
if ($message instanceof LogoutRequest) {
$state->getParameters()->add([RequestStateParameters::NAME_ID => $message->getNameID()->getValue(), RequestStateParameters::NAME_ID_FORMAT => $message->getNameID()->getFormat(), RequestStateParameters::SESSION_INDEX => $message->getSessionIndex()]);
}
$this->requestStore->set($state);
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getInboundContext());
$destination = $message->getDestination();
if (null == $destination) {
return;
}
$criteriaSet = $this->getCriteriaSet($context, $destination);
$endpoints = $this->endpointResolver->resolve($criteriaSet, $context->getOwnEntityDescriptor()->getAllEndpoints());
if ($endpoints) {
return;
}
$message = sprintf('Invalid inbound message destination "%s"', $destination);
$this->logger->emergency($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlContextException($context, $message);
}
/**
* @param MessageContext $context
* @param null|string $destination
*
* @return SamlPostResponse
*/
public function send(MessageContext $context, $destination = null)
{
$message = MessageContextHelper::asSamlMessage($context);
$destination = $message->getDestination() ? $message->getDestination() : $destination;
$serializationContext = $context->getSerializationContext();
$message->serialize($serializationContext->getDocument(), $serializationContext);
$msgStr = $serializationContext->getDocument()->saveXML();
$this->dispatchSend($msgStr);
$msgStr = base64_encode($msgStr);
$type = $message instanceof AbstractRequest ? 'SAMLRequest' : 'SAMLResponse';
$data = array($type => $msgStr);
if ($message->getRelayState()) {
$data['RelayState'] = $message->getRelayState();
}
$result = new SamlPostResponse($destination, $data);
$result->renderContent();
return $result;
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getInboundContext());
if (false == $message->getIssuer()) {
$message = 'Inbound message must have Issuer element';
$this->logger->emergency($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlContextException($context, $message);
}
if ($this->allowedFormat && $message->getIssuer()->getValue() && $message->getIssuer()->getFormat() && $message->getIssuer()->getFormat() != $this->allowedFormat) {
$message = sprintf("Response Issuer Format if set must have value '%s' but it was '%s'", $this->allowedFormat, $message->getIssuer()->getFormat());
$this->logger->emergency($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlContextException($context, $message);
}
try {
$this->nameIdValidator->validateNameId($message->getIssuer());
} catch (LightSamlValidationException $ex) {
throw new LightSamlContextException($context, $ex->getMessage(), 0, $ex);
}
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
$message = MessageContextHelper::asSamlMessage($context->getInboundContext());
$signature = $message->getSignature();
if (null === $signature) {
$this->logger->debug('Message is not signed', LogHelper::getActionContext($context, $this));
return;
}
if ($signature instanceof AbstractSignatureReader) {
$metadataType = ProfileContext::ROLE_IDP === $context->getOwnRole() ? MetadataCriteria::TYPE_SP : MetadataCriteria::TYPE_IDP;
$credential = $this->signatureValidator->validate($signature, $message->getIssuer()->getValue(), $metadataType);
if ($credential) {
$keyNames = $credential->getKeyNames();
$this->logger->debug(sprintf('Message signature validated with key "%s"', implode(', ', $keyNames)), LogHelper::getActionContext($context, $this, array('credential' => $credential)));
} else {
$this->logger->warning('Signature verification was not performed', LogHelper::getActionContext($context, $this));
}
} else {
$message = 'Expected AbstractSignatureReader';
$this->logger->critical($message, LogHelper::getActionErrorContext($context, $this));
throw new LightSamlModelException($message);
}
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setVersion($this->version);
$this->logger->debug(sprintf('Message Version set to "%s"', $this->version), LogHelper::getActionContext($context, $this));
}
/**
* @param MessageContext $context
* @param string|null $destination
*
* @return string
*/
protected function getRedirectURL(MessageContext $context, $destination)
{
$message = MessageContextHelper::asSamlMessage($context);
$signature = $message->getSignature();
if ($signature && false == $signature instanceof SignatureWriter) {
throw new LightSamlBindingException('Signature must be SignatureWriter');
}
$xml = $this->getMessageEncodedXml($message, $context);
$msg = $this->addMessageToUrl($message, $xml);
$this->addRelayStateToUrl($msg, $message);
$this->addSignatureToUrl($msg, $signature);
return $this->getDestinationUrl($msg, $message, $destination);
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setIssueInstant($this->timeProvider->getTimestamp());
$this->logger->info(sprintf('Message IssueInstant set to "%s"', MessageContextHelper::asSamlMessage($context->getOutboundContext())->getIssueInstantString()), LogHelper::getActionContext($context, $this));
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
if ($context->getInboundContext()->getMessage()) {
MessageContextHelper::asStatusResponse($context->getOutboundContext())->setInResponseTo(MessageContextHelper::asSamlMessage($context->getInboundContext())->getID());
}
}
protected function doExecute(ProfileContext $context)
{
$id = Helper::generateID();
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setId($id);
$this->logger->info(sprintf('Message ID set to "%s"', $id), LogHelper::getActionContext($context, $this, array('message_id' => $id)));
}
/**
* @param ProfileContext $context
*
* @return void
*/
protected function doExecute(ProfileContext $context)
{
$endpoint = $context->getEndpoint();
MessageContextHelper::asSamlMessage($context->getOutboundContext())->setDestination($endpoint->getLocation());
$this->logger->debug(sprintf('Destination set to "%s"', $endpoint->getLocation()), LogHelper::getActionContext($context, $this));
}
public function test__as_saml_message_returns_message()
{
$context = new MessageContext();
$context->setMessage($expectedMessage = $this->getMessageMock());
$this->assertSame($expectedMessage, MessageContextHelper::asSamlMessage($context));
}
