merge with Damien && add a public function lassospkit_redirect_federate
This commit is contained in:
commit
9d94b1cec5
|
@ -211,7 +211,7 @@ class LassoSPKitConfigUIGen
|
|||
$base = LassoSPKitConfig::get('baseUrl');
|
||||
switch ($conformance) {
|
||||
case LASSO_PROTOCOL_SAML_2_0:
|
||||
$meta = LassoSPKitMetadataSAML2::generateMetadata($base, $organization, $publickey);
|
||||
$meta = LassoSPKitMetadataSAML2::generateMetadata($base, $organization, array('publickey' => $publickey));
|
||||
LassoSPKitConfig::set('conformance', 'saml2');
|
||||
break;
|
||||
case LASSO_PROTOCOL_LIBERTY_1_0:
|
||||
|
|
|
@ -9,6 +9,7 @@ class LassoSPKitGenericSession {
|
|||
public $exception;
|
||||
private $session_dump;
|
||||
private $identity_dump;
|
||||
private $attributes;
|
||||
|
||||
function processAttributes(array $attributes) {
|
||||
}
|
||||
|
@ -57,7 +58,8 @@ class LassoSPKitGenericSession {
|
|||
return array(
|
||||
'identity'=> $this->getIdentityDump(),
|
||||
'session' => $this->getSessionDump(),
|
||||
'userid'=>$userid);
|
||||
'userid'=>$userid,
|
||||
);
|
||||
}
|
||||
function explodeFederationBlob($blob) {
|
||||
$federation = @unserialize($blob);
|
||||
|
|
|
@ -48,10 +48,10 @@ class LassoSPKitHelper {
|
|||
return $ok;
|
||||
}
|
||||
/** Extract attributes values and keys from an assertion,
|
||||
and copy them into array $arr. */
|
||||
static function assertionExtractAttributes(LassoAssertion $assertion, &$attributes) {
|
||||
foreach ($assertion->attributeStatement[0]->attribute
|
||||
as $attribute) {
|
||||
and copy them into array $attributes. */
|
||||
static function assertionExtractAttributes($assertion) {
|
||||
$attributes = array();
|
||||
foreach ($assertion->attributeStatement[0]->attribute as $attribute) {
|
||||
if ($attribute->name == LASSO_SAML2_ATTRIBUTE_NAME_EPR) {
|
||||
continue;
|
||||
}
|
||||
|
@ -61,6 +61,7 @@ class LassoSPKitHelper {
|
|||
}
|
||||
$attributes[$attribute->name] = $arr;
|
||||
}
|
||||
return $attributes;
|
||||
}
|
||||
/** Return the NameID found in profile->nameIdentifier. If throw is TRUE
|
||||
* and we cannot find a nameIdentifier then throws IDENTIFIER_NOT_FOUND. */
|
||||
|
|
|
@ -146,6 +146,19 @@ function lassospkit_redirect_login($relayState = null,$isPassive = false) {
|
|||
$saml2->ssoInit(array('relayState' => $relayState, 'allowCreate'=>FALSE, 'isPassive' => $isPassive));
|
||||
}
|
||||
|
||||
function lassospkit_redirect_federate($relayState = null,$isPassive = false) {
|
||||
$session_class = "LassoSPKit" . LassoSPKitConfig::get('session');
|
||||
$session = new $session_class();
|
||||
$saml2 = new LassoSPKitSAML2($session);
|
||||
$saml2->ssoInit(array('relayState' => $relayState, 'allowCreate'=>TRUE, 'isPassive' => $isPassive));
|
||||
}
|
||||
|
||||
function lassospkit_get_assertion_attributes() {
|
||||
$session = LassoSPKitUtilsSession::getSingleton();
|
||||
$attributes = $session->getAssertionAttributes();
|
||||
return $attributes;
|
||||
}
|
||||
|
||||
function lassospkit_soap_logout() {
|
||||
$session_class = "LassoSPKit" . LassoSPKitConfig::get('session');
|
||||
$session = new $session_class();
|
||||
|
@ -153,3 +166,4 @@ function lassospkit_soap_logout() {
|
|||
$ret = $saml2->initiateSLO(LASSO_HTTP_METHOD_SOAP);
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
|
|
@ -3,6 +3,8 @@ require_once('lassospkit_config.inc.php');
|
|||
require_once('lassospkit_debug.inc.php');
|
||||
require_once('lassospkit_lib.inc.php');
|
||||
require_once('lassospkit_generic_session.inc.php');
|
||||
require_once('lassospkit_utils_session.inc.php');
|
||||
|
||||
/**
|
||||
* TODO: initServer();
|
||||
*/
|
||||
|
@ -225,11 +227,12 @@ class LassoSPKitSAMLCommon {
|
|||
lassospkit_errlog("ssoConsumer, retASSO: $retASSO retFF: $retFF");
|
||||
}
|
||||
}
|
||||
$this->saveFederation($login);
|
||||
if ($login->assertion) {
|
||||
LassoSPKitHelper::assertionExtractAttributes($login->assertion, $attributes);
|
||||
$this->session->processAttributes($attributes);
|
||||
if ($login->response->assertion) {
|
||||
$attributes = LassoSPKitHelper::assertionExtractAttributes($login->response->assertion[0]);
|
||||
$utils_session = LassoSPKitUtilsSession::getSingleton();
|
||||
$utils_session->setAssertionAttributes($attributes);
|
||||
}
|
||||
$this->saveFederation($login);
|
||||
$this->checkXmlErrors("AssertionConsumer");
|
||||
if ($retAR) {
|
||||
return $retAR;
|
||||
|
|
|
@ -48,7 +48,8 @@ class LassoSPKitUtilsSession {
|
|||
'federateParams'=>0,
|
||||
'sloParams'=>0,
|
||||
'defederationParams'=>0,
|
||||
'LogoutMethod'=>0);
|
||||
'LogoutMethod'=>0,
|
||||
'assertionAttributes'=>0);
|
||||
/** The keys that must not survive one communication (one set followed by one get). */
|
||||
static $keysToClearAfterGet = array(
|
||||
'LastError'=>0,
|
||||
|
@ -226,4 +227,12 @@ class LassoSPKitUtilsSession {
|
|||
$athis = self::getSingleton();
|
||||
$athis->set($profile ."Params", $Params);
|
||||
}
|
||||
static function setAssertionAttributes($attributes) {
|
||||
$athis = self::getSingleton();
|
||||
$athis->set('assertionAttributes', $attributes);
|
||||
}
|
||||
static function getAssertionAttributes() {
|
||||
$athis = self::getSingleton();
|
||||
return $athis->get('assertionAttributes');
|
||||
}
|
||||
}
|
||||
|
|
Reference in New Issue