OneLogin_Saml2_Response::validateTimestamps PHP Method

OneLogin_Saml2_Response Class Documentation Usage Examples Of OneLogin_Saml2_Response::validateTimestamps 显示文件 Open project: onelogin/php-saml

validateTimestamps() public method

Verifies that the document is still valid according Conditions Element.
public validateTimestamps ( ) : boolean
return boolean 
    public function validateTimestamps()
    {
        if ($this->encrypted) {
            $document = $this->decryptedDocument;
        } else {
            $document = $this->document;
        }
        $timestampNodes = $document->getElementsByTagName('Conditions');
        for ($i = 0; $i < $timestampNodes->length; $i++) {
            $nbAttribute = $timestampNodes->item($i)->attributes->getNamedItem("NotBefore");
            $naAttribute = $timestampNodes->item($i)->attributes->getNamedItem("NotOnOrAfter");
            if ($nbAttribute && OneLogin_SAML2_Utils::parseSAML2Time($nbAttribute->textContent) > time() + OneLogin_Saml2_Constants::ALLOWED_CLOCK_DRIFT) {
                return false;
            }
            if ($naAttribute && OneLogin_SAML2_Utils::parseSAML2Time($naAttribute->textContent) + OneLogin_Saml2_Constants::ALLOWED_CLOCK_DRIFT <= time()) {
                return false;
            }
        }
        return true;
    }

Usage Example

示例#1
0
    define('OPTION_SHOW_USE_LOCAL_CREDENTIALS', false);
}
$force_sso = false;
$wi_remote_user_login = '';
if (defined('OPTION_FORCE_SSO') && OPTION_FORCE_SSO === true) {
    if (array_key_exists('REMOTE_USER', $_SERVER)) {
        $wi_remote_user_login = $_SERVER['REMOTE_USER'];
        $force_sso = true;
        $wi_use_local_credentials = 0;
    }
}
if (array_key_exists('SAML2', $_SESSION) && $_SESSION['SAML2'] === true && array_key_exists('ovd-sso', $_COOKIE)) {
    require_once dirname(__FILE__) . "/auth/saml2/common.inc.php";
    $response = new OneLogin_Saml2_Response(new OneLogin_Saml2_Settings(build_saml_settings('https://www.ulteo.com', NULL, NULL)), $_SESSION['SAML2_ticket']);
    $sessionExpiration = $response->getSessionNotOnOrAfter();
    if (!empty($sessionExpiration) && $sessionExpiration <= time() || !$response->validateTimestamps()) {
        setcookie('ovd-sso', '', time() - 42000, '/ovd/');
        require dirname(__FILE__) . "/auth/saml2/sp.php";
    }
    $wi_remote_user_login = $_SESSION['SAML2_login'];
    $force_sso = true;
    $wi_use_local_credentials = 0;
    setcookie('ovd-sso', 'true', 0, '/ovd/');
} elseif (defined('OPTION_FORCE_SAML2') && OPTION_FORCE_SAML2 === true) {
    // Redirect the user to the SAML2 Identity Provider
    setcookie('ovd-sso', '', time() - 42000, '/ovd/');
    require dirname(__FILE__) . "/auth/saml2/sp.php";
} else {
    setcookie('ovd-sso', '', time() - 42000, '/ovd/');
}
$wi_session_mode = 'desktop';
All Usage Examples Of OneLogin_Saml2_Response::validateTimestamps
OneLogin_Saml2_Response
__construct
_decryptAssertion
_query
_queryAssertion
checkOneAuthnStatement
checkOneCondition
checkStatus
getAttributes
getAudiences
getError
getIssuers
getNameId
getNameIdData
getNameIdFormat
getSessionIndex
getSessionNotOnOrAfter
isValid
processSignedElements
validateNumAssertions
validateSignedElements
validateTimestamps