1<?php 2/** 3 * This file is part of php-saml. 4 * 5 * (c) OneLogin Inc 6 * 7 * For the full copyright and license information, please view the LICENSE 8 * file that was distributed with this source code. 9 * 10 * @package OneLogin 11 * @author OneLogin Inc <saml-info@onelogin.com> 12 * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE 13 * @link https://github.com/onelogin/php-saml 14 */ 15 16namespace OneLogin\Saml2; 17 18/** 19 * Constants of OneLogin PHP Toolkit 20 * 21 * Defines all required constants 22 */ 23class Constants 24{ 25 // Value added to the current time in time condition validations 26 const ALLOWED_CLOCK_DRIFT = 180; // 3 min in seconds 27 28 // NameID Formats 29 const NAMEID_EMAIL_ADDRESS = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'; 30 const NAMEID_X509_SUBJECT_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName'; 31 const NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName'; 32 const NAMEID_UNSPECIFIED = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'; 33 const NAMEID_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos'; 34 const NAMEID_ENTITY = 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'; 35 const NAMEID_TRANSIENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'; 36 const NAMEID_PERSISTENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'; 37 const NAMEID_ENCRYPTED = 'urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted'; 38 39 // Attribute Name Formats 40 const ATTRNAME_FORMAT_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'; 41 const ATTRNAME_FORMAT_URI = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'; 42 const ATTRNAME_FORMAT_BASIC = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'; 43 44 // Namespaces 45 const NS_SAML = 'urn:oasis:names:tc:SAML:2.0:assertion'; 46 const NS_SAMLP = 'urn:oasis:names:tc:SAML:2.0:protocol'; 47 const NS_SOAP = 'http://schemas.xmlsoap.org/soap/envelope/'; 48 const NS_MD = 'urn:oasis:names:tc:SAML:2.0:metadata'; 49 const NS_XS = 'http://www.w3.org/2001/XMLSchema'; 50 const NS_XSI = 'http://www.w3.org/2001/XMLSchema-instance'; 51 const NS_XENC = 'http://www.w3.org/2001/04/xmlenc#'; 52 const NS_DS = 'http://www.w3.org/2000/09/xmldsig#'; 53 54 // Bindings 55 const BINDING_HTTP_POST = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'; 56 const BINDING_HTTP_REDIRECT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'; 57 const BINDING_HTTP_ARTIFACT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'; 58 const BINDING_SOAP = 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'; 59 const BINDING_DEFLATE = 'urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE'; 60 61 // Auth Context Class 62 const AC_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified'; 63 const AC_PASSWORD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'; 64 const AC_PASSWORD_PROTECTED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'; 65 const AC_X509 = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'; 66 const AC_SMARTCARD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard'; 67 const AC_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'; 68 const AC_WINDOWS = 'urn:federation:authentication:windows'; 69 const AC_TLS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient'; 70 71 // Subject Confirmation 72 const CM_BEARER = 'urn:oasis:names:tc:SAML:2.0:cm:bearer'; 73 const CM_HOLDER_KEY = 'urn:oasis:names:tc:SAML:2.0:cm:holder-of-key'; 74 const CM_SENDER_VOUCHES = 'urn:oasis:names:tc:SAML:2.0:cm:sender-vouches'; 75 76 // Status Codes 77 const STATUS_SUCCESS = 'urn:oasis:names:tc:SAML:2.0:status:Success'; 78 const STATUS_REQUESTER = 'urn:oasis:names:tc:SAML:2.0:status:Requester'; 79 const STATUS_RESPONDER = 'urn:oasis:names:tc:SAML:2.0:status:Responder'; 80 const STATUS_VERSION_MISMATCH = 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch'; 81 const STATUS_NO_PASSIVE = 'urn:oasis:names:tc:SAML:2.0:status:NoPassive'; 82 const STATUS_PARTIAL_LOGOUT = 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout'; 83 const STATUS_PROXY_COUNT_EXCEEDED = 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded'; 84} 85