private function addEncryptedAttributeStatement(\DOMElement $root)
{
if ($this->requiredEncAttributes == false) {
return;
}
$document = $root->ownerDocument;
$attributeStatement = $document->createElementNS(Constants::NS_SAML, 'saml:AttributeStatement');
$root->appendChild($attributeStatement);
foreach ($this->attributes as $name => $values) {
$document2 = DOMDocumentFactory::create();
$attribute = $document2->createElementNS(Constants::NS_SAML, 'saml:Attribute');
$attribute->setAttribute('Name', $name);
$document2->appendChild($attribute);
if ($this->nameFormat !== Constants::NAMEFORMAT_UNSPECIFIED) {
$attribute->setAttribute('NameFormat', $this->nameFormat);
}
foreach ($values as $value) {
if (is_string($value)) {
$type = 'xs:string';
} elseif (is_int($value)) {
$type = 'xs:integer';
} else {
$type = null;
}
$attributeValue = $document2->createElementNS(Constants::NS_SAML, 'saml:AttributeValue');
$attribute->appendChild($attributeValue);
if ($type !== null) {
$attributeValue->setAttributeNS(Constants::NS_XSI, 'xsi:type', $type);
}
if ($value instanceof \DOMNodeList) {
for ($i = 0; $i < $value->length; $i++) {
$node = $document2->importNode($value->item($i), true);
$attributeValue->appendChild($node);
}
} else {
$attributeValue->appendChild($document2->createTextNode($value));
}
}
/*Once the attribute nodes are built, the are encrypted*/
$EncAssert = new XMLSecEnc();
$EncAssert->setNode($document2->documentElement);
$EncAssert->type = 'http://www.w3.org/2001/04/xmlenc#Element';
/*
* Attributes are encrypted with a session key and this one with
* $EncryptionKey
*/
$symmetricKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
$symmetricKey->generateSessionKey();
$EncAssert->encryptKey($this->encryptionKey, $symmetricKey);
$EncrNode = $EncAssert->encryptNode($symmetricKey);
$EncAttribute = $document->createElementNS(Constants::NS_SAML, 'saml:EncryptedAttribute');
$attributeStatement->appendChild($EncAttribute);
$n = $document->importNode($EncrNode, true);
$EncAttribute->appendChild($n);
}
}
