Skip to content
Snippets Groups Projects
Commit 83d9db88 authored by Olav Morken's avatar Olav Morken
Browse files

SAML2: Add AttributeQuery message.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1622 44740490-163a-0410-bde0-09ae8108e29a
parent e6b20e92
No related branches found
No related tags found
No related merge requests found
<?php
/**
* Class for SAML 2 attribute query messages.
*
* An attribute query asks for a set of attributes. The following
* rules apply:
*
* - If no attributes are present in the query, all attributes should be
* returned.
* - If any attributes are present, only those attributes which are present
* in the query should be returned.
* - If an attribute contains any attribute values, only the attribute values
* which match those in the query should be returned.
*
* @package simpleSAMLphp
* @version $Id$
*/
class SAML2_AttributeQuery extends SAML2_SubjectQuery {
/**
* The attributes, as an associative array.
*
* @var array
*/
private $attributes;
/**
* The NameFormat used on all attributes.
*
* If more than one NameFormat is used, this will contain
* the unspecified nameformat.
*
* @var string
*/
private $nameFormat;
/**
* Constructor for SAML 2 attribute query messages.
*
* @param DOMElement|NULL $xml The input message.
*/
public function __construct(DOMElement $xml = NULL) {
parent::__construct('AttributeQuery', $xml);
$this->attributes = array();
$this->nameFormat = SAML2_Const::NAMEFORMAT_UNSPECIFIED;
if ($xml === NULL) {
return;
}
$firstAttribute = TRUE;
$attributes = SAML2_Utils::xpQuery($xml, './saml:Attribute');
foreach ($attributes as $attribute) {
if (!$attribute->hasAttribute('Name')) {
throw new Exception('Missing name on <saml:Attribute> element.');
}
$name = $attribute->getAttribute('Name');
if ($attribute->hasAttribute('NameFormat')) {
$nameFormat = $attribute->getAttribute('NameFormat');
} else {
$nameFormat = SAML2_Const::NAMEFORMAT_UNSPECIFIED;
}
if ($firstAttribute) {
$this->nameFormat = $nameFormat;
$firstAttribute = FALSE;
} else {
if ($this->nameFormat !== $nameFormat) {
$this->nameFormat = SAML2_Const::NAMEFORMAT_UNSPECIFIED;
}
}
if (!array_key_exists($name, $this->attributes)) {
$this->attributes[$name] = array();
}
$values = SAML2_Utils::xpQuery($attribute, './saml:AttributeValue');
foreach ($values as $value) {
$this->attributes[$name][] = $value->textContent;
}
}
}
/**
* Retrieve all requested attributes.
*
* @return array All requested attributes, as an associative array.
*/
public function getAttributes() {
return $this->attributes;
}
/**
* Set all requested attributes.
*
* @param array $attributes All requested attributes, as an associative array.
*/
public function setAttributes(array $attributes) {
$this->attributes = $attributes;
}
/**
* Retrieve the NameFormat used on all attributes.
*
* If more than one NameFormat is used in the received attributes, this
* returns the unspecified NameFormat.
*
* @return string The NameFormat used on all attributes.
*/
public function getAttributeNameFormat() {
return $this->nameFormat;
}
/**
* Set the NameFormat used on all attributes.
*
* @param string $nameFormat The NameFormat used on all attributes.
*/
public function setAttributeNameFormat($nameFormat) {
assert('is_string($nameFormat)');
$this->nameFormat = $nameFormat;
}
/**
* Convert the attribute query message to an XML element.
*
* @return DOMElement This attribute query.
*/
public function toUnsignedXML() {
$root = parent::toUnsignedXML();
foreach ($this->attributes as $name => $values) {
$attribute = $root->ownerDocument->createElementNS(SAML2_Const::NS_SAML, 'saml:Attribute');
$root->appendChild($attribute);
$attribute->setAttribute('Name', $name);
if ($this->nameFormat !== SAML2_Const::NAMEFORMAT_UNSPECIFIED) {
$attribute->setAttribute('NameFormat', $this->nameFormat);
}
foreach ($values as $value) {
if (is_string($value)) {
$type = 'xs:string';
} elseif (is_int($value)) {
$type = 'xs:integer';
} else {
$type = NULL;
}
$attributeValue = $root->ownerDocument->createElementNS(SAML2_Const::NS_SAML, 'saml:AttributeValue');
$attribute->appendChild($attributeValue);
if ($type !== NULL) {
$attributeValue->setAttributeNS(SAML2_Const::NS_XSI, 'xsi:type', $type);
}
$attributeValue->appendChild($root->ownerDocument->createTextNode($value));
}
}
return $root;
}
}
<?php
/**
* Base class for SAML 2 subject query messages.
*
* This base class can be used for various requests which ask for
* information about a particular subject.
*
* Note that this class currently only handles the simple case - where the
* subject doesn't contain any sort of subject confirmation requirements.
*
* @package simpleSAMLphp
* @version $Id$
*/
abstract class SAML2_SubjectQuery extends SAML2_Request {
/**
* The NameId of the subject in the query.
*
* @var array
*/
private $nameId;
/**
* Constructor for SAML 2 subject query messages.
*
* @param string $tagName The tag name of the root element.
* @param DOMElement|NULL $xml The input message.
*/
protected function __construct($tagName, DOMElement $xml = NULL) {
parent::__construct($tagName, $xml);
$nameId = array();
if ($xml === NULL) {
return;
}
$this->parseSubject($xml);
}
/**
* Parse subject in query.
*
* @param DOMElement $xml The SubjectQuery XML element.
*/
private function parseSubject(DOMElement $xml) {
$subject = SAML2_Utils::xpQuery($xml, './saml:Subject');
if (empty($subject)) {
/* No Subject node. */
throw new Exception('Missing subject in subject query.');
} elseif (count($subject) > 1) {
throw new Exception('More than one <saml:Subject> in <saml:Assertion>.');
}
$subject = $subject[0];
$nameId = SAML2_Utils::xpQuery($subject, './saml:NameID');
if (empty($nameId)) {
throw new Exception('Missing <saml:NameID> in <saml:Subject>.');
} elseif (count($nameId) > 1) {
throw new Exception('More than one <saml:NameID> in <saml:Subject>.');
}
$nameId = $nameId[0];
$this->nameId = SAML2_Utils::parseNameId($nameId);
}
/**
* Retrieve the NameId of the subject in the query.
*
* The returned NameId is in the format used by SAML2_Utils::addNameId().
*
* @see SAML2_Utils::addNameId()
* @return array|NULL The name identifier of the assertion.
*/
public function getNameId() {
return $this->nameId;
}
/**
* Set the NameId of the subject in the query.
*
* The NameId must be in the format accepted by SAML2_Utils::addNameId().
*
* @see SAML2_Utils::addNameId()
* @param array|NULL $nameId The name identifier of the assertion.
*/
public function setNameId($nameId) {
assert('is_array($nameId) || is_null($nameId)');
$this->nameId = $nameId;
}
/**
* Convert subject query message to an XML element.
*
* @return DOMElement This subject query.
*/
public function toUnsignedXML() {
$root = parent::toUnsignedXML();
$subject = $root->ownerDocument->createElementNS(SAML2_Const::NS_SAML, 'saml:Subject');
$root->appendChild($subject);
SAML2_Utils::addNameId($subject, $this->nameId);
return $root;
}
}
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment