PHP 클래스 sspmod_saml_Message, simplesamlphp

파일 보기 프로젝트 열기: simplesamlphp/simplesamlphp 1 사용 예제들

공개 메소드들

메소드 설명
addSign ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, SAML2\SignedElement $element ) Add signature key and sender certificate to an element (Message or Assertion).
buildAuthnRequest ( SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata ) Build an authentication request based on information in the metadata.
buildLogoutRequest ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata ) Build a logout request based on information in the metadata.
buildLogoutResponse ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata ) Build a logout response based on information in the metadata.
checkSign ( SimpleSAML_Configuration $srcMetadata, SAML2\SignedElement $element ) Check the signature on a SAML2 message or assertion.
getBlacklistedAlgorithms ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata ) : array Retrieve blacklisted algorithms.
getDecryptionKeys ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata ) : array Retrieve the decryption keys from metadata.
getEncryptionKey ( SimpleSAML_Configuration $metadata ) : XMLSecurityKey Retrieve the encryption key for the given entity.
getResponseError ( SAML2\StatusResponse $response ) : sspmod_saml_Error Retrieve the status code of a response as a sspmod_saml_Error.
processResponse ( SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata, SAML2\Response $response ) : array Process a response message.
validateMessage ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, Message $message ) Check signature on a SAML2 message if enabled.

비공개 메소드들

메소드 설명
addRedirectSign ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, Message $message ) Add signature key and and senders certificate to message.
decryptAssertion ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, Assertion | SAML2\EncryptedAssertion $assertion ) : Assertion Decrypt an assertion.
findCertificate ( array $certFingerprints, array $certificates ) : string Find the certificate used to sign a message or assertion.
processAssertion ( SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata, SAML2\Response $response, Assertion | SAML2\EncryptedAssertion $assertion, boolean $responseSigned ) : Assertion Process an assertion in a response.

메소드 상세

addSign() 공개 정적인 메소드

Add signature key and sender certificate to an element (Message or Assertion).
public static addSign ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, SAML2\SignedElement $element )
$srcMetadata SimpleSAML_Configuration The metadata of the sender.
$dstMetadata SimpleSAML_Configuration The metadata of the recipient.
$element SAML2\SignedElement The element we should add the data to.

buildAuthnRequest() 공개 정적인 메소드

Build an authentication request based on information in the metadata.
public static buildAuthnRequest ( SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata )
$spMetadata SimpleSAML_Configuration The metadata of the service provider.
$idpMetadata SimpleSAML_Configuration The metadata of the identity provider.

buildLogoutRequest() 공개 정적인 메소드

Build a logout request based on information in the metadata.
public static buildLogoutRequest ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata )
$srcMetadata SimpleSAML_Configuration The metadata of the sender.
$dstMetadata SimpleSAML_Configuration

buildLogoutResponse() 공개 정적인 메소드

Build a logout response based on information in the metadata.
public static buildLogoutResponse ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata )
$srcMetadata SimpleSAML_Configuration The metadata of the sender.
$dstMetadata SimpleSAML_Configuration

checkSign() 공개 정적인 메소드

Check the signature on a SAML2 message or assertion.
public static checkSign ( SimpleSAML_Configuration $srcMetadata, SAML2\SignedElement $element )
$srcMetadata SimpleSAML_Configuration The metadata of the sender.
$element SAML2\SignedElement Either a \SAML2\Response or a \SAML2\Assertion.

getBlacklistedAlgorithms() 공개 정적인 메소드

Remote configuration overrides local configuration.
public static getBlacklistedAlgorithms ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata ) : array
$srcMetadata SimpleSAML_Configuration The metadata of the sender.
$dstMetadata SimpleSAML_Configuration The metadata of the recipient.
리턴 array Array of blacklisted algorithms.

getDecryptionKeys() 공개 정적인 메소드

Retrieve the decryption keys from metadata.
public static getDecryptionKeys ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata ) : array
$srcMetadata SimpleSAML_Configuration The metadata of the sender (IdP).
$dstMetadata SimpleSAML_Configuration The metadata of the recipient (SP).
리턴 array Array of decryption keys.

getEncryptionKey() 공개 정적인 메소드

Retrieve the encryption key for the given entity.
public static getEncryptionKey ( SimpleSAML_Configuration $metadata ) : XMLSecurityKey
$metadata SimpleSAML_Configuration The metadata of the entity.
리턴 XMLSecurityKey The encryption key.

getResponseError() 공개 정적인 메소드

Retrieve the status code of a response as a sspmod_saml_Error.
public static getResponseError ( SAML2\StatusResponse $response ) : sspmod_saml_Error
$response SAML2\StatusResponse The response.
리턴 sspmod_saml_Error The error.

processResponse() 공개 정적인 메소드

If the response is an error response, we will throw a sspmod_saml_Error exception with the error.
public static processResponse ( SimpleSAML_Configuration $spMetadata, SimpleSAML_Configuration $idpMetadata, SAML2\Response $response ) : array
$spMetadata SimpleSAML_Configuration The metadata of the service provider.
$idpMetadata SimpleSAML_Configuration The metadata of the identity provider.
$response SAML2\Response The response.
리턴 array Array with \SAML2\Assertion objects, containing valid assertions from the response.

validateMessage() 공개 정적인 메소드

Check signature on a SAML2 message if enabled.
public static validateMessage ( SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, Message $message )
$srcMetadata SimpleSAML_Configuration The metadata of the sender.
$dstMetadata SimpleSAML_Configuration The metadata of the recipient.
$message SAML2\Message The message we should check the signature on.