blob: fc98537f44b971740b17d17074b1b2e1a04daf76 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
<?php
/**
* Class which implements the HTTP-POST binding.
*
* @package simpleSAMLphp
* @version $Id$
*/
class SAML2_HTTPPost extends SAML2_Binding {
/**
* Send a SAML 2 message using the HTTP-POST binding.
*
* Note: This function never returns.
*
* @param SAML2_Message $message The message we should send.
*/
public function send(SAML2_Message $message) {
if ($this->destination === NULL) {
$destination = $message->getDestination();
} else {
$destination = $this->destination;
}
$relayState = $message->getRelayState();
$msgStr = $message->toSignedXML();
$msgStr = $msgStr->ownerDocument->saveXML($msgStr);
SimpleSAML_Utilities::debugMessage($msgStr, 'out');
$msgStr = base64_encode($msgStr);
$msgStr = htmlspecialchars($msgStr);
if ($message instanceof SAML2_Request) {
$msgType = 'SAMLRequest';
} else {
$msgType = 'SAMLResponse';
}
$destination = htmlspecialchars($destination);
if ($relayState !== NULL) {
$relayState = '<input type="hidden" name="RelayState" value="' . htmlspecialchars($relayState) . '">';
} else {
$relayState = '';
}
$out = <<<END
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>POST data</title>
</head>
<body onload="document.forms[0].submit()">
<noscript>
<p><strong>Note:</strong> Since your browser does not support JavaScript, you must press the button below once to proceed.</p>
</noscript>
<form method="post" action="$destination">
<input type="hidden" name="$msgType" value="$msgStr" />
$relayState
<noscript><input type="submit" value="Submit" /></noscript>
</form>
</body>
</html>
END;
echo($out);
exit(0);
}
/**
* Receive a SAML 2 message sent using the HTTP-POST binding.
*
* Throws an exception if it is unable receive the message.
*
* @return SAML2_Message The received message.
*/
public function receive() {
if (array_key_exists('SAMLRequest', $_POST)) {
$msg = $_POST['SAMLRequest'];
} elseif (array_key_exists('SAMLResponse', $_POST)) {
$msg = $_POST['SAMLResponse'];
} else {
throw new Exception('Missing SAMLRequest or SAMLResponse parameter.');
}
$msg = base64_decode($msg);
SimpleSAML_Utilities::debugMessage($msg, 'in');
$document = new DOMDocument();
$document->loadXML($msg);
$xml = $document->firstChild;
$msg = SAML2_Message::fromXML($xml);
if (array_key_exists('RelayState', $_POST)) {
$msg->setRelayState($_POST['RelayState']);
}
return $msg;
}
}
?>
|
