Skip to content
Snippets Groups Projects
Commit d579e859 authored by Andreas Åkre Solberg's avatar Andreas Åkre Solberg
Browse files

Adding support for handling the shire parameter, and do a prefix match on the...

Adding support for handling the shire parameter, and do a prefix match on the AssertionConsumerURL parameter in the sp remote metadata. This request come from Ajay in RedIRIS.



git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@65 44740490-163a-0410-bde0-09ae8108e29a
parent 5b8c14f1
No related branches found
No related tags found
No related merge requests found
......@@ -66,17 +66,27 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
</html>';
}
public function sendResponse($response, $idpentityid, $spentityid, $relayState = null) {
public function sendResponse($response, $idpentityid, $spentityid, $relayState = null, $claimedacs = null) {
$idpmd = $this->metadata->getMetaData($idpentityid, 'shib13-idp-hosted');
$spmd = $this->metadata->getMetaData($spentityid, 'shib13-sp-remote');
$destination = $spmd['AssertionConsumerService'];
if (!isset($destination) or $destination == '')
throw new Exception('Could not find AssertionConsumerService for SP entity ID [' . $spentityid. ']. ' .
'Claimed ACS is: ' . (isset($claimedacs) ? $claimedacs : 'N/A'));
$privatekey = $this->configuration->getValue('basedir') . '/cert/' . $idpmd['privatekey'];
$publiccert = $this->configuration->getValue('basedir') . '/cert/' . $idpmd['certificate'];
if (strstr($claimedacs, $destination) == 0) {
$destination = $claimedacs;
} else {
throw new Exception('Claimed ACS (shire) and ACS in SP Metadata do not match. [' . $claimedacs. '] [' . $destination . ']');
}
/*
* XMLDSig. Sign the complete request with the key stored in cert/server.pem
......
......@@ -23,6 +23,7 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
private $metadata = null;
private $issuer = null;
private $shire = null;
private $relayState = null;
private $requestid = null;
......@@ -46,6 +47,14 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
return $this->relayState;
}
public function setShire($shire) {
$this->shire = $shire;
}
public function getShire() {
return $this->shire;
}
public function setIssuer($issuer) {
$this->issuer = $issuer;
}
......@@ -62,6 +71,8 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
$this->setIssuer($get['providerId']);
$this->setRelayState($get['target']);
$this->setShire($get['shire']);
}
......
......@@ -12,11 +12,6 @@ require_once('SimpleSAML/XML/Shib13/AuthnRequest.php');
require_once('SimpleSAML/XML/Shib13/AuthnResponse.php');
require_once('SimpleSAML/Bindings/Shib13/HTTPPost.php');
//require_once('SimpleSAML/XML/SAML20/AuthnRequest.php');
//require_once('SimpleSAML/XML/SAML20/AuthnResponse.php');
//require_once('SimpleSAML/Bindings/SAML20/HTTPRedirect.php');
//require_once('SimpleSAML/Bindings/SAML20/HTTPPost.php');
require_once('SimpleSAML/XHTML/Template.php');
......@@ -149,8 +144,13 @@ if (!$session->isAuthenticated() ) {
//echo 'Relaystate[' . $authnrequest->getRelayState() . ']';
$issuer = $authnrequest->getIssuer();
$shire = $authnrequest->getShire();
if ($issuer == null || $issuer == '')
throw new Exception('Could not retrieve issuer of the AuthNRequest (ProviderID)');
$httppost->sendResponse($authnResponseXML,
$idpentityid, $authnrequest->getIssuer(), $authnrequest->getRelayState());
$idpentityid, $issuer, $authnrequest->getRelayState(), $shire);
} catch(Exception $exception) {
......
......@@ -30,10 +30,10 @@ try {
$xml = $authnResponse->getXML();
/*
echo '<pre>';
echo $xml;
echo '</pre>';
*/
echo '<pre>';
echo $xml;
echo '</pre>';
*/
$authnResponse->validate();
$session = $authnResponse->createSession();
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment