RESPONSE_SIGNATURE_XPATH
RESPONSE_SIGNATURE_XPATH
Utils of PHP Toolkit
Defines several often used methods
loadXML(\DOMDocument $dom, string $xml) : \DOMDocument|false
This function load an XML string in a save way.
Prevent XEE/XXE Attacks
\DOMDocument | $dom | The document where load the xml. |
string | $xml | The XML string to be loaded. |
$dom The result of load the XML at the DomDocument
validateXML(string|\DOMDocument $xml, string $schema, boolean $debug = false, string $schemaPath = null) : string|\DOMDocument
This function attempts to validate an XML string against the specified schema.
It will parse the string into a DOM document and validate this document against the schema.
string|\DOMDocument | $xml | The XML string or document which should be validated. |
string | $schema | The schema filename which should be used. |
boolean | $debug | To disable/enable the debug mode |
string | $schemaPath | Change schema path |
$dom string that explains the problem or the DOMDocument
treeCopyReplace(\DomNode $targetNode, \DomNode $sourceNode, boolean $recurse = false) : \DOMNode
Import a node tree into a target document Copy it before a reference node as a sibling and at the end of the copy remove the reference node in the target document As it were 'replacing' it Leaving nested default namespaces alone (Standard importNode with deep copy mangles nested default namespaces)
The reference node must not be a DomDocument It CAN be the top element of a document Returns the copied node in the target document
\DomNode | $targetNode | |
\DomNode | $sourceNode | |
boolean | $recurse |
getStringBetween(string $str, string $start, string $end) : string
Extracts a substring between 2 marks
string | $str | The target string |
string | $start | The initial mark |
string | $end | The end mark |
A substring or an empty string if is not able to find the marks or if there is no string between the marks
redirect(string $url, array $parameters = array(), boolean $stay = false) : string|null
Executes a redirection to the provided url (or return the target url).
string | $url | The target url |
array | $parameters | Extra parameters to be passed as part of the url |
boolean | $stay | True if we want to stay (returns the url string) False to redirect |
$url
parseSAML2Time(string $time) : integer
Converts a SAML2 timestamp on the form yyyy-mm-ddThh:mm:ss(\.s+)?Z to a UNIX timestamp. The sub-second part is ignored.
string | $time | The time we should convert (SAML Timestamp). |
$timestamp Converted to a unix timestamp.
parseDuration(string $duration, integer|null $timestamp = null) : integer
Interprets a ISO8601 duration value relative to a given timestamp.
string | $duration | The duration, as a string. |
integer|null | $timestamp | The unix timestamp we should apply the duration to. Optional, default to the current time. |
The new timestamp, after the duration is applied.
getExpireTime(string|null $cacheDuration = null, string|integer|null $validUntil = null) : integer|null
Compares 2 dates and returns the earliest.
string|null | $cacheDuration | The duration, as a string. |
string|integer|null | $validUntil | The valid until date, as a string or as a timestamp |
$expireTime The expiration time.
query(\DOMDocument $dom, string $query, \DomElement|null $context = null) : \DOMNodeList
Extracts nodes from the DOMDocument.
\DOMDocument | $dom | The DOMDocument |
string | $query | Xpath Expresion |
\DomElement|null | $context | Context Node (DomElement) |
The queried nodes
generateNameId(string $value, string $spnq, string|null $format = null, string|null $cert = null, string|null $nq = null) : string
Generates a nameID.
string | $value | fingerprint |
string | $spnq | SP Name Qualifier |
string|null | $format | SP Format |
string|null | $cert | IdP Public cert to encrypt the nameID |
string|null | $nq | IdP Name Qualifier |
$nameIDElement DOMElement | XMLSec nameID
decryptElement(\DOMElement $encryptedData, \XMLSecurityKey $inputKey, boolean $formatOutput = true) : \DOMElement
Decrypts an encrypted element.
\DOMElement | $encryptedData | The encrypted data. |
\XMLSecurityKey | $inputKey | The decryption key. |
boolean | $formatOutput | Format or not the output. |
The decrypted element.
castKey(\XMLSecurityKey $key, string $algorithm, string $type = 'public') : \XMLSecurityKey
Converts a XMLSecurityKey to the correct algorithm.
\XMLSecurityKey | $key | The key. |
string | $algorithm | The desired algorithm. |
string | $type | Public or private key, defaults to public. |
The new key.
addSign(string|\DomDocument $xml, string $key, string $cert, string $signAlgorithm = \XMLSecurityKey::RSA_SHA1, string $digestAlgorithm = \XMLSecurityDSig::SHA1) : string
Adds signature key and senders certificate to an element (Message or Assertion).
string|\DomDocument | $xml | The element we should sign |
string | $key | The private key |
string | $cert | The public |
string | $signAlgorithm | Signature algorithm method |
string | $digestAlgorithm | Digest algorithm method |
validateSign(string|\DomNode $xml, string|null $cert = null, string|null $fingerprint = null, string|null $fingerprintalg = 'sha1', string|null $xpath = null, array|null $multiCerts = null) : boolean
Validates a signature (Message or Assertion).
string|\DomNode | $xml | The element we should validate |
string|null | $cert | The public cert |
string|null | $fingerprint | The fingerprint of the public cert |
string|null | $fingerprintalg | The algorithm used to get the fingerprint |
string|null | $xpath | The xpath of the signed element |
array|null | $multiCerts | Multiple public certs |
validateBinarySign(string $messageType, array $getData, array $idpData, boolean $retrieveParametersFromServer = false) : boolean
Validates a binary signature
string | $messageType | Type of SAML Message |
array | $getData | HTTP GET array |
array | $idpData | IdP setting data |
boolean | $retrieveParametersFromServer | Indicates where to get the values in order to validate the Sign, from getData or from $_SERVER |