sspmod_saml_Message::processResponse PHP Method

sspmod_saml_Message Class Documentation Usage Examples Of sspmod_saml_Message::processResponse Mostrar archivo Open project: simplesamlphp/simplesamlphp

processResponse() public static method

If the response is an error response, we will throw a sspmod_saml_Error exception with the error.
public static processResponse ( SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata, SAML2\Response $response ) : array
$spMetadata SimpleSAML_Configuration The metadata of the service provider.
$idpMetadata SimpleSAML_Configuration The metadata of the identity provider.
$response SAML2\Response The response.
return array Array with \SAML2\Assertion objects, containing valid assertions from the response. 
    public static function processResponse(SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata, \SAML2\Response $response)
    {
        if (!$response->isSuccess()) {
            throw self::getResponseError($response);
        }
        /* Validate Response-element destination. */
        $currentURL = \SimpleSAML\Utils\HTTP::getSelfURLNoQuery();
        $msgDestination = $response->getDestination();
        if ($msgDestination !== NULL && $msgDestination !== $currentURL) {
            throw new Exception('Destination in response doesn\'t match the current URL. Destination is "' . $msgDestination . '", current URL is "' . $currentURL . '".');
        }
        $responseSigned = self::checkSign($idpMetadata, $response);
        /*
         * When we get this far, the response itself is valid.
         * We only need to check signatures and conditions of the response.
         */
        $assertion = $response->getAssertions();
        if (empty($assertion)) {
            throw new SimpleSAML_Error_Exception('No assertions found in response from IdP.');
        }
        $ret = array();
        foreach ($assertion as $a) {
            $ret[] = self::processAssertion($spMetadata, $idpMetadata, $response, $a, $responseSigned);
        }
        return $ret;
    }

Usage Example

Ejemplo n.º 1
0
function handleResponse()
{
    try {
        $binding = SAML2_Binding::getCurrentBinding();
        $response = $binding->receive();
    } catch (Exception $e) {
        return;
    }
    SimpleSAML_Logger::debug('attributequery - received message.');
    if (!$response instanceof SAML2_Response) {
        throw new SimpleSAML_Error_Exception('Unexpected message received to attribute query example.');
    }
    $idpEntityId = $response->getIssuer();
    if ($idpEntityId === NULL) {
        throw new SimpleSAML_Error_Exception('Missing issuer in response.');
    }
    $idpMetadata = $GLOBALS['metadata']->getMetaDataConfig($idpEntityId, 'saml20-idp-remote');
    $spMetadata = $GLOBALS['metadata']->getMetaDataConfig($GLOBALS['spEntityId'], 'saml20-sp-hosted');
    $assertion = sspmod_saml_Message::processResponse($spMetadata, $idpMetadata, $response);
    if (count($assertion) > 1) {
        throw new SimpleSAML_Error_Exception('More than one assertion in received response.');
    }
    $assertion = $assertion[0];
    $dataId = $response->getRelayState();
    if ($dataId === NULL) {
        throw new SimpleSAML_Error_Exception('RelayState was lost during request.');
    }
    $data = $GLOBALS['session']->getData('attributequeryexample:data', $dataId);
    $data['attributes'] = $assertion->getAttributes();
    $GLOBALS['session']->setData('attributequeryexample:data', $dataId, $data, 3600);
    SimpleSAML_Utilities::redirect(SimpleSAML_Utilities::selfURLNoQuery(), array('dataId' => $dataId));
}
All Usage Examples Of sspmod_saml_Message::processResponse
sspmod_saml_Message
addRedirectSign
addSign
buildAuthnRequest
buildLogoutRequest
buildLogoutResponse
checkSign
decryptAssertion
findCertificate
getBlacklistedAlgorithms
getDecryptionKeys
getEncryptionKey
getResponseError
processAssertion
processResponse
validateMessage