• Home
  • sspmod_saml_Auth_Source_SP

PHP Class sspmod_saml_Auth_Source_SP, simplesamlphp

Inheritance: extends SimpleSAML_Auth_Source
Show file Open project: simplesamlphp/simplesamlphp Class Usage Examples

Public Methods

Method Description
__construct ( array $info, array $config ) Constructor for SAML SP authentication source.
askForIdPChange ( array &$state ) Ask the user to log out before being able to log in again with a different identity provider. Note that this method is intended for instances of SimpleSAMLphp running as a SAML proxy, and therefore acting both as an SP and an IdP at the same time.
authenticate ( &$state ) Start login.
getEntityId ( ) : string Retrieve the entity id of this SP.
getIdPMetadata ( string $entityId ) : SimpleSAML_Configuration Retrieve the metadata of an IdP.
getMetadata ( ) : SimpleSAML_Configuration Retrieve the metadata of this SP.
getMetadataURL ( ) : string Retrieve the URL to the metadata of this SP.
handleLogout ( string $idpEntityId ) Handle a logout request from an IdP.
handleResponse ( array $state, string $idp, array $attributes ) Handle a response from a SSO operation.
handleUnsolicitedAuth ( string $authId, array $state, string $redirectTo ) Handle an unsolicited login operations.
logout ( array &$state ) Start logout operation.
onProcessingCompleted ( array $authProcState ) Called when we have completed the procssing chain.
reauthLogout ( array $state ) Log the user out before logging in again.
reauthPostLogin ( array $state ) Complete login operation after re-authenticating the user on another IdP.
reauthPostLogout ( SimpleSAML_IdP $idp, array $state ) Post-logout handler for re-authentication.
reauthenticate ( array &$state ) Re-authenticate an user.
sendSAML2AuthnRequest ( array &$state, SAML2\Binding $binding, AuthnRequest $ar ) Function to actually send the authentication request.
startSLO2 ( array &$state ) Start a SAML 2 logout operation.
startSSO ( string $idp, array $state ) Send a SSO request to an IdP.

Private Methods

Method Description
startDisco ( array $state ) Start an IdP discovery service operation.
startSSO1 ( SimpleSAML_Configuration $idpMetadata, array $state ) Send a SAML1 SSO request to an IdP.
startSSO2 ( SimpleSAML_Configuration $idpMetadata, array $state ) Send a SAML2 SSO request to an IdP.

Method Details

__construct() public method

Constructor for SAML SP authentication source.
public __construct ( array $info, array $config )
$info array Information about this authentication source.
$config array Configuration.

askForIdPChange() public static method

This method will never return.
public static askForIdPChange ( array &$state )
$state array The state array. The following keys must be defined in the array: - 'saml:sp:IdPMetadata': a SimpleSAML_Configuration object containing the metadata of the IdP that authenticated the user in the current session. - 'saml:sp:AuthId': the identifier of the current authentication source. - 'core:IdP': the identifier of the local IdP. - 'SPMetadata': an array with the metadata of this local SP.

authenticate() public method

This function saves the information about the login, and redirects to the IdP.
public authenticate ( &$state )

getEntityId() public method

Retrieve the entity id of this SP.
public getEntityId ( ) : string
return string The entity id of this SP.

getIdPMetadata() public method

Retrieve the metadata of an IdP.
public getIdPMetadata ( string $entityId ) : SimpleSAML_Configuration
$entityId string The entity id of the IdP.
return SimpleSAML_Configuration The metadata of the IdP.

getMetadata() public method

Retrieve the metadata of this SP.
public getMetadata ( ) : SimpleSAML_Configuration
return SimpleSAML_Configuration The metadata of this SP.

getMetadataURL() public method

Retrieve the URL to the metadata of this SP.
public getMetadataURL ( ) : string
return string The metadata URL.

handleLogout() public method

Handle a logout request from an IdP.
public handleLogout ( string $idpEntityId )
$idpEntityId string The entity ID of the IdP.

handleResponse() public method

Handle a response from a SSO operation.
public handleResponse ( array $state, string $idp, array $attributes )
$state array The authentication state.
$idp string The entity id of the IdP.
$attributes array The attributes.

handleUnsolicitedAuth() public static method

This method creates a session from the information received. It will then redirect to the given URL. This is used to handle IdP initiated SSO. This method will never return.
public static handleUnsolicitedAuth ( string $authId, array $state, string $redirectTo )
$authId string The id of the authentication source that received the request.
$state array A state array.
$redirectTo string The URL we should redirect the user to after updating the session. The function will check if the URL is allowed, so there is no need to manually check the URL on beforehand. Please refer to the 'trusted.url.domains' configuration directive for more information about allowing (or disallowing) URLs.

logout() public method

Start logout operation.
public logout ( array &$state )
$state array The logout state.

onProcessingCompleted() public static method

Called when we have completed the procssing chain.
public static onProcessingCompleted ( array $authProcState )
$authProcState array The processing chain state.

reauthLogout() public static method

This method will never return.
public static reauthLogout ( array $state )
$state array The state array.

reauthPostLogin() public static method

Complete login operation after re-authenticating the user on another IdP.
public static reauthPostLogin ( array $state )
$state array The authentication state.

reauthPostLogout() public static method

This method will never return.
public static reauthPostLogout ( SimpleSAML_IdP $idp, array $state )
$idp SimpleSAML_IdP The IdP we are logging out from.
$state array

reauthenticate() public method

This function is called by the IdP to give the authentication source a chance to interact with the user even in the case when the user is already authenticated.
public reauthenticate ( array &$state )
$state array

sendSAML2AuthnRequest() public method

This function does not return.
public sendSAML2AuthnRequest ( array &$state, SAML2\Binding $binding, AuthnRequest $ar )
$state array
$binding SAML2\Binding The binding.
$ar SAML2\AuthnRequest The authentication request.

startSLO2() public method

Start a SAML 2 logout operation.
public startSLO2 ( array &$state )
$state array The logout state.

startSSO() public method

Send a SSO request to an IdP.
public startSSO ( string $idp, array $state )
$idp string The entity ID of the IdP.
$state array The state array for the current authentication.