simplesamlphp /
saml2
| @@ 268-305 (lines=38) @@ | ||
| 265 | * @param \DOMElement $xml The assertion XML element. |
|
| 266 | * @throws \Exception |
|
| 267 | */ |
|
| 268 | private function parseSubject(\DOMElement $xml) |
|
| 269 | { |
|
| 270 | $subject = Utils::xpQuery($xml, './saml_assertion:Subject'); |
|
| 271 | if (empty($subject)) { |
|
| 272 | /* No Subject node. */ |
|
| 273 | ||
| 274 | return; |
|
| 275 | } elseif (count($subject) > 1) { |
|
| 276 | throw new \Exception('More than one <saml:Subject> in <saml:Assertion>.'); |
|
| 277 | } |
|
| 278 | $subject = $subject[0]; |
|
| 279 | ||
| 280 | $nameId = Utils::xpQuery( |
|
| 281 | $subject, |
|
| 282 | './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData' |
|
| 283 | ); |
|
| 284 | if (empty($nameId)) { |
|
| 285 | throw new \Exception('Missing <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.'); |
|
| 286 | } elseif (count($nameId) > 1) { |
|
| 287 | throw new \Exception('More than one <saml:NameID> or <saml:EncryptedD> in <saml:Subject>.'); |
|
| 288 | } |
|
| 289 | $nameId = $nameId[0]; |
|
| 290 | if ($nameId->localName === 'EncryptedData') { |
|
| 291 | /* The NameID element is encrypted. */ |
|
| 292 | $this->encryptedNameId = $nameId; |
|
| 293 | } else { |
|
| 294 | $this->nameId = Utils::parseNameId($nameId); |
|
| 295 | } |
|
| 296 | ||
| 297 | $subjectConfirmation = Utils::xpQuery($subject, './saml_assertion:SubjectConfirmation'); |
|
| 298 | if (empty($subjectConfirmation)) { |
|
| 299 | throw new \Exception('Missing <saml:SubjectConfirmation> in <saml:Subject>.'); |
|
| 300 | } |
|
| 301 | ||
| 302 | foreach ($subjectConfirmation as $sc) { |
|
| 303 | $this->SubjectConfirmation[] = new SubjectConfirmation($sc); |
|
| 304 | } |
|
| 305 | } |
|
| 306 | ||
| 307 | /** |
|
| 308 | * Parse conditions in assertion. |
|
| @@ 173-206 (lines=34) @@ | ||
| 170 | * |
|
| 171 | * @throws \Exception |
|
| 172 | */ |
|
| 173 | private function parseSubject(\DOMElement $xml) |
|
| 174 | { |
|
| 175 | $subject = Utils::xpQuery($xml, './saml_assertion:Subject'); |
|
| 176 | if (empty($subject)) { |
|
| 177 | return; |
|
| 178 | } |
|
| 179 | ||
| 180 | if (count($subject) > 1) { |
|
| 181 | throw new \Exception('More than one <saml:Subject> in <saml:AuthnRequest>.'); |
|
| 182 | } |
|
| 183 | $subject = $subject[0]; |
|
| 184 | ||
| 185 | $nameId = Utils::xpQuery( |
|
| 186 | $subject, |
|
| 187 | './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData' |
|
| 188 | ); |
|
| 189 | if (empty($nameId)) { |
|
| 190 | throw new \Exception('Missing <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.'); |
|
| 191 | } elseif (count($nameId) > 1) { |
|
| 192 | throw new \Exception('More than one <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.'); |
|
| 193 | } |
|
| 194 | $nameId = $nameId[0]; |
|
| 195 | if ($nameId->localName === 'EncryptedData') { |
|
| 196 | /* The NameID element is encrypted. */ |
|
| 197 | $this->encryptedNameId = $nameId; |
|
| 198 | } else { |
|
| 199 | $this->nameId = Utils::parseNameId($nameId); |
|
| 200 | } |
|
| 201 | ||
| 202 | $subjectConfirmation = Utils::xpQuery($subject, './saml_assertion:SubjectConfirmation'); |
|
| 203 | foreach ($subjectConfirmation as $sc) { |
|
| 204 | $this->subjectConfirmation[] = new SubjectConfirmation($sc); |
|
| 205 | } |
|
| 206 | } |
|
| 207 | ||
| 208 | /** |
|
| 209 | * @param \DOMElement $xml |
|
