1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
<?php
/**
* Class representing SAML 2 IDPSSODescriptor.
*
* @package simpleSAMLphp
* @version $Id$
*/
class SAML2_XML_md_IDPSSODescriptor extends SAML2_XML_md_SSODescriptorType {
/**
* Whether AuthnRequests sent to this IdP should be signed.
*
* @var bool|NULL
*/
public $WantAuthnRequestsSigned = NULL;
/**
* List of SingleSignOnService endpoints.
*
* Array with EndpointType objects.
*
* @var array
*/
public $SingleSignOnService = array();
/**
* List of NameIDMappingService endpoints.
*
* Array with EndpointType objects.
*
* @var array
*/
public $NameIDMappingService = array();
/**
* List of AssertionIDRequestService endpoints.
*
* Array with EndpointType objects.
*
* @var array
*/
public $AssertionIDRequestService = array();
/**
* List of supported attribute profiles.
*
* Array with strings.
*
* @var array
*/
public $AttributeProfile = array();
/**
* List of supported attributes.
*
* Array with SAML2_XML_saml_Attribute objects.
*
* @var array
*/
public $Attribute = array();
/**
* Initialize an IDPSSODescriptor.
*
* @param DOMElement|NULL $xml The XML element we should load.
*/
public function __construct(DOMElement $xml = NULL) {
parent::__construct('md:IDPSSODescriptor', $xml);
if ($xml === NULL) {
return;
}
$this->WantAuthnRequestsSigned = SAML2_Utils::parseBoolean($xml, 'WantAuthnRequestsSigned', NULL);
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:SingleSignOnService') as $ep) {
$this->SingleSignOnService[] = new SAML2_XML_md_EndpointType($ep);
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:NameIDMappingService') as $ep) {
$this->NameIDMappingService[] = new SAML2_XML_md_EndpointType($ep);
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AssertionIDRequestService') as $ep) {
$this->AssertionIDRequestService[] = new SAML2_XML_md_EndpointType($ep);
}
$this->AttributeProfile = SAML2_Utils::extractStrings($xml, SAML2_Const::NS_MD, 'AttributeProfile');
foreach (SAML2_Utils::xpQuery($xml, './saml_assertion:Attribute') as $a) {
$this->Attribute[] = new SAML2_XML_saml_Attribute($a);
}
}
/**
* Add this IDPSSODescriptor to an EntityDescriptor.
*
* @param DOMElement $parent The EntityDescriptor we should append this IDPSSODescriptor to.
*/
public function toXML(DOMElement $parent) {
assert('is_null($this->WantAuthnRequestsSigned) || is_bool($this->WantAuthnRequestsSigned)');
assert('is_array($this->SingleSignOnService)');
assert('is_array($this->NameIDMappingService)');
assert('is_array($this->AssertionIDRequestService)');
assert('is_array($this->AttributeProfile)');
assert('is_array($this->Attribute)');
$e = parent::toXML($parent);
if ($this->WantAuthnRequestsSigned === TRUE) {
$e->setAttribute('WantAuthnRequestsSigned', 'true');
} elseif ($this->WantAuthnRequestsSigned === FALSE) {
$e->setAttribute('WantAuthnRequestsSigned', 'false');
}
foreach ($this->SingleSignOnService as $ep) {
$ep->toXML($e, 'md:SingleSignOnService');
}
foreach ($this->NameIDMappingService as $ep) {
$ep->toXML($e, 'md:NameIDMappingService');
}
foreach ($this->AssertionIDRequestService as $ep) {
$ep->toXML($e, 'md:AssertionIDRequestService');
}
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:AttributeProfile', FALSE, $this->AttributeProfile);
foreach ($this->Attribute as $a) {
$a->toXML($e);
}
return $e;
}
}
|
