public getNameIdData ( ) : array | ||
return | array | Name ID Data (Value, Format, NameQualifier, SPNameQualifier) |
public function getNameIdData()
{
$encryptedIdDataEntries = $this->_queryAssertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData');
if ($encryptedIdDataEntries->length == 1) {
$encryptedData = $encryptedIdDataEntries->item(0);
$key = $this->_settings->getSPkey();
$seckey = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type' => 'private'));
$seckey->loadKey($key);
$nameId = OneLogin_Saml2_Utils::decryptElement($encryptedData, $seckey);
} else {
$entries = $this->_queryAssertion('/saml:Subject/saml:NameID');
if ($entries->length == 1) {
$nameId = $entries->item(0);
}
}
$nameIdData = array();
if (!isset($nameId)) {
$security = $this->_settings->getSecurityData();
if ($security['wantNameId']) {
throw new Exception("Not NameID found in the assertion of the Response");
}
} else {
if ($this->_settings->isStrict() && empty($nameId->nodeValue)) {
throw new Exception("An empty NameID value found");
}
$nameIdData['Value'] = $nameId->nodeValue;
foreach (array('Format', 'SPNameQualifier', 'NameQualifier') as $attr) {
if ($nameId->hasAttribute($attr)) {
if ($this->_settings->isStrict() && $attr == 'SPNameQualifier') {
$spData = $this->_settings->getSPData();
$spEntityId = $spData['entityId'];
if ($spEntityId != $nameId->getAttribute($attr)) {
throw new Exception("The SPNameQualifier value mistmatch the SP entityID value.");
}
}
$nameIdData[$attr] = $nameId->getAttribute($attr);
}
}
}
return $nameIdData;
}
/** * Tests the getNameIdData method of the OneLogin_Saml2_Response * * @covers OneLogin_Saml2_Response::getNameIdData */ public function testGetNameIdData() { $xml = file_get_contents(TEST_ROOT . '/data/responses/response1.xml.base64'); $response = new OneLogin_Saml2_Response($this->_settings, $xml); $expectedNameIdData = array('Value' => '*****@*****.**', 'Format' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'); $nameIdData = $response->getNameIdData(); $this->assertEquals($expectedNameIdData, $nameIdData); $xml2 = file_get_contents(TEST_ROOT . '/data/responses/response_encrypted_nameid.xml.base64'); $response2 = new OneLogin_Saml2_Response($this->_settings, $xml2); $expectedNameIdData2 = array('Value' => '2de11defd199f8d5bb63f9b7deb265ba5c675c10', 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified', 'SPNameQualifier' => 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php'); $nameIdData2 = $response2->getNameIdData(); $this->assertEquals($expectedNameIdData2, $nameIdData2); $xml3 = file_get_contents(TEST_ROOT . '/data/responses/valid_encrypted_assertion.xml.base64'); $response3 = new OneLogin_Saml2_Response($this->_settings, $xml3); $expectedNameIdData3 = array('Value' => '_68392312d490db6d355555cfbbd8ec95d746516f60', 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', 'SPNameQualifier' => 'http://stuff.com/endpoints/metadata.php'); $nameIdData3 = $response3->getNameIdData(); $this->assertEquals($expectedNameIdData3, $nameIdData3); $xml4 = file_get_contents(TEST_ROOT . '/data/responses/invalids/no_nameid.xml.base64'); $response4 = new OneLogin_Saml2_Response($this->_settings, $xml4); try { $nameIdData4 = $response4->getNameIdData(); } catch (Exception $e) { $this->assertContains('Not NameID found in the assertion of the Response', $e->getMessage()); } }