當前位置: 首頁>>代碼示例>>PHP>>正文


PHP SimpleSAML_Utilities::checkURLAllowed方法代碼示例

本文整理匯總了PHP中SimpleSAML_Utilities::checkURLAllowed方法的典型用法代碼示例。如果您正苦於以下問題:PHP SimpleSAML_Utilities::checkURLAllowed方法的具體用法?PHP SimpleSAML_Utilities::checkURLAllowed怎麽用?PHP SimpleSAML_Utilities::checkURLAllowed使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在SimpleSAML_Utilities的用法示例。


在下文中一共展示了SimpleSAML_Utilities::checkURLAllowed方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: __construct

    /**
     * Initialize the filter.
     *
     * @param array $config  Configuration information about this filter.
     * @param mixed $reserved  For future use
     */
    public function __construct($config, $reserved)
    {
        parent::__construct($config, $reserved);
        assert('is_array($config)');
        if (array_key_exists('enforce_2fa', $config)) {
            $this->enforce_2fa = $config['enforce_2fa'];
            if (!is_bool($this->enforce_2fa)) {
                throw new Exception('Invalid attribute name given to simpletotp::2fa filter:
 enforce_2fa must be a boolean.');
            }
        }
        if (array_key_exists('secret_attr', $config)) {
            $this->secret_attr = $config['secret_attr'];
            if (!is_string($this->secret_attr)) {
                throw new Exception('Invalid attribute name given to simpletotp::2fa filter:
 secret_attr must be a string');
            }
        }
        if (array_key_exists('not_configured_url', $config)) {
            $this->not_configured_url = $config['not_configured_url'];
            if (!is_string($config['not_configured_url'])) {
                throw new Exception('Invalid attribute value given to simpletotp::2fa filter:
 not_configured_url must be a string');
            }
            //validate URL to ensure it's we will be able to redirect to
            $this->not_configured_url = SimpleSAML_Utilities::checkURLAllowed($config['not_configured_url']);
        }
    }
開發者ID:ejyothi,項目名稱:SimpleTOTP,代碼行數:34,代碼來源:2fa.php

示例2: handleLogin

 public static function handleLogin($authStateId, $xmlToken)
 {
     assert('is_string($authStateId)');
     $config = SimpleSAML_Configuration::getInstance();
     $autoconfig = $config->copyFromBase('logininfocard', 'config-login-infocard.php');
     $idp_key = $autoconfig->getValue('idp_key');
     $idp_pass = $autoconfig->getValue('idp_key_pass', NULL);
     $sts_crt = $autoconfig->getValue('sts_crt');
     $Infocard = $autoconfig->getValue('InfoCard');
     $infocard = new sspmod_InfoCard_RP_InfoCard();
     $infocard->addIDPKey($idp_key, $idp_pass);
     $infocard->addSTSCertificate($sts_crt);
     if (!$xmlToken) {
         SimpleSAML_Logger::debug("XMLtoken: " . $xmlToken);
     } else {
         SimpleSAML_Logger::debug("NOXMLtoken: " . $xmlToken);
     }
     $claims = $infocard->process($xmlToken);
     if ($claims->isValid()) {
         $attributes = array();
         foreach ($Infocard['requiredClaims'] as $claim => $data) {
             $attributes[$claim] = array($claims->{$claim});
         }
         foreach ($Infocard['optionalClaims'] as $claim => $data) {
             $attributes[$claim] = array($claims->{$claim});
         }
         // sanitize the input
         $sid = SimpleSAML_Utilities::parseStateID($authStateId);
         if (!is_null($sid['url'])) {
             SimpleSAML_Utilities::checkURLAllowed($sid['url']);
         }
         /* Retrieve the authentication state. */
         $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);
         /* Find authentication source. */
         assert('array_key_exists(self::AUTHID, $state)');
         $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);
         if ($source === NULL) {
             throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
         }
         $state['Attributes'] = $attributes;
         unset($infocard);
         unset($claims);
         SimpleSAML_Auth_Source::completeAuth($state);
     } else {
         unset($infocard);
         unset($claims);
         return 'wrong_IC';
     }
 }
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:49,代碼來源:ICAuth.php

示例3: check_credentials

/**
 * Check the credentials that the user got from the A-Select server.
 * This function is called after the user returns from the A-Select server.
 *
 * @author Wessel Dankers, Tilburg University
 */
function check_credentials()
{
    if (!array_key_exists('ssp_state', $_REQUEST)) {
        SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_Exception("Missing ssp_state parameter"));
    }
    $id = $_REQUEST['ssp_state'];
    // sanitize the input
    $sid = SimpleSAML_Utilities::parseStateID($id);
    if (!is_null($sid['url'])) {
        SimpleSAML_Utilities::checkURLAllowed($sid['url']);
    }
    $state = SimpleSAML_Auth_State::loadState($id, 'aselect:login');
    if (!array_key_exists('a-select-server', $_REQUEST)) {
        SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_Exception("Missing a-select-server parameter"));
    }
    $server_id = $_REQUEST['a-select-server'];
    if (!array_key_exists('aselect_credentials', $_REQUEST)) {
        SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_Exception("Missing aselect_credentials parameter"));
    }
    $credentials = $_REQUEST['aselect_credentials'];
    if (!array_key_exists('rid', $_REQUEST)) {
        SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_Exception("Missing rid parameter"));
    }
    $rid = $_REQUEST['rid'];
    try {
        if (!array_key_exists('aselect::authid', $state)) {
            throw new SimpleSAML_Error_Exception("ASelect authentication source missing in state");
        }
        $authid = $state['aselect::authid'];
        $aselect = SimpleSAML_Auth_Source::getById($authid);
        if (is_null($aselect)) {
            throw new SimpleSAML_Error_Exception("Could not find authentication source with id {$authid}");
        }
        $creds = $aselect->verify_credentials($server_id, $credentials, $rid);
        if (array_key_exists('attributes', $creds)) {
            $state['Attributes'] = $creds['attributes'];
        } else {
            $res = $creds['res'];
            $state['Attributes'] = array('uid' => array($res['uid']), 'organization' => array($res['organization']));
        }
    } catch (Exception $e) {
        SimpleSAML_Auth_State::throwException($state, $e);
    }
    SimpleSAML_Auth_Source::completeAuth($state);
    SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_Exception("Internal error in A-Select component"));
}
開發者ID:danielkjfrog,項目名稱:docker,代碼行數:52,代碼來源:credentials.php

示例4: onResponse

 /**
  * Continue the logout operation.
  *
  * This function will never return.
  *
  * @param string $assocId  The association that is terminated.
  * @param string|NULL $relayState  The RelayState from the start of the logout.
  * @param SimpleSAML_Error_Exception|NULL $error  The error that occurred during session termination (if any).
  */
 public function onResponse($assocId, $relayState, SimpleSAML_Error_Exception $error = NULL)
 {
     assert('is_string($assocId)');
     assert('is_string($relayState) || is_null($relayState)');
     if ($relayState === NULL) {
         throw new SimpleSAML_Error_Exception('RelayState lost during logout.');
     }
     // sanitize the input
     $sid = SimpleSAML_Utilities::parseStateID($relayState);
     if (!is_null($sid['url'])) {
         SimpleSAML_Utilities::checkURLAllowed($sid['url']);
     }
     $state = SimpleSAML_Auth_State::loadState($relayState, 'core:LogoutTraditional');
     if ($error === NULL) {
         SimpleSAML_Logger::info('Logged out of ' . var_export($assocId, TRUE) . '.');
         $this->idp->terminateAssociation($assocId);
     } else {
         SimpleSAML_Logger::warning('Error received from ' . var_export($assocId, TRUE) . ' during logout:');
         $error->logWarning();
         $state['core:Failed'] = TRUE;
     }
     self::logoutNextSP($state);
 }
開發者ID:danielkjfrog,項目名稱:docker,代碼行數:32,代碼來源:LogoutTraditional.php

示例5: SimpleSAML_Error_BadRequest

<?php

/*
 * This endpoint is provided for backwards compatibility,
 * and should not be used.
 *
 * Use SingleLogoutService.php?ReturnTo=... instead.
 */
require_once '../../_include.php';
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
$idp = SimpleSAML_IdP::getById('saml2:' . $idpEntityId);
if (!isset($_REQUEST['RelayState'])) {
    throw new SimpleSAML_Error_BadRequest('Missing required RelayState parameter.');
}
$idp->doLogoutRedirect(SimpleSAML_Utilities::checkURLAllowed((string) $_REQUEST['RelayState']));
assert('FALSE');
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:17,代碼來源:idpInitSingleLogoutServiceiFrame.php

示例6: logout

 /**
  * Log out from this authentication source.
  *
  * This function should be overridden if the authentication source requires special
  * steps to complete a logout operation.
  *
  * If the logout process requires a redirect, the state should be saved. Once the
  * logout operation is completed, the state should be restored, and completeLogout
  * should be called with the state. If this operation can be completed without
  * showing the user a page, or redirecting, this function should return.
  *
  * @param array &$state  Information about the current logout operation.
  */
 public function logout(&$state)
 {
     assert('is_array($state)');
     // check first if we have a valid session
     if ($this->_poa->isAuthenticated()) {
         /* We are will need the authId in order to retrieve this authentication source later. */
         $state[self::AUTHID] = $this->authId;
         $this->_stateId = SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
         // TODO: pending on phpPoA adding PAPI_SLO_REDIRECT_URL_FINISH hook
         $this->_poa->addHook("PAPI_SLO_REDIRECT_URL_FINISH", new Hook(array($this, "modifyParams")));
         // perform single logout, this won't return
         $this->_poa->logout(true);
     } else {
         if (isset($_REQUEST['SSPStateID'])) {
             $this->_stateId = (string) $_REQUEST['SSPStateID'];
             // sanitize the input
             $sid = SimpleSAML_Utilities::parseStateID($this->_stateId);
             if (!is_null($sid['url'])) {
                 SimpleSAML_Utilities::checkURLAllowed($sid['url']);
             }
             $state = SimpleSAML_Auth_State::loadState($this->_stateId, self::STAGE_INIT);
         } else {
             return;
         }
     }
     self::completeLogout($state);
 }
開發者ID:shirlei,項目名稱:simplesaml,代碼行數:40,代碼來源:PAPI.php

示例7: array_unique

    }
    if (array_key_exists('IDPList', $spmetadata)) {
        $IDPList = array_unique(array_merge($IDPList, $spmetadata['IDPList']));
    }
    if (isset($_GET['IDPList']) && !empty($_GET['IDPList'])) {
        $providers = $_GET['IDPList'];
        if (!is_array($providers)) {
            $providers = array($providers);
        }
        $IDPList = array_merge($IDPList, $providers);
    }
    $ar->setIDPList($IDPList);
    /* Save request information. */
    $info = array();
    $info['RelayState'] = $returnTo;
    if (array_key_exists('OnError', $_REQUEST)) {
        $info['OnError'] = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['OnError']);
    }
    $session->setData('SAML2:SP:SSO:Info', $ar->getId(), $info);
    /* Select appropriate SSO endpoint */
    if ($ar->getProtocolBinding() === SAML2_Const::BINDING_HOK_SSO) {
        $dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(SAML2_Const::BINDING_HOK_SSO));
    } else {
        $dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(SAML2_Const::BINDING_HTTP_REDIRECT, SAML2_Const::BINDING_HTTP_POST));
    }
    $ar->setDestination($dst['Location']);
    $b = SAML2_Binding::getBinding($dst['Binding']);
    $b->send($ar);
} catch (Exception $exception) {
    throw new SimpleSAML_Error_Error('CREATEREQUEST', $exception);
}
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:31,代碼來源:initSSO.php

示例8: resume

 /**
  * Resume authentication process.
  *
  * This function resumes the authentication process after the user has
  * entered his or her credentials.
  *
  * @param array &$state  The authentication state.
  */
 public static function resume()
 {
     /*
      * First we need to restore the $state-array. We should have the identifier for
      * it in the 'State' request parameter.
      */
     if (!isset($_REQUEST['State'])) {
         throw new SimpleSAML_Error_BadRequest('Missing "State" parameter.');
     }
     $stateId = (string) $_REQUEST['State'];
     // sanitize the input
     $sid = SimpleSAML_Utilities::parseStateID($stateId);
     if (!is_null($sid['url'])) {
         SimpleSAML_Utilities::checkURLAllowed($sid['url']);
     }
     /*
      * Once again, note the second parameter to the loadState function. This must
      * match the string we used in the saveState-call above.
      */
     $state = SimpleSAML_Auth_State::loadState($stateId, 'exampleauth:External');
     /*
      * Now we have the $state-array, and can use it to locate the authentication
      * source.
      */
     $source = SimpleSAML_Auth_Source::getById($state['exampleauth:AuthID']);
     if ($source === NULL) {
         /*
          * The only way this should fail is if we remove or rename the authentication source
          * while the user is at the login page.
          */
         throw new SimpleSAML_Error_Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
     }
     /*
      * Make sure that we haven't switched the source type while the
      * user was at the authentication page. This can only happen if we
      * change config/authsources.php while an user is logging in.
      */
     if (!$source instanceof self) {
         throw new SimpleSAML_Error_Exception('Authentication source type changed.');
     }
     /*
      * OK, now we know that our current state is sane. Time to actually log the user in.
      *
      * First we check that the user is acutally logged in, and didn't simply skip the login page.
      */
     $attributes = $source->getUser();
     if ($attributes === NULL) {
         /*
          * The user isn't authenticated.
          *
          * Here we simply throw an exception, but we could also redirect the user back to the
          * login page.
          */
         throw new SimpleSAML_Error_Exception('User not authenticated after login page.');
     }
     /*
      * So, we have a valid user. Time to resume the authentication process where we
      * paused it in the authenticate()-function above.
      */
     $state['Attributes'] = $attributes;
     SimpleSAML_Auth_Source::completeAuth($state);
     /*
      * The completeAuth-function never returns, so we never get this far.
      */
     assert('FALSE');
 }
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:74,代碼來源:External.php

示例9: handleLogin

 /**
  * Handle login request.
  *
  * This function is used by the login form (core/www/loginuserpass.php) when the user
  * enters a username and password. On success, it will not return. On wrong
  * username/password failure, it will return the error code. Other failures will throw an
  * exception.
  *
  * @param string $authStateId  The identifier of the authentication state.
  * @param string $otp  The one time password entered-
  * @return string  Error code in the case of an error.
  */
 public static function handleLogin($authStateId, $otp)
 {
     assert('is_string($authStateId)');
     assert('is_string($otp)');
     // sanitize the input
     $sid = SimpleSAML_Utilities::parseStateID($authStateId);
     if (!is_null($sid['url'])) {
         SimpleSAML_Utilities::checkURLAllowed($sid['url']);
     }
     /* Retrieve the authentication state. */
     $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);
     /* Find authentication source. */
     assert('array_key_exists(self::AUTHID, $state)');
     $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);
     if ($source === NULL) {
         throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
     }
     try {
         /* Attempt to log in. */
         $attributes = $source->login($otp);
     } catch (SimpleSAML_Error_Error $e) {
         /* An error occurred during login. Check if it is because of the wrong
          * username/password - if it is, we pass that error up to the login form,
          * if not, we let the generic error handler deal with it.
          */
         if ($e->getErrorCode() === 'WRONGUSERPASS') {
             return 'WRONGUSERPASS';
         }
         /* Some other error occurred. Rethrow exception and let the generic error
          * handler deal with it.
          */
         throw $e;
     }
     $state['Attributes'] = $attributes;
     SimpleSAML_Auth_Source::completeAuth($state);
 }
開發者ID:shirlei,項目名稱:simplesaml,代碼行數:48,代碼來源:YubiKey.php

示例10: handleLogin

 /**
  * Handle login request.
  *
  * This function is used by the login form (core/www/loginuserpass.php) when the user
  * enters a username and password. On success, it will not return. On wrong
  * username/password failure, and other errors, it will throw an exception.
  *
  * @param string $authStateId  The identifier of the authentication state.
  * @param string $username  The username the user wrote.
  * @param string $password  The password the user wrote.
  */
 public static function handleLogin($authStateId, $username, $password)
 {
     assert('is_string($authStateId)');
     assert('is_string($username)');
     assert('is_string($password)');
     // sanitize the input
     $sid = SimpleSAML_Utilities::parseStateID($authStateId);
     if (!is_null($sid['url'])) {
         SimpleSAML_Utilities::checkURLAllowed($sid['url']);
     }
     /* Here we retrieve the state array we saved in the authenticate-function. */
     $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);
     /* Retrieve the authentication source we are executing. */
     assert('array_key_exists(self::AUTHID, $state)');
     $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);
     if ($source === NULL) {
         throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
     }
     /*
      * $source now contains the authentication source on which authenticate()
      * was called. We should call login() on the same authentication source.
      */
     /* Attempt to log in. */
     try {
         $attributes = $source->login($username, $password);
     } catch (Exception $e) {
         SimpleSAML_Logger::stats('Unsuccessful login attempt from ' . $_SERVER['REMOTE_ADDR'] . '.');
         throw $e;
     }
     SimpleSAML_Logger::stats('User \'' . $username . '\' has been successfully authenticated.');
     /* Save the attributes we received from the login-function in the $state-array. */
     assert('is_array($attributes)');
     $state['Attributes'] = $attributes;
     /* Return control to simpleSAMLphp after successful authentication. */
     SimpleSAML_Auth_Source::completeAuth($state);
 }
開發者ID:danielkjfrog,項目名稱:docker,代碼行數:47,代碼來源:UserPassBase.php

示例11: Exception

    require_once $ldapconfigfile;
    if (!array_key_exists($idpentityid, $casldapconfig)) {
        throw new Exception('No LDAP authentication configuration for this SAML 2.0 entity ID [' . $idpentityid . ']');
    }
    $ldapconfig = $casldapconfig[$idpentityid]['ldap'];
} catch (Exception $exception) {
    throw new SimpleSAML_Error_Error('METADATA', $exception);
}
/*
 * Load the RelayState argument. The RelayState argument contains the address
 * we should redirect the user to after a successful authentication.
 */
if (!array_key_exists('RelayState', $_REQUEST)) {
    throw new SimpleSAML_Error_Error('NORELAYSTATE');
}
$relaystate = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['RelayState']);
if ($username = $_POST['username']) {
    try {
        $ldap = new SimpleSAML_Auth_LDAP($ldapconfig['servers'], $ldapconfig['enable_tls']);
        $attributes = $ldap->validate($ldapconfig, $username, $_POST['password']);
        if ($attributes === FALSE) {
            $error = "LDAP_INVALID_CREDENTIALS";
        } else {
            $session->doLogin('login-wayf-ldap');
            $session->setAttributes($attributes);
            $session->setNameID(array('value' => SimpleSAML_Utilities::generateID(), 'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
            SimpleSAML_Utilities::redirectTrustedURL($relaystate);
        }
    } catch (Exception $e) {
        throw new SimpleSAML_Error_Error('LDAPERROR', $e);
    }
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:31,代碼來源:login-wayf-ldap.php

示例12: listOrganizations

 /**
  * Get available organizations.
  *
  * This function is used by the login form to get the available organizations.
  *
  * @param string $authStateId  The identifier of the authentication state.
  * @return array|NULL  Array of organizations. NULL if the user must enter the
  *         organization as part of the username.
  */
 public static function listOrganizations($authStateId)
 {
     assert('is_string($authStateId)');
     // sanitize the input
     $sid = SimpleSAML_Utilities::parseStateID($authStateId);
     if (!is_null($sid['url'])) {
         SimpleSAML_Utilities::checkURLAllowed($sid['url']);
     }
     /* Retrieve the authentication state. */
     $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);
     /* Find authentication source. */
     assert('array_key_exists(self::AUTHID, $state)');
     $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);
     if ($source === NULL) {
         throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
     }
     $orgMethod = $source->getUsernameOrgMethod();
     if ($orgMethod === 'force') {
         return NULL;
     }
     return $source->getOrganizations();
 }
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:31,代碼來源:UserPassOrgBase.php

示例13: assert

    assert('array_key_exists("saml:sp:AuthId", $state)');
    if ($state['saml:sp:AuthId'] !== $sourceId) {
        throw new SimpleSAML_Error_Exception('The authentication source id in the URL does not match the authentication source which sent the request.');
    }
    /* Check that the issuer is the one we are expecting. */
    assert('array_key_exists("ExpectedIssuer", $state)');
    if ($state['ExpectedIssuer'] !== $idp) {
        $idpMetadata = $source->getIdPMetadata($idp);
        $idplist = $idpMetadata->getArrayize('IDPList', array());
        if (!in_array($state['ExpectedIssuer'], $idplist)) {
            throw new SimpleSAML_Error_Exception('The issuer of the response does not match to the identity provider we sent the request to.');
        }
    }
} else {
    /* This is an unsolicited response. */
    $state = array('saml:sp:isUnsolicited' => TRUE, 'saml:sp:AuthId' => $sourceId, 'saml:sp:RelayState' => SimpleSAML_Utilities::checkURLAllowed($response->getRelayState()));
}
SimpleSAML_Logger::debug('Received SAML2 Response from ' . var_export($idp, TRUE) . '.');
if (empty($idpMetadata)) {
    $idpMetadata = $source->getIdPmetadata($idp);
}
try {
    $assertions = sspmod_saml_Message::processResponse($spMetadata, $idpMetadata, $response);
} catch (sspmod_saml_Error $e) {
    /* The status of the response wasn't "success". */
    $e = $e->toException();
    SimpleSAML_Auth_State::throwException($state, $e);
}
$authenticatingAuthority = NULL;
$nameId = NULL;
$sessionIndex = NULL;
開發者ID:Stony-Brook-University,項目名稱:doitsbu,代碼行數:31,代碼來源:saml2-acs.php

示例14: SimpleSAML_Error_BadRequest

 $response = $b->receive();
 if (!$response instanceof SAML2_Response) {
     throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.');
 }
 $idp = $response->getIssuer();
 if ($idp === NULL) {
     throw new Exception('Missing <saml:Issuer> in message delivered to AssertionConsumerService.');
 }
 $idpMetadata = $metadataHandler->getMetaDataConfig($idp, 'saml20-idp-remote');
 /* Fetch the request information if it exists, fall back to RelayState if not. */
 $requestId = $response->getInResponseTo();
 $info = $session->getData('SAML2:SP:SSO:Info', $requestId);
 if ($info === NULL) {
     /* Fall back to RelayState. */
     $info = array();
     $info['RelayState'] = SimpleSAML_Utilities::checkURLAllowed($response->getRelayState());
     if (empty($info['RelayState'])) {
         $info['RelayState'] = $spMetadata->getString('RelayState', NULL);
     }
     if (empty($info['RelayState'])) {
         /* RelayState missing. */
         throw new SimpleSAML_Error_Error('NORELAYSTATE');
     }
 }
 try {
     $assertion = sspmod_saml_Message::processResponse($spMetadata, $idpMetadata, $response);
     if (count($assertion) > 1) {
         throw new SimpleSAML_Error_Exception('More than one assertion in received response.');
     }
     $assertion = $assertion[0];
 } catch (sspmod_saml_Error $e) {
開發者ID:shirlei,項目名稱:simplesaml,代碼行數:31,代碼來源:AssertionConsumerService.php

示例15: foreach

<?php

require_once '_include.php';
/**
 * This page clears the user's IdP discovery choices.
 */
/* The base path for cookies. This should be the installation directory for simpleSAMLphp. */
$config = SimpleSAML_Configuration::getInstance();
$cookiePath = '/' . $config->getBaseUrl();
/* We delete all cookies which starts with 'idpdisco_' */
foreach ($_COOKIE as $cookieName => $value) {
    if (substr($cookieName, 0, 9) !== 'idpdisco_') {
        /* Not a idpdisco cookie. */
        continue;
    }
    /* Delete the cookie. We delete it once without the secure flag and once with the secure flag. This
     * ensures that the cookie will be deleted in any case.
     */
    SimpleSAML_Utilities::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE);
}
/* Find where we should go now. */
if (array_key_exists('ReturnTo', $_REQUEST)) {
    $returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']);
} else {
    /* Return to the front page if no other destination is given. This is the same as the base cookie path. */
    $returnTo = $cookiePath;
}
/* Redirect to destination. */
SimpleSAML_Utilities::redirectTrustedURL($returnTo);
開發者ID:shirlei,項目名稱:simplesaml,代碼行數:29,代碼來源:cleardiscochoices.php


注:本文中的SimpleSAML_Utilities::checkURLAllowed方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。