public static function Utilities::validateIssuerAndAudience in SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 8
1 call to Utilities::validateIssuerAndAudience()
- MiniOrangeAcs::processSamlResponse in src/
MiniOrangeAcs.php - The function processSamlResponse.
File
- src/
Utilities.php, line 531
Class
- Utilities
- This file is part of miniOrange SAML plugin.
Namespace
Drupal\miniorange_samlCode
public static function validateIssuerAndAudience($samlResponse, $spEntityId, $issuerToValidateAgainst, $base_url) {
$issuer = current($samlResponse
->getAssertions())
->getIssuer();
$audience = current(current($samlResponse
->getAssertions())
->getValidAudiences());
if (strcmp($issuerToValidateAgainst, $issuer) === 0) {
if (strcmp($audience, $base_url) === 0) {
return TRUE;
}
else {
if (array_key_exists('RelayState', $_REQUEST) && $_REQUEST['RelayState'] == 'testValidate') {
echo '<div style="font-family:Calibri;padding:0 3%;">';
echo '<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Invalid Audience URI.</p>
<p>Please contact your administrator and report the following error:</p>
<p><strong>Possible Cause: </strong>The value of \'Audience URI\' field on Identity Provider\'s side is incorrect</p>
<p>Expected one of the Audiences to be: ' . $spEntityId . '<p>
</div>
<div style="margin:3%;display:block;text-align:center;">
<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>';
}
else {
echo '<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><b>Error: </b>We could not sign you in. Please contact your Administrator.</p></div>';
}
exit;
}
}
else {
if (array_key_exists('RelayState', $_REQUEST) && $_REQUEST['RelayState'] == 'testValidate') {
echo '<div style="font-family:Calibri;padding:0 3%;">';
echo '<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Issuer cannot be verified.</p>
<p>Please contact your administrator and report the following error:</p>
<p><strong>Possible Cause: </strong>The value in \'IdP Entity ID or Issuer\' field in Service Provider Settings is incorrect</p>
<p><strong>Expected Entity ID: </strong>' . $issuer . '<p>
<p><strong>Entity ID Found: </strong>' . Xss::filter($issuerToValidateAgainst) . '</p>
</div>
<div style="margin:3%;display:block;text-align:center;">
<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>';
}
else {
echo '<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><b>Error: </b>We could not sign you in. Please contact your Administrator.</p></div>';
}
exit;
}
}