Issues in GatewayController.php - New Issues - Inspection of "Second Factor Only" - OpenConext/Stepup-Gateway - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#93)

by Boy

created 2016-05-31 10:38 UTC

GatewayBundle/Controller/GatewayController.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupGateway\GatewayBundle\Controller;

use Exception;
use SAML2_Assertion;
use SAML2_Const;
use SAML2_Response;
use Surfnet\SamlBundle\SAML2\AuthnRequest;
use Surfnet\SamlBundle\SAML2\AuthnRequestFactory;
use Surfnet\StepupGateway\GatewayBundle\Saml\AssertionAdapter;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\HttpException;

class GatewayController extends Controller
{
    const RESPONSE_CONTEXT_SERVICE_ID = 'gateway.proxy.response_context';

    public function ssoAction(Request $httpRequest)
    {
        /** @var \Psr\Log\LoggerInterface $logger */
        $logger = $this->get('logger');
        $logger->notice('Received AuthnRequest, started processing');

        /** @var \Surfnet\SamlBundle\Http\RedirectBinding $redirectBinding */
        $redirectBinding = $this->get('surfnet_saml.http.redirect_binding');

        try {
            $originalRequest = $redirectBinding->processUnsignedRequest($httpRequest);

        } catch (Exception $e) {
            $logger->critical(sprintf('Could not process Request, error: "%s"', $e->getMessage()));

            return $this->render('unrecoverableError');
        }

        $originalRequestId = $originalRequest->getRequestId();
        $logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
        $logger->notice(sprintf(
            'AuthnRequest processing complete, received AuthnRequest from "%s", request ID: "%s"',
            $originalRequest->getServiceProvider(),
            $originalRequest->getRequestId()
        ));

        /** @var \Surfnet\StepupGateway\GatewayBundle\Saml\Proxy\ProxyStateHandler $stateHandler */
        $stateHandler = $this->get('gateway.proxy.state_handler');
        $stateHandler
            ->setRequestId($originalRequestId)
            ->setRequestServiceProvider($originalRequest->getServiceProvider())
            ->setRelayState($httpRequest->get(AuthnRequest::PARAMETER_RELAY_STATE, ''))
            ->setResponseAction('SurfnetStepupGatewayGatewayBundle:Gateway:respond')
            ->setResponseContextServiceId(static::RESPONSE_CONTEXT_SERVICE_ID);

        // check if the requested Loa is supported
        $requiredLoa = $originalRequest->getAuthenticationContextClassRef();
        if ($requiredLoa && !$this->get('surfnet_stepup.service.loa_resolution')->hasLoa($requiredLoa)) {
            $logger->info(sprintf(
                'Requested required Loa "%s" does not exist, sending response with status Requester Error',
                $requiredLoa
            ));

            $response = $this->createRequesterFailureResponse();
            return $this->renderSamlResponse('consumeAssertion', $response);
        }

        $stateHandler->setRequiredLoaIdentifier($requiredLoa);

        $proxyRequest = AuthnRequestFactory::createNewRequest(
            $this->get('surfnet_saml.hosted.service_provider'),
            $this->get('surfnet_saml.remote.idp')
        );

        $proxyRequest->setScoping([$originalRequest->getServiceProvider()]);
        $stateHandler->setGatewayRequestId($proxyRequest->getRequestId());

        $logger->notice(sprintf(
            'Sending Proxy AuthnRequest with request ID: "%s" for original AuthnRequest "%s"',
            $proxyRequest->getRequestId(),
            $originalRequest->getRequestId()
        ));

        return $redirectBinding->createRedirectResponseFor($proxyRequest);
    }

    public function proxySsoAction()
    {
        throw new HttpException(418, 'Not Yet Implemented');
    }

    /**
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\Response
     */
    public function consumeAssertionAction(Request $request)
    {
        $responseContext = $this->getResponseContext();
        $originalRequestId = $responseContext->getInResponseTo();

        /** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
        $logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
        $logger->notice('Received SAMLResponse, attempting to process for Proxy Response');

        try {
            /** @var \SAML2_Assertion $assertion */
            $assertion = $this->get('surfnet_saml.http.post_binding')->processResponse(
                $request,
                $this->get('surfnet_saml.remote.idp'),
                $this->get('surfnet_saml.hosted.service_provider')
            );
        } catch (Exception $exception) {
            $logger->error(sprintf('Could not process received Response, error: "%s"', $exception->getMessage()));

            $response = $this->createResponseFailureResponse($responseContext);

            return $this->renderSamlResponse('unprocessableResponse', $response);
        }

        $adaptedAssertion = new AssertionAdapter($assertion);
        $expectedInResponseTo = $responseContext->getExpectedInResponseTo();
        if (!$adaptedAssertion->inResponseToMatches($expectedInResponseTo)) {
            $logger->critical(sprintf(
                'Received Response with unexpected InResponseTo: "%s", %s',
                $adaptedAssertion->getInResponseTo(),
                ($expectedInResponseTo ? 'expected "' . $expectedInResponseTo . '"' : ' no response expected')
            ));

            return $this->render('unrecoverableError');
        }

        $logger->notice('Successfully processed SAMLResponse');

        $responseContext->saveAssertion($assertion);

        $logger->notice(sprintf('Forwarding to second factor controller for loa determination and handling'));

        return $this->forward('SurfnetStepupGatewayGatewayBundle:SecondFactor:selectSecondFactorForVerification');
    }

    public function respondAction()
    {
        $responseContext = $this->getResponseContext();
        $originalRequestId = $responseContext->getInResponseTo();

        /** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
        $logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
        $logger->notice('Creating Response');

        $grantedLoa = null;
        if ($responseContext->isSecondFactorVerified()) {
            $secondFactor = $this->get('gateway.service.second_factor_service')->findByUuid(
                $responseContext->getSelectedSecondFactor()
            );

            $grantedLoa = $this->get('surfnet_stepup.service.loa_resolution')->getLoaByLevel(
                $secondFactor->getLoaLevel()
            );
        }

        /** @var \Surfnet\StepupGateway\GatewayBundle\Service\ProxyResponseService $proxyResponseService */
        $proxyResponseService = $this->get('gateway.service.response_proxy');
        $response             = $proxyResponseService->createProxyResponse(
            $responseContext->reconstituteAssertion(),
            $responseContext->getServiceProvider(),
            (string) $grantedLoa
        );

        $responseContext->responseSent();

        $logger->notice(sprintf(
            'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
            $responseContext->getInResponseTo(),
            $response->getId()
        ));

        return $this->renderSamlResponse('consumeAssertion', $response);
    }

    public function sendLoaCannotBeGivenAction()
    {
        $responseContext = $this->getResponseContext();
        $originalRequestId = $responseContext->getInResponseTo();

        /** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
        $logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
        $logger->notice('Loa cannot be given, creating Response with NoAuthnContext status');

        /** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
        $responseBuilder = $this->get('gateway.proxy.response_builder');

        $response = $responseBuilder
            ->createNewResponse($responseContext)
            ->setResponseStatus(SAML2_Const::STATUS_RESPONDER, SAML2_Const::STATUS_NO_AUTHN_CONTEXT)
            ->get();

        $logger->notice(sprintf(
            'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
            $responseContext->getInResponseTo(),
            $response->getId()
        ));

        return $this->renderSamlResponse('consumeAssertion', $response);
    }

    public function sendAuthenticationCancelledByUserAction()
    {
        $responseContext = $this->getResponseContext();
        $originalRequestId = $responseContext->getInResponseTo();

        /** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
        $logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
        $logger->notice('Authentication was cancelled by the user, creating Response with AuthnFailed status');

        /** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
        $responseBuilder = $this->get('gateway.proxy.response_builder');

        $response = $responseBuilder
            ->createNewResponse($responseContext)
            ->setResponseStatus(
                SAML2_Const::STATUS_RESPONDER,
                SAML2_Const::STATUS_AUTHN_FAILED,
                'Authentication cancelled by user'
            )
            ->get();

        $logger->notice(sprintf(
            'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
            $responseContext->getInResponseTo(),
            $response->getId()
        ));

        return $this->renderSamlResponse('consumeAssertion', $response);
    }

    /**
     * @param string         $view
     * @param SAML2_Response $response
     * @return Response
     */
    public function renderSamlResponse($view, SAML2_Response $response)
    {
        $responseContext = $this->getResponseContext();

        return $this->render($view, [
            'acu'        => $responseContext->getDestination(),
            'response'   => $this->getResponseAsXML($response),
            'relayState' => $responseContext->getRelayState()
        ]);
    }

    /**
     * @param string   $view
     * @param array    $parameters
     * @param Response $response
     * @return Response
     */
    public function render($view, array $parameters = array(), Response $response = null)
    {
        return parent::render(
            'SurfnetStepupGatewayGatewayBundle:Gateway:' . $view . '.html.twig',
            $parameters,
            $response
        );
    }

    /**
     * @return \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseContext
     */
    public function getResponseContext()
    {
        $stateHandler = $this->get('gateway.proxy.state_handler');
        $responseContextServiceId = $stateHandler->getResponseContextServiceId();

        if (!$responseContextServiceId) {
            return $this->get(static::RESPONSE_CONTEXT_SERVICE_ID);
        }

        return $this->get($responseContextServiceId);
    }

    /**
     * @param SAML2_Response $response
     * @return string
     */
    private function getResponseAsXML(SAML2_Response $response)
    {
        return base64_encode($response->toUnsignedXML()->ownerDocument->saveXML());
    }

    /**
     * @return SAML2_Response
     */
    private function createRequesterFailureResponse()
    {
        /** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
        $responseBuilder = $this->get('gateway.proxy.response_builder');
        $context = $this->getResponseContext();

        $response = $responseBuilder
            ->createNewResponse($context)
            ->setResponseStatus(SAML2_Const::STATUS_REQUESTER, SAML2_Const::STATUS_REQUEST_UNSUPPORTED)
            ->get();

        return $response;

    }

    /**
     * @param $context
     * @return SAML2_Response
     */
    private function createResponseFailureResponse($context)
    {
        /** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
        $responseBuilder = $this->get('gateway.proxy.response_builder');

        $response = $responseBuilder
            ->createNewResponse($context)
            ->setResponseStatus(SAML2_Const::STATUS_RESPONDER)
            ->get();

        return $response;
    }
}


1		<?php
2
3		/**
4		* Copyright 2014 SURFnet bv
5		*
6		* Licensed under the Apache License, Version 2.0 (the "License");
7		* you may not use this file except in compliance with the License.
8		* You may obtain a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing, software
13		* distributed under the License is distributed on an "AS IS" BASIS,
14		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15		* See the License for the specific language governing permissions and
16		* limitations under the License.
17		*/
18
19		namespace Surfnet\StepupGateway\GatewayBundle\Controller;
20
21		use Exception;
22		use SAML2_Assertion;
23		use SAML2_Const;
24		use SAML2_Response;
25		use Surfnet\SamlBundle\SAML2\AuthnRequest;
26		use Surfnet\SamlBundle\SAML2\AuthnRequestFactory;
27		use Surfnet\StepupGateway\GatewayBundle\Saml\AssertionAdapter;
28		use Symfony\Bundle\FrameworkBundle\Controller\Controller;
29		use Symfony\Component\HttpFoundation\Request;
30		use Symfony\Component\HttpFoundation\Response;
31		use Symfony\Component\HttpKernel\Exception\HttpException;
32
33		class GatewayController extends Controller
34		{
35		const RESPONSE_CONTEXT_SERVICE_ID = 'gateway.proxy.response_context';
36
37		public function ssoAction(Request $httpRequest)
38		{
39		/** @var \Psr\Log\LoggerInterface $logger */
40		$logger = $this->get('logger');
41		$logger->notice('Received AuthnRequest, started processing');
42
43		/** @var \Surfnet\SamlBundle\Http\RedirectBinding $redirectBinding */
44		$redirectBinding = $this->get('surfnet_saml.http.redirect_binding');
45
46		try {
47		$originalRequest = $redirectBinding->processUnsignedRequest($httpRequest);
		0 ignored issues – show Bug introduced 2016-05-27 14:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `processUnsignedRequest()` does not seem to exist on `object<Surfnet\SamlBundle\Http\RedirectBinding>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
48		} catch (Exception $e) {
49		$logger->critical(sprintf('Could not process Request, error: "%s"', $e->getMessage()));
50
51		return $this->render('unrecoverableError');
52		}
53
54		$originalRequestId = $originalRequest->getRequestId();
55		$logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
56		$logger->notice(sprintf(
57		'AuthnRequest processing complete, received AuthnRequest from "%s", request ID: "%s"',
58		$originalRequest->getServiceProvider(),
59		$originalRequest->getRequestId()
60		));
61
62		/** @var \Surfnet\StepupGateway\GatewayBundle\Saml\Proxy\ProxyStateHandler $stateHandler */
63		$stateHandler = $this->get('gateway.proxy.state_handler');
64		$stateHandler
65		->setRequestId($originalRequestId)
66		->setRequestServiceProvider($originalRequest->getServiceProvider())
67		->setRelayState($httpRequest->get(AuthnRequest::PARAMETER_RELAY_STATE, ''))
68		->setResponseAction('SurfnetStepupGatewayGatewayBundle:Gateway:respond')
69		->setResponseContextServiceId(static::RESPONSE_CONTEXT_SERVICE_ID);
70
71		// check if the requested Loa is supported
72		$requiredLoa = $originalRequest->getAuthenticationContextClassRef();
73		if ($requiredLoa && !$this->get('surfnet_stepup.service.loa_resolution')->hasLoa($requiredLoa)) {
74		$logger->info(sprintf(
75		'Requested required Loa "%s" does not exist, sending response with status Requester Error',
76		$requiredLoa
77		));
78
79		$response = $this->createRequesterFailureResponse();
80		return $this->renderSamlResponse('consumeAssertion', $response);
81		}
82
83		$stateHandler->setRequiredLoaIdentifier($requiredLoa);
84
85		$proxyRequest = AuthnRequestFactory::createNewRequest(
86		$this->get('surfnet_saml.hosted.service_provider'),
87		$this->get('surfnet_saml.remote.idp')
88		);
89
90		$proxyRequest->setScoping([$originalRequest->getServiceProvider()]);
91		$stateHandler->setGatewayRequestId($proxyRequest->getRequestId());
92
93		$logger->notice(sprintf(
94		'Sending Proxy AuthnRequest with request ID: "%s" for original AuthnRequest "%s"',
95		$proxyRequest->getRequestId(),
96		$originalRequest->getRequestId()
97		));
98
99		return $redirectBinding->createRedirectResponseFor($proxyRequest);
100		}
101
102		public function proxySsoAction()
103		{
104		throw new HttpException(418, 'Not Yet Implemented');
105		}
106
107		/**
108		* @param Request $request
109		* @return \Symfony\Component\HttpFoundation\Response
110		*/
111		public function consumeAssertionAction(Request $request)
112		{
113		$responseContext = $this->getResponseContext();
114		$originalRequestId = $responseContext->getInResponseTo();
115
116		/** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
117		$logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
118		$logger->notice('Received SAMLResponse, attempting to process for Proxy Response');
119
120		try {
121		/** @var \SAML2_Assertion $assertion */
122		$assertion = $this->get('surfnet_saml.http.post_binding')->processResponse(
123		$request,
124		$this->get('surfnet_saml.remote.idp'),
125		$this->get('surfnet_saml.hosted.service_provider')
126		);
127		} catch (Exception $exception) {
128		$logger->error(sprintf('Could not process received Response, error: "%s"', $exception->getMessage()));
129
130		$response = $this->createResponseFailureResponse($responseContext);
131
132		return $this->renderSamlResponse('unprocessableResponse', $response);
133		}
134
135		$adaptedAssertion = new AssertionAdapter($assertion);
136		$expectedInResponseTo = $responseContext->getExpectedInResponseTo();
137	View Code Duplication	if (!$adaptedAssertion->inResponseToMatches($expectedInResponseTo)) {
138		$logger->critical(sprintf(
139		'Received Response with unexpected InResponseTo: "%s", %s',
140		$adaptedAssertion->getInResponseTo(),
141		($expectedInResponseTo ? 'expected "' . $expectedInResponseTo . '"' : ' no response expected')
142		));
143
144		return $this->render('unrecoverableError');
145		}
146
147		$logger->notice('Successfully processed SAMLResponse');
148
149		$responseContext->saveAssertion($assertion);
150
151		$logger->notice(sprintf('Forwarding to second factor controller for loa determination and handling'));
152
153		return $this->forward('SurfnetStepupGatewayGatewayBundle:SecondFactor:selectSecondFactorForVerification');
154		}
155
156		public function respondAction()
157		{
158		$responseContext = $this->getResponseContext();
159		$originalRequestId = $responseContext->getInResponseTo();
160
161		/** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
162		$logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
163		$logger->notice('Creating Response');
164
165		$grantedLoa = null;
166		if ($responseContext->isSecondFactorVerified()) {
167		$secondFactor = $this->get('gateway.service.second_factor_service')->findByUuid(
168		$responseContext->getSelectedSecondFactor()
169		);
170
171		$grantedLoa = $this->get('surfnet_stepup.service.loa_resolution')->getLoaByLevel(
172		$secondFactor->getLoaLevel()
173		);
174		}
175
176		/** @var \Surfnet\StepupGateway\GatewayBundle\Service\ProxyResponseService $proxyResponseService */
177		$proxyResponseService = $this->get('gateway.service.response_proxy');
178		$response = $proxyResponseService->createProxyResponse(
179		$responseContext->reconstituteAssertion(),
180		$responseContext->getServiceProvider(),
181		(string) $grantedLoa
182		);
183
184		$responseContext->responseSent();
185
186		$logger->notice(sprintf(
187		'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
188		$responseContext->getInResponseTo(),
189		$response->getId()
190		));
191
192		return $this->renderSamlResponse('consumeAssertion', $response);
193		}
194
195	View Code Duplication	public function sendLoaCannotBeGivenAction()
196		{
197		$responseContext = $this->getResponseContext();
198		$originalRequestId = $responseContext->getInResponseTo();
199
200		/** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
201		$logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
202		$logger->notice('Loa cannot be given, creating Response with NoAuthnContext status');
203
204		/** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
205		$responseBuilder = $this->get('gateway.proxy.response_builder');
206
207		$response = $responseBuilder
208		->createNewResponse($responseContext)
209		->setResponseStatus(SAML2_Const::STATUS_RESPONDER, SAML2_Const::STATUS_NO_AUTHN_CONTEXT)
210		->get();
211
212		$logger->notice(sprintf(
213		'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
214		$responseContext->getInResponseTo(),
215		$response->getId()
216		));
217
218		return $this->renderSamlResponse('consumeAssertion', $response);
219		}
220
221	View Code Duplication	public function sendAuthenticationCancelledByUserAction()
222		{
223		$responseContext = $this->getResponseContext();
224		$originalRequestId = $responseContext->getInResponseTo();
225
226		/** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
227		$logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
228		$logger->notice('Authentication was cancelled by the user, creating Response with AuthnFailed status');
229
230		/** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
231		$responseBuilder = $this->get('gateway.proxy.response_builder');
232
233		$response = $responseBuilder
234		->createNewResponse($responseContext)
235		->setResponseStatus(
236		SAML2_Const::STATUS_RESPONDER,
237		SAML2_Const::STATUS_AUTHN_FAILED,
238		'Authentication cancelled by user'
239		)
240		->get();
241
242		$logger->notice(sprintf(
243		'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
244		$responseContext->getInResponseTo(),
245		$response->getId()
246		));
247
248		return $this->renderSamlResponse('consumeAssertion', $response);
249		}
250
251		/**
252		* @param string $view
253		* @param SAML2_Response $response
254		* @return Response
255		*/
256	View Code Duplication	public function renderSamlResponse($view, SAML2_Response $response)
257		{
258		$responseContext = $this->getResponseContext();
259
260		return $this->render($view, [
261		'acu' => $responseContext->getDestination(),
262		'response' => $this->getResponseAsXML($response),
263		'relayState' => $responseContext->getRelayState()
264		]);
265		}
266
267		/**
268		* @param string $view
269		* @param array $parameters
270		* @param Response $response
271		* @return Response
272		*/
273		public function render($view, array $parameters = array(), Response $response = null)
274		{
275		return parent::render(
276		'SurfnetStepupGatewayGatewayBundle:Gateway:' . $view . '.html.twig',
277		$parameters,
278		$response
279		);
280		}
281
282		/**
283		* @return \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseContext
284		*/
285		public function getResponseContext()
286		{
287		$stateHandler = $this->get('gateway.proxy.state_handler');
288		$responseContextServiceId = $stateHandler->getResponseContextServiceId();
289
290		if (!$responseContextServiceId) {
291		return $this->get(static::RESPONSE_CONTEXT_SERVICE_ID);
292		}
293
294		return $this->get($responseContextServiceId);
295		}
296
297		/**
298		* @param SAML2_Response $response
299		* @return string
300		*/
301		private function getResponseAsXML(SAML2_Response $response)
302		{
303		return base64_encode($response->toUnsignedXML()->ownerDocument->saveXML());
304		}
305
306		/**
307		* @return SAML2_Response
308		*/
309		private function createRequesterFailureResponse()
310		{
311		/** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
312		$responseBuilder = $this->get('gateway.proxy.response_builder');
313		$context = $this->getResponseContext();
314
315		$response = $responseBuilder
316		->createNewResponse($context)
317		->setResponseStatus(SAML2_Const::STATUS_REQUESTER, SAML2_Const::STATUS_REQUEST_UNSUPPORTED)
318		->get();
319
320		return $response;
321
322		}
323
324		/**
325		* @param $context
326		* @return SAML2_Response
327		*/
328		private function createResponseFailureResponse($context)
329		{
330		/** @var \Surfnet\StepupGateway\GatewayBundle\Saml\ResponseBuilder $responseBuilder */
331		$responseBuilder = $this->get('gateway.proxy.response_builder');
332
333		$response = $responseBuilder
334		->createNewResponse($context)
335		->setResponseStatus(SAML2_Const::STATUS_RESPONDER)
336		->get();
337
338		return $response;
339		}
340		}
341

OpenConext / Stepup-Gateway

Pull Request — develop (#93)

GatewayBundle/Controller/GatewayController.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like