diff options
| -rw-r--r-- | lib/SAML2/HTTPPost.php | 5 | ||||
| -rw-r--r-- | lib/SAML2/HTTPRedirect.php | 5 | ||||
| -rw-r--r-- | lib/SAML2/SOAPClient.php | 4 | ||||
| -rw-r--r-- | lib/SimpleSAML/Bindings/Shib13/Artifact.php | 4 | ||||
| -rw-r--r-- | lib/SimpleSAML/Bindings/Shib13/HTTPPost.php | 4 | ||||
| -rw-r--r-- | lib/SimpleSAML/Utilities.php | 29 |
6 files changed, 51 insertions, 0 deletions
diff --git a/lib/SAML2/HTTPPost.php b/lib/SAML2/HTTPPost.php index 3a0a85c..fc98537 100644 --- a/lib/SAML2/HTTPPost.php +++ b/lib/SAML2/HTTPPost.php @@ -26,6 +26,9 @@ class SAML2_HTTPPost extends SAML2_Binding { $msgStr = $message->toSignedXML(); $msgStr = $msgStr->ownerDocument->saveXML($msgStr); + + SimpleSAML_Utilities::debugMessage($msgStr, 'out'); + $msgStr = base64_encode($msgStr); $msgStr = htmlspecialchars($msgStr); @@ -86,6 +89,8 @@ END; $msg = base64_decode($msg); + SimpleSAML_Utilities::debugMessage($msg, 'in'); + $document = new DOMDocument(); $document->loadXML($msg); $xml = $document->firstChild; diff --git a/lib/SAML2/HTTPRedirect.php b/lib/SAML2/HTTPRedirect.php index 71a32b4..24f13c1 100644 --- a/lib/SAML2/HTTPRedirect.php +++ b/lib/SAML2/HTTPRedirect.php @@ -30,6 +30,9 @@ class SAML2_HTTPRedirect extends SAML2_Binding { $msgStr = $message->toUnsignedXML(); $msgStr = $msgStr->ownerDocument->saveXML($msgStr); + + SimpleSAML_Utilities::debugMessage($msgStr, 'out'); + $msgStr = gzdeflate($msgStr); $msgStr = base64_encode($msgStr); @@ -112,6 +115,8 @@ class SAML2_HTTPRedirect extends SAML2_Binding { throw new Exception('Unknown SAMLEncoding: ' . var_export($encoding, TRUE)); } + SimpleSAML_Utilities::debugMessage($msg, 'in'); + $document = new DOMDocument(); $document->loadXML($msg); $xml = $document->firstChild; diff --git a/lib/SAML2/SOAPClient.php b/lib/SAML2/SOAPClient.php index 292d166..fc1824f 100644 --- a/lib/SAML2/SOAPClient.php +++ b/lib/SAML2/SOAPClient.php @@ -91,6 +91,8 @@ class SAML2_SOAPClient { $request = $msg->toSignedXML(); $request = self::START_SOAP_ENVELOPE . $request->ownerDocument->saveXML($request) . self::END_SOAP_ENVELOPE; + SimpleSAML_Utilities::debugMessage($request, 'out'); + $action = 'http://www.oasis-open.org/committees/security'; $version = '1.1'; $destination = $msg->getDestination(); @@ -102,6 +104,8 @@ class SAML2_SOAPClient { throw new Exception('Empty SOAP response, check peer certificate.'); } + SimpleSAML_Utilities::debugMessage($soapresponsexml, 'in'); + // Convert to SAML2_Message (DOMElement) $dom = new DOMDocument(); if (!$dom->loadXML($soapresponsexml)) { diff --git a/lib/SimpleSAML/Bindings/Shib13/Artifact.php b/lib/SimpleSAML/Bindings/Shib13/Artifact.php index 63241b1..7ed7561 100644 --- a/lib/SimpleSAML/Bindings/Shib13/Artifact.php +++ b/lib/SimpleSAML/Bindings/Shib13/Artifact.php @@ -122,6 +122,8 @@ class SimpleSAML_Bindings_Shib13_Artifact { $artifacts = self::getArtifacts(); $request = self::buildRequest($artifacts); + SimpleSAML_Utilities::debugMessage($msgStr, 'out'); + $url = $idpMetadata->getDefaultEndpoint('ArtifactResolutionService', array('urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding')); $url = $url['Location']; @@ -166,6 +168,8 @@ class SimpleSAML_Bindings_Shib13_Artifact { throw new SimpleSAML_Error_Exception('Failed to retrieve assertion from IdP.'); } + SimpleSAML_Utilities::debugMessage($response, 'in'); + /* Find the response in the SOAP message. */ $response = self::extractResponse($response); diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php index bd6cff3..ee769e5 100644 --- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php +++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php @@ -79,6 +79,8 @@ class SimpleSAML_Bindings_Shib13_HTTPPost { $response = $responsedom->saveXML(); + SimpleSAML_Utilities::debugMessage($response, 'out'); + if ($this->configuration->getBoolean('debug', FALSE)) { $p = new SimpleSAML_XHTML_Template($this->configuration, 'post-debug.php'); $p->data['header'] = 'SAML (Shibboleth 1.3) Response Debug-mode'; @@ -114,6 +116,8 @@ class SimpleSAML_Bindings_Shib13_HTTPPost { $rawResponse = $post['SAMLResponse']; $samlResponseXML = base64_decode($rawResponse); + SimpleSAML_Utilities::debugMessage($samlResponseXML, 'in'); + SimpleSAML_Utilities::validateXMLDocument($samlResponseXML, 'saml11'); $samlResponse = new SimpleSAML_XML_Shib13_AuthnResponse(); diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php index 5b78098..02057ee 100644 --- a/lib/SimpleSAML/Utilities.php +++ b/lib/SimpleSAML/Utilities.php @@ -1906,6 +1906,35 @@ class SimpleSAML_Utilities { SimpleSAML_Utilities::redirect($url); } + + /** + * Helper function to log messages that we send or receive. + * + * @param string $message The message, as an XML string. + * @param string $type Whether this message is sent or received. + */ + public static function debugMessage($message, $type) { + assert('is_string($message)'); + assert('$type === "out" || $type === "in"'); + + $globalConfig = SimpleSAML_Configuration::getInstance(); + if (!$globalConfig->getBoolean('debug', FALSE)) { + /* Message debug disabled. */ + return; + } + + if ($type === 'in') { + SimpleSAML_Logger::debug('Received message:'); + } else { + SimpleSAML_Logger::debug('Sending message:'); + } + + $str = self::formatXMLString($message); + foreach (explode("\n", $str) as $line) { + SimpleSAML_Logger::debug($line); + } + } + } ?>
\ No newline at end of file |