|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
namespace SimpleSAML\SAML2\XML\saml; |
|
6
|
|
|
|
|
7
|
|
|
use SimpleSAML\SAML2\Assert\Assert; |
|
8
|
|
|
use SimpleSAML\SAML2\Constants as C; |
|
9
|
|
|
use SimpleSAML\SAML2\Exception\ArrayValidationException; |
|
10
|
|
|
use SimpleSAML\SAML2\Type\SAMLAnyURIValue; |
|
11
|
|
|
use SimpleSAML\SAML2\Type\SAMLStringValue; |
|
12
|
|
|
use SimpleSAML\SAML2\XML\EncryptableElementTrait; |
|
13
|
|
|
use SimpleSAML\XML\SchemaValidatableElementInterface; |
|
14
|
|
|
use SimpleSAML\XML\SchemaValidatableElementTrait; |
|
15
|
|
|
use SimpleSAML\XMLSecurity\Backend\EncryptionBackend; |
|
16
|
|
|
use SimpleSAML\XMLSecurity\XML\EncryptableElementInterface; |
|
17
|
|
|
|
|
18
|
|
|
use function array_change_key_case; |
|
19
|
|
|
use function array_filter; |
|
20
|
|
|
use function array_key_exists; |
|
21
|
|
|
use function array_keys; |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* Class representing the saml:NameID element. |
|
25
|
|
|
* |
|
26
|
|
|
* @package simplesamlphp/saml2 |
|
27
|
|
|
*/ |
|
28
|
|
|
final class NameID extends NameIDType implements |
|
29
|
|
|
EncryptableElementInterface, |
|
30
|
|
|
SchemaValidatableElementInterface |
|
31
|
|
|
{ |
|
32
|
|
|
use EncryptableElementTrait; |
|
|
|
|
|
|
33
|
|
|
use SchemaValidatableElementTrait; |
|
34
|
|
|
|
|
35
|
|
|
|
|
36
|
|
|
/** |
|
37
|
|
|
* Initialize a saml:NameID |
|
38
|
|
|
* |
|
39
|
|
|
* @param \SimpleSAML\SAML2\Type\SAMLStringValue $value |
|
40
|
|
|
* @param \SimpleSAML\SAML2\Type\SAMLStringValue|null $NameQualifier |
|
41
|
|
|
* @param \SimpleSAML\SAML2\Type\SAMLStringValue|null $SPNameQualifier |
|
42
|
|
|
* @param \SimpleSAML\SAML2\Type\SAMLAnyURIValue|null $Format |
|
43
|
|
|
* @param \SimpleSAML\SAML2\Type\SAMLStringValue|null $SPProvidedID |
|
44
|
|
|
*/ |
|
45
|
|
|
public function __construct( |
|
46
|
|
|
SAMLStringValue $value, |
|
47
|
|
|
?SAMLStringValue $NameQualifier = null, |
|
48
|
|
|
?SAMLStringValue $SPNameQualifier = null, |
|
49
|
|
|
?SAMLAnyURIValue $Format = null, |
|
50
|
|
|
?SAMLStringValue $SPProvidedID = null, |
|
51
|
|
|
) { |
|
52
|
|
|
if ($Format !== null) { |
|
53
|
|
|
switch ($Format->getValue()) { |
|
54
|
|
|
case C::NAMEID_EMAIL_ADDRESS: |
|
55
|
|
|
Assert::email( |
|
56
|
|
|
$value->getValue(), |
|
57
|
|
|
"The content %s of the NameID was not in the format specified by the Format attribute", |
|
58
|
|
|
); |
|
59
|
|
|
break; |
|
60
|
|
|
case C::NAMEID_ENTITY: |
|
61
|
|
|
/* 8.3.6: the NameQualifier, SPNameQualifier, and SPProvidedID attributes MUST be omitted. */ |
|
62
|
|
|
Assert::null($NameQualifier, "Entity Identifier included a disallowed NameQualifier attribute."); |
|
63
|
|
|
Assert::null( |
|
64
|
|
|
$SPNameQualifier, |
|
65
|
|
|
"Entity Identifier included a disallowed SPNameQualifier attribute.", |
|
66
|
|
|
); |
|
67
|
|
|
Assert::null($SPProvidedID, "Entity Identifier included a disallowed SPProvidedID attribute."); |
|
68
|
|
|
break; |
|
69
|
|
|
case C::NAMEID_PERSISTENT: |
|
70
|
|
|
/* 8.3.7: Persistent name identifier values MUST NOT exceed a length of 256 characters. */ |
|
71
|
|
|
Assert::maxLength( |
|
72
|
|
|
$value->getValue(), |
|
73
|
|
|
256, |
|
74
|
|
|
"Persistent name identifier values MUST NOT exceed a length of 256 characters.", |
|
75
|
|
|
); |
|
76
|
|
|
break; |
|
77
|
|
|
case C::NAMEID_TRANSIENT: |
|
78
|
|
|
/* 8.3.8: Transient name identifier values MUST NOT exceed a length of 256 characters. */ |
|
79
|
|
|
Assert::maxLength( |
|
80
|
|
|
$value->getValue(), |
|
81
|
|
|
256, |
|
82
|
|
|
"Transient name identifier values MUST NOT exceed a length of 256 characters.", |
|
83
|
|
|
); |
|
84
|
|
|
break; |
|
85
|
|
|
} |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
parent::__construct($value, $NameQualifier, $SPNameQualifier, $Format, $SPProvidedID); |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
|
|
92
|
|
|
public function getEncryptionBackend(): ?EncryptionBackend |
|
93
|
|
|
{ |
|
94
|
|
|
// return the encryption backend you want to use, |
|
95
|
|
|
// or null if you are fine with the default |
|
96
|
|
|
return null; |
|
97
|
|
|
} |
|
98
|
|
|
|
|
99
|
|
|
|
|
100
|
|
|
/** |
|
101
|
|
|
* Create a class from an array |
|
102
|
|
|
* |
|
103
|
|
|
* @param array $data |
|
104
|
|
|
* @return static |
|
105
|
|
|
*/ |
|
106
|
|
|
public static function fromArray(array $data): static |
|
107
|
|
|
{ |
|
108
|
|
|
$data = self::processArrayContents($data); |
|
109
|
|
|
|
|
110
|
|
|
return new static( |
|
111
|
|
|
SAMLStringValue::fromString($data['value']), |
|
112
|
|
|
$data['NameQualifier'] ? SAMLStringValue::fromString($data['NameQualifier']) : null, |
|
113
|
|
|
$data['SPNameQualifier'] ? SAMLStringValue::fromString($data['SPNameQualifier']) : null, |
|
114
|
|
|
$data['Format'] ? SAMLAnyURIValue::fromString($data['Format']) : null, |
|
115
|
|
|
$data['SPProvidedID'] ? SAMLStringValue::fromString($data['SPProvidedID']) : null, |
|
116
|
|
|
); |
|
117
|
|
|
} |
|
118
|
|
|
|
|
119
|
|
|
|
|
120
|
|
|
/** |
|
121
|
|
|
* Validates an array representation of this object and returns the same array with |
|
122
|
|
|
* rationalized keys (casing) and parsed sub-elements. |
|
123
|
|
|
* |
|
124
|
|
|
* @param array $data |
|
125
|
|
|
* @return array $data |
|
126
|
|
|
*/ |
|
127
|
|
|
private static function processArrayContents(array $data): array |
|
128
|
|
|
{ |
|
129
|
|
|
$data = array_change_key_case($data, CASE_LOWER); |
|
130
|
|
|
|
|
131
|
|
|
// Make sure the array keys are known for this kind of object |
|
132
|
|
|
Assert::allOneOf( |
|
133
|
|
|
array_keys($data), |
|
134
|
|
|
[ |
|
135
|
|
|
'value', |
|
136
|
|
|
'format', |
|
137
|
|
|
'namequalifier', |
|
138
|
|
|
'spnamequalifier', |
|
139
|
|
|
'spprovidedid', |
|
140
|
|
|
], |
|
141
|
|
|
ArrayValidationException::class, |
|
142
|
|
|
); |
|
143
|
|
|
|
|
144
|
|
|
Assert::keyExists($data, 'value', ArrayValidationException::class); |
|
145
|
|
|
Assert::string($data['value'], ArrayValidationException::class); |
|
146
|
|
|
$retval = ['value' => $data['value']]; |
|
147
|
|
|
|
|
148
|
|
|
if (array_key_exists('format', $data)) { |
|
149
|
|
|
Assert::string($data['format'], ArrayValidationException::class); |
|
150
|
|
|
$retval['Format'] = $data['format']; |
|
151
|
|
|
} |
|
152
|
|
|
|
|
153
|
|
|
if (array_key_exists('namequalifier', $data)) { |
|
154
|
|
|
Assert::string($data['namequalifier'], ArrayValidationException::class); |
|
155
|
|
|
$retval['NameQualifier'] = $data['namequalifier']; |
|
156
|
|
|
} |
|
157
|
|
|
|
|
158
|
|
|
if (array_key_exists('spnamequalifier', $data)) { |
|
159
|
|
|
Assert::string($data['spnamequalifier'], ArrayValidationException::class); |
|
160
|
|
|
$retval['SPNameQualifier'] = $data['spnamequalifier']; |
|
161
|
|
|
} |
|
162
|
|
|
|
|
163
|
|
|
if (array_key_exists('spprovidedid', $data)) { |
|
164
|
|
|
Assert::string($data['spprovidedid'], ArrayValidationException::class); |
|
165
|
|
|
$retval['SPProvidedID'] = $data['spprovidedid']; |
|
166
|
|
|
} |
|
167
|
|
|
|
|
168
|
|
|
return $retval; |
|
169
|
|
|
} |
|
170
|
|
|
|
|
171
|
|
|
|
|
172
|
|
|
/** |
|
173
|
|
|
* Create an array from this class |
|
174
|
|
|
* |
|
175
|
|
|
* @return array |
|
176
|
|
|
*/ |
|
177
|
|
|
public function toArray(): array |
|
178
|
|
|
{ |
|
179
|
|
|
$data = [ |
|
180
|
|
|
'value' => $this->getContent()->getValue(), |
|
181
|
|
|
'Format' => $this->getFormat()?->getValue(), |
|
182
|
|
|
'NameQualifier' => $this->getNameQualifier()?->getValue(), |
|
183
|
|
|
'SPNameQualifier' => $this->getSPNameQualifier()?->getValue(), |
|
184
|
|
|
'SPProvidedID' => $this->getSPProvidedID()?->getValue(), |
|
185
|
|
|
]; |
|
186
|
|
|
|
|
187
|
|
|
return array_filter($data); |
|
188
|
|
|
} |
|
189
|
|
|
} |
|
190
|
|
|
|
simplesamlphp /
saml2
Loading history...