public static function postAuth(array $state) { $idp = SimpleSAML_IdP::getByState($state); if (!$idp->isAuthenticated()) { throw new SimpleSAML_Error_Exception('Not authenticated.'); } $state['Attributes'] = $idp->authSource->getAttributes(); if (isset($state['SPMetadata'])) { $spMetadata = $state['SPMetadata']; } else { $spMetadata = array(); } if (isset($state['core:SP'])) { $session = SimpleSAML_Session::getSessionFromRequest(); $previousSSOTime = $session->getData('core:idp-ssotime', $state['core:IdP'] . ';' . $state['core:SP']); if ($previousSSOTime !== null) { $state['PreviousSSOTimestamp'] = $previousSSOTime; } } $idpMetadata = $idp->getConfig()->toArray(); $pc = new SimpleSAML_Auth_ProcessingChain($idpMetadata, $spMetadata, 'idp'); $state['ReturnCall'] = array('SimpleSAML_IdP', 'postAuthProc'); $state['Destination'] = $spMetadata; $state['Source'] = $idpMetadata; $pc->processState($state); self::postAuthProc($state); }
<?php /* TODO: Delete this file in version 1.8. */ if (!isset($_REQUEST['RequestID'])) { throw new SimpleSAML_Error_BadRequest('Missing required URL parameter.'); } /* Backwards-compatibility with old authentication pages. */ $session = SimpleSAML_Session::getSessionFromRequest(); $requestcache = $session->getAuthnRequest('saml2', (string) $_REQUEST['RequestID']); if (!$requestcache) { throw new Exception('Could not retrieve cached RequestID = ' . $authId); } if ($requestcache['ForceAuthn'] && $requestcache['core:prevSession'] === $session->getAuthnInstant()) { throw new Exception('ForceAuthn set, but timestamp not updated.'); } $state = $requestcache['State']; SimpleSAML_IdP::postAuth($state);