diff options
| author | Olav Morken <olav.morken@uninett.no> | 2009-07-13 06:18:38 +0000 |
|---|---|---|
| committer | Olav Morken <olav.morken@uninett.no> | 2009-07-13 06:18:38 +0000 |
| commit | 64850ab68c731639fe5b50b423d8a83b1ed95c5c (patch) | |
| tree | 03536fab6e1dabcbb0ed1f5f59661bb7ffd390fa | |
| parent | d14d2f19e5b279943dd05420676a3c8876e68a62 (diff) | |
| download | simplesamlphp-64850ab68c731639fe5b50b423d8a83b1ed95c5c.zip simplesamlphp-64850ab68c731639fe5b50b423d8a83b1ed95c5c.tar.gz simplesamlphp-64850ab68c731639fe5b50b423d8a83b1ed95c5c.tar.bz2 | |
SAML20/AuthnResponse: Allow the status to be passed as an instance of sspmod_saml2_Error.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1575 44740490-163a-0410-bde0-09ae8108e29a
| -rw-r--r-- | lib/SimpleSAML/XML/SAML20/AuthnResponse.php | 50 |
1 files changed, 39 insertions, 11 deletions
diff --git a/lib/SimpleSAML/XML/SAML20/AuthnResponse.php b/lib/SimpleSAML/XML/SAML20/AuthnResponse.php index 9a66701..e2c4ef5 100644 --- a/lib/SimpleSAML/XML/SAML20/AuthnResponse.php +++ b/lib/SimpleSAML/XML/SAML20/AuthnResponse.php @@ -639,7 +639,20 @@ class SimpleSAML_XML_SAML20_AuthnResponse extends SimpleSAML_XML_AuthnResponse { * @return AuthenticationResponse as string */ public function generate($idpentityid, $spentityid, $inresponseto, $nameid, $attributes, $status = 'Success', $sessionDuration = 3600) { - + + assert('is_string($status) || $status instanceof sspmod_saml2_Error'); + if (is_string($status)) { + if ($status === 'Success') { + /* Not really an error, but it makes the code simpler. */ + $status = new sspmod_saml2_Error(sspmod_saml2_Const::STATUS_SUCCESS); + } else { + $status = new sspmod_saml2_Error( + sspmod_saml2_Const::STATUS_SUCCESS, + 'urn:oasis:names:tc:SAML:2.0:status:' . $status + ); + } + } + /** * Retrieving metadata for the two specific entity IDs. */ @@ -718,7 +731,7 @@ class SimpleSAML_XML_SAML20_AuthnResponse extends SimpleSAML_XML_AuthnResponse { if (!empty($inresponseto)) $inresponsetoText = 'InResponseTo="' . htmlspecialchars($inresponseto). '" '; $assertion = ""; - if ($status === 'Success') { + if ($status->getStatus() === sspmod_saml2_Const::STATUS_SUCCESS) { $assertion = '<saml:Assertion Version="2.0" ID="' . $assertionid . '" IssueInstant="' . $issueInstant . '"> <saml:Issuer>' . htmlspecialchars($issuer) . '</saml:Issuer> @@ -743,14 +756,9 @@ class SimpleSAML_XML_SAML20_AuthnResponse extends SimpleSAML_XML_AuthnResponse { </saml:AuthnStatement> ' . $attributestatement. ' </saml:Assertion>'; - $statusCode = '<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>'; - } else { - $statusCode = '<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"> - <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:' . $status . '"/> - </samlp:StatusCode>'; } - - + $statusCode = self::generateStatusCode($status); + /** * Generating the response. */ @@ -913,8 +921,28 @@ class SimpleSAML_XML_SAML20_AuthnResponse extends SimpleSAML_XML_AuthnResponse { return $ret; } - - + + + /** + * Generate a SAML 2 StatusCode element from an instance of sspmod_saml2_Error. + * + * @param sspmod_saml2_Error $status The status code. + * @return string The StatusCode element. + */ + private static function generateStatusCode(sspmod_saml2_Error $status) { + + $statusCode = '<samlp:StatusCode Value="' . htmlspecialchars($status->getStatus()) . '">'; + if ($status->getSubStatus() !== NULL) { + $statusCode .= '<samlp:StatusCode Value="' . htmlspecialchars($status->getSubstatus()) . '"/>'; + } + if ($status->getStatusMessage() !== NULL) { + $statusCode .= '<samlp:StatusMessage>' . htmlspecialchars($status->getStatusMessage()) . '</samlp:StatusMessage>'; + } + $statusCode .= '</samlp:StatusCode>'; + + return $statusCode; + } + } ?>
\ No newline at end of file |