示例#1
0
    /**
     * Prepare a basic DOMelement to test against
     */
    public function setUp()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                ID="s2a0da3504aff978b0f8c80f6a62c713c4a2f64c5b"
                InResponseTo="_bec424fa5103428909a30ff1e31168327f79474984"
                Version="2.0"
                IssueInstant="2007-12-10T11:39:48Z"
                Destination="http://moodle.bridge.feide.no/simplesaml/saml2/sp/AssertionConsumerService.php">
    <saml:Issuer>max.feide.no</saml:Issuer>
    <samlp:Extensions>
        <myns:AttributeList xmlns:myns="urn:mynamespace">
            <myns:Attribute name="UserName" value=""/>
        </myns:AttributeList>
        <ExampleElement name="AnotherExtension" />
    </samlp:Extensions>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </samlp:Status>
</samlp:Response>
XML
);
        $this->testElement = $document->documentElement;
    }
示例#2
0
    /**
     * Verifies that we can create an AttributeValue from a DOMElement.
     */
    public function testCreateAttributeFromDOMElement()
    {
        $attribute = new Attribute();
        $attribute->Name = 'TheName';
        $attribute->NameFormat = 'TheNameFormat';
        $attribute->FriendlyName = 'TheFriendlyName';
        $element = new \DOMDocument();
        $element->loadXML(<<<ATTRIBUTEVALUE
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">urn:collab:person:surftest.nl:example</NameID>
ATTRIBUTEVALUE
);
        $attribute->AttributeValue = array(new AttributeValue($element->documentElement));
        $document = DOMDocumentFactory::fromString('<root />');
        $returnedStructure = $attribute->toXML($document->firstChild);
        $expectedStructureDocument = new \DOMDocument();
        $expectedStructureDocument->loadXML(<<<ATTRIBUTEXML
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
  Name="TheName" NameFormat="TheNameFormat" FriendlyName="TheFriendlyName">
  <saml:AttributeValue>
    <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">urn:collab:person:surftest.nl:example</NameID>
  </saml:AttributeValue>
</saml:Attribute>
ATTRIBUTEXML
);
        $expectedStructure = $expectedStructureDocument->documentElement;
        $this->assertEqualXMLStructure($expectedStructure, $returnedStructure);
        $this->assertEquals("urn:collab:person:surftest.nl:example", $attribute->AttributeValue[0]->getString());
    }
示例#3
0
    public function testUnmarshalling()
    {
        $mdNamespace = Constants::NS_MD;
        $document = DOMDocumentFactory::fromString(<<<XML
<md:Test xmlns:md="{$mdNamespace}" Binding="urn:something" Location="https://whatever/" xmlns:test="urn:test" test:attr="value" />
XML
);
        $endpointType = new EndpointType($document->firstChild);
        $this->assertEquals(true, $endpointType->hasAttributeNS('urn:test', 'attr'));
        $this->assertEquals('value', $endpointType->getAttributeNS('urn:test', 'attr'));
        $this->assertEquals(false, $endpointType->hasAttributeNS('urn:test', 'invalid'));
        $this->assertEquals('', $endpointType->getAttributeNS('urn:test', 'invalid'));
        $endpointType->removeAttributeNS('urn:test', 'attr');
        $this->assertEquals(false, $endpointType->hasAttributeNS('urn:test', 'attr'));
        $this->assertEquals('', $endpointType->getAttributeNS('urn:test', 'attr'));
        $endpointType->setAttributeNS('urn:test2', 'test2:attr2', 'value2');
        $this->assertEquals('value2', $endpointType->getAttributeNS('urn:test2', 'attr2'));
        $document->loadXML('<root />');
        $endpointTypeElement = $endpointType->toXML($document->firstChild, 'md:Test');
        $endpointTypeElements = Utils::xpQuery($endpointTypeElement, '/root/saml_metadata:Test');
        $this->assertCount(1, $endpointTypeElements);
        $endpointTypeElement = $endpointTypeElements[0];
        $this->assertEquals('value2', $endpointTypeElement->getAttributeNS('urn:test2', 'attr2'));
        $this->assertEquals(false, $endpointTypeElement->hasAttributeNS('urn:test', 'attr'));
    }
示例#4
0
    /**
     * Test unmarshalling / marshalling of XML with Extensions element
     */
    public function testExtensionOrdering()
    {
        $xml = <<<AUTHNREQUEST
<samlp:AuthnRequest
  xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
  ID="_306f8ec5b618f361c70b6ffb1480eade"
  Version="2.0"
  IssueInstant="2004-12-05T09:21:59Z"
  Destination="https://idp.example.org/SAML2/SSO/Artifact"
  ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
  AssertionConsumerServiceURL="https://sp.example.com/SAML2/SSO/Artifact">
  <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer>
  <samlp:Extensions>
      <myns:AttributeList xmlns:myns="urn:mynamespace">
          <myns:Attribute name="UserName" value=""/>
      </myns:AttributeList>
  </samlp:Extensions>
  <saml:Subject>
        <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">user@example.org</saml:NameID>
  </saml:Subject>
  <samlp:NameIDPolicy
    AllowCreate="true"
    Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
</samlp:AuthnRequest>
AUTHNREQUEST;
        $document = DOMDocumentFactory::fromString($xml);
        $authnRequest = new AuthnRequest($document->documentElement);
        $this->assertXmlStringEqualsXmlString($document->C14N(), $authnRequest->toUnsignedXML()->C14N());
    }
示例#5
0
 /**
  * Extract the response element from the SOAP response.
  *
  * @param string $soapResponse  The SOAP response.
  * @return string  The <saml1p:Response> element, as a string.
  */
 private static function extractResponse($soapResponse)
 {
     assert('is_string($soapResponse)');
     try {
         $doc = \SAML2\DOMDocumentFactory::fromString($soapResponse);
     } catch (\Exception $e) {
         throw new SimpleSAML_Error_Exception('Error parsing SAML 1 artifact response.');
     }
     $soapEnvelope = $doc->firstChild;
     if (!SimpleSAML\Utils\XML::isDOMElementOfType($soapEnvelope, 'Envelope', 'http://schemas.xmlsoap.org/soap/envelope/')) {
         throw new SimpleSAML_Error_Exception('Expected artifact response to contain a <soap:Envelope> element.');
     }
     $soapBody = SimpleSAML\Utils\XML::getDOMChildren($soapEnvelope, 'Body', 'http://schemas.xmlsoap.org/soap/envelope/');
     if (count($soapBody) === 0) {
         throw new SimpleSAML_Error_Exception('Couldn\'t find <soap:Body> in <soap:Envelope>.');
     }
     $soapBody = $soapBody[0];
     $responseElement = SimpleSAML\Utils\XML::getDOMChildren($soapBody, 'Response', 'urn:oasis:names:tc:SAML:1.0:protocol');
     if (count($responseElement) === 0) {
         throw new SimpleSAML_Error_Exception('Couldn\'t find <saml1p:Response> in <soap:Body>.');
     }
     $responseElement = $responseElement[0];
     /*
      * Save the <saml1p:Response> element. Note that we need to import it
      * into a new document, in order to preserve namespace declarations.
      */
     $newDoc = \SAML2\DOMDocumentFactory::create();
     $newDoc->appendChild($newDoc->importNode($responseElement, TRUE));
     $responseXML = $newDoc->saveXML();
     return $responseXML;
 }
示例#6
0
 public function testMarshalling()
 {
     $indexedEndpointType = new IndexedEndpointType();
     $indexedEndpointType->Binding = 'TestBinding';
     $indexedEndpointType->Location = 'TestLocation';
     $indexedEndpointType->index = 42;
     $indexedEndpointType->isDefault = false;
     $document = DOMDocumentFactory::fromString('<root />');
     $indexedEndpointTypeElement = $indexedEndpointType->toXML($document->firstChild, 'md:Test');
     $indexedEndpointElements = Utils::xpQuery($indexedEndpointTypeElement, '/root/saml_metadata:Test');
     $this->assertCount(1, $indexedEndpointElements);
     $indexedEndpointElement = $indexedEndpointElements[0];
     $this->assertEquals('TestBinding', $indexedEndpointElement->getAttribute('Binding'));
     $this->assertEquals('TestLocation', $indexedEndpointElement->getAttribute('Location'));
     $this->assertEquals('42', $indexedEndpointElement->getAttribute('index'));
     $this->assertEquals('false', $indexedEndpointElement->getAttribute('isDefault'));
     $indexedEndpointType->isDefault = true;
     $document->loadXML('<root />');
     $indexedEndpointTypeElement = $indexedEndpointType->toXML($document->firstChild, 'md:Test');
     $indexedEndpointTypeElement = Utils::xpQuery($indexedEndpointTypeElement, '/root/saml_metadata:Test');
     $this->assertCount(1, $indexedEndpointTypeElement);
     $this->assertEquals('true', $indexedEndpointTypeElement[0]->getAttribute('isDefault'));
     $indexedEndpointType->isDefault = null;
     $document->loadXML('<root />');
     $indexedEndpointTypeElement = $indexedEndpointType->toXML($document->firstChild, 'md:Test');
     $indexedEndpointTypeElement = Utils::xpQuery($indexedEndpointTypeElement, '/root/saml_metadata:Test');
     $this->assertCount(1, $indexedEndpointTypeElement);
     $this->assertTrue(!$indexedEndpointTypeElement[0]->hasAttribute('isDefault'));
 }
示例#7
0
文件: Chunk.php 项目: SysBind/saml2
 /**
  * Un-serialize this XML chunk.
  *
  * @param  string          $serialized The serialized chunk.
  * @return \SAML2\XML\Chunk The chunk object represented by the serialized string.
  */
 public function unserialize($serialized)
 {
     $doc = DOMDocumentFactory::fromString(unserialize($serialized));
     $this->xml = $doc->documentElement;
     $this->localName = $this->xml->localName;
     $this->namespaceURI = $this->xml->namespaceURI;
 }
示例#8
0
 /**
  * Test serialization and unserialization
  */
 public function testChunkSerializationLoop()
 {
     $ser = $this->chunk->serialize();
     $document = DOMDocumentFactory::fromString('<root />');
     $newchunk = new Chunk($document->firstChild);
     $newchunk->unserialize($ser);
     $this->assertEqualXMLStructure($this->chunk->getXML(), $newchunk->getXML());
 }
 public function testEmptyRegistrationAuthorityOutboundThrowsException()
 {
     $registrationInfo = new RegistrationInfo();
     $registrationInfo->registrationAuthority = '';
     $document = DOMDocumentFactory::fromString('<root />');
     $this->setExpectedException('Exception', 'Missing required registration authority.');
     $xml = $registrationInfo->toXML($document->firstChild);
 }
示例#10
0
    /**
     * Unmarshalling fails if attribute is empty
     */
    public function testUnmarshallingFailsMissingKeywords()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<mdui:Keywords xml:lang="nl"></mdui:Keywords>
XML
);
        $this->setExpectedException('Exception', 'Missing value for Keywords');
        $keywords = new Keywords($document->firstChild);
    }
 public function setXML($xml)
 {
     assert('is_string($xml)');
     try {
         $this->dom = \SAML2\DOMDocumentFactory::fromString(str_replace("\r", "", $xml));
     } catch (\Exception $e) {
         throw new Exception('Unable to parse AuthnResponse XML.');
     }
 }
示例#12
0
    /**
     * Unmarshalling fails if height attribute not present
     */
    public function testUnmarshallingFailsMissingHeight()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<mdui:Logo width="300" xml:lang="nl">https://static.example.org/images/logos/logo300x200.png</mdui:Logo>
XML
);
        $this->setExpectedException('Exception', 'Missing height of Logo');
        $logo = new Logo($document->firstChild);
    }
 public function testUnmarshalling()
 {
     $document = DOMDocumentFactory::fromString('<md:AdditionalMetadataLocation xmlns:md="' . Constants::NS_MD . '"' . ' namespace="TheNamespaceAttribute">LocationText</md:AdditionalMetadataLocation>');
     $additionalMetadataLocation = new AdditionalMetadataLocation($document->firstChild);
     $this->assertEquals('TheNamespaceAttribute', $additionalMetadataLocation->namespace);
     $this->assertEquals('LocationText', $additionalMetadataLocation->location);
     $document->loadXML('<md:AdditionalMetadataLocation xmlns:md="' . Constants::NS_MD . '"' . '>LocationText</md:AdditionalMetadataLocation>');
     $this->setExpectedException('Exception', 'Missing namespace attribute on AdditionalMetadataLocation element.');
     new AdditionalMetadataLocation($document->firstChild);
 }
示例#14
0
    public function testMissingPublisherThrowsException()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<mdrpi:PublicationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"
                       creationInstant="2011-01-01T00:00:00Z"
                       publicationId="SomePublicationId">
</mdrpi:PublicationInfo>
XML
);
        $this->setExpectedException('Exception', 'Missing required attribute "publisher"');
        $publicationInfo = new PublicationInfo($document->firstChild);
    }
示例#15
0
    public function testUnmarshallingFailure()
    {
        $samlNamespace = Constants::NS_SAML;
        $document = DOMDocumentFactory::fromString(<<<XML
<saml:Attribute xmlns:saml="{$samlNamespace}" NameFormat="TheNameFormat" FriendlyName="TheFriendlyName">
    <saml:AttributeValue>FirstValue</saml:AttributeValue>
    <saml:AttributeValue>SecondValue</saml:AttributeValue>
</saml:Attribute>
XML
);
        $this->setExpectedException('Exception', 'Missing Name on Attribute.');
        new Attribute($document->firstChild);
    }
示例#16
0
    public function testUnmarshallingWithoutOwner()
    {
        $mdNamespace = Constants::NS_MD;
        $document = DOMDocumentFactory::fromString(<<<XML
    <md:AffiliationDescriptor xmlns:md="{$mdNamespace}" ID="TheID" validUntil="2009-02-13T23:31:30Z" cacheDuration="PT5000S">
    <md:AffiliateMember>Member</md:AffiliateMember>
    <md:AffiliateMember>OtherMember</md:AffiliateMember>
</md:AffiliationDescriptor>
XML
);
        $this->setExpectedException('Exception', 'Missing affiliationOwnerID on AffiliationDescriptor.');
        new AffiliationDescriptor($document->firstChild);
    }
 function __construct($metaxml)
 {
     $template = '';
     if (strpos("\n", $metaxml) === FALSE) {
         foreach (explode("\n", self::template) as $line) {
             $template .= trim($line);
         }
     } else {
         $template = self::template;
     }
     $sigdoc = \SAML2\DOMDocumentFactory::fromString($template);
     $this->sigNode = $sigdoc->documentElement;
 }
示例#18
0
    public function testUnmarshalling()
    {
        $samlNamespace = Constants::NS_SAML;
        $document = DOMDocumentFactory::fromString(<<<XML
<saml:NameID xmlns:saml="{$samlNamespace}" NameQualifier="TheNameQualifier" SPNameQualifier="TheSPNameQualifier" Format="TheFormat" SPProvidedID="TheSPProvidedID">TheNameIDValue</saml:NameID>
XML
);
        $nameId = new NameID($document->firstChild);
        $this->assertEquals('TheNameQualifier', $nameId->NameQualifier);
        $this->assertEquals('TheSPNameQualifier', $nameId->SPNameQualifier);
        $this->assertEquals('TheFormat', $nameId->Format);
        $this->assertEquals('TheSPProvidedID', $nameId->SPProvidedID);
        $this->assertEquals('TheNameIDValue', $nameId->value);
    }
    public function testManySubjectConfirmationDataThrowsException()
    {
        $samlNamespace = Constants::NS_SAML;
        $document = DOMDocumentFactory::fromString(<<<XML
<saml:SubjectConfirmation xmlns:saml="{$samlNamespace}" Method="SomeMethod">
  <saml:NameID>SomeNameIDValue</saml:NameID>
  <saml:SubjectConfirmationData Recipient="Me" />
  <saml:SubjectConfirmationData Recipient="Someone Else" />
</saml:SubjectConfirmation>
XML
);
        $this->setExpectedException('Exception', 'More than one SubjectConfirmationData child in a SubjectConfirmation element');
        $subjectConfirmation = new SubjectConfirmation($document->firstChild);
    }
示例#20
0
    public function testUnmarshalling()
    {
        $samlNamespace = Constants::NS_SAML;
        $document = DOMDocumentFactory::fromString(<<<XML
<saml:SubjectConfirmation xmlns:saml="{$samlNamespace}" Method="SomeMethod">
  <saml:NameID>SomeNameIDValue</saml:NameID>
  <saml:SubjectConfirmationData/>
</saml:SubjectConfirmation>
XML
);
        $subjectConfirmation = new SubjectConfirmation($document->firstChild);
        $this->assertEquals('SomeMethod', $subjectConfirmation->Method);
        $this->assertTrue($subjectConfirmation->NameID instanceof NameID);
        $this->assertEquals('SomeNameIDValue', $subjectConfirmation->NameID->value);
        $this->assertTrue($subjectConfirmation->SubjectConfirmationData instanceof SubjectConfirmationData);
    }
示例#21
0
 public function testMarshalling()
 {
     $roleDescriptor = new RoleDescriptorMock();
     $roleDescriptor->ID = 'SomeID';
     $roleDescriptor->validUntil = 1234567890;
     $roleDescriptor->cacheDuration = 'PT5000S';
     $roleDescriptor->protocolSupportEnumeration = array('protocol1', 'protocol2');
     $roleDescriptor->errorURL = 'https://example.org/error';
     $document = DOMDocumentFactory::fromString('<root />');
     $roleDescriptorElement = $roleDescriptor->toXML($document->firstChild);
     $roleDescriptorElement = Utils::xpQuery($roleDescriptorElement, '/root/md:RoleDescriptor');
     $this->assertCount(1, $roleDescriptorElement);
     $roleDescriptorElement = $roleDescriptorElement[0];
     $this->assertEquals('SomeID', $roleDescriptorElement->getAttribute("ID"));
     $this->assertEquals('2009-02-13T23:31:30Z', $roleDescriptorElement->getAttribute("validUntil"));
     $this->assertEquals('PT5000S', $roleDescriptorElement->getAttribute("cacheDuration"));
     $this->assertEquals('protocol1 protocol2', $roleDescriptorElement->getAttribute("protocolSupportEnumeration"));
     $this->assertEquals('myns:MyElement', $roleDescriptorElement->getAttributeNS(Constants::NS_XSI, "type"));
     $this->assertEquals('http://example.org/mynsdefinition', $roleDescriptorElement->lookupNamespaceURI("myns"));
 }
示例#22
0
    public function testUnmarshalling()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<mdrpi:PublicationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"
                       publisher="SomePublisher"
                       creationInstant="2011-01-01T00:00:00Z"
                       publicationId="SomePublicationId">
    <mdrpi:UsagePolicy xml:lang="en">http://TheEnglishUsagePolicy</mdrpi:UsagePolicy>
    <mdrpi:UsagePolicy xml:lang="no">http://TheNorwegianUsagePolicy</mdrpi:UsagePolicy>
</mdrpi:PublicationInfo>
XML
);
        $publicationInfo = new PublicationInfo($document->firstChild);
        $this->assertEquals('SomePublisher', $publicationInfo->publisher);
        $this->assertEquals(1293840000, $publicationInfo->creationInstant);
        $this->assertEquals('SomePublicationId', $publicationInfo->publicationId);
        $this->assertCount(2, $publicationInfo->UsagePolicy);
        $this->assertEquals('http://TheEnglishUsagePolicy', $publicationInfo->UsagePolicy["en"]);
        $this->assertEquals('http://TheNorwegianUsagePolicy', $publicationInfo->UsagePolicy["no"]);
    }
示例#23
0
 /**
  * Send an authenticationResponse using HTTP-POST.
  *
  * @param string                   $response The response which should be sent.
  * @param SimpleSAML_Configuration $idpmd The metadata of the IdP which is sending the response.
  * @param SimpleSAML_Configuration $spmd The metadata of the SP which is receiving the response.
  * @param string|null              $relayState The relaystate for the SP.
  * @param string                   $shire The shire which should receive the response.
  */
 public function sendResponse($response, SimpleSAML_Configuration $idpmd, SimpleSAML_Configuration $spmd, $relayState, $shire)
 {
     \SimpleSAML\Utils\XML::checkSAMLMessage($response, 'saml11');
     $privatekey = SimpleSAML\Utils\Crypto::loadPrivateKey($idpmd, true);
     $publickey = SimpleSAML\Utils\Crypto::loadPublicKey($idpmd, true);
     $responsedom = \SAML2\DOMDocumentFactory::fromString(str_replace("\r", "", $response));
     $responseroot = $responsedom->getElementsByTagName('Response')->item(0);
     $firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
     /* Determine what we should sign - either the Response element or the Assertion. The default is to sign the
      * Assertion, but that can be overridden by the 'signresponse' option in the SP metadata or
      * 'saml20.signresponse' in the global configuration.
      *
      * TODO: neither 'signresponse' nor 'shib13.signresponse' are valid options any longer. Remove!
      */
     if ($spmd->hasValue('signresponse')) {
         $signResponse = $spmd->getBoolean('signresponse');
     } else {
         $signResponse = $this->configuration->getBoolean('shib13.signresponse', true);
     }
     // check if we have an assertion to sign. Force to sign the response if not
     if ($firstassertionroot === null) {
         $signResponse = true;
     }
     $signer = new SimpleSAML_XML_Signer(array('privatekey_array' => $privatekey, 'publickey_array' => $publickey, 'id' => $signResponse ? 'ResponseID' : 'AssertionID'));
     if ($idpmd->hasValue('certificatechain')) {
         $signer->addCertificate($idpmd->getString('certificatechain'));
     }
     if ($signResponse) {
         // sign the response - this must be done after encrypting the assertion
         // we insert the signature before the saml2p:Status element
         $statusElements = SimpleSAML\Utils\XML::getDOMChildren($responseroot, 'Status', '@saml1p');
         assert('count($statusElements) === 1');
         $signer->sign($responseroot, $responseroot, $statusElements[0]);
     } else {
         // Sign the assertion
         $signer->sign($firstassertionroot, $firstassertionroot);
     }
     $response = $responsedom->saveXML();
     \SimpleSAML\Utils\XML::debugSAMLMessage($response, 'out');
     \SimpleSAML\Utils\HTTP::submitPOSTData($shire, array('TARGET' => $relayState, 'SAMLResponse' => base64_encode($response)));
 }
    public function testUnmarshalling()
    {
        $samlNamespace = Constants::NS_SAML;
        $document = DOMDocumentFactory::fromString(<<<XML
<saml:SubjectConfirmationData
    xmlns:saml="{$samlNamespace}"
    NotBefore="2001-04-19T04:25:21Z"
    NotOnOrAfter="2009-02-13T23:31:30Z"
    Recipient="https://sp.example.org/asdf"
    InResponseTo="SomeRequestID"
    Address="127.0.0.1"
    />
XML
);
        $subjectConfirmationData = new SubjectConfirmationData($document->firstChild);
        $this->assertEquals(987654321, $subjectConfirmationData->NotBefore);
        $this->assertEquals(1234567890, $subjectConfirmationData->NotOnOrAfter);
        $this->assertEquals('https://sp.example.org/asdf', $subjectConfirmationData->Recipient);
        $this->assertEquals('SomeRequestID', $subjectConfirmationData->InResponseTo);
        $this->assertEquals('127.0.0.1', $subjectConfirmationData->Address);
    }
    public function testUnmarshallingAttributes()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
  <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:simplesamlphp:v1:simplesamlphp" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
    <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">is</saml:AttributeValue>
    <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">really</saml:AttributeValue>
    <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">cool</saml:AttributeValue>
  </saml:Attribute>
  <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="foo" NameFormat="urn:simplesamlphp:v1">
    <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">bar</saml:AttributeValue>
  </saml:Attribute>
</mdattr:EntityAttributes>
XML
);
        $entityAttributes = new EntityAttributes($document->firstChild);
        $this->assertCount(2, $entityAttributes->children);
        $this->assertEquals('urn:simplesamlphp:v1:simplesamlphp', $entityAttributes->children[0]->Name);
        $this->assertEquals('urn:oasis:names:tc:SAML:2.0:attrname-format:uri', $entityAttributes->children[0]->NameFormat);
        $this->assertCount(3, $entityAttributes->children[0]->AttributeValue);
        $this->assertEquals('foo', $entityAttributes->children[1]->Name);
        $this->assertEquals('urn:simplesamlphp:v1', $entityAttributes->children[1]->NameFormat);
        $this->assertCount(1, $entityAttributes->children[1]->AttributeValue);
    }
示例#26
0
    /**
     * Umarshal a DiscoHints attribute with extra children
     */
    public function testUnmarshallingChildren()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
  <mdui:GeolocationHint>geo:47.37328,8.531126</mdui:GeolocationHint>
  <child1>content of tag</child1>
</mdui:DiscoHints>
XML
);
        $disco = new DiscoHints($document->firstChild);
        $this->assertCount(1, $disco->GeolocationHint);
        $this->assertEquals('geo:47.37328,8.531126', $disco->GeolocationHint[0]);
        $this->assertCount(1, $disco->children);
        $this->assertEquals('content of tag', $disco->children[0]->xml->textContent);
    }
示例#27
0
    public function testUnmarshalling2()
    {
        $document = DOMDocumentFactory::fromString(<<<XML
<EntityDescriptor entityID="theEntityID" ID="theID" validUntil="2010-01-01T12:34:56Z" cacheDuration="PT5000S" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">

    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.org/AttributeService" />
    </AttributeAuthorityDescriptor>

    <Organization>
        <OrganizationName xml:lang="no">orgNameTest (no)</OrganizationName>
        <OrganizationName xml:lang="en">orgNameTest (en)</OrganizationName>
        <OrganizationDisplayName xml:lang="no">orgDispNameTest (no)</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">orgDispNameTest (en)</OrganizationDisplayName>
        <OrganizationURL xml:lang="no">orgURL (no)</OrganizationURL>
        <OrganizationURL xml:lang="en">orgURL (en)</OrganizationURL>
    </Organization>
</EntityDescriptor>
XML
);
        $entityDescriptor = new EntityDescriptor($document->firstChild);
        $this->assertTrue($entityDescriptor instanceof EntityDescriptor);
        $this->assertEquals('theEntityID', $entityDescriptor->entityID);
        $this->assertEquals('theID', $entityDescriptor->ID);
        $this->assertEquals(1262349296, $entityDescriptor->validUntil);
        $this->assertEquals('PT5000S', $entityDescriptor->cacheDuration);
        $this->assertCount(1, $entityDescriptor->RoleDescriptor);
        $this->assertTrue($entityDescriptor->RoleDescriptor[0] instanceof AttributeAuthorityDescriptor);
        $o = $entityDescriptor->Organization;
        $this->assertTrue($o instanceof Organization);
        $this->assertCount(2, $o->OrganizationName);
        $this->assertEquals('orgNameTest (no)', $o->OrganizationName["no"]);
        $this->assertEquals('orgNameTest (en)', $o->OrganizationName["en"]);
        $this->assertCount(2, $o->OrganizationDisplayName);
        $this->assertEquals('orgDispNameTest (no)', $o->OrganizationDisplayName["no"]);
        $this->assertEquals('orgDispNameTest (en)', $o->OrganizationDisplayName["en"]);
        $this->assertCount(2, $o->OrganizationURL);
        $this->assertEquals('orgURL (no)', $o->OrganizationURL["no"]);
        $this->assertEquals('orgURL (en)', $o->OrganizationURL["en"]);
    }
示例#28
0
 /**
  * This function parses a string with XML data. The root node of the XML data is expected to be either an
  * EntityDescriptor element or an EntitiesDescriptor element. It will return an associative array of
  * SAMLParser instances.
  *
  * @param string $string The string with XML data.
  *
  * @return SimpleSAML_Metadata_SAMLParser[] An associative array of SAMLParser instances. The key of the array will
  *     be the entity id.
  * @throws Exception If the string does not parse as XML.
  */
 public static function parseDescriptorsString($string)
 {
     try {
         $doc = \SAML2\DOMDocumentFactory::fromString($string);
     } catch (\Exception $e) {
         throw new Exception('Failed to parse XML string.');
     }
     return self::parseDescriptorsElement($doc->documentElement);
 }
    // TODO: look for a specific exception
    // This is dirty. Instead of checking the message of the exception, \SAML2\Binding::getCurrentBinding() should throw
    // an specific exception when the binding is unknown, and we should capture that here. Also note that the exception
    // message here is bogus!
    if ($e->getMessage() === 'Invalid message received to AssertionConsumerService endpoint.') {
        throw new SimpleSAML_Error_Error('ARSPARAMS', $e, 400);
    } else {
        throw $e;
        // do not ignore other exceptions!
    }
}
if (!$request instanceof \SAML2\ArtifactResolve) {
    throw new Exception('Message received on ArtifactResolutionService wasn\'t a ArtifactResolve request.');
}
$issuer = $request->getIssuer();
$spMetadata = $metadata->getMetadataConfig($issuer, 'saml20-sp-remote');
$artifact = $request->getArtifact();
$responseData = $store->get('artifact', $artifact);
$store->delete('artifact', $artifact);
if ($responseData !== null) {
    $document = \SAML2\DOMDocumentFactory::fromString($responseData);
    $responseXML = $document->firstChild;
} else {
    $responseXML = null;
}
$artifactResponse = new \SAML2\ArtifactResponse();
$artifactResponse->setIssuer($idpEntityId);
$artifactResponse->setInResponseTo($request->getId());
$artifactResponse->setAny($responseXML);
sspmod_saml_Message::addSign($idpMetadata, $spMetadata, $artifactResponse);
$binding->send($artifactResponse);
示例#30
0
 /**
  * Un-serialize this AttributeValue.
  *
  * @param string $serialized The serialized AttributeValue.
  */
 public function unserialize($serialized)
 {
     $doc = DOMDocumentFactory::fromString(unserialize($serialized));
     $this->element = $doc->documentElement;
 }