SAML2: Add AttributeQuery message.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1622 44740490-163a-0410-bde0-09ae8108e29a

SAML2: Add AttributeQuery message.
83d9db88 · Olav Morken · e6b20e92 · 83d9db88 · 83d9db88
Commit 83d9db88 authored 15 years ago by Olav Morken
--- a/lib/SAML2/AttributeQuery.php
+++ b/lib/SAML2/AttributeQuery.php
+<?php
+
+/**
+ * Class for SAML 2 attribute query messages.
+ *
+ * An attribute query asks for a set of attributes. The following
+ * rules apply:
+ *
+ * - If no attributes are present in the query, all attributes should be
+ *   returned.
+ * - If any attributes are present, only those attributes which are present
+ *   in the query should be returned.
+ * - If an attribute contains any attribute values, only the attribute values
+ *   which match those in the query should be returned.
+ *
+ * @package simpleSAMLphp
+ * @version $Id$
+ */
+class SAML2_AttributeQuery extends SAML2_SubjectQuery {
+
+
+	/**
+	 * The attributes, as an associative array.
+	 *
+	 * @var array
+	 */
+	private $attributes;
+
+
+	/**
+	 * The NameFormat used on all attributes.
+	 *
+	 * If more than one NameFormat is used, this will contain
+	 * the unspecified nameformat.
+	 *
+	 * @var string
+	 */
+	private $nameFormat;
+
+
+	/**
+	 * Constructor for SAML 2 attribute query messages.
+	 *
+	 * @param DOMElement|NULL $xml  The input message.
+	 */
+	public function __construct(DOMElement $xml = NULL) {
+		parent::__construct('AttributeQuery', $xml);
+
+		$this->attributes = array();
+		$this->nameFormat = SAML2_Const::NAMEFORMAT_UNSPECIFIED;
+
+		if ($xml === NULL) {
+			return;
+		}
+
+		$firstAttribute = TRUE;
+		$attributes = SAML2_Utils::xpQuery($xml, './saml:Attribute');
+		foreach ($attributes as $attribute) {
+			if (!$attribute->hasAttribute('Name')) {
+				throw new Exception('Missing name on <saml:Attribute> element.');
+			}
+			$name = $attribute->getAttribute('Name');
+
+			if ($attribute->hasAttribute('NameFormat')) {
+				$nameFormat = $attribute->getAttribute('NameFormat');
+			} else {
+				$nameFormat = SAML2_Const::NAMEFORMAT_UNSPECIFIED;
+			}
+
+			if ($firstAttribute) {
+				$this->nameFormat = $nameFormat;
+				$firstAttribute = FALSE;
+			} else {
+				if ($this->nameFormat !== $nameFormat) {
+					$this->nameFormat = SAML2_Const::NAMEFORMAT_UNSPECIFIED;
+				}
+			}
+
+			if (!array_key_exists($name, $this->attributes)) {
+				$this->attributes[$name] = array();
+			}
+
+			$values = SAML2_Utils::xpQuery($attribute, './saml:AttributeValue');
+			foreach ($values as $value) {
+				$this->attributes[$name][] = $value->textContent;
+			}
+		}
+	}
+
+
+	/**
+	 * Retrieve all requested attributes.
+	 *
+	 * @return array  All requested attributes, as an associative array.
+	 */
+	public function getAttributes() {
+
+		return $this->attributes;
+	}
+
+
+	/**
+	 * Set all requested attributes.
+	 *
+	 * @param array $attributes  All requested attributes, as an associative array.
+	 */
+	public function setAttributes(array $attributes) {
+
+		$this->attributes = $attributes;
+	}
+
+
+	/**
+	 * Retrieve the NameFormat used on all attributes.
+	 *
+	 * If more than one NameFormat is used in the received attributes, this
+	 * returns the unspecified NameFormat.
+	 *
+	 * @return string  The NameFormat used on all attributes.
+	 */
+	public function getAttributeNameFormat() {
+		return $this->nameFormat;
+	}
+
+
+	/**
+	 * Set the NameFormat used on all attributes.
+	 *
+	 * @param string $nameFormat  The NameFormat used on all attributes.
+	 */
+	public function setAttributeNameFormat($nameFormat) {
+		assert('is_string($nameFormat)');
+
+		$this->nameFormat = $nameFormat;
+	}
+
+
+	/**
+	 * Convert the attribute query message to an XML element.
+	 *
+	 * @return DOMElement  This attribute query.
+	 */
+	public function toUnsignedXML() {
+
+		$root = parent::toUnsignedXML();
+
+		foreach ($this->attributes as $name => $values) {
+			$attribute = $root->ownerDocument->createElementNS(SAML2_Const::NS_SAML, 'saml:Attribute');
+			$root->appendChild($attribute);
+			$attribute->setAttribute('Name', $name);
+
+			if ($this->nameFormat !== SAML2_Const::NAMEFORMAT_UNSPECIFIED) {
+				$attribute->setAttribute('NameFormat', $this->nameFormat);
+			}
+
+			foreach ($values as $value) {
+				if (is_string($value)) {
+					$type = 'xs:string';
+				} elseif (is_int($value)) {
+					$type = 'xs:integer';
+				} else {
+					$type = NULL;
+				}
+
+				$attributeValue = $root->ownerDocument->createElementNS(SAML2_Const::NS_SAML, 'saml:AttributeValue');
+				$attribute->appendChild($attributeValue);
+				if ($type !== NULL) {
+					$attributeValue->setAttributeNS(SAML2_Const::NS_XSI, 'xsi:type', $type);
+				}
+				$attributeValue->appendChild($root->ownerDocument->createTextNode($value));
+			}
+		}
+
+		return $root;
+	}
+
+
+}
--- a/lib/SAML2/SubjectQuery.php
+++ b/lib/SAML2/SubjectQuery.php
+<?php
+
+/**
+ * Base class for SAML 2 subject query messages.
+ *
+ * This base class can be used for various requests which ask for
+ * information about a particular subject.
+ *
+ * Note that this class currently only handles the simple case - where the
+ * subject doesn't contain any sort of subject confirmation requirements.
+ *
+ * @package simpleSAMLphp
+ * @version $Id$
+ */
+abstract class SAML2_SubjectQuery extends SAML2_Request {
+
+	/**
+	 * The NameId of the subject in the query.
+	 *
+	 * @var array
+	 */
+	private $nameId;
+
+
+	/**
+	 * Constructor for SAML 2 subject query messages.
+	 *
+	 * @param string $tagName  The tag name of the root element.
+	 * @param DOMElement|NULL $xml  The input message.
+	 */
+	protected function __construct($tagName, DOMElement $xml = NULL) {
+		parent::__construct($tagName, $xml);
+
+		$nameId = array();
+
+		if ($xml === NULL) {
+			return;
+		}
+
+		$this->parseSubject($xml);
+	}
+
+
+	/**
+	 * Parse subject in query.
+	 *
+	 * @param DOMElement $xml  The SubjectQuery XML element.
+	 */
+	private function parseSubject(DOMElement $xml) {
+
+		$subject = SAML2_Utils::xpQuery($xml, './saml:Subject');
+		if (empty($subject)) {
+			/* No Subject node. */
+			throw new Exception('Missing subject in subject query.');
+		} elseif (count($subject) > 1) {
+			throw new Exception('More than one <saml:Subject> in <saml:Assertion>.');
+		}
+		$subject = $subject[0];
+
+		$nameId = SAML2_Utils::xpQuery($subject, './saml:NameID');
+		if (empty($nameId)) {
+			throw new Exception('Missing <saml:NameID> in <saml:Subject>.');
+		} elseif (count($nameId) > 1) {
+			throw new Exception('More than one <saml:NameID> in <saml:Subject>.');
+		}
+		$nameId = $nameId[0];
+		$this->nameId = SAML2_Utils::parseNameId($nameId);
+	}
+
+
+	/**
+	 * Retrieve the NameId of the subject in the query.
+	 *
+	 * The returned NameId is in the format used by SAML2_Utils::addNameId().
+	 *
+	 * @see SAML2_Utils::addNameId()
+	 * @return array|NULL  The name identifier of the assertion.
+	 */
+	public function getNameId() {
+		return $this->nameId;
+	}
+
+
+	/**
+	 * Set the NameId of the subject in the query.
+	 *
+	 * The NameId must be in the format accepted by SAML2_Utils::addNameId().
+	 *
+	 * @see SAML2_Utils::addNameId()
+	 * @param array|NULL $nameId  The name identifier of the assertion.
+	 */
+	public function setNameId($nameId) {
+		assert('is_array($nameId) || is_null($nameId)');
+
+		$this->nameId = $nameId;
+	}
+
+
+	/**
+	 * Convert subject query message to an XML element.
+	 *
+	 * @return DOMElement  This subject query.
+	 */
+	public function toUnsignedXML() {
+
+		$root = parent::toUnsignedXML();
+
+		$subject = $root->ownerDocument->createElementNS(SAML2_Const::NS_SAML, 'saml:Subject');
+		$root->appendChild($subject);
+
+		SAML2_Utils::addNameId($subject, $this->nameId);
+
+		return $root;
+	}
+
+}
\ No newline at end of file