simplesamlphp /
saml2
Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
Complex classes like Assertion often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use Assertion, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 16 | class Assertion implements SignedElement |
||
| 17 | { |
||
| 18 | /** |
||
| 19 | * The identifier of this assertion. |
||
| 20 | * |
||
| 21 | * @var string |
||
| 22 | */ |
||
| 23 | private $id; |
||
| 24 | |||
| 25 | /** |
||
| 26 | * The issue timestamp of this assertion, as an UNIX timestamp. |
||
| 27 | * |
||
| 28 | * @var int |
||
| 29 | */ |
||
| 30 | private $issueInstant; |
||
| 31 | |||
| 32 | /** |
||
| 33 | * The entity id of the issuer of this assertion. |
||
| 34 | * |
||
| 35 | * @var string |
||
| 36 | */ |
||
| 37 | private $issuer; |
||
| 38 | |||
| 39 | /** |
||
| 40 | * The NameId of the subject in the assertion. |
||
| 41 | * |
||
| 42 | * If the NameId is null, no subject was included in the assertion. |
||
| 43 | * |
||
| 44 | * @var array|null |
||
| 45 | */ |
||
| 46 | private $nameId; |
||
| 47 | |||
| 48 | /** |
||
| 49 | * The encrypted NameId of the subject. |
||
| 50 | * |
||
| 51 | * If this is not null, the NameId needs decryption before it can be accessed. |
||
| 52 | * |
||
| 53 | * @var \DOMElement|null |
||
| 54 | */ |
||
| 55 | private $encryptedNameId; |
||
| 56 | |||
| 57 | /** |
||
| 58 | * The encrypted Attributes. |
||
| 59 | * |
||
| 60 | * If this is not null, these Attributes need decryption before they can be accessed. |
||
| 61 | * |
||
| 62 | * @var \DOMElement[]|null |
||
| 63 | */ |
||
| 64 | private $encryptedAttributes; |
||
| 65 | |||
| 66 | /** |
||
| 67 | * Private key we should use to encrypt the attributes. |
||
| 68 | * |
||
| 69 | * @var XMLSecurityKey|null |
||
| 70 | */ |
||
| 71 | private $encryptionKey; |
||
| 72 | |||
| 73 | /** |
||
| 74 | * The earliest time this assertion is valid, as an UNIX timestamp. |
||
| 75 | * |
||
| 76 | * @var int |
||
| 77 | */ |
||
| 78 | private $notBefore; |
||
| 79 | |||
| 80 | /** |
||
| 81 | * The time this assertion expires, as an UNIX timestamp. |
||
| 82 | * |
||
| 83 | * @var int |
||
| 84 | */ |
||
| 85 | private $notOnOrAfter; |
||
| 86 | |||
| 87 | /** |
||
| 88 | * The set of audiences that are allowed to receive this assertion. |
||
| 89 | * |
||
| 90 | * This is an array of valid service providers. |
||
| 91 | * |
||
| 92 | * If no restrictions on the audience are present, this variable contains null. |
||
| 93 | * |
||
| 94 | * @var array|null |
||
| 95 | */ |
||
| 96 | private $validAudiences; |
||
| 97 | |||
| 98 | /** |
||
| 99 | * The session expiration timestamp. |
||
| 100 | * |
||
| 101 | * @var int|null |
||
| 102 | */ |
||
| 103 | private $sessionNotOnOrAfter; |
||
| 104 | |||
| 105 | /** |
||
| 106 | * The session index for this user on the IdP. |
||
| 107 | * |
||
| 108 | * Contains null if no session index is present. |
||
| 109 | * |
||
| 110 | * @var string|null |
||
| 111 | */ |
||
| 112 | private $sessionIndex; |
||
| 113 | |||
| 114 | /** |
||
| 115 | * The timestamp the user was authenticated, as an UNIX timestamp. |
||
| 116 | * |
||
| 117 | * @var int |
||
| 118 | */ |
||
| 119 | private $authnInstant; |
||
| 120 | |||
| 121 | /** |
||
| 122 | * The authentication context reference for this assertion. |
||
| 123 | * |
||
| 124 | * @var string|null |
||
| 125 | */ |
||
| 126 | private $authnContextClassRef; |
||
| 127 | |||
| 128 | /** |
||
| 129 | * Authentication context declaration provided by value. |
||
| 130 | * |
||
| 131 | * See: |
||
| 132 | * @url http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf |
||
| 133 | * |
||
| 134 | * @var \SAML2\XML\Chunk |
||
| 135 | */ |
||
| 136 | private $authnContextDecl; |
||
| 137 | |||
| 138 | /** |
||
| 139 | * URI reference that identifies an authentication context declaration. |
||
| 140 | * |
||
| 141 | * The URI reference MAY directly resolve into an XML document containing the referenced declaration. |
||
| 142 | * |
||
| 143 | * @var \SAML2\XML\Chunk |
||
| 144 | */ |
||
| 145 | private $authnContextDeclRef; |
||
| 146 | |||
| 147 | /** |
||
| 148 | * The list of AuthenticatingAuthorities for this assertion. |
||
| 149 | * |
||
| 150 | * @var array |
||
| 151 | */ |
||
| 152 | private $AuthenticatingAuthority; |
||
| 153 | |||
| 154 | /** |
||
| 155 | * The attributes, as an associative array. |
||
| 156 | * |
||
| 157 | * @var \DOMElement[] |
||
| 158 | */ |
||
| 159 | private $attributes; |
||
| 160 | |||
| 161 | /** |
||
| 162 | * The NameFormat used on all attributes. |
||
| 163 | * |
||
| 164 | * If more than one NameFormat is used, this will contain |
||
| 165 | * the unspecified nameformat. |
||
| 166 | * |
||
| 167 | * @var string |
||
| 168 | */ |
||
| 169 | private $nameFormat; |
||
| 170 | |||
| 171 | /** |
||
| 172 | * The private key we should use to sign the assertion. |
||
| 173 | * |
||
| 174 | * The private key can be null, in which case the assertion is sent unsigned. |
||
| 175 | * |
||
| 176 | * @var XMLSecurityKey|null |
||
| 177 | */ |
||
| 178 | private $signatureKey; |
||
| 179 | |||
| 180 | /** |
||
| 181 | * List of certificates that should be included in the assertion. |
||
| 182 | * |
||
| 183 | * @var array |
||
| 184 | */ |
||
| 185 | private $certificates; |
||
| 186 | |||
| 187 | /** |
||
| 188 | * The data needed to verify the signature. |
||
| 189 | * |
||
| 190 | * @var array|null |
||
| 191 | */ |
||
| 192 | private $signatureData; |
||
| 193 | |||
| 194 | /** |
||
| 195 | * Boolean that indicates if attributes are encrypted in the |
||
| 196 | * assertion or not. |
||
| 197 | * |
||
| 198 | * @var boolean |
||
| 199 | */ |
||
| 200 | private $requiredEncAttributes; |
||
| 201 | |||
| 202 | /** |
||
| 203 | * The SubjectConfirmation elements of the Subject in the assertion. |
||
| 204 | * |
||
| 205 | * @var \SAML2\XML\saml\SubjectConfirmation[]. |
||
| 206 | */ |
||
| 207 | private $SubjectConfirmation; |
||
| 208 | |||
| 209 | /** |
||
| 210 | * @var bool |
||
| 211 | */ |
||
| 212 | protected $wasSignedAtConstruction = false; |
||
| 213 | |||
| 214 | /** |
||
| 215 | * Constructor for SAML 2 assertions. |
||
| 216 | * |
||
| 217 | * @param \DOMElement|null $xml The input assertion. |
||
| 218 | * @throws \Exception |
||
| 219 | */ |
||
| 220 | public function __construct(\DOMElement $xml = null) |
||
| 261 | |||
| 262 | /** |
||
| 263 | * Parse subject in assertion. |
||
| 264 | * |
||
| 265 | * @param \DOMElement $xml The assertion XML element. |
||
| 266 | * @throws \Exception |
||
| 267 | */ |
||
| 268 | View Code Duplication | private function parseSubject(\DOMElement $xml) |
|
| 306 | |||
| 307 | /** |
||
| 308 | * Parse conditions in assertion. |
||
| 309 | * |
||
| 310 | * @param \DOMElement $xml The assertion XML element. |
||
| 311 | * @throws \Exception |
||
| 312 | */ |
||
| 313 | private function parseConditions(\DOMElement $xml) |
||
| 370 | |||
| 371 | /** |
||
| 372 | * Parse AuthnStatement in assertion. |
||
| 373 | * |
||
| 374 | * @param \DOMElement $xml The assertion XML element. |
||
| 375 | * @throws \Exception |
||
| 376 | */ |
||
| 377 | private function parseAuthnStatement(\DOMElement $xml) |
||
| 404 | |||
| 405 | /** |
||
| 406 | * Parse AuthnContext in AuthnStatement. |
||
| 407 | * |
||
| 408 | * @param \DOMElement $authnStatementEl |
||
| 409 | * @throws \Exception |
||
| 410 | */ |
||
| 411 | private function parseAuthnContext(\DOMElement $authnStatementEl) |
||
| 463 | |||
| 464 | /** |
||
| 465 | * Parse attribute statements in assertion. |
||
| 466 | * |
||
| 467 | * @param \DOMElement $xml The XML element with the assertion. |
||
| 468 | * @throws \Exception |
||
| 469 | */ |
||
| 470 | private function parseAttributes(\DOMElement $xml) |
||
| 505 | |||
| 506 | /** |
||
| 507 | * Parse encrypted attribute statements in assertion. |
||
| 508 | * |
||
| 509 | * @param \DOMElement $xml The XML element with the assertion. |
||
| 510 | */ |
||
| 511 | private function parseEncryptedAttributes(\DOMElement $xml) |
||
| 518 | |||
| 519 | /** |
||
| 520 | * Parse signature on assertion. |
||
| 521 | * |
||
| 522 | * @param \DOMElement $xml The assertion XML element. |
||
| 523 | */ |
||
| 524 | private function parseSignature(\DOMElement $xml) |
||
| 534 | |||
| 535 | /** |
||
| 536 | * Validate this assertion against a public key. |
||
| 537 | * |
||
| 538 | * If no signature was present on the assertion, we will return false. |
||
| 539 | * Otherwise, true will be returned. An exception is thrown if the |
||
| 540 | * signature validation fails. |
||
| 541 | * |
||
| 542 | * @param XMLSecurityKey $key The key we should check against. |
||
| 543 | * @return boolean true if successful, false if it is unsigned. |
||
| 544 | */ |
||
| 545 | public function validate(XMLSecurityKey $key) |
||
| 557 | |||
| 558 | /** |
||
| 559 | * Retrieve the identifier of this assertion. |
||
| 560 | * |
||
| 561 | * @return string The identifier of this assertion. |
||
| 562 | */ |
||
| 563 | public function getId() |
||
| 567 | |||
| 568 | /** |
||
| 569 | * Set the identifier of this assertion. |
||
| 570 | * |
||
| 571 | * @param string $id The new identifier of this assertion. |
||
| 572 | */ |
||
| 573 | public function setId($id) |
||
| 579 | |||
| 580 | /** |
||
| 581 | * Retrieve the issue timestamp of this assertion. |
||
| 582 | * |
||
| 583 | * @return int The issue timestamp of this assertion, as an UNIX timestamp. |
||
| 584 | */ |
||
| 585 | public function getIssueInstant() |
||
| 589 | |||
| 590 | /** |
||
| 591 | * Set the issue timestamp of this assertion. |
||
| 592 | * |
||
| 593 | * @param int $issueInstant The new issue timestamp of this assertion, as an UNIX timestamp. |
||
| 594 | */ |
||
| 595 | public function setIssueInstant($issueInstant) |
||
| 601 | |||
| 602 | /** |
||
| 603 | * Retrieve the issuer if this assertion. |
||
| 604 | * |
||
| 605 | * @return string The issuer of this assertion. |
||
| 606 | */ |
||
| 607 | public function getIssuer() |
||
| 611 | |||
| 612 | /** |
||
| 613 | * Set the issuer of this message. |
||
| 614 | * |
||
| 615 | * @param string $issuer The new issuer of this assertion. |
||
| 616 | */ |
||
| 617 | public function setIssuer($issuer) |
||
| 623 | |||
| 624 | /** |
||
| 625 | * Retrieve the NameId of the subject in the assertion. |
||
| 626 | * |
||
| 627 | * The returned NameId is in the format used by \SAML2\Utils::addNameId(). |
||
| 628 | * |
||
| 629 | * @see \SAML2\Utils::addNameId() |
||
| 630 | * @return array|null The name identifier of the assertion. |
||
| 631 | * @throws \Exception |
||
| 632 | */ |
||
| 633 | public function getNameId() |
||
| 641 | |||
| 642 | /** |
||
| 643 | * Set the NameId of the subject in the assertion. |
||
| 644 | * |
||
| 645 | * The NameId must be in the format accepted by \SAML2\Utils::addNameId(). |
||
| 646 | * |
||
| 647 | * @see \SAML2\Utils::addNameId() |
||
| 648 | * @param array|null $nameId The name identifier of the assertion. |
||
| 649 | */ |
||
| 650 | public function setNameId($nameId) |
||
| 656 | |||
| 657 | /** |
||
| 658 | * Check whether the NameId is encrypted. |
||
| 659 | * |
||
| 660 | * @return true if the NameId is encrypted, false if not. |
||
| 661 | */ |
||
| 662 | public function isNameIdEncrypted() |
||
| 666 | |||
| 667 | /** |
||
| 668 | * Encrypt the NameID in the Assertion. |
||
| 669 | * |
||
| 670 | * @param XMLSecurityKey $key The encryption key. |
||
| 671 | */ |
||
| 672 | View Code Duplication | public function encryptNameId(XMLSecurityKey $key) |
|
| 697 | |||
| 698 | /** |
||
| 699 | * Decrypt the NameId of the subject in the assertion. |
||
| 700 | * |
||
| 701 | * @param XMLSecurityKey $key The decryption key. |
||
| 702 | * @param array $blacklist Blacklisted decryption algorithms. |
||
| 703 | */ |
||
| 704 | View Code Duplication | public function decryptNameId(XMLSecurityKey $key, array $blacklist = array()) |
|
| 718 | |||
| 719 | /** |
||
| 720 | * Did this Assertion contain encrypted Attributes? |
||
| 721 | * |
||
| 722 | * @return bool |
||
| 723 | */ |
||
| 724 | public function hasEncryptedAttributes() |
||
| 728 | |||
| 729 | /** |
||
| 730 | * Decrypt the assertion attributes. |
||
| 731 | * |
||
| 732 | * @param XMLSecurityKey $key |
||
| 733 | * @param array $blacklist |
||
| 734 | * @throws \Exception |
||
| 735 | */ |
||
| 736 | public function decryptAttributes(XMLSecurityKey $key, array $blacklist = array()) |
||
| 781 | |||
| 782 | /** |
||
| 783 | * Retrieve the earliest timestamp this assertion is valid. |
||
| 784 | * |
||
| 785 | * This function returns null if there are no restrictions on how early the |
||
| 786 | * assertion can be used. |
||
| 787 | * |
||
| 788 | * @return int|null The earliest timestamp this assertion is valid. |
||
| 789 | */ |
||
| 790 | public function getNotBefore() |
||
| 794 | |||
| 795 | /** |
||
| 796 | * Set the earliest timestamp this assertion can be used. |
||
| 797 | * |
||
| 798 | * Set this to null if no limit is required. |
||
| 799 | * |
||
| 800 | * @param int|null $notBefore The earliest timestamp this assertion is valid. |
||
| 801 | */ |
||
| 802 | public function setNotBefore($notBefore) |
||
| 808 | |||
| 809 | /** |
||
| 810 | * Retrieve the expiration timestamp of this assertion. |
||
| 811 | * |
||
| 812 | * This function returns null if there are no restrictions on how |
||
| 813 | * late the assertion can be used. |
||
| 814 | * |
||
| 815 | * @return int|null The latest timestamp this assertion is valid. |
||
| 816 | */ |
||
| 817 | public function getNotOnOrAfter() |
||
| 821 | |||
| 822 | /** |
||
| 823 | * Set the expiration timestamp of this assertion. |
||
| 824 | * |
||
| 825 | * Set this to null if no limit is required. |
||
| 826 | * |
||
| 827 | * @param int|null $notOnOrAfter The latest timestamp this assertion is valid. |
||
| 828 | */ |
||
| 829 | public function setNotOnOrAfter($notOnOrAfter) |
||
| 835 | |||
| 836 | /** |
||
| 837 | * Set $EncryptedAttributes if attributes will send encrypted |
||
| 838 | * |
||
| 839 | * @param boolean $ea true to encrypt attributes in the assertion. |
||
| 840 | */ |
||
| 841 | public function setEncryptedAttributes($ea) |
||
| 845 | |||
| 846 | /** |
||
| 847 | * Retrieve the audiences that are allowed to receive this assertion. |
||
| 848 | * |
||
| 849 | * This may be null, in which case all audiences are allowed. |
||
| 850 | * |
||
| 851 | * @return array|null The allowed audiences. |
||
| 852 | */ |
||
| 853 | public function getValidAudiences() |
||
| 857 | |||
| 858 | /** |
||
| 859 | * Set the audiences that are allowed to receive this assertion. |
||
| 860 | * |
||
| 861 | * This may be null, in which case all audiences are allowed. |
||
| 862 | * |
||
| 863 | * @param array|null $validAudiences The allowed audiences. |
||
| 864 | */ |
||
| 865 | public function setValidAudiences(array $validAudiences = null) |
||
| 869 | |||
| 870 | /** |
||
| 871 | * Retrieve the AuthnInstant of the assertion. |
||
| 872 | * |
||
| 873 | * @return int|null The timestamp the user was authenticated, or NULL if the user isn't authenticated. |
||
| 874 | */ |
||
| 875 | public function getAuthnInstant() |
||
| 879 | |||
| 880 | |||
| 881 | /** |
||
| 882 | * Set the AuthnInstant of the assertion. |
||
| 883 | * |
||
| 884 | * @param int|null $authnInstant Timestamp the user was authenticated, or NULL if we don't want an AuthnStatement. |
||
| 885 | */ |
||
| 886 | public function setAuthnInstant($authnInstant) |
||
| 892 | |||
| 893 | /** |
||
| 894 | * Retrieve the session expiration timestamp. |
||
| 895 | * |
||
| 896 | * This function returns null if there are no restrictions on the |
||
| 897 | * session lifetime. |
||
| 898 | * |
||
| 899 | * @return int|null The latest timestamp this session is valid. |
||
| 900 | */ |
||
| 901 | public function getSessionNotOnOrAfter() |
||
| 905 | |||
| 906 | /** |
||
| 907 | * Set the session expiration timestamp. |
||
| 908 | * |
||
| 909 | * Set this to null if no limit is required. |
||
| 910 | * |
||
| 911 | * @param int|null $sessionNotOnOrAfter The latest timestamp this session is valid. |
||
| 912 | */ |
||
| 913 | public function setSessionNotOnOrAfter($sessionNotOnOrAfter) |
||
| 919 | |||
| 920 | /** |
||
| 921 | * Retrieve the session index of the user at the IdP. |
||
| 922 | * |
||
| 923 | * @return string|null The session index of the user at the IdP. |
||
| 924 | */ |
||
| 925 | public function getSessionIndex() |
||
| 929 | |||
| 930 | /** |
||
| 931 | * Set the session index of the user at the IdP. |
||
| 932 | * |
||
| 933 | * Note that the authentication context must be set before the |
||
| 934 | * session index can be inluded in the assertion. |
||
| 935 | * |
||
| 936 | * @param string|null $sessionIndex The session index of the user at the IdP. |
||
| 937 | */ |
||
| 938 | public function setSessionIndex($sessionIndex) |
||
| 944 | |||
| 945 | /** |
||
| 946 | * Retrieve the authentication method used to authenticate the user. |
||
| 947 | * |
||
| 948 | * This will return null if no authentication statement was |
||
| 949 | * included in the assertion. |
||
| 950 | * |
||
| 951 | * Note that this returns either the AuthnContextClassRef or the AuthnConextDeclRef, whose definition overlaps |
||
| 952 | * but is slightly different (consult the specification for more information). |
||
| 953 | * This was done to work around an old bug of Shibboleth ( https://bugs.internet2.edu/jira/browse/SIDP-187 ). |
||
| 954 | * Should no longer be required, please use either getAuthnConextClassRef or getAuthnContextDeclRef. |
||
| 955 | * |
||
| 956 | * @deprecated use getAuthnContextClassRef |
||
| 957 | * @return string|null The authentication method. |
||
| 958 | */ |
||
| 959 | public function getAuthnContext() |
||
| 969 | |||
| 970 | /** |
||
| 971 | * Set the authentication method used to authenticate the user. |
||
| 972 | * |
||
| 973 | * If this is set to null, no authentication statement will be |
||
| 974 | * included in the assertion. The default is null. |
||
| 975 | * |
||
| 976 | * @deprecated use setAuthnContextClassRef |
||
| 977 | * @param string|null $authnContext The authentication method. |
||
| 978 | */ |
||
| 979 | public function setAuthnContext($authnContext) |
||
| 983 | |||
| 984 | /** |
||
| 985 | * Retrieve the authentication method used to authenticate the user. |
||
| 986 | * |
||
| 987 | * This will return null if no authentication statement was |
||
| 988 | * included in the assertion. |
||
| 989 | * |
||
| 990 | * @return string|null The authentication method. |
||
| 991 | */ |
||
| 992 | public function getAuthnContextClassRef() |
||
| 996 | |||
| 997 | /** |
||
| 998 | * Set the authentication method used to authenticate the user. |
||
| 999 | * |
||
| 1000 | * If this is set to null, no authentication statement will be |
||
| 1001 | * included in the assertion. The default is null. |
||
| 1002 | * |
||
| 1003 | * @param string|null $authnContextClassRef The authentication method. |
||
| 1004 | */ |
||
| 1005 | public function setAuthnContextClassRef($authnContextClassRef) |
||
| 1011 | |||
| 1012 | /** |
||
| 1013 | * Set the authentication context declaration. |
||
| 1014 | * |
||
| 1015 | * @param \SAML2\XML\Chunk $authnContextDecl |
||
| 1016 | * @throws \Exception |
||
| 1017 | */ |
||
| 1018 | public function setAuthnContextDecl(Chunk $authnContextDecl) |
||
| 1028 | |||
| 1029 | /** |
||
| 1030 | * Get the authentication context declaration. |
||
| 1031 | * |
||
| 1032 | * See: |
||
| 1033 | * @url http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf |
||
| 1034 | * |
||
| 1035 | * @return \SAML2\XML\Chunk|null |
||
| 1036 | */ |
||
| 1037 | public function getAuthnContextDecl() |
||
| 1041 | |||
| 1042 | /** |
||
| 1043 | * Set the authentication context declaration reference. |
||
| 1044 | * |
||
| 1045 | * @param string $authnContextDeclRef |
||
| 1046 | * @throws \Exception |
||
| 1047 | */ |
||
| 1048 | public function setAuthnContextDeclRef($authnContextDeclRef) |
||
| 1058 | |||
| 1059 | /** |
||
| 1060 | * Get the authentication context declaration reference. |
||
| 1061 | * URI reference that identifies an authentication context declaration. |
||
| 1062 | * |
||
| 1063 | * The URI reference MAY directly resolve into an XML document containing the referenced declaration. |
||
| 1064 | * |
||
| 1065 | * @return string |
||
| 1066 | */ |
||
| 1067 | public function getAuthnContextDeclRef() |
||
| 1071 | |||
| 1072 | /** |
||
| 1073 | * Retrieve the AuthenticatingAuthority. |
||
| 1074 | * |
||
| 1075 | * |
||
| 1076 | * @return array |
||
| 1077 | */ |
||
| 1078 | public function getAuthenticatingAuthority() |
||
| 1082 | |||
| 1083 | /** |
||
| 1084 | * Set the AuthenticatingAuthority |
||
| 1085 | * |
||
| 1086 | * |
||
| 1087 | * @param array. |
||
| 1088 | */ |
||
| 1089 | public function setAuthenticatingAuthority($authenticatingAuthority) |
||
| 1093 | |||
| 1094 | /** |
||
| 1095 | * Retrieve all attributes. |
||
| 1096 | * |
||
| 1097 | * @return array All attributes, as an associative array. |
||
| 1098 | */ |
||
| 1099 | public function getAttributes() |
||
| 1103 | |||
| 1104 | /** |
||
| 1105 | * Replace all attributes. |
||
| 1106 | * |
||
| 1107 | * @param array $attributes All new attributes, as an associative array. |
||
| 1108 | */ |
||
| 1109 | public function setAttributes(array $attributes) |
||
| 1113 | |||
| 1114 | /** |
||
| 1115 | * Retrieve the NameFormat used on all attributes. |
||
| 1116 | * |
||
| 1117 | * If more than one NameFormat is used in the received attributes, this |
||
| 1118 | * returns the unspecified NameFormat. |
||
| 1119 | * |
||
| 1120 | * @return string The NameFormat used on all attributes. |
||
| 1121 | */ |
||
| 1122 | public function getAttributeNameFormat() |
||
| 1126 | |||
| 1127 | /** |
||
| 1128 | * Set the NameFormat used on all attributes. |
||
| 1129 | * |
||
| 1130 | * @param string $nameFormat The NameFormat used on all attributes. |
||
| 1131 | */ |
||
| 1132 | public function setAttributeNameFormat($nameFormat) |
||
| 1138 | |||
| 1139 | /** |
||
| 1140 | * Retrieve the SubjectConfirmation elements we have in our Subject element. |
||
| 1141 | * |
||
| 1142 | * @return array Array of \SAML2\XML\saml\SubjectConfirmation elements. |
||
| 1143 | */ |
||
| 1144 | public function getSubjectConfirmation() |
||
| 1148 | |||
| 1149 | /** |
||
| 1150 | * Set the SubjectConfirmation elements that should be included in the assertion. |
||
| 1151 | * |
||
| 1152 | * @param array $SubjectConfirmation Array of \SAML2\XML\saml\SubjectConfirmation elements. |
||
| 1153 | */ |
||
| 1154 | public function setSubjectConfirmation(array $SubjectConfirmation) |
||
| 1158 | |||
| 1159 | /** |
||
| 1160 | * Retrieve the private key we should use to sign the assertion. |
||
| 1161 | * |
||
| 1162 | * @return XMLSecurityKey|null The key, or NULL if no key is specified. |
||
| 1163 | */ |
||
| 1164 | public function getSignatureKey() |
||
| 1168 | |||
| 1169 | /** |
||
| 1170 | * Set the private key we should use to sign the assertion. |
||
| 1171 | * |
||
| 1172 | * If the key is null, the assertion will be sent unsigned. |
||
| 1173 | * |
||
| 1174 | * @param XMLSecurityKey|null $signatureKey |
||
| 1175 | */ |
||
| 1176 | public function setSignatureKey(XMLsecurityKey $signatureKey = null) |
||
| 1180 | |||
| 1181 | /** |
||
| 1182 | * Return the key we should use to encrypt the assertion. |
||
| 1183 | * |
||
| 1184 | * @return XMLSecurityKey|null The key, or NULL if no key is specified.. |
||
| 1185 | * |
||
| 1186 | */ |
||
| 1187 | public function getEncryptionKey() |
||
| 1191 | |||
| 1192 | /** |
||
| 1193 | * Set the private key we should use to encrypt the attributes. |
||
| 1194 | * |
||
| 1195 | * @param XMLSecurityKey|null $Key |
||
| 1196 | */ |
||
| 1197 | public function setEncryptionKey(XMLSecurityKey $Key = null) |
||
| 1201 | |||
| 1202 | /** |
||
| 1203 | * Set the certificates that should be included in the assertion. |
||
| 1204 | * |
||
| 1205 | * The certificates should be strings with the PEM encoded data. |
||
| 1206 | * |
||
| 1207 | * @param array $certificates An array of certificates. |
||
| 1208 | */ |
||
| 1209 | public function setCertificates(array $certificates) |
||
| 1213 | |||
| 1214 | /** |
||
| 1215 | * Retrieve the certificates that are included in the assertion. |
||
| 1216 | * |
||
| 1217 | * @return array An array of certificates. |
||
| 1218 | */ |
||
| 1219 | public function getCertificates() |
||
| 1223 | |||
| 1224 | /** |
||
| 1225 | * @return bool |
||
| 1226 | */ |
||
| 1227 | public function getWasSignedAtConstruction() |
||
| 1231 | |||
| 1232 | /** |
||
| 1233 | * Convert this assertion to an XML element. |
||
| 1234 | * |
||
| 1235 | * @param \DOMNode|null $parentElement The DOM node the assertion should be created in. |
||
| 1236 | * @return \DOMElement This assertion. |
||
| 1237 | */ |
||
| 1238 | public function toXML(\DOMNode $parentElement = null) |
||
| 1279 | |||
| 1280 | /** |
||
| 1281 | * Add a Subject-node to the assertion. |
||
| 1282 | * |
||
| 1283 | * @param \DOMElement $root The assertion element we should add the subject to. |
||
| 1284 | */ |
||
| 1285 | View Code Duplication | private function addSubject(\DOMElement $root) |
|
| 1308 | |||
| 1309 | |||
| 1310 | /** |
||
| 1311 | * Add a Conditions-node to the assertion. |
||
| 1312 | * |
||
| 1313 | * @param \DOMElement $root The assertion element we should add the conditions to. |
||
| 1314 | */ |
||
| 1315 | private function addConditions(\DOMElement $root) |
||
| 1336 | |||
| 1337 | |||
| 1338 | /** |
||
| 1339 | * Add a AuthnStatement-node to the assertion. |
||
| 1340 | * |
||
| 1341 | * @param \DOMElement $root The assertion element we should add the authentication statement to. |
||
| 1342 | */ |
||
| 1343 | private function addAuthnStatement(\DOMElement $root) |
||
| 1402 | |||
| 1403 | |||
| 1404 | /** |
||
| 1405 | * Add an AttributeStatement-node to the assertion. |
||
| 1406 | * |
||
| 1407 | * @param \DOMElement $root The assertion element we should add the subject to. |
||
| 1408 | */ |
||
| 1409 | private function addAttributeStatement(\DOMElement $root) |
||
| 1458 | |||
| 1459 | |||
| 1460 | /** |
||
| 1461 | * Add an EncryptedAttribute Statement-node to the assertion. |
||
| 1462 | * |
||
| 1463 | * @param \DOMElement $root The assertion element we should add the Encrypted Attribute Statement to. |
||
| 1464 | */ |
||
| 1465 | private function addEncryptedAttributeStatement(\DOMElement $root) |
||
| 1529 | } |
||
| 1530 |
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.