From 15a23f360a707452e8773682684aa544712c87d2 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 13 Aug 2009 08:26:22 +0000
Subject: [PATCH] saml2: Add support for authproc to SP.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1660 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml2/lib/Auth/Source/SP.php | 31 +++++++++++++++++++---------
 modules/saml2/www/sp/acs.php         | 21 ++++++++++++++++---
 2 files changed, 39 insertions(+), 13 deletions(-)

diff --git a/modules/saml2/lib/Auth/Source/SP.php b/modules/saml2/lib/Auth/Source/SP.php
index 10b6f44eb..168d07ac8 100644
--- a/modules/saml2/lib/Auth/Source/SP.php
+++ b/modules/saml2/lib/Auth/Source/SP.php
@@ -294,28 +294,39 @@ class sspmod_saml2_Auth_Source_SP extends SimpleSAML_Auth_Source {
 
 
 	/**
-	 * Called when we are logged in.
+	 * Called when we receive a logout request.
 	 *
 	 * @param string $idpEntityId  Entity id of the IdP.
-	 * @param array $state  The state of the authentication operation.
 	 */
-	public function onLogin($idpEntityId, $state) {
+	public function onLogout($idpEntityId) {
 		assert('is_string($idpEntityId)');
-		assert('is_array($state)');
 
-		$this->addLogoutCallback($idpEntityId, $state);
+		$this->callLogoutCallback($idpEntityId);
 	}
 
 
 	/**
-	 * Called when we receive a logout request.
+	 * Called when we have completed the procssing chain.
 	 *
-	 * @param string $idpEntityId  Entity id of the IdP.
+	 * @param array $authProcState  The processing chain state.
 	 */
-	public function onLogout($idpEntityId) {
-		assert('is_string($idpEntityId)');
+	public static function onProcessingCompleted(array $authProcState) {
+		assert('array_key_exists("saml2:sp:IdP", $authProcState)');
+		assert('array_key_exists("saml2:sp:State", $authProcState)');
+		assert('array_key_exists("Attributes", $authProcState)');
+
+		$idp = $authProcState['saml2:sp:IdP'];
+		$state = $authProcState['saml2:sp:State'];
+
+		$sourceId = $state[sspmod_saml2_Auth_Source_SP::AUTHID];
+		$source = SimpleSAML_Auth_Source::getById($sourceId);
+		if ($source === NULL) {
+			throw new Exception('Could not find authentication source with id ' . $sourceId);
+		}
 
-		$this->callLogoutCallback($idpEntityId);
+		$source->addLogoutCallback($idp, $state);
+		$state['Attributes'] = $authProcState['Attributes'];
+		SimpleSAML_Auth_Source::completeAuth($state);
 	}
 
 }
diff --git a/modules/saml2/www/sp/acs.php b/modules/saml2/www/sp/acs.php
index 9cff6754a..8a743f420 100644
--- a/modules/saml2/www/sp/acs.php
+++ b/modules/saml2/www/sp/acs.php
@@ -61,9 +61,24 @@ $logoutState = array(
 	);
 $state['LogoutState'] = $logoutState;
 
-$source->onLogin($idp, $state);
 
-$state['Attributes'] = $assertion->getAttributes();
-SimpleSAML_Auth_Source::completeAuth($state);
+$spMetadataArray = $spMetadata->toArray();
+$idpMetadataArray = $idpMetadata->toArray();
+
+$pc = new SimpleSAML_Auth_ProcessingChain($idpMetadataArray, $spMetadataArray, 'sp');
+
+$authProcState = array(
+	'saml2:sp:IdP' => $idp,
+	'saml2:sp:State' => $state,
+	'ReturnCall' => array('sspmod_saml2_Auth_Source_SP', 'onProcessingCompleted'),
+
+	'Attributes' => $assertion->getAttributes(),
+	'Destination' => $spMetadataArray,
+	'Source' => $idpMetadataArray,
+);
+
+$pc->processState($authProcState);
+
+sspmod_saml2_Auth_Source_SP::onProcessingCompleted($authProcState);
 
 ?>
\ No newline at end of file
-- 
GitLab