OneLogin_Saml2_Response

SAML 2 Authentication Response

Methods

Constructs the SAML Response object.

__construct(\OneLogin_Saml2_Settings $settings, string $response) 

Arguments

$settings

\OneLogin_Saml2_Settings

Settings.

$response

string

A UUEncoded SAML response from the IdP.

Determines if the SAML Response is valid using the certificate.

isValid(string $requestId = null) : bool
throws

Arguments

$requestId

string

The ID of the AuthNRequest sent by this SP to the IdP

Response

bool

Validate the document

Checks if the Status is success

checkStatus() 
throws

If status is not success

Gets the audiences.

getAudiences() : array

Response

array

@audience The valid audiences of the response

Gets the Issuers (from Response and Assertion).

getIssuers() : array

Response

array

@issuers The issuers of the assertion/response

Gets the NameID Data provided by the SAML response from the IdP.

getNameIdData() : array

Response

array

Name ID Data (Value, Format, NameQualifier, SPNameQualifier)

Gets the NameID provided by the SAML response from the IdP.

getNameId() : string

Response

string

Name ID Value

Gets the SessionNotOnOrAfter from the AuthnStatement.

getSessionNotOnOrAfter() : \DateTime|null

Could be used to set the local session expiration

Response

\DateTime|null

The SessionNotOnOrAfter value

Gets the SessionIndex from the AuthnStatement.

getSessionIndex() : string|null

Could be used to be stored in the local session in order to be used in a future Logout Request that the SP could send to the SP, to set what specific session must be deleted

Response

string|null

The SessionIndex value

Gets the Attributes from the AttributeStatement element.

getAttributes() : array

Response

array

The attributes of the SAML Assertion

Verifies that the document only contains a single Assertion (encrypted or not).

validateNumAssertions() : bool

Response

bool

TRUE if the document passes.

Verifies that the document is still valid according Conditions Element.

validateTimestamps() : bool

Response

bool

After execute a validation process, if fails this method returns the cause.

getError() : string

Response

string

Cause

Extracts a node from the DOMDocument (Assertion).

_queryAssertion(string $assertionXpath) : \DOMNodeList
throws

Arguments

$assertionXpath

string

Xpath Expresion

Response

\DOMNodeList

The queried node

Extracts nodes that match the query from the DOMDocument (Response Menssage)

_query(string $query) : \DOMNodeList

Arguments

$query

string

Xpath Expresion

Response

\DOMNodeList

The queried nodes

Decrypts the Assertion (DOMDocument)

_decryptAssertion(string $dom) : \DOMDocument
throws

Arguments

$dom

string

DomDocument

Response

\DOMDocument

Decrypted Assertion

Properties

Settings

_settings : \OneLogin_Saml2_Settings
var

Type(s)

\OneLogin_Saml2_Settings

The decoded, unprocessed XML response provided to the constructor.

response : string
var

Type(s)

string

A DOMDocument class loaded from the SAML Response.

document : \DomDocument
var

Type(s)

\DomDocument

A DOMDocument class loaded from the SAML Response (Decrypted).

decryptedDocument : \DomDocument
var

Type(s)

\DomDocument

The response contains an encrypted assertion.

encrypted : boolean
var

Type(s)

boolean