SAML2\Assertion::decryptAttributes PHP Method

Assertion Class Documentation Usage Examples Of SAML2\Assertion::decryptAttributes Datei anzeigen Open project: simplesamlphp/saml2

decryptAttributes() public method

Decrypt the assertion attributes.

public decryptAttributes ( XMLSecurityKey $key, array $blacklist = [] )
$key	RobRichards\XMLSecLibs\XMLSecurityKey
$blacklist	array

    public function decryptAttributes(XMLSecurityKey $key, array $blacklist = array())
    {
        if ($this->encryptedAttributes === null) {
            return;
        }
        $firstAttribute = true;
        $attributes = $this->encryptedAttributes;
        foreach ($attributes as $attributeEnc) {
            /*Decrypt node <EncryptedAttribute>*/
            $attribute = Utils::decryptElement($attributeEnc->getElementsByTagName('EncryptedData')->item(0), $key, $blacklist);
            if (!$attribute->hasAttribute('Name')) {
                throw new \Exception('Missing name on <saml:Attribute> element.');
            }
            $name = $attribute->getAttribute('Name');
            if ($attribute->hasAttribute('NameFormat')) {
                $nameFormat = $attribute->getAttribute('NameFormat');
            } else {
                $nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
            }
            if ($firstAttribute) {
                $this->nameFormat = $nameFormat;
                $firstAttribute = false;
            } else {
                if ($this->nameFormat !== $nameFormat) {
                    $this->nameFormat = Constants::NAMEFORMAT_UNSPECIFIED;
                }
            }
            if (!array_key_exists($name, $this->attributes)) {
                $this->attributes[$name] = array();
            }
            $this->parseAttributeValue($attribute, $name);
        }
    }

Usage Example

Beispiel #1

Datei anzeigen

Datei: AssertionTest.php Projekt: robinsonjoshuab/saml2

    public function testTypedEncryptedAttributeValuesAreParsedCorrectly()
    {
        $xml = <<<XML
            <saml:Assertion
                    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                    xmlns:xs="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                    Version="2.0"
                    ID="_93af655219464fb403b34436cfb0c5cb1d9a5502"
                    IssueInstant="1970-01-01T01:33:31Z">
      <saml:Issuer>Provider</saml:Issuer>
      <saml:Conditions/>
      <saml:AttributeStatement>
        <saml:Attribute Name="urn:some:string">
            <saml:AttributeValue xsi:type="xs:string">string</saml:AttributeValue>
        </saml:Attribute>
        <saml:Attribute Name="urn:some:integer">
            <saml:AttributeValue xsi:type="xs:integer">42</saml:AttributeValue>
        </saml:Attribute>
      </saml:AttributeStatement>
    </saml:Assertion>
XML;
        $privateKey = CertificatesMock::getPublicKey();
        $assertion = new Assertion(DOMDocumentFactory::fromString($xml)->firstChild);
        $assertion->setEncryptionKey($privateKey);
        $assertion->setEncryptedAttributes(true);
        $encryptedAssertion = $assertion->toXML()->ownerDocument->saveXML();
        $assertionToVerify = new Assertion(DOMDocumentFactory::fromString($encryptedAssertion)->firstChild);
        $this->assertTrue($assertionToVerify->hasEncryptedAttributes());
        $assertionToVerify->decryptAttributes(CertificatesMock::getPrivateKey());
        $attributes = $assertionToVerify->getAttributes();
        $this->assertInternalType('int', $attributes['urn:some:integer'][0]);
        $this->assertInternalType('string', $attributes['urn:some:string'][0]);
        $this->assertXmlStringEqualsXmlString($xml, $assertionToVerify->toXML()->ownerDocument->saveXML());
    }

Assertion

__construct

addAttributeStatement

addAuthnStatement

addConditions

addEncryptedAttributeStatement

addSubject

decryptAttributes

decryptNameId

encryptNameId

getAttributeNameFormat

getAttributes