使用PHP解析SAML响应XML字符串

时间:2017-05-10 15:48:45

标签: php arrays xml parsing saml-2.0

我有

XML格式的字符串格式,我的目标是能够解析它并在我的应用程序中访问它。

$string = '<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://www.google.com/home" ID="id-JIsbctElqKWvJAWGBMF4JzCHxZk-" InResponseTo="ONELOGIN_1234567890" IssueInstant="2017-05-10T13:54:57Z" Version="2.0"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">google</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="id-asdfghjkl-" IssueInstant="2017-05-10T13:54:57Z" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">google</saml:Issuer><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI="#id-asdfghjkl-"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>7UEwFm4rmsYhCW+Py+2wsebt4mY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>KeoIv21bQ5SBKWBY8lewzdCSw/dWUsgwtkUNqBm9dU9kWNQTkxk7pCgkDTBH19naLyvvYMAjBlHxrdqyheYA3McJz7BJSkl7sM/VeIqjaU02LUMVlHpQ4mNwfZDzRqQy5N4wVZyCD8uwEKtG1koSs8xDUHSG2T+YT9Tc9gbUDkr0SzzMm9xG9fRU9+Sd+2WT/odCYtwSF2kvdm/zlnzBMxC6U+wQlD6J/HSZB5mynuFnjV/tJFvc0365bBTV+zp6cUBXqWXux/8Jhf5WmwiEUXlWuI40B07jAvtNu9efWg7fg1os5qAeifxYoNRWfNnXURtOhxQKIvOhQ17deqhHsw==</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFEDCCA/igAwIBAgISESGPUFv6nrdz9MQhPdUHogGNMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTUwNDA5MTUzODMyWhcNMTgwNjI1MDY0MjQ4WjBPMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxKjAoBgNVBAMTIXdsc09zYk1uZ2RWaXAudWF0LmNvcnAudGVsZW5ldC5iZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDItqITYRdhcWo8fmyo0ZUQwLfCwh7g8BwRA+EOlnMAKqtW0n/grBE4Zu8kAVT5ZIQ9AeU7I2MGANzK610jSfQmkGDISR1wYpCnk6oXq5hPpYGnRfFkTEo8wUpgPWsvrMTtEoLxEGuMee6+wNQUzl7PGLJFvL/pOPgOyci7J8vSgxePwDYTEBDktX9kgFPYqyUqPSrOxh72Zk+PVchyUX3sLR+gedq1VCiHIgpAEK23q/NVfQ0jDSiHZ2fNsYYvx7sTe/G+GL6v4gjlC6+y86xSyNdamxy/2dOla23iVD3hCWzjc5fzJNG79TiPemydujHTpX81xaQk9h1LPtbo0sMCAwEAAaOCAdMwggHPMA4GA1UdDwEB/wQEAwIFoDBJBgNVHSAEQjBAMD4GBmeBDAECATA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAsBgNVHREEJTAjgiF3bHNPc2JNbmdkVmlwLnVhdC5jb3JwLnRlbGVuZXQuYmUwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBTn4rHQ0Qw38ZL7VNmIJ5sXjEx/9TAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG9w0BAQsFAAOCAQEAHPtX/a/Ep81hVZqt1iJ7P+gGYihQ/ZIF3T2gd09bkIHV0TzcOB8VA3487SJz8BCBzKdKbgrx9+nnchX2VkaDZ6+2I34kDNs1wP9V9Eq2VJA7nt94KvjYe6n9bvnY/ROrSNJlTETMbDREjuXA+0Jxs3xHQPKToELddrQ9LcYL7dHD9CnTq+xI+ziWYUrIaO7UGsZwgkRkPEgm5rqrN0gv+0UQW0BkkmA3TnGeCWgQ1QQPwJK579ZpgdwUSANVt/1isdkS8flg+rPNQyc6pY1GLlWyXB9cqkEZljkx3cTVeJcMIJkpDN2DDiPx8/YOeApWNZ4oBU4dsqpHUY/1bPFj/g==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NameQualifier="google" SPNameQualifier="www.google.com">id-hwtuB2QcmJxMF6oz-xWKautEg0M-</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="ONELOGIN_1234567890" NotOnOrAfter="2017-05-10T14:09:57Z" Recipient="https://www.google.com/home"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2017-05-10T13:54:57Z" NotOnOrAfter="2017-05-10T13:59:57Z"><saml:AudienceRestriction><saml:Audience>www.google.com</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2017-05-10T13:54:57Z" SessionIndex="id-e2OGq-twtLY9cZ5vltazBP4TAnU-" SessionNotOnOrAfter="2017-05-10T14:54:57Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><saml:Attribute Name="roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xsi:type="xs:string">CN=(A) GOOGLE - Administrator,OU=Groups GOOGLE,OU=PROD,DC=uat,DC=nprd,DC=google,DC=be</saml:AttributeValue><saml:AttributeValue xsi:type="xs:string">CN=(A) GOOGLE - Read Only,OU=Groups GOOGLE,OU=PROD,DC=uat,DC=nprd,DC=google,DC=be</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>';

我检查了

我的XML字符串,它是有效的

http://codebeautify.org/xmlvalidator/cb0e01de

enter image description here

我试过

使用simplexml_load_file()和simplexml_load_string()

$xml = simplexml_load_file('/Applications/MAMP/htdocs/code/saml.xml');
$xml = simplexml_load_string($string);

DD($ XML);

我得到了

只能显示5个属性

SimpleXMLElement {#469 ▼
  +"@attributes": array:5 [▼
    "Destination" => "https://www.google.com/home"
    "ID" => "id-JIsbctElqKWvJAWGBMF4JzCHxZk-"
    "InResponseTo" => "ONELOGIN_1234567890"
    "IssueInstant" => "2017-05-10T13:54:57Z"
    "Version" => "2.0"
  ]
}

我不应该想要获得更多的领域吗?

我希望

有人可以对此有所了解。

这是正确的行为吗?

0 个答案:

没有答案
相关问题
最新问题