PHP Class SimpleSAML_Metadata_SAMLParser, simplesamlphp

.. This is class for parsing of SAML 1.x and SAML 2.0 metadata. Metadata is loaded by calling the static methods parseFile, parseString or parseElement. These functions returns an instance of SimpleSAML_Metadata_SAMLParser. To get metadata from this object, use the methods getMetadata1xSP or getMetadata20SP. To parse a file which can contain a collection of EntityDescriptor or EntitiesDescriptor elements, use the parseDescriptorsFile, parseDescriptorsString or parseDescriptorsElement methods. These functions will return an array of SAMLParser elements where each element represents an EntityDescriptor-element.

Show file Open project: simplesamlphp/simplesamlphp Class Usage Examples

Public Methods

Method	Description
getAttributeAuthorities ( ) : array	Retrieve AttributeAuthorities from the metadata.
getEntityId ( ) : string	This function returns the entity id of this parsed entity.
getMetadata1xIdP ( ) : array	This function returns the metadata for SAML 1.x IdPs in the format SimpleSAMLphp expects.
getMetadata1xSP ( ) : array	This function returns the metadata for SAML 1.x SPs in the format SimpleSAMLphp expects.
getMetadata20IdP ( ) : array	This function returns the metadata for SAML 2.0 IdPs in the format SimpleSAMLphp expects.
getMetadata20SP ( ) : array	This function returns the metadata for SAML 2.0 SPs in the format SimpleSAMLphp expects.
parseDescriptorsElement ( DOMElement $element = null ) : SimpleSAML_Metadata_SAMLParser[]	This function parses a DOMElement which represents either an EntityDescriptor element or an EntitiesDescriptor element. It will return an associative array of SAMLParser instances in both cases.
parseDescriptorsFile ( string $file ) : SimpleSAML_Metadata_SAMLParser[]	This function parses a file where the root node is either an EntityDescriptor element or an EntitiesDescriptor element. In both cases it will return an associative array of SAMLParser instances. If the file contains a single EntityDescriptorElement, then the array will contain a single SAMLParser instance.
parseDescriptorsString ( string $string ) : SimpleSAML_Metadata_SAMLParser[]	This function parses a string with XML data. The root node of the XML data is expected to be either an EntityDescriptor element or an EntitiesDescriptor element. It will return an associative array of SAMLParser instances.
parseDocument ( DOMDocument $document ) : SimpleSAML_Metadata_SAMLParser	This function parses a DOMDocument which is assumed to contain a single EntityDescriptor element.
parseElement ( SAML2\XML\md\EntityDescriptor $entityElement ) : SimpleSAML_Metadata_SAMLParser	This function parses a \SAML2\XML\md\EntityDescriptor object which represents a EntityDescriptor element.
parseFile ( string $file ) : SimpleSAML_Metadata_SAMLParser	This function parses a file which contains XML encoded metadata.
parseString ( string $metadata ) : SimpleSAML_Metadata_SAMLParser	This function parses a string which contains XML encoded metadata.
validateFingerprint ( string $fingerprint ) : boolean	This function checks if this EntityDescriptor was signed with a certificate with the given fingerprint.
validateSignature ( array $certificates ) : boolean	If this EntityDescriptor was signed this function use the public key to check the signature.

Private Methods

Method	Description
__construct ( SAML2\XML\md\EntityDescriptor $entityElement, integer \| null $maxExpireTime, array $validators = [], array $parentExtensions = null )	This is the constructor for the SAMLParser class.
addExtensions ( array &$metadata, array $roleDescriptor )	Add data parsed from extensions to metadata.
extractEndpoints ( array $endpoints ) : array	Extract generic endpoints.
findEntityDescriptor ( DOMDocument $doc ) : SAML2\XML\md\EntityDescriptor	This function locates the EntityDescriptor node in a DOMDocument. This node should be the first (and only) node in the document.
getExpireTime ( mixed $element, integer \| null $maxExpireTime ) : integer	Determine how long a given element can be cached.
getIdPDescriptors ( $protocols ) : Array	This function finds IdP descriptors which supports one of the given protocols.
getMetadataCommon ( )
getSPDescriptors ( $protocols ) : Array	This function finds SP descriptors which supports one of the given protocols.
parseAttributeConsumerService ( SAML2\XML\md\AttributeConsumingService $element, array &$sp )	This function parses AttributeConsumerService elements.
parseGenericEndpoint ( SAML2\XML\md\EndpointType $element ) : array	This function is a generic endpoint element parser.
parseKeyDescriptor ( SAML2\XML\md\KeyDescriptor $kd ) : array \| null	This function parses a KeyDescriptor element. It currently only supports keys with a single X509 certificate.
parseRoleDescriptorType ( SAML2\XML\md\RoleDescriptor $element, integer \| null $expireTime ) : array	Parse a RoleDescriptorType element.
parseSSODescriptor ( SAML2\XML\md\SSODescriptorType $element, integer \| null $expireTime ) : array	This function extracts metadata from a SSODescriptor element.
processAttributeAuthorityDescriptor ( SAML2\XML\md\AttributeAuthorityDescriptor $element, integer \| null $expireTime )	This function extracts metadata from a AttributeAuthorityDescriptor element.
processContactPerson ( ContactPerson $element )	Parse and process a ContactPerson element.
processDescriptorsElement ( SAML2\XML\md\EntityDescriptor \| SAML2\XML\md\EntitiesDescriptor $element, integer \| null $maxExpireTime = null, array $validators = [], array $parentExtensions = [] ) : SimpleSAML_Metadata_SAMLParser[]
processExtensions ( mixed $element, array $parentExtensions = [] ) : array	Parse an Extensions element. Extensions may appear in multiple elements and certain extension may get inherited from a parent element.
processIDPSSODescriptor ( SAML2\XML\md\IDPSSODescriptor $element, integer \| null $expireTime )	This function extracts metadata from a IDPSSODescriptor element.
processOrganization ( SAML2\XML\md\Organization $element )	Parse and process a Organization element.
processSPSSODescriptor ( SAML2\XML\md\SPSSODescriptor $element, integer \| null $expireTime )	This function extracts metadata from a SPSSODescriptor element.

Method Details

getAttributeAuthorities() public method

Retrieve AttributeAuthorities from the metadata.

public getAttributeAuthorities ( ) : array
return	array	Array of AttributeAuthorityDescriptor entries.

getEntityId() public method

This function returns the entity id of this parsed entity.

public getEntityId ( ) : string
return	string	The entity id of this parsed entity.

getMetadata1xIdP() public method

This is an associative array with the following fields: - 'entityid': The entity id of the entity described in the metadata. - 'name': Auto generated name for this entity. Currently set to the entity id. - 'SingleSignOnService': String with the URL of the SSO service which supports the redirect binding. - 'SingleLogoutService': String with the URL where we should send logout requests/responses. - 'certData': X509Certificate for entity (if present). - 'certFingerprint': Fingerprint of the X509Certificate from the metadata. (deprecated) Metadata must be loaded with one of the parse functions before this function can be called.

public getMetadata1xIdP ( ) : array
return	array	An associative array with metadata or NULL if we are unable to generate metadata for a SAML 1.x IdP.

getMetadata1xSP() public method

This is an associative array with the following fields: - 'entityid': The entity id of the entity described in the metadata. - 'AssertionConsumerService': String with the URL of the assertion consumer service which supports the browser-post binding. - 'certData': X509Certificate for entity (if present). Metadata must be loaded with one of the parse functions before this function can be called.

public getMetadata1xSP ( ) : array
return	array	An associative array with metadata or NULL if we are unable to generate metadata for a SAML 1.x SP.

getMetadata20IdP() public method

This is an associative array with the following fields: - 'entityid': The entity id of the entity described in the metadata. - 'name': Auto generated name for this entity. Currently set to the entity id. - 'SingleSignOnService': String with the URL of the SSO service which supports the redirect binding. - 'SingleLogoutService': String with the URL where we should send logout requests(/responses). - 'SingleLogoutServiceResponse': String where we should send logout responses (if this is different from the 'SingleLogoutService' endpoint. - 'NameIDFormats': The name ID formats this IdP supports. - 'certData': X509Certificate for entity (if present). - 'certFingerprint': Fingerprint of the X509Certificate from the metadata. (deprecated) Metadata must be loaded with one of the parse functions before this function can be called.

public getMetadata20IdP ( ) : array
return	array	An associative array with metadata or NULL if we are unable to generate metadata for a SAML 2.0 IdP.

getMetadata20SP() public method

This is an associative array with the following fields: - 'entityid': The entity id of the entity described in the metadata. - 'AssertionConsumerService': String with the URL of the assertion consumer service which supports the browser-post binding. - 'SingleLogoutService': String with the URL where we should send logout requests/responses. - 'NameIDFormat': The name ID format this SP expects. This may be unset. - 'certData': X509Certificate for entity (if present). Metadata must be loaded with one of the parse functions before this function can be called.

public getMetadata20SP ( ) : array
return	array	An associative array with metadata or NULL if we are unable to generate metadata for a SAML 2.x SP.

parseDescriptorsElement() public static method

This function parses a DOMElement which represents either an EntityDescriptor element or an EntitiesDescriptor element. It will return an associative array of SAMLParser instances in both cases.

public static parseDescriptorsElement ( DOMElement $element = null ) : SimpleSAML_Metadata_SAMLParser[]
$element	DOMElement	The DOMElement which contains the EntityDescriptor element or the EntitiesDescriptor element.
return	SimpleSAML_Metadata_SAMLParser[]	An associative array of SAMLParser instances. The key of the array will be the entity id.

parseDescriptorsFile() public static method

This function parses a file where the root node is either an EntityDescriptor element or an EntitiesDescriptor element. In both cases it will return an associative array of SAMLParser instances. If the file contains a single EntityDescriptorElement, then the array will contain a single SAMLParser instance.

public static parseDescriptorsFile ( string $file ) : SimpleSAML_Metadata_SAMLParser[]
$file	string	The path to the file which contains the EntityDescriptor or EntitiesDescriptor element.
return	SimpleSAML_Metadata_SAMLParser[]	An array of SAMLParser instances.

parseDescriptorsString() public static method

This function parses a string with XML data. The root node of the XML data is expected to be either an EntityDescriptor element or an EntitiesDescriptor element. It will return an associative array of SAMLParser instances.

public static parseDescriptorsString ( string $string ) : SimpleSAML_Metadata_SAMLParser[]
$string	string	The string with XML data.
return	SimpleSAML_Metadata_SAMLParser[]	An associative array of SAMLParser instances. The key of the array will be the entity id.

parseDocument() public static method

This function parses a DOMDocument which is assumed to contain a single EntityDescriptor element.

public static parseDocument ( DOMDocument $document ) : SimpleSAML_Metadata_SAMLParser
$document	DOMDocument	The DOMDocument which contains the EntityDescriptor element.
return	SimpleSAML_Metadata_SAMLParser	An instance of this class with the metadata loaded.

parseElement() public static method

This function parses a \SAML2\XML\md\EntityDescriptor object which represents a EntityDescriptor element.

public static parseElement ( SAML2\XML\md\EntityDescriptor $entityElement ) : SimpleSAML_Metadata_SAMLParser
$entityElement	SAML2\XML\md\EntityDescriptor	A \SAML2\XML\md\EntityDescriptor object which represents a EntityDescriptor element.
return	SimpleSAML_Metadata_SAMLParser	An instance of this class with the metadata loaded.

parseFile() public static method

This function parses a file which contains XML encoded metadata.

public static parseFile ( string $file ) : SimpleSAML_Metadata_SAMLParser
$file	string	The path to the file which contains the metadata.
return	SimpleSAML_Metadata_SAMLParser	An instance of this class with the metadata loaded.

parseString() public static method

This function parses a string which contains XML encoded metadata.

public static parseString ( string $metadata ) : SimpleSAML_Metadata_SAMLParser
$metadata	string	A string which contains XML encoded metadata.
return	SimpleSAML_Metadata_SAMLParser	An instance of this class with the metadata loaded.

validateFingerprint() public method

This function checks if this EntityDescriptor was signed with a certificate with the given fingerprint.

public validateFingerprint ( string $fingerprint ) : boolean
$fingerprint	string	Fingerprint of the certificate which should have been used to sign this EntityDescriptor.
return	boolean	True if it was signed with the certificate with the given fingerprint, false otherwise.

validateSignature() public method

If this EntityDescriptor was signed this function use the public key to check the signature.

public validateSignature ( array $certificates ) : boolean
$certificates	array	One ore more certificates with the public key. This makes it possible to do a key rollover.
return	boolean	True if it is possible to check the signature with the certificate, false otherwise.