1<?php 2 3/** 4 * Constants of OneLogin PHP Toolkit 5 * 6 * Defines all required constants 7 */ 8class OneLogin_Saml2_Constants 9{ 10 // Value added to the current time in time condition validations 11 const ALLOWED_CLOCK_DRIFT = 180; // 3 min in seconds 12 13 // NameID Formats 14 const NAMEID_EMAIL_ADDRESS = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'; 15 const NAMEID_X509_SUBJECT_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName'; 16 const NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName'; 17 const NAMEID_UNSPECIFIED = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'; 18 const NAMEID_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos'; 19 const NAMEID_ENTITY = 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'; 20 const NAMEID_TRANSIENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'; 21 const NAMEID_PERSISTENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'; 22 const NAMEID_ENCRYPTED = 'urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted'; 23 24 // Attribute Name Formats 25 const ATTRNAME_FORMAT_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'; 26 const ATTRNAME_FORMAT_URI = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'; 27 const ATTRNAME_FORMAT_BASIC = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'; 28 29 // Namespaces 30 const NS_SAML = 'urn:oasis:names:tc:SAML:2.0:assertion'; 31 const NS_SAMLP = 'urn:oasis:names:tc:SAML:2.0:protocol'; 32 const NS_SOAP = 'http://schemas.xmlsoap.org/soap/envelope/'; 33 const NS_MD = 'urn:oasis:names:tc:SAML:2.0:metadata'; 34 const NS_XS = 'http://www.w3.org/2001/XMLSchema'; 35 const NS_XSI = 'http://www.w3.org/2001/XMLSchema-instance'; 36 const NS_XENC = 'http://www.w3.org/2001/04/xmlenc#'; 37 const NS_DS = 'http://www.w3.org/2000/09/xmldsig#'; 38 39 // Bindings 40 const BINDING_HTTP_POST = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'; 41 const BINDING_HTTP_REDIRECT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'; 42 const BINDING_HTTP_ARTIFACT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'; 43 const BINDING_SOAP = 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'; 44 const BINDING_DEFLATE = 'urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE'; 45 46 // Auth Context Class 47 const AC_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified'; 48 const AC_PASSWORD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'; 49 const AC_PASSWORD_PROTECTED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'; 50 const AC_X509 = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'; 51 const AC_SMARTCARD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard'; 52 const AC_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'; 53 const AC_WINDOWS = 'urn:federation:authentication:windows'; 54 const AC_TLS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient'; 55 56 // Subject Confirmation 57 const CM_BEARER = 'urn:oasis:names:tc:SAML:2.0:cm:bearer'; 58 const CM_HOLDER_KEY = 'urn:oasis:names:tc:SAML:2.0:cm:holder-of-key'; 59 const CM_SENDER_VOUCHES = 'urn:oasis:names:tc:SAML:2.0:cm:sender-vouches'; 60 61 // Status Codes 62 const STATUS_SUCCESS = 'urn:oasis:names:tc:SAML:2.0:status:Success'; 63 const STATUS_REQUESTER = 'urn:oasis:names:tc:SAML:2.0:status:Requester'; 64 const STATUS_RESPONDER = 'urn:oasis:names:tc:SAML:2.0:status:Responder'; 65 const STATUS_VERSION_MISMATCH = 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch'; 66 const STATUS_NO_PASSIVE = 'urn:oasis:names:tc:SAML:2.0:status:NoPassive'; 67 const STATUS_PARTIAL_LOGOUT = 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout'; 68 const STATUS_PROXY_COUNT_EXCEEDED = 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded'; 69} 70