1<?php
2
3/**
4 * Holds SAML settings for the SamlResponse and SamlAuthRequest classes.
5 *
6 * These settings need to be filled in by the user prior to being used.
7 */
8class OneLogin_Saml_Settings
9{
10    const NAMEID_EMAIL_ADDRESS                 = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress';
11    const NAMEID_X509_SUBJECT_NAME             = 'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName';
12    const NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName';
13    const NAMEID_KERBEROS   = 'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos';
14    const NAMEID_ENTITY     = 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity';
15    const NAMEID_TRANSIENT  = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient';
16    const NAMEID_PERSISTENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent';
17
18    /**
19     * The URL to submit SAML authentication requests to.
20     * @var string
21     */
22    public $idpSingleSignOnUrl = '';
23
24    /**
25     * The URL to submit SAML Logout Request to.
26     * @var string
27     */
28    public $idpSingleLogOutUrl = '';
29
30    /**
31     * The x509 certificate used to authenticate the request.
32     * @var string
33     */
34    public $idpPublicCertificate = '';
35
36    /**
37     * The URL where to the SAML Response/SAML Assertion will be posted.
38     * @var string
39     */
40    public $spReturnUrl = '';
41
42    /**
43     * The name of the application.
44     * @var string
45     */
46    public $spIssuer = 'php-saml';
47
48    /**
49     * Specifies what format to return the authentication token, i.e, the email address.
50     * @var string
51     */
52    public $requestedNameIdFormat = self::NAMEID_EMAIL_ADDRESS;
53
54    /**
55     * @return array<string,array> Values (compatibility with the new version)
56     */
57    public function getValues()
58    {
59        $values = array();
60
61        $values['sp'] = array();
62        $values['sp']['entityId'] = $this->spIssuer;
63        $values['sp']['assertionConsumerService'] = array(
64            'url' => $this->spReturnUrl,
65        );
66        $values['sp']['NameIDFormat'] = $this->requestedNameIdFormat;
67
68        $values['idp'] = array();
69        $values['idp']['entityId'] = $this->idpSingleSignOnUrl;
70        $values['idp']['singleSignOnService'] = array(
71            'url' => $this->idpSingleSignOnUrl,
72        );
73        $values['idp']['singleLogoutService'] = array(
74            'url' => $this->idpSingleLogOutUrl,
75        );
76        $values['idp']['x509cert'] = $this->idpPublicCertificate;
77
78        return $values;
79    }
80}
81