SamlValidateResponder::convertToSaml() - Code Metrics - Inspection of "Initial support for samlValidate for compatability..." - simplesamlphp/simplesamlphp-module-casserver - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#22)

unknown

created 2019-08-26 17:36 UTC

SamlValidateResponder::convertToSaml() A

↳ Parent: SamlValidateResponder

Complexity

Conditions	1
Paths	1

Size

Total Lines	37
Code Lines	24

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	1
eloc	24
c	1
b	0
f	0
nc	1
nop	1
dl	0
loc	37
rs	9.536

<?php

namespace SimpleSAML\Module\casserver\Cas\Protocol;

use SimpleSAML\Configuration;
use SimpleSAML\XML\Shib13\AuthnResponse;

class SamlValidateResponder
{

    /**
     * Converts a ticket to saml1 response. Caller likely needs wrap in SOAP
     * to return to a client.
     * @param array $ticket The cas ticket
     * @return string The saml 1 xml for the CAS response
     */
    public function convertToSaml(array $ticket)
    {
        $serviceUrl = $ticket['service'];
        $attributes = $ticket['attributes'];
        $user = $ticket['userName'];

        $ar = new AuthnResponse();
        $idpMetadata = [
            // CAS doesn't seem to care what this is, however SSP code requires it to be set
            'entityid' => 'localhost'
        ];
        $spMetadata = [
            'entityid' => $serviceUrl,
        ];
        $shire = $serviceUrl; //the recpient
        $authnResponseXML = $ar->generate(
            Configuration::loadFromArray($idpMetadata),
            Configuration::loadFromArray($spMetadata),
            $shire,
            $attributes
        );

        // replace NameIdentifier with actually username
        $ret = preg_replace(
            '|<NameIdentifier(.*)>.*</NameIdentifier>|',
            '<NameIdentifier$1>' . htmlspecialchars($user) . '</NameIdentifier>',
            $authnResponseXML
        );
        // CAS seems to prefer this type of assertiond
        $ret = str_replace('urn:oasis:names:tc:SAML:1.0:cm:bearer', 'urn:oasis:names:tc:SAML:1.0:cm:artifact', $ret);
        // CAS uses a different namespace for attributes
        $ret = str_replace(
            'urn:mace:shibboleth:1.0:attributeNamespace:uri',
            'http://www.ja-sig.org/products/cas/',
            $ret
        );
        return $ret;
    }

    public function wrapInSoap($samlResponse)
    {
        $envelope = <<<SOAP
<?xml version="1.0" encoding="utf-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header />
    <SOAP-ENV:Body>$samlResponse</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
SOAP;
        return $envelope;
    }
}


1			<?php
2
3			namespace SimpleSAML\Module\casserver\Cas\Protocol;
4
5			use SimpleSAML\Configuration;
6			use SimpleSAML\XML\Shib13\AuthnResponse;
7
8			class SamlValidateResponder
9			{
10
11			/**
12			* Converts a ticket to saml1 response. Caller likely needs wrap in SOAP
13			* to return to a client.
14			* @param array $ticket The cas ticket
15			* @return string The saml 1 xml for the CAS response
16			*/
17			public function convertToSaml(array $ticket)
18			{
19			$serviceUrl = $ticket['service'];
20			$attributes = $ticket['attributes'];
21			$user = $ticket['userName'];
22
23			$ar = new AuthnResponse();
24			$idpMetadata = [
25			// CAS doesn't seem to care what this is, however SSP code requires it to be set
26			'entityid' => 'localhost'
27			];
28			$spMetadata = [
29			'entityid' => $serviceUrl,
30			];
31			$shire = $serviceUrl; //the recpient
32			$authnResponseXML = $ar->generate(
33			Configuration::loadFromArray($idpMetadata),
34			Configuration::loadFromArray($spMetadata),
35			$shire,
36			$attributes
37			);
38
39			// replace NameIdentifier with actually username
40			$ret = preg_replace(
41			'\|<NameIdentifier(.)>.</NameIdentifier>\|',
42			'<NameIdentifier$1>' . htmlspecialchars($user) . '</NameIdentifier>',
43			$authnResponseXML
44			);
45			// CAS seems to prefer this type of assertiond
46			$ret = str_replace('urn:oasis:names:tc:SAML:1.0:cm:bearer', 'urn:oasis:names:tc:SAML:1.0:cm:artifact', $ret);
47			// CAS uses a different namespace for attributes
48			$ret = str_replace(
49			'urn:mace:shibboleth:1.0:attributeNamespace:uri',
50			'http://www.ja-sig.org/products/cas/',
51			$ret
52			);
53			return $ret;
54			}
55
56			public function wrapInSoap($samlResponse)
57			{
58			$envelope = <<<SOAP
59			<?xml version="1.0" encoding="utf-8"?>
60			<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
61			<SOAP-ENV:Header />
62			<SOAP-ENV:Body>$samlResponse</SOAP-ENV:Body>
63			</SOAP-ENV:Envelope>
64			SOAP;
65			return $envelope;
66			}
67			}
68

simplesamlphp / simplesamlphp-module-casserver

Pull Request — master (#22)

SamlValidateResponder::convertToSaml() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like