5 files changed, 0 insertions, 585 deletions
diff --git a/www/saml2/sp/AssertionConsumerService.php b/www/saml2/sp/AssertionConsumerService.php
deleted file mode 100644
index 1f34126..0000000
--- a/www/saml2/sp/AssertionConsumerService.php
+++ /dev/null
@@ -1,184 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../../_include.php');
-
-/**
- * This SAML 2.0 endpoint is the endpoint at the SAML 2.0 SP that takes an Authentication Response
- * as HTTP-POST in, and parses and processes it before it redirects the use to the RelayState.
- *
- * @author Andreas Aakre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
- * @package simpleSAMLphp
- * @abstract
- */
-
-$config = SimpleSAML_Configuration::getInstance();
-
-SimpleSAML_Logger::warning('The file saml2/sp/AssertionConsumerService.php is deprecated and will be removed in future versions.');
-
-/* Get the session object for the user. Create a new session if no session
- * exists for this user.
- */
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-
-/**
- * Finish login operation.
- *
- * This helper function finishes a login operation and redirects the user back to the page which
- * requested the login.
- *
- * @param array $authProcState  The state of the authentication process.
- */
-function finishLogin($authProcState) {
-	assert('is_array($authProcState)');
-	assert('array_key_exists("Attributes", $authProcState)');
-	assert('array_key_exists("core:saml20-sp:NameID", $authProcState)');
-	assert('array_key_exists("core:saml20-sp:SessionIndex", $authProcState)');
-	assert('array_key_exists("core:saml20-sp:TargetURL", $authProcState)');
-	assert('array_key_exists("Source", $authProcState)');
-	assert('array_key_exists("entityid", $authProcState["Source"])');
-
-	$authData = array(
-		'Attributes' => $authProcState['Attributes'],
-		'saml:sp:NameID' => $authProcState['core:saml20-sp:NameID'],
-		'saml:sp:SessionIndex' => $authProcState['core:saml20-sp:SessionIndex'],
-		'saml:sp:IdP' => $authProcState['Source']['entityid'],
-	);
-
-	global $session;
-	$session->doLogin('saml2', $authData);
-
-	SimpleSAML_Utilities::redirectTrustedURL($authProcState['core:saml20-sp:TargetURL']);
-}
-
-SimpleSAML_Logger::info('SAML2.0 - SP.AssertionConsumerService: Accessing SAML 2.0 SP endpoint AssertionConsumerService');
-
-if (!$config->getBoolean('enable.saml20-sp', TRUE))
-	throw new SimpleSAML_Error_Error('NOACCESS');
-
-if (array_key_exists(SimpleSAML_Auth_ProcessingChain::AUTHPARAM, $_REQUEST)) {
-	/* We have returned from the authentication processing filters. */
-
-	$authProcId = $_REQUEST[SimpleSAML_Auth_ProcessingChain::AUTHPARAM];
-
-	// sanitize the input
-	$sid = SimpleSAML_Utilities::parseStateID($authProcId);
-	if (!is_null($sid['url'])) {
-		SimpleSAML_Utilities::checkURLAllowed($sid['url']);
-	}
-
-	$authProcState = SimpleSAML_Auth_ProcessingChain::fetchProcessedState($authProcId);
-	finishLogin($authProcState);
-}
-
-
-try {
-	$metadataHandler = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-	$sp = $metadataHandler->getMetaDataCurrentEntityID();
-	$spMetadata = $metadataHandler->getMetaDataConfig($sp, 'saml20-sp-hosted');
-
-	$b = SAML2_Binding::getCurrentBinding();
-	if ($b instanceof SAML2_HTTPArtifact) {
-		$b->setSPMetadata($spMetadata);
-	}
-
-	$response = $b->receive();
-	if (!($response instanceof SAML2_Response)) {
-		throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.');
-	}
-
-	$idp = $response->getIssuer();
-	if ($idp === NULL) {
-		throw new Exception('Missing <saml:Issuer> in message delivered to AssertionConsumerService.');
-	}
-
-
-	$idpMetadata = $metadataHandler->getMetaDataConfig($idp, 'saml20-idp-remote');
-
-	/* Fetch the request information if it exists, fall back to RelayState if not. */
-	$requestId = $response->getInResponseTo();
-	$info = $session->getData('SAML2:SP:SSO:Info', $requestId);
-	if($info === NULL) {
-		/* Fall back to RelayState. */
-		$info = array();
-		$info['RelayState'] = SimpleSAML_Utilities::checkURLAllowed($response->getRelayState());
-		if(empty($info['RelayState'])) {
-			$info['RelayState'] = $spMetadata->getString('RelayState', NULL);
-		}
-		if(empty($info['RelayState'])) {
-			/* RelayState missing. */
-			throw new SimpleSAML_Error_Error('NORELAYSTATE');
-		}
-	}
-
-
-	try {
-		$assertion = sspmod_saml_Message::processResponse($spMetadata, $idpMetadata, $response);
-		if (count($assertion) > 1) {
-			throw new SimpleSAML_Error_Exception('More than one assertion in received response.');
-		}
-		$assertion = $assertion[0];
-	} catch (sspmod_saml_Error $e) {
-		/* The status of the response wasn't "success". */
-
-		$status = $response->getStatus();
-		if(array_key_exists('OnError', $info)) {
-			/* We have an error handler. Return the error to it. */
-			SimpleSAML_Utilities::redirectTrustedURL($info['OnError'], array('StatusCode' => $status['Code']));
-		}
-
-		/* We don't have an error handler. Show an error page. */
-		throw new SimpleSAML_Error_Error('RESPONSESTATUSNOSUCCESS', $e);
-	}
-
-
-	SimpleSAML_Logger::info('SAML2.0 - SP.AssertionConsumerService: Successful response from IdP');
-
-	/*
-	 * Attribute handling
-	 */
-	$attributes = $assertion->getAttributes();
-
-	SimpleSAML_Logger::stats('saml20-sp-SSO ' . $metadataHandler->getMetaDataCurrentEntityID() . ' ' . $idp . ' NA');
-	
-
-	$nameId = $assertion->getNameId();
-
-	/* Begin module attribute processing */
-
-	$spMetadataArray = $spMetadata->toArray();
-	$idpMetadataArray = $idpMetadata->toArray();
-
-	$pc = new SimpleSAML_Auth_ProcessingChain($idpMetadataArray, $spMetadataArray, 'sp');
-
-	$authProcState = array(
-		'core:saml20-sp:NameID' => $nameId,
-		'core:saml20-sp:SessionIndex' => $assertion->getSessionIndex(),
-		'core:saml20-sp:TargetURL' => $info['RelayState'],
-		'ReturnURL' => SimpleSAML_Utilities::selfURLNoQuery(),
-		'Attributes' => $attributes,
-		'Destination' => $spMetadataArray,
-		'Source' => $idpMetadataArray,
-	);
-
-	$pc->processState($authProcState);
-	/* Since this function returns, processing has completed and attributes have
-	 * been updated.
-	 */
-
-	finishLogin($authProcState);
-
-} catch(Exception $exception) {
-	throw new SimpleSAML_Error_Error('PROCESSASSERTION', $exception);
-}
-
-
-?>
-\ No newline at end of file
diff --git a/www/saml2/sp/SingleLogoutService.php b/www/saml2/sp/SingleLogoutService.php
deleted file mode 100644
index e21b65c..0000000
--- a/www/saml2/sp/SingleLogoutService.php
+++ /dev/null
@@ -1,108 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-
-SimpleSAML_Logger::warning('The file saml2/sp/SingleLogoutService.php is deprecated and will be removed in future versions.');
-
-// Get the local session
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-
-SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: Accessing SAML 2.0 SP endpoint SingleLogoutService');
-
-if (!$config->getBoolean('enable.saml20-sp', TRUE))
-	throw new SimpleSAML_Error_Error('NOACCESS');
-
-
-
-// Destroy local session if exists.
-$session->doLogout('saml2');
-
-$binding = SAML2_Binding::getCurrentBinding();
-$message = $binding->receive();
-
-$idpEntityId = $message->getIssuer();
-if ($idpEntityId === NULL) {
-	/* Without an issuer we have no way to respond to the message. */
-	throw new SimpleSAML_Error_BadRequest('Received message on logout endpoint without issuer.');
-}
-
-$spEntityId = $metadata->getMetaDataCurrentEntityId('saml20-sp-hosted');
-
-$idpMetadata = $metadata->getMetaDataConfig($idpEntityId, 'saml20-idp-remote');
-$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-hosted');
-
-sspmod_saml_Message::validateMessage($idpMetadata, $spMetadata, $message);
-
-if ($message instanceof SAML2_LogoutRequest) {
-
-	try {
-		// Extract some parameters from the logout request
-		$requestid = $message->getId();
-
-		SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: IdP (' . $idpEntityId .
-			') is sending logout request to me SP (' . $spEntityId . ') requestid '.$requestid);
-		SimpleSAML_Logger::stats('saml20-idp-SLO idpinit ' . $spEntityId . ' ' . $idpEntityId);
-
-		/* Create response. */
-		$lr = sspmod_saml_Message::buildLogoutResponse($spMetadata, $idpMetadata);
-		$lr->setRelayState($message->getRelayState());
-		$lr->setInResponseTo($message->getId());
-
-		SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: SP me (' . $spEntityId . ') is sending logout response to IdP (' . $idpEntityId . ')');
-
-		$dst = $idpMetadata->getEndpointPrioritizedByBinding('SingleLogoutService', array(
-			SAML2_Const::BINDING_HTTP_REDIRECT,
-			SAML2_Const::BINDING_HTTP_POST)
-		);
-   
-		if (!$binding instanceof SAML2_SOAP) {
-			$binding = SAML2_Binding::getBinding($dst['Binding']);
-			if (isset($dst['ResponseLocation'])) {
-				$dst = $dst['ResponseLocation'];
-			} else {
-				$dst = $dst['Location'];
-			}
-			$binding->setDestination($dst);
-		}
-
-		/* Send response. */
-		$binding->send($lr);
-	} catch (Exception $exception) {
-		throw new SimpleSAML_Error_Error('LOGOUTREQUEST', $exception);
-	}
-
-} elseif ($message instanceof SAML2_LogoutResponse) {
-
-	SimpleSAML_Logger::stats('saml20-sp-SLO spinit ' . $spEntityId . ' ' . $idpEntityId);
-
-	$id = $message->getRelayState();
-	if (empty($id)) {
-		/* For backwardscompatibility. */
-		$id = $message->getInResponseTo();
-	}
-
-	// 'spLogoutReturnTo' is checked before storing it in the
-	// session, so we trust it here.
-	$returnTo = $session->getData('spLogoutReturnTo', $id);
-	if (empty($returnTo)) {
-		throw new SimpleSAML_Error_Error('LOGOUTINFOLOST');
-	}
-
-	SimpleSAML_Utilities::redirectTrustedURL($returnTo);
-
-} else {
-	throw new SimpleSAML_Error_Error('SLOSERVICEPARAMS');
-}
-
diff --git a/www/saml2/sp/idpdisco.php b/www/saml2/sp/idpdisco.php
deleted file mode 100644
index b7cdff3..0000000
--- a/www/saml2/sp/idpdisco.php
+++ /dev/null
@@ -1,29 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../../_include.php');
-
-SimpleSAML_Logger::warning('The file saml2/sp/idpdisco.php is deprecated and will be removed in future versions.');
-
-try {
-	$discoHandler = new SimpleSAML_XHTML_IdPDisco(array('saml20-idp-remote'), 'saml20');
-} catch (Exception $exception) {
-	/* An error here should be caused by invalid query parameters. */
-	throw new SimpleSAML_Error_Error('DISCOPARAMS', $exception);
-}
-
-try {
-	$discoHandler->handleRequest();
-} catch(Exception $exception) {
-	/* An error here should be caused by metadata. */
-	throw new SimpleSAML_Error_Error('METADATA', $exception);
-}
-
-?>
-\ No newline at end of file
diff --git a/www/saml2/sp/initSLO.php b/www/saml2/sp/initSLO.php
deleted file mode 100644
index 50b2d03..0000000
--- a/www/saml2/sp/initSLO.php
+++ /dev/null
@@ -1,75 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file saml2/sp/initSLO.php is deprecated and will be removed in future versions.');
-
-SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: Accessing SAML 2.0 SP initSLO script');
-
-if (!$config->getBoolean('enable.saml20-sp', TRUE))
-	throw new SimpleSAML_Error_Error('NOACCESS');
-
-
-if (isset($_REQUEST['RelayState'])) {
-	$returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['RelayState']);
-} else {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-
-try {
-	$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-
-	$idpEntityId = $session->getAuthData('saml2', 'saml:sp:IdP');
-	if ($idpEntityId === NULL) {
-		SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: User not authenticated with an IdP.');
-		SimpleSAML_Utilities::redirectTrustedURL($returnTo);
-	}
-	$idpMetadata = $metadata->getMetaDataConfig($idpEntityId, 'saml20-idp-remote');
-	$SLOendpoint = $idpMetadata->getEndpointPrioritizedByBinding('SingleLogoutService', array(
-			SAML2_Const::BINDING_HTTP_REDIRECT,
-			SAML2_Const::BINDING_HTTP_POST),
-		NULL);
-	if ($SLOendpoint === NULL) {
-		$session->doLogout('saml2');
-		SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: No SingleLogoutService endpoint supported in the IdP.');
-		SimpleSAML_Utilities::redirectTrustedURL($returnTo);
-	}
-
-	$spEntityId = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrentEntityID();
-	$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-hosted');
-
-	$nameId = $session->getAuthData('saml2', 'saml:sp:NameID');
-
-	$lr = sspmod_saml_Message::buildLogoutRequest($spMetadata, $idpMetadata);
-	$lr->setNameId($nameId);
-	$lr->setSessionIndex($session->getAuthData('saml2', 'saml:sp:SessionIndex'));
-	$lr->setDestination($SLOendpoint['Location']);
-
-	$session->doLogout('saml2');
-
-	/* Save the $returnTo URL until the user returns from the IdP. */
-	$session->setData('spLogoutReturnTo', $lr->getId(), $returnTo);
-
-	SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: SP (' . $spEntityId . ') is sending logout request to IdP (' . $idpEntityId . ')');
-
-	$b = SAML2_Binding::getBinding($SLOendpoint['Binding']);
-	$b->send($lr);
-
-
-} catch(Exception $exception) {
-	throw new SimpleSAML_Error_Error('CREATEREQUEST', $exception);
-}
-
diff --git a/www/saml2/sp/initSSO.php b/www/saml2/sp/initSSO.php
deleted file mode 100644
index ef1acc2..0000000
--- a/www/saml2/sp/initSSO.php
+++ /dev/null
@@ -1,189 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file saml2/sp/initSSO.php is deprecated and will be removed in future versions.');
-
-SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: Accessing SAML 2.0 SP initSSO script');
-
-if (!$config->getBoolean('enable.saml20-sp', TRUE))
-	throw new SimpleSAML_Error_Error('NOACCESS');
-
-/*
- * Incomming URL parameters
- *
- * idpentityid 	optional	The entityid of the wanted IdP to authenticate with. If not provided will use default.
- * spentityid	optional	The entityid of the SP config to use. If not provided will use default to host.
- * RelayState	required	Where to send the user back to after authentication.
- */		
-
-if (empty($_GET['RelayState'])) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-$returnTo = SimpleSAML_Utilities::checkURLAllowed($_GET['RelayState']);
-
-$reachableIDPs = array();
-
-try {
-
-	$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $config->getString('default-saml20-idp', NULL) ;
-	$spentityid = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrentEntityID();
-
-	$isPassive  = isset($_GET['IsPassive']) && ($_GET['IsPassive'] === 'true' || $_GET['IsPassive'] === '1');
-	$forceAuthn = isset($_GET['ForceAuthn']) && ($_GET['ForceAuthn'] === 'true' || $_GET['ForceAuthn'] === '1');
-
-	/* We are going to need the SP metadata to determine which IdP discovery service we should use.
-	   And for checking for scoping parameters. */
-	$spmetadata = $metadata->getMetaDataCurrent('saml20-sp-hosted');
-
-	$IDPList = array();
-
-	/* Configured idp overrides one given by Scope */
-	if($idpentityid === NULL && array_key_exists('idpentityid', $spmetadata)) {
-		$idpentityid = $spmetadata['idpentityid'];
-	}
-
-	/* AuthId is set if we are on the sp side on a proxy/bridge */
-	$authid = isset($_GET['AuthId']) ? $_GET['AuthId'] : FALSE;
-	if ($authid) {
-		$authrequestcache = $session->getAuthnRequest('saml2', $authid);
-		$isPassive  = $isPassive || $authrequestcache['IsPassive'];
-		$forceAuthn = $forceAuthn || $authrequestcache['ForceAuthn'];
-
-		/* keep the IDPList, it MUST be sent it to the next idp,
-		   we are only allowed to add idps */
-		if (isset($authrequestcache['IDPList']) && is_array($authrequestcache['IDPList'])) {
-			$IDPList = $authrequestcache['IDPList'];
-		}
-		if ($idpentityid === NULL) {
-			/* only consider ProviderIDs we know ... */
-	
-			$reachableIDPs = array_intersect($IDPList, array_keys($metadata->getList()));
-
-			if (sizeof($reachableIDPs) === 1) {
-				$idpentityid = array_shift($reachableIDPs);
-			}
-		}
-	}
-	
-
-} catch (Exception $exception) {
-	throw new SimpleSAML_Error_Error('METADATA', $exception);
-}
-
-/*
- * If no IdP can be resolved, send the user to the SAML 2.0 Discovery Service
- */
-if ($idpentityid === NULL) {
-
-	SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: No chosen or default IdP, go to SAML2disco');
-
-	/* Which IdP discovery service should we use? Can be set in SP metadata or in global configuration.
-	 * Falling back to builtin discovery service.
-	 */
-
-	if(array_key_exists('idpdisco.url', $spmetadata)) {
-		$discourl = $spmetadata['idpdisco.url'];
-	} elseif($config->getString('idpdisco.url.saml20', NULL) !== NULL) {
-		$discourl = $config->getString('idpdisco.url.saml20');
-	} else {
-		$discourl = SimpleSAML_Utilities::getBaseURL() . 'saml2/sp/idpdisco.php';
-	}
-
-	$extDiscoveryStorage = $config->getString('idpdisco.extDiscoveryStorage', NULL);
-	if ($extDiscoveryStorage !== NULL) {
-		SimpleSAML_Utilities::redirectTrustedURL($extDiscoveryStorage, array(
-			'entityID' => $spentityid,
-			'return' => SimpleSAML_Utilities::addURLparameter($discourl, array(
-				'return' => SimpleSAML_Utilities::selfURL(),
-				'remember' => 'true',
-				'entityID' => $spentityid,
-				'returnIDParam' => 'idpentityid',
-			)),
-			'returnIDParam' => 'idpentityid',
-			'isPassive' => 'true')
-		);
-	}
-
-	$discoparameters = array(
-		'entityID' => $spentityid,
-		'return' => SimpleSAML_Utilities::selfURL(),
-		'returnIDParam' => 'idpentityid');
-		
-	$discoparameters['isPassive'] = $isPassive;
-	
-	if (sizeof($reachableIDPs) > 0) {
-		$discoparameters['IDPList'] = $reachableIDPs;
-	}
-
-	SimpleSAML_Utilities::redirectTrustedURL($discourl, $discoparameters);
-}
-
-
-/*
- * Create and send authentication request to the IdP.
- */
-try {
-
-	$spMetadata = $metadata->getMetaDataConfig($spentityid, 'saml20-sp-hosted');
-	$idpMetadata = $metadata->getMetaDataConfig($idpentityid, 'saml20-idp-remote');
-
-	$ar = sspmod_saml_Message::buildAuthnRequest($spMetadata, $idpMetadata);
-
-	$assertionConsumerServiceURL = $metadata->getGenerated('AssertionConsumerService', 'saml20-sp-hosted');
-	$ar->setAssertionConsumerServiceURL($assertionConsumerServiceURL);
-	$ar->setRelayState($returnTo);
-
-	if ($isPassive) {
-		$ar->setIsPassive(TRUE);
-	}
-	if ($forceAuthn) {
-		$ar->setForceAuthn(TRUE);
-	}
-
-	if(array_key_exists('IDPList', $spmetadata)) {
-		$IDPList = array_unique(array_merge($IDPList, $spmetadata['IDPList']));
-	}
-	
-	if (isset($_GET['IDPList']) && !empty($_GET['IDPList'])) {
-		$providers = $_GET['IDPList'];
-		if (!is_array($providers)) $providers = array($providers);
-		$IDPList = array_merge($IDPList, $providers);
-	};
-	$ar->setIDPList($IDPList);
-
-	/* Save request information. */
-	$info = array();
-	$info['RelayState'] = $returnTo;
-	if(array_key_exists('OnError', $_REQUEST)) {
-		$info['OnError'] = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['OnError']);
-	}
-	$session->setData('SAML2:SP:SSO:Info', $ar->getId(), $info);
-
-	/* Select appropriate SSO endpoint */
-	if ($ar->getProtocolBinding() === SAML2_Const::BINDING_HOK_SSO) {
-		$dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(SAML2_Const::BINDING_HOK_SSO));
-	} else {
-		$dst = $idpMetadata->getDefaultEndpoint('SingleSignOnService', array(SAML2_Const::BINDING_HTTP_REDIRECT, SAML2_Const::BINDING_HTTP_POST));
-	}
-	$ar->setDestination($dst['Location']);
-
-	$b = SAML2_Binding::getBinding($dst['Binding']);
-	$b->send($ar);
-
-} catch(Exception $exception) {
-	throw new SimpleSAML_Error_Error('CREATEREQUEST', $exception);
-}
-