PHP Класс OneLogin_Saml2_Auth

Показать файл Открыть проект Примеры использования класса

Открытые методы

Метод Описание
__construct ( array | object | null $oldSettings = null ) Initializes the SP SAML instance.
buildRequestSignature ( string $samlRequest, string $relayState, string $signAlgorithm = XMLSecurityKey::RSA_SHA1 ) : string Generates the Signature for a SAML Request
buildResponseSignature ( string $samlResponse, string $relayState, string $signAlgorithm = XMLSecurityKey::RSA_SHA1 ) : string Generates the Signature for a SAML Response
getAttribute ( string $name ) : array | null Returns the requested SAML attribute
getAttributes ( ) : array Returns the set of SAML attributes.
getErrors ( ) : array Returns if there were any error
getLastErrorReason ( ) : string Returns the reason for the last error
getLastRequestID ( ) : string Gets the ID of the last AuthNRequest or LogoutRequest generated by the Service Provider.
getNameId ( ) : string Returns the nameID
getNameIdFormat ( ) : string Returns the nameID Format
getSLOurl ( ) : string Gets the SLO url.
getSSOurl ( ) : string Gets the SSO url.
getSessionExpiration ( ) : DateTime | null Returns the SessionNotOnOrAfter
getSessionIndex ( ) : string | null Returns the SessionIndex
getSettings ( ) : OneLogin_Saml2_Settings Returns the settings info
isAuthenticated ( ) : boolean Checks if the user is authenticated or not.
login ( string | null $returnTo = null, array $parameters = [], boolean $forceAuthn = false, boolean $isPassive = false, boolean $stay = false, boolean $setNameIdPolicy = true ) : If Initiates the SSO process.
logout ( string | null $returnTo = null, array $parameters = [], string | null $nameId = null, string | null $sessionIndex = null, boolean $stay = false, string | null $nameIdFormat = null ) : If Initiates the SLO process.
processResponse ( string | null $requestId = null ) Process the SAML Response sent by the IdP.
processSLO ( boolean $keepLocalSession = false, string | null $requestId = null, boolean $retrieveParametersFromServer = false, callable $cbDeleteSession = null, boolean $stay = false ) : string | void Process the SAML Logout Response / Logout Request sent by the IdP.
redirectTo ( string $url = '', array $parameters = [], boolean $stay = false ) Redirects the user to the url past by parameter or to the url that we defined in our SSO Request.
setStrict ( boolean $value ) : array Set the strict mode active/disable

Описание методов

__construct() публичный метод

Initializes the SP SAML instance.
public __construct ( array | object | null $oldSettings = null )
$oldSettings array | object | null Setting data (You can provide a OneLogin_Saml_Settings, the settings object of the Saml folder implementation)

buildRequestSignature() публичный метод

Generates the Signature for a SAML Request
public buildRequestSignature ( string $samlRequest, string $relayState, string $signAlgorithm = XMLSecurityKey::RSA_SHA1 ) : string
$samlRequest string The SAML Request
$relayState string The RelayState
$signAlgorithm string Signature algorithm method
Результат string A base64 encoded signature

buildResponseSignature() публичный метод

Generates the Signature for a SAML Response
public buildResponseSignature ( string $samlResponse, string $relayState, string $signAlgorithm = XMLSecurityKey::RSA_SHA1 ) : string
$samlResponse string The SAML Response
$relayState string The RelayState
$signAlgorithm string Signature algorithm method
Результат string A base64 encoded signature

getAttribute() публичный метод

Returns the requested SAML attribute
public getAttribute ( string $name ) : array | null
$name string The requested attribute of the user.
Результат array | null Requested SAML attribute ($name).

getAttributes() публичный метод

Returns the set of SAML attributes.
public getAttributes ( ) : array
Результат array Attributes of the user.

getErrors() публичный метод

Returns if there were any error
public getErrors ( ) : array
Результат array Errors

getLastErrorReason() публичный метод

Returns the reason for the last error
public getLastErrorReason ( ) : string
Результат string Error reason

getLastRequestID() публичный метод

Gets the ID of the last AuthNRequest or LogoutRequest generated by the Service Provider.
public getLastRequestID ( ) : string
Результат string The ID of the Request SAML message.

getNameId() публичный метод

Returns the nameID
public getNameId ( ) : string
Результат string The nameID of the assertion

getNameIdFormat() публичный метод

Returns the nameID Format
public getNameIdFormat ( ) : string
Результат string The nameID Format of the assertion

getSLOurl() публичный метод

Gets the SLO url.
public getSLOurl ( ) : string
Результат string The url of the Single Logout Service

getSSOurl() публичный метод

Gets the SSO url.
public getSSOurl ( ) : string
Результат string The url of the Single Sign On Service

getSessionExpiration() публичный метод

Returns the SessionNotOnOrAfter
public getSessionExpiration ( ) : DateTime | null
Результат DateTime | null The SessionNotOnOrAfter of the assertion

getSessionIndex() публичный метод

Returns the SessionIndex
public getSessionIndex ( ) : string | null
Результат string | null The SessionIndex of the assertion

getSettings() публичный метод

Returns the settings info
public getSettings ( ) : OneLogin_Saml2_Settings
Результат OneLogin_Saml2_Settings The settings data.

isAuthenticated() публичный метод

Checks if the user is authenticated or not.
public isAuthenticated ( ) : boolean
Результат boolean True if the user is authenticated

login() публичный метод

Initiates the SSO process.
public login ( string | null $returnTo = null, array $parameters = [], boolean $forceAuthn = false, boolean $isPassive = false, boolean $stay = false, boolean $setNameIdPolicy = true ) : If
$returnTo string | null The target URL the user should be returned to after login.
$parameters array Extra parameters to be added to the GET
$forceAuthn boolean When true the AuthNReuqest will set the ForceAuthn='true'
$isPassive boolean When true the AuthNReuqest will set the Ispassive='true'
$stay boolean True if we want to stay (returns the url string) False to redirect
$setNameIdPolicy boolean When true the AuthNReuqest will set a nameIdPolicy element
Результат If $stay is True, it return a string with the SLO URL + LogoutRequest + parameters

logout() публичный метод

Initiates the SLO process.
public logout ( string | null $returnTo = null, array $parameters = [], string | null $nameId = null, string | null $sessionIndex = null, boolean $stay = false, string | null $nameIdFormat = null ) : If
$returnTo string | null The target URL the user should be returned to after logout.
$parameters array Extra parameters to be added to the GET
$nameId string | null The NameID that will be set in the LogoutRequest.
$sessionIndex string | null The SessionIndex (taken from the SAML Response in the SSO process).
$stay boolean True if we want to stay (returns the url string) False to redirect
$nameIdFormat string | null The NameID Format will be set in the LogoutRequest.
Результат If $stay is True, it return a string with the SLO URL + LogoutRequest + parameters

processResponse() публичный метод

Process the SAML Response sent by the IdP.
public processResponse ( string | null $requestId = null )
$requestId string | null The ID of the AuthNRequest sent by this SP to the IdP

processSLO() публичный метод

Process the SAML Logout Response / Logout Request sent by the IdP.
public processSLO ( boolean $keepLocalSession = false, string | null $requestId = null, boolean $retrieveParametersFromServer = false, callable $cbDeleteSession = null, boolean $stay = false ) : string | void
$keepLocalSession boolean When false will destroy the local session, otherwise will keep it
$requestId string | null The ID of the LogoutRequest sent by this SP to the IdP
$retrieveParametersFromServer boolean
$cbDeleteSession callable
$stay boolean True if we want to stay (returns the url string) False to redirect
Результат string | void

redirectTo() публичный метод

Redirects the user to the url past by parameter or to the url that we defined in our SSO Request.
public redirectTo ( string $url = '', array $parameters = [], boolean $stay = false )
$url string The target URL to redirect the user.
$parameters array Extra parameters to be passed as part of the url
$stay boolean True if we want to stay (returns the url string) False to redirect

setStrict() публичный метод

Set the strict mode active/disable
public setStrict ( boolean $value ) : array
$value boolean Strict parameter
Результат array The settings data.