<?php
/**
*
*
* @author Mathias Meisfjordskar, University of Oslo.
* <[email protected]>
* @package simpleSAMLphp
*/
$authStateId = $_REQUEST['AuthState'];
// sanitize the input
$sid = SimpleSAML_Utilities::parseStateID($authStateId);
if (!is_null($sid['url'])) {
SimpleSAML_Utilities::checkURLAllowed($sid['url']);
}
$state = SimpleSAML_Auth_State::loadState($authStateId, sspmod_negotiate_Auth_Source_Negotiate::STAGEID);
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted', 'metaindex');
$idpmeta = $metadata->getMetaData($idpid, 'saml20-idp-hosted');
if (isset($idpmeta['auth'])) {
$source = SimpleSAML_Auth_Source::getById($idpmeta['auth']);
if ($source === NULL)
throw new SimpleSAML_Error_BadRequest('Invalid AuthId "' . $idpmeta['auth'] . '" - not found.');
$session = SimpleSAML_Session::getSessionFromRequest();
$session->setData('negotiate:disable', 'session', FALSE, 24*60*60);
SimpleSAML_Logger::debug('Negotiate(retry) - session enabled, retrying.');
$source->authenticate($state);
assert('FALSE');
} else {
SimpleSAML_Logger::error('Negotiate - retry - no "auth" parameter found in IdP metadata.');
assert('FALSE');
}
|
Download
