additional actions

lightSAML · Feb 9, 2016 · eb5fd57 · eb5fd57
1 parent bf69c36
commit eb5fd57
Show file tree

Hide file tree

Showing 4 changed files with 182 additions and 0 deletions.
diff --git a/src/LightSaml/Logout/Action/Profile/Outbound/LogoutRequest/ResolveLogoutPartyAction.php b/src/LightSaml/Logout/Action/Profile/Outbound/LogoutRequest/ResolveLogoutPartyAction.php
@@ -0,0 +1,98 @@
+<?php
+
+/*
+ * This file is part of the LightSAML-Logout package.
+ *
+ * (c) Milos Tomic <[email protected]>
+ *
+ * This source file is subject to the GPL-3 license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+namespace LightSaml\Logout\Action\Profile\Outbound\LogoutRequest;
+
+use LightSaml\Action\Profile\AbstractProfileAction;
+use LightSaml\Context\Profile\ProfileContext;
+use LightSaml\Error\LightSamlContextException;
+use LightSaml\Meta\TrustOptions\TrustOptions;
+use LightSaml\Store\EntityDescriptor\EntityDescriptorStoreInterface;
+use LightSaml\Store\TrustOptions\TrustOptionsStoreInterface;
+
+class ResolveLogoutPartyAction extends AbstractProfileAction
+{
+    /** @var EntityDescriptorStoreInterface */
+    private $idpEntityDescriptorStore;
+
+    /** @var EntityDescriptorStoreInterface */
+    private $spEntityDescriptorStore;
+
+    /** @var  TrustOptionsStoreInterface */
+    protected $trustOptionsProvider;
+
+    /**
+     * @param EntityDescriptorStoreInterface $idpEntityDescriptorStore
+     * @param EntityDescriptorStoreInterface $spEntityDescriptorStore
+     * @param TrustOptionsStoreInterface     $trustOptionsProvider
+     */
+    public function __construct(
+        EntityDescriptorStoreInterface $idpEntityDescriptorStore,
+        EntityDescriptorStoreInterface $spEntityDescriptorStore,
+        TrustOptionsStoreInterface $trustOptionsProvider
+    ) {
+        $this->idpEntityDescriptorStore = $idpEntityDescriptorStore;
+        $this->spEntityDescriptorStore = $spEntityDescriptorStore;
+        $this->trustOptionsProvider = $trustOptionsProvider;
+    }
+
+    /**
+     * @param ProfileContext $context
+     */
+    protected function doExecute(ProfileContext $context)
+    {
+        $partyContext = $context->getPartyEntityContext();
+
+        $partyEntityDescriptor = $this->getPartyEntityDescriptor($context);
+        $partyContext
+            ->setEntityId($partyEntityDescriptor->getEntityID())
+            ->setEntityDescriptor($partyEntityDescriptor);
+
+        $trustOptions = $this->trustOptionsProvider->get($partyContext->getEntityDescriptor()->getEntityID());
+        if (null === $trustOptions) {
+            $trustOptions = new TrustOptions();
+        }
+        $partyContext->setTrustOptions($trustOptions);
+    }
+
+    private function getPartyEntityDescriptor(ProfileContext $context)
+    {
+        $ssoSessionState = $context->getLogoutSsoSessionState();
+        $ownEntityId = $context->getOwnEntityDescriptor()->getEntityID();
+        $partyId = $ssoSessionState->getOtherPartyId($ownEntityId);
+
+        $partyEntityDescriptor = $this->findParty($partyId, [$this->idpEntityDescriptorStore, $this->spEntityDescriptorStore]);
+
+        if ($partyEntityDescriptor) {
+            return $partyEntityDescriptor;
+        }
+
+        throw new LightSamlContextException($context, sprintf('Unknown party "%s"', $partyId));
+    }
+
+    /**
+     * @param string                           $entityId
+     * @param EntityDescriptorStoreInterface[] $entityDescriptorStores
+     *
+     * @return \LightSaml\Model\Metadata\EntityDescriptor|null
+     */
+    private function findParty($entityId, array $entityDescriptorStores)
+    {
+        foreach ($entityDescriptorStores as $entityDescriptorStore) {
+            $entityDescriptor = $entityDescriptorStore->get($entityId);
+            if ($entityDescriptor) {
+                return $entityDescriptor;
+            }
+        }
+
+        return null;
+    }
+}
diff --git a/src/LightSaml/Logout/Builder/Action/Profile/SingleLogout/SloRequestActionBuilder.php b/src/LightSaml/Logout/Builder/Action/Profile/SingleLogout/SloRequestActionBuilder.php
@@ -11,8 +11,12 @@
 
 namespace LightSaml\Logout\Builder\Action\Profile\SingleLogout;
 
+use LightSaml\Action\Profile\Outbound\Message\CreateMessageIssuerAction;
+use LightSaml\Action\Profile\Outbound\Message\DestinationAction;
+use LightSaml\Action\Profile\Outbound\Message\ResolveEndpointSloAction;
 use LightSaml\Logout\Action\Profile\Outbound\LogoutRequest\CreateLogoutRequestAction;
 use LightSaml\Logout\Action\Profile\Outbound\LogoutRequest\LogoutResolveAction;
+use LightSaml\Logout\Action\Profile\Outbound\LogoutRequest\ResolveLogoutPartyAction;
 use LightSaml\Logout\Action\Profile\Outbound\LogoutRequest\SetNameIdAction;
 use LightSaml\Logout\Action\Profile\Outbound\LogoutRequest\SetNotOnOrAfterAction;
 use LightSaml\Action\Profile\Outbound\Message\MessageIdAction;
@@ -47,6 +51,21 @@ protected function doInitialize()
             $this->buildContainer->getSystemContainer()->getLogger(),
             $this->buildContainer->getSystemContainer()->getTimeProvider()
         ));
+        $proceedActionBuilder->add(new ResolveLogoutPartyAction(
+            $this->buildContainer->getPartyContainer()->getIdpEntityDescriptorStore(),
+            $this->buildContainer->getPartyContainer()->getSpEntityDescriptorStore(),
+            $this->buildContainer->getPartyContainer()->getTrustOptionsStore()
+        ));
+        $proceedActionBuilder->add(new ResolveEndpointSloAction(
+            $this->buildContainer->getSystemContainer()->getLogger(),
+            $this->buildContainer->getServiceContainer()->getEndpointResolver()
+        ));
+        $proceedActionBuilder->add(new DestinationAction(
+            $this->buildContainer->getSystemContainer()->getLogger()
+        ));
+        $proceedActionBuilder->add(new CreateMessageIssuerAction(
+            $this->buildContainer->getSystemContainer()->getLogger()
+        ));
         $proceedActionBuilder->add(new SetNameIdAction(
             $this->buildContainer->getSystemContainer()->getLogger()
         ));

diff --git a/src/LightSaml/Logout/Builder/Profile/WebBrowserSlo/SloRequestProfileBuilder.php b/src/LightSaml/Logout/Builder/Profile/WebBrowserSlo/SloRequestProfileBuilder.php
@@ -0,0 +1,44 @@
+<?php
+
+/*
+ * This file is part of the LightSAML-Logout package.
+ *
+ * (c) Milos Tomic <[email protected]>
+ *
+ * This source file is subject to the GPL-3 license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+namespace LightSaml\Logout\Builder\Profile\WebBrowserSlo;
+
+use LightSaml\Builder\Profile\AbstractProfileBuilder;
+use LightSaml\Context\Profile\ProfileContext;
+use LightSaml\Logout\Builder\Action\Profile\SingleLogout\SloRequestActionBuilder;
+use LightSaml\Logout\Profile\Profiles;
+
+class SloRequestProfileBuilder extends AbstractProfileBuilder
+{
+    /**
+     * @return string
+     */
+    protected function getProfileId()
+    {
+        return Profiles::SLO_SEND_LOGOUT_REQUEST;
+    }
+
+    /**
+     * @return string
+     */
+    protected function getProfileRole()
+    {
+        return ProfileContext::ROLE_NONE;
+    }
+
+    /**
+     * @return \LightSaml\Builder\Action\ActionBuilderInterface
+     */
+    protected function getActionBuilder()
+    {
+        return new SloRequestActionBuilder($this->container);
+    }
+}
diff --git a/src/LightSaml/Logout/Profile/Profiles.php b/src/LightSaml/Logout/Profile/Profiles.php
@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the LightSAML-Logout package.
+ *
+ * (c) Milos Tomic <[email protected]>
+ *
+ * This source file is subject to the GPL-3 license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+namespace LightSaml\Logout\Profile;
+
+class Profiles
+{
+    const SLO_SEND_LOGOUT_REQUEST = 'slo_send_logout_request';
+
+    private function __construct()
+    {
+    }
+}