当前位置: 首页>>代码示例>>PHP>>正文


PHP SimpleSAML_IdP类代码示例

本文整理汇总了PHP中SimpleSAML_IdP的典型用法代码示例。如果您正苦于以下问题:PHP SimpleSAML_IdP类的具体用法?PHP SimpleSAML_IdP怎么用?PHP SimpleSAML_IdP使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了SimpleSAML_IdP类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: startLogout

 /**
  * Start the logout operation.
  *
  * @param array       &$state The logout state.
  * @param string|null $assocId The SP we are logging out from.
  */
 public function startLogout(array &$state, $assocId)
 {
     assert('is_string($assocId) || is_null($assocId)');
     $associations = $this->idp->getAssociations();
     if (count($associations) === 0) {
         $this->idp->finishLogout($state);
     }
     foreach ($associations as $id => &$association) {
         $idp = SimpleSAML_IdP::getByState($association);
         $association['core:Logout-IFrame:Name'] = $idp->getSPName($id);
         $association['core:Logout-IFrame:State'] = 'onhold';
     }
     $state['core:Logout-IFrame:Associations'] = $associations;
     if (!is_null($assocId)) {
         $spName = $this->idp->getSPName($assocId);
         if ($spName === null) {
             $spName = array('en' => $assocId);
         }
         $state['core:Logout-IFrame:From'] = $spName;
     } else {
         $state['core:Logout-IFrame:From'] = null;
     }
     $params = array('id' => SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame'));
     if (isset($state['core:Logout-IFrame:InitType'])) {
         $params['type'] = $state['core:Logout-IFrame:InitType'];
     }
     $url = SimpleSAML_Module::getModuleURL('core/idp/logout-iframe.php', $params);
     \SimpleSAML\Utils\HTTP::redirectTrustedURL($url);
 }
开发者ID:PitcherAG,项目名称:simplesamlphp,代码行数:35,代码来源:LogoutIFrame.php

示例2: startLogout

 /**
  * Start the logout operation.
  *
  * @param array &$state  The logout state.
  * @param string|NULL $assocId  The SP we are logging out from.
  */
 public function startLogout(array &$state, $assocId)
 {
     assert('is_string($assocId) || is_null($assocId)');
     $associations = $this->idp->getAssociations();
     if (count($associations) === 0) {
         $this->idp->finishLogout($state);
     }
     foreach ($associations as $id => &$association) {
         $idp = SimpleSAML_IdP::getByState($association);
         $association['core:Logout-IFrame:Name'] = $idp->getSPName($id);
         $association['core:Logout-IFrame:State'] = 'onhold';
     }
     $state['core:Logout-IFrame:Associations'] = $associations;
     if (!is_null($assocId)) {
         $spName = $this->idp->getSPName($assocId);
         if ($spName === NULL) {
             $spName = array('en' => $assocId);
         }
         $state['core:Logout-IFrame:From'] = $spName;
     } else {
         $state['core:Logout-IFrame:From'] = NULL;
     }
     $id = SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame');
     $url = SimpleSAML_Module::getModuleURL('core/idp/logout-iframe.php', array('id' => $id));
     SimpleSAML_Utilities::redirect($url);
 }
开发者ID:filonuse,项目名称:fedlab,代码行数:32,代码来源:LogoutIFrame.php

示例3: actionSso

 public function actionSso()
 {
     $metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
     $idp = \SimpleSAML_IdP::getById('saml2:' . $idpEntityId);
     \sspmod_saml_IdP_SAML2::receiveAuthnRequest($idp);
     assert('FALSE');
 }
开发者ID:samiksha-singla,项目名称:Api-Framework,代码行数:8,代码来源:Ssoservice.php

示例4: actionSso

 public function actionSso()
 {
     //logout previous sso session
     \utilities\Registry::clearRegistry();
     $isRequestPost = $this->_request->isPost();
     if ($isRequestPost) {
         // check if every required parameter is set or not
         $username = $this->_request->getParam('username', null);
         $password = $this->_request->getParam('password', null);
         $referrer = $this->_request->getParam('spentityid', null);
         if (!$username) {
             $this->_response->renderJson(array('message' => 'Username is not set'));
         }
         if (!$password) {
             $this->_response->renderJson(array('message' => 'Password is not set'));
         }
         if (!$referrer) {
             $this->_response->renderJson(array('message' => 'Referrer not set'));
         }
         $objDbUserauth = new \models\Users();
         // check if user is authenticated or not
         $userAuthenticationStatus = $objDbUserauth->authenticate($username, $password);
         // user locked due to 5 invalid attempts
         if (\models\Users::ERROR_USER_LOCKED === $userAuthenticationStatus) {
             $this->_response->renderJson(array('message' => 'Your account is locked due to 5 invalid attempts', 'authstatus' => $userAuthenticationStatus));
         }
         //user password is expired
         if (\models\Users::ERROR_USER_PWD_EXPIRED === $userAuthenticationStatus) {
             $this->_response->renderJson(array('message' => 'Your password is expired', 'authstatus' => $userAuthenticationStatus));
         }
         //user authentication is successfull
         if ($userAuthenticationStatus === true) {
             $metadata = \SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
             $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
             $idp = \SimpleSAML_IdP::getById('saml2:' . $idpEntityId);
             \sspmod_saml_IdP_SAML2::receiveAuthnRequest($idp);
             assert('FALSE');
         } else {
             //handle invalid attempts
             $objInvalidAttempts = new \models\UserLoginAttempts();
             $loginAttemptsLeft = $objInvalidAttempts->handleInvalidLoginAttempts($username);
             $invalidAttempt = false;
             // if attempt is invalid username is wrong
             $message = "Invalid credentials";
             if ($loginAttemptsLeft !== false) {
                 // if last attempt was hit then show that account is locked
                 if ($loginAttemptsLeft === 0) {
                     $this->_response->renderJson(array('message' => 'Your account is locked due to 5 invalid attempts', 'authstatus' => \models\Users::ERROR_USER_LOCKED));
                 }
                 $invalidAttempt = true;
                 $message = "Incorrect Password.You have {$loginAttemptsLeft} attempts left";
             }
             $this->_response->renderJson(array('message' => $message, 'invalidAttempt' => $invalidAttempt));
             exit;
         }
     }
     $this->_response->renderJson(array('message' => 'Only post request are accepted'));
 }
开发者ID:samiksha-singla,项目名称:Api-Framework,代码行数:58,代码来源:Users.php

示例5: receiveAuthnRequest

 /**
  * Receive an authentication request.
  *
  * @param SimpleSAML_IdP $idp  The IdP we are receiving it for.
  */
 public static function receiveAuthnRequest(SimpleSAML_IdP $idp)
 {
     if (isset($_REQUEST['cookieTime'])) {
         $cookieTime = (int) $_REQUEST['cookieTime'];
         if ($cookieTime + 5 > time()) {
             /*
              * Less than five seconds has passed since we were
              * here the last time. Cookies are probably disabled.
              */
             \SimpleSAML\Utils\HTTP::checkSessionCookie(\SimpleSAML\Utils\HTTP::getSelfURL());
         }
     }
     if (!isset($_REQUEST['providerId'])) {
         throw new SimpleSAML_Error_BadRequest('Missing providerId parameter.');
     }
     $spEntityId = (string) $_REQUEST['providerId'];
     if (!isset($_REQUEST['shire'])) {
         throw new SimpleSAML_Error_BadRequest('Missing shire parameter.');
     }
     $shire = (string) $_REQUEST['shire'];
     if (isset($_REQUEST['target'])) {
         $target = $_REQUEST['target'];
     } else {
         $target = NULL;
     }
     SimpleSAML\Logger::info('Shib1.3 - IdP.SSOService: Got incoming Shib authnRequest from ' . var_export($spEntityId, TRUE) . '.');
     $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');
     $found = FALSE;
     foreach ($spMetadata->getEndpoints('AssertionConsumerService') as $ep) {
         if ($ep['Binding'] !== 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post') {
             continue;
         }
         if ($ep['Location'] !== $shire) {
             continue;
         }
         $found = TRUE;
         break;
     }
     if (!$found) {
         throw new Exception('Invalid AssertionConsumerService for SP ' . var_export($spEntityId, TRUE) . ': ' . var_export($shire, TRUE));
     }
     SimpleSAML_Stats::log('saml:idp:AuthnRequest', array('spEntityID' => $spEntityId, 'protocol' => 'saml1'));
     $sessionLostURL = \SimpleSAML\Utils\HTTP::addURLParameters(\SimpleSAML\Utils\HTTP::getSelfURL(), array('cookieTime' => time()));
     $state = array('Responder' => array('sspmod_saml_IdP_SAML1', 'sendResponse'), 'SPMetadata' => $spMetadata->toArray(), SimpleSAML_Auth_State::RESTART => $sessionLostURL, 'saml:shire' => $shire, 'saml:target' => $target, 'saml:AuthnRequestReceivedAt' => microtime(TRUE));
     $idp->handleAuthenticationRequest($state);
 }
开发者ID:SysBind,项目名称:simplesamlphp,代码行数:52,代码来源:SAML1.php

示例6: logoutNextSP

 /**
  * Picks the next SP and issues a logout request.
  *
  * This function never returns.
  *
  * @param array &$state  The logout state.
  */
 private function logoutNextSP(array &$state)
 {
     $association = array_pop($state['core:LogoutTraditional:Remaining']);
     if ($association === NULL) {
         $this->idp->finishLogout($state);
     }
     $relayState = SimpleSAML_Auth_State::saveState($state, 'core:LogoutTraditional', TRUE);
     $id = $association['id'];
     SimpleSAML_Logger::info('Logging out of ' . var_export($id, TRUE) . '.');
     try {
         $idp = SimpleSAML_IdP::getByState($association);
         $url = call_user_func(array($association['Handler'], 'getLogoutURL'), $idp, $association, $relayState);
         SimpleSAML_Utilities::redirectTrustedURL($url);
     } catch (Exception $e) {
         SimpleSAML_Logger::warning('Unable to initialize logout to ' . var_export($id, TRUE) . '.');
         $this->idp->terminateAssociation($id);
         $state['core:Failed'] = TRUE;
         /* Try the next SP. */
         $this->logoutNextSP($state);
         assert('FALSE');
     }
 }
开发者ID:danielkjfrog,项目名称:docker,代码行数:29,代码来源:LogoutTraditional.php

示例7: finishLogout

 /**
  * Finish the logout operation.
  *
  * This function will never return.
  *
  * @param array &$state  The logout request state.
  */
 public function finishLogout(array &$state)
 {
     assert('isset($state["Responder"])');
     $idp = SimpleSAML_IdP::getByState($state);
     call_user_func($state['Responder'], $idp, $state);
     assert('FALSE');
 }
开发者ID:shirlei,项目名称:simplesaml,代码行数:14,代码来源:IdP.php

示例8: getLogoutURL

 /**
  * Retrieve a logout URL for a given logout association.
  *
  * @param SimpleSAML_IdP $idp  The IdP we are sending a logout request from.
  * @param array $association  The association that should be terminated.
  * @param string|NULL $relayState  An id that should be carried across the logout.
  */
 public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState)
 {
     assert('is_string($relayState) || is_null($relayState)');
     SimpleSAML_Logger::info('Sending SAML 2.0 LogoutRequest to: ' . var_export($association['saml:entityID'], TRUE));
     $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     $idpMetadata = $idp->getConfig();
     $spMetadata = $metadata->getMetaDataConfig($association['saml:entityID'], 'saml20-sp-remote');
     $bindings = array(SAML2_Const::BINDING_HTTP_REDIRECT, SAML2_Const::BINDING_HTTP_POST);
     $dst = $spMetadata->getEndpointPrioritizedByBinding('SingleLogoutService', $bindings);
     if ($dst['Binding'] === SAML2_Const::BINDING_HTTP_POST) {
         $params = array('association' => $association['id'], 'idp' => $idp->getId());
         if ($relayState !== NULL) {
             $params['RelayState'] = $relayState;
         }
         return SimpleSAML_Module::getModuleURL('core/idp/logout-iframe-post.php', $params);
     }
     $lr = self::buildLogoutRequest($idpMetadata, $spMetadata, $association, $relayState);
     $lr->setDestination($dst['Location']);
     $binding = new SAML2_HTTPRedirect();
     return $binding->getRedirectURL($lr);
 }
开发者ID:rediris-es,项目名称:simplesamlphp,代码行数:28,代码来源:SAML2.php

示例9: assert

<?php

/**
 * ADFS PRP IDP protocol support for simpleSAMLphp.
 *
 * @author Hans Zandbelt, SURFnet bv, <hans.zandbelt@surfnet.nl>
 * @package simpleSAMLphp
 */
SimpleSAML_Logger::info('ADFS - IdP.prp: Accessing ADFS IdP endpoint prp');
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpEntityId = $metadata->getMetaDataCurrentEntityID('adfs-idp-hosted');
$idp = SimpleSAML_IdP::getById('adfs:' . $idpEntityId);
if (isset($_GET['wa'])) {
    if ($_GET['wa'] === 'wsignout1.0') {
        sspmod_adfs_IdP_ADFS::receiveLogoutMessage($idp);
    } else {
        if ($_GET['wa'] === 'wsignin1.0') {
            sspmod_adfs_IdP_ADFS::receiveAuthnRequest($idp);
        }
    }
    assert('FALSE');
} elseif (isset($_GET['assocId'])) {
    // logout response from ADFS SP
    $assocId = $_GET['assocId'];
    /* Association ID of the SP that sent the logout response. */
    $relayState = $_GET['relayState'];
    /* Data that was sent in the logout request to the SP. Can be null. */
    $logoutError = NULL;
    /* NULL on success, or an instance of a SimpleSAML_Error_Exception on failure. */
    $idp->handleLogoutResponse($assocId, $relayState, $logoutError);
}
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:31,代码来源:prp.php

示例10: getLogoutURL

 /**
  * Retrieve a logout URL for a given logout association.
  *
  * @param SimpleSAML_IdP $idp  The IdP we are sending a logout request from.
  * @param array $association  The association that should be terminated.
  * @param string|NULL $relayState  An id that should be carried across the logout.
  */
 public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState)
 {
     assert('is_string($relayState) || is_null($relayState)');
     SimpleSAML_Logger::info('Sending SAML 2.0 LogoutRequest to: ' . var_export($association['saml:entityID'], TRUE));
     $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     $idpMetadata = $idp->getConfig();
     $spMetadata = $metadata->getMetaDataConfig($association['saml:entityID'], 'saml20-sp-remote');
     $lr = sspmod_saml_Message::buildLogoutRequest($idpMetadata, $spMetadata);
     $lr->setRelayState($relayState);
     $lr->setSessionIndex($association['saml:SessionIndex']);
     $lr->setNameId($association['saml:NameID']);
     $assertionLifetime = $spMetadata->getInteger('assertion.lifetime', NULL);
     if ($assertionLifetime === NULL) {
         $assertionLifetime = $idpMetadata->getInteger('assertion.lifetime', 300);
     }
     $lr->setNotOnOrAfter(time() + $assertionLifetime);
     $encryptNameId = $spMetadata->getBoolean('nameid.encryption', NULL);
     if ($encryptNameId === NULL) {
         $encryptNameId = $idpMetadata->getBoolean('nameid.encryption', FALSE);
     }
     if ($encryptNameId) {
         $lr->encryptNameId(sspmod_saml_Message::getEncryptionKey($spMetadata));
     }
     SimpleSAML_Stats::log('saml:idp:LogoutRequest:sent', array('spEntityID' => $association['saml:entityID'], 'idpEntityID' => $idpMetadata->getString('entityid')));
     $binding = new SAML2_HTTPRedirect();
     return $binding->getRedirectURL($lr);
 }
开发者ID:ravi-sharma,项目名称:saml-sso-integration,代码行数:34,代码来源:SAML2.php

示例11: get_sp_list

 /**
  * Get a list of associated SAML 2 SPs.
  *
  * This function is just for backwards-compatibility. New code should
  * use the SimpleSAML_IdP::getAssociations()-function.
  *
  * @return array  Array of SAML 2 entityIDs.
  * @deprecated  Will be removed in the future.
  */
 public function get_sp_list()
 {
     $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     try {
         $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
         $idp = SimpleSAML_IdP::getById('saml2:' . $idpEntityId);
     } catch (Exception $e) {
         /* No SAML 2 IdP configured? */
         return array();
     }
     $ret = array();
     foreach ($idp->getAssociations() as $assoc) {
         if (isset($assoc['saml:entityID'])) {
             $ret[] = $assoc['saml:entityID'];
         }
     }
     return $ret;
 }
开发者ID:jerrcs,项目名称:simplesamlphp,代码行数:27,代码来源:Session.php

示例12: SimpleSAML_Error_BadRequest

<?php

if (!isset($_REQUEST['idp'])) {
    throw new SimpleSAML_Error_BadRequest('Missing "idp" parameter.');
}
$idp = (string) $_REQUEST['idp'];
$idp = SimpleSAML_IdP::getById($idp);
if (!isset($_REQUEST['association'])) {
    throw new SimpleSAML_Error_BadRequest('Missing "association" parameter.');
}
$assocId = urldecode($_REQUEST['association']);
$relayState = NULL;
if (isset($_REQUEST['RelayState'])) {
    $relayState = (string) $_REQUEST['RelayState'];
}
$associations = $idp->getAssociations();
if (!isset($associations[$assocId])) {
    throw new SimpleSAML_Error_BadRequest('Invalid association id.');
}
$association = $associations[$assocId];
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpMetadata = $idp->getConfig();
$spMetadata = $metadata->getMetaDataConfig($association['saml:entityID'], 'saml20-sp-remote');
$lr = sspmod_saml_Message::buildLogoutRequest($idpMetadata, $spMetadata);
$lr->setSessionIndex($association['saml:SessionIndex']);
$lr->setNameId($association['saml:NameID']);
$assertionLifetime = $spMetadata->getInteger('assertion.lifetime', NULL);
if ($assertionLifetime === NULL) {
    $assertionLifetime = $idpMetadata->getInteger('assertion.lifetime', 300);
}
$lr->setNotOnOrAfter(time() + $assertionLifetime);
开发者ID:simplesamlphp,项目名称:simplesamlphp,代码行数:31,代码来源:logout-iframe-post.php

示例13: reauthLogout

 /**
  * Log the user out before logging in again.
  *
  * This method will never return.
  *
  * @param array $state The state array.
  */
 public static function reauthLogout(array $state)
 {
     SimpleSAML\Logger::debug('Proxy: logging the user out before re-authentication.');
     if (isset($state['Responder'])) {
         $state['saml:proxy:reauthLogout:PrevResponder'] = $state['Responder'];
     }
     $state['Responder'] = array('sspmod_saml_Auth_Source_SP', 'reauthPostLogout');
     $idp = SimpleSAML_IdP::getByState($state);
     $idp->handleLogoutRequest($state, null);
     assert('false');
 }
开发者ID:simplesamlphp,项目名称:simplesamlphp,代码行数:18,代码来源:SP.php

示例14: SimpleSAML_Error_BadRequest

<?php

/**
 * This is the handler for logout started from the consent page.
 *
 * @package simpleSAMLphp
 */
if (!array_key_exists('StateId', $_GET)) {
    throw new SimpleSAML_Error_BadRequest('Missing required StateId query parameter.');
}
$id = (string) $_GET['StateId'];
// sanitize the input
$sid = SimpleSAML_Utilities::parseStateID($id);
if (!is_null($sid['url'])) {
    SimpleSAML_Utilities::checkURLAllowed($sid['url']);
}
$state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
$state['Responder'] = array('sspmod_consent_Logout', 'postLogout');
$idp = SimpleSAML_IdP::getByState($state);
$idp->handleLogoutRequest($state, NULL);
assert('FALSE');
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:21,代码来源:logout.php

示例15: getLogoutURL

 public static function getLogoutURL(SimpleSAML_IdP $idp, array $association, $relayState)
 {
     $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
     $idpMetadata = $idp->getConfig();
     $spMetadata = $metadata->getMetaDataConfig($association['adfs:entityID'], 'adfs-sp-remote');
     $returnTo = SimpleSAML\Module::getModuleURL('adfs/idp/prp.php?assocId=' . urlencode($association["id"]) . '&relayState=' . urlencode($relayState));
     return $spMetadata->getValue('prp') . '?' . 'wa=wsignoutcleanup1.0&wreply=' . urlencode($returnTo);
 }
开发者ID:simplesamlphp,项目名称:simplesamlphp,代码行数:8,代码来源:ADFS.php


注:本文中的SimpleSAML_IdP类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。