Shib13-SP: Move session creation into AssertionConsumerService

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@817 44740490-163a-0410-bde0-09ae8108e29a

lib/SimpleSAML/XML/Shib13/AuthnResponse.php

@@ -107,27 +107,8 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
 		return $xPath->query($query, $node);
 	}
 
-
-	public function createSession() {
-	
-		$session = SimpleSAML_Session::getInstance();
-		$session->doLogin('shib13');
-		$session->setAttributes($this->getAttributes());
-		
-		$nameid = $this->getNameID();
-		
-		$session->setNameID($nameid);
-		$session->setSessionIndex($this->getSessionIndex());
-		
-		$session->setIdP($this->getIssuer());
-		/*
-		$nameID["NameID"] = $node->nodeValue;
-		
-				$nameID["NameQualifier"] = $node->getAttribute('NameQualifier');
-				$nameID["SPNameQualifier"] = $node->getAttribute('SPNameQualifier');
-		*/
-		return $session;
-	}
+	/* This function is only included because it is in the base class. Will be removed in the future. */
+	public function createSession() { throw new Exception('Removed');}
 	
 	//TODO
 	function getSessionIndex() {

www/shib13/sp/AssertionConsumerService.php

@@ -23,41 +23,43 @@ try {
 	$authnResponse = $binding->decodeResponse($_POST);
 
 	$authnResponse->validate();
-	$session = $authnResponse->createSession();
 
+	/* Successfully authenticated. */
 
-	if (isset($session)) {
+	$idpmetadata = $metadata->getMetadata($authnResponse->getIssuer(), 'shib13-idp-remote');
 
-		SimpleSAML_Logger::info('Shib1.3 - SP.AssertionConsumerService: Successfully created local session from Authentication Response');
+	SimpleSAML_Logger::info('Shib1.3 - SP.AssertionConsumerService: Successful authentication to IdP ' . $idpmetadata['entityid']);
 
-		/**
-		 * Make a log entry in the statistics for this SSO login.
-		 */
-		$tempattr = $session->getAttributes();
-		$realmattr = $config->getValue('statistics.realmattr', null);
-		$realmstr = 'NA';
-		if (!empty($realmattr)) {
-			if (array_key_exists($realmattr, $tempattr) && is_array($tempattr[$realmattr]) ) {
-				$realmstr = $tempattr[$realmattr][0];
-			} else {
-				SimpleSAML_Logger::warning('Could not get realm attribute to log [' . $realmattr. ']');
-			}
-		} 
-		SimpleSAML_Logger::stats('shib13-sp-SSO ' . $metadata->getMetaDataCurrentEntityID('shib13-sp-hosted') . ' ' . $session->getIdP() . ' ' . $realmstr);
 
-
-	
-		$relayState = $authnResponse->getRelayState();
-		if (isset($relayState)) {
-			SimpleSAML_Utilities::redirect($relayState);
+	/**
+	 * Make a log entry in the statistics for this SSO login.
+	 */
+	$tempattr = $authnResponse->getAttributes();
+	$realmattr = $config->getValue('statistics.realmattr', null);
+	$realmstr = 'NA';
+	if (!empty($realmattr)) {
+		if (array_key_exists($realmattr, $tempattr) && is_array($tempattr[$realmattr]) ) {
+			$realmstr = $tempattr[$realmattr][0];
 		} else {
-			SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NORELAYSTATE');
+			SimpleSAML_Logger::warning('Could not get realm attribute to log [' . $realmattr. ']');
 		}
+	}
+	SimpleSAML_Logger::stats('shib13-sp-SSO ' . $metadata->getMetaDataCurrentEntityID('shib13-sp-hosted') . ' ' . $idpmetadata['entityid'] . ' ' . $realmstr);
+
+	/* Update session. */
+	$session->doLogin('shib13');
+	$session->setAttributes($authnResponse->getAttributes());
+	$session->setNameID($authnResponse->getNameID());
+	$session->setSessionIndex($authnResponse->getSessionIndex());
+	$session->setIdP($authnResponse->getIssuer());
+
+	$relayState = $authnResponse->getRelayState();
+	if (isset($relayState)) {
+		SimpleSAML_Utilities::redirect($relayState);
 	} else {
-		SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOSESSION');
+		SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NORELAYSTATE');
 	}
 
-
 } catch(Exception $exception) {
 	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'GENERATEAUTHNRESPONSE', $exception);
 }