saml2: Add support for authproc to SP.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1660 44740490-163a-0410-bde0-09ae8108e29a

saml2: Add support for authproc to SP.
15a23f36 · Olav Morken · cc5017ab · 15a23f36 · 15a23f36
Commit 15a23f36 authored 15 years ago by Olav Morken
--- a/modules/saml2/lib/Auth/Source/SP.php
+++ b/modules/saml2/lib/Auth/Source/SP.php
@@ -294,28 +294,39 @@ class sspmod_saml2_Auth_Source_SP extends SimpleSAML_Auth_Source {


 	/**
-	 * Called when we are logged in.
+	 * Called when we receive a logout request.
 	 *
 	 * @param string $idpEntityId  Entity id of the IdP.
-	 * @param array $state  The state of the authentication operation.
 	 */
-	public function onLogin($idpEntityId, $state) {
+	public function onLogout($idpEntityId) {
 		assert('is_string($idpEntityId)');
-		assert('is_array($state)');

-		$this->addLogoutCallback($idpEntityId, $state);
+		$this->callLogoutCallback($idpEntityId);
 	}


 	/**
-	 * Called when we receive a logout request.
+	 * Called when we have completed the procssing chain.
 	 *
-	 * @param string $idpEntityId  Entity id of the IdP.
+	 * @param array $authProcState  The processing chain state.
 	 */
-	public function onLogout($idpEntityId) {
-		assert('is_string($idpEntityId)');
+	public static function onProcessingCompleted(array $authProcState) {
+		assert('array_key_exists("saml2:sp:IdP", $authProcState)');
+		assert('array_key_exists("saml2:sp:State", $authProcState)');
+		assert('array_key_exists("Attributes", $authProcState)');
+
+		$idp = $authProcState['saml2:sp:IdP'];
+		$state = $authProcState['saml2:sp:State'];
+
+		$sourceId = $state[sspmod_saml2_Auth_Source_SP::AUTHID];
+		$source = SimpleSAML_Auth_Source::getById($sourceId);
+		if ($source === NULL) {
+			throw new Exception('Could not find authentication source with id ' . $sourceId);
+		}

-		$this->callLogoutCallback($idpEntityId);
+		$source->addLogoutCallback($idp, $state);
+		$state['Attributes'] = $authProcState['Attributes'];
+		SimpleSAML_Auth_Source::completeAuth($state);
 	}

 }

--- a/modules/saml2/www/sp/acs.php
+++ b/modules/saml2/www/sp/acs.php
@@ -61,9 +61,24 @@ $logoutState = array(
 	);
 $state['LogoutState'] = $logoutState;

-$source->onLogin($idp, $state);

-$state['Attributes'] = $assertion->getAttributes();
-SimpleSAML_Auth_Source::completeAuth($state);
+$spMetadataArray = $spMetadata->toArray();
+$idpMetadataArray = $idpMetadata->toArray();
+
+$pc = new SimpleSAML_Auth_ProcessingChain($idpMetadataArray, $spMetadataArray, 'sp');
+
+$authProcState = array(
+	'saml2:sp:IdP' => $idp,
+	'saml2:sp:State' => $state,
+	'ReturnCall' => array('sspmod_saml2_Auth_Source_SP', 'onProcessingCompleted'),
+
+	'Attributes' => $assertion->getAttributes(),
+	'Destination' => $spMetadataArray,
+	'Source' => $idpMetadataArray,
+);
+
+$pc->processState($authProcState);
+
+sspmod_saml2_Auth_Source_SP::onProcessingCompleted($authProcState);

 ?>
\ No newline at end of file