simplesamlphp
diff --git a/‎src/Binding/HTTPRedirect.php‎
Lines changed: 14 additions & 89 deletions b/‎src/Binding/HTTPRedirect.php‎
Lines changed: 14 additions & 89 deletions
@@ -123,41 +123,26 @@ public function send(AbstractMessage $message): ResponseInterface
      */
     public function receive(ServerRequestInterface $request): AbstractMessage
     {
-        $query = $this->parseQuery();
-        $signedQuery = $query['SignedQuery'];
-
-        /**
-         * Get the SAMLRequest/SAMLResponse from the exact same signed data that will be verified later in
-         * validateSignature into $res using the actual SignedQuery
-         */
-        $res = [];
-        foreach (explode('&', $signedQuery) as $e) {
-            $tmp = explode('=', $e, 2);
-            $name = $tmp[0];
-            if (count($tmp) === 2) {
-                $value = $tmp[1];
-            } else {
-                /* No value for this parameter. */
-                $value = '';
-            }
-            $name = urldecode($name);
-            $res[$name] = urldecode($value);
-        }
+        $query = $request->getQueryParams();
 
         /**
          * Put the SAMLRequest/SAMLResponse from the actual query string into $message,
          * and assert that the result from parseQuery() in $query and the parsing of the SignedQuery in $res agree
          */
-        if (array_key_exists('SAMLRequest', $res)) {
-            Assert::same($res['SAMLRequest'], $query['SAMLRequest'], 'Parse failure.');
-            $message = $res['SAMLRequest'];
-        } elseif (array_key_exists('SAMLResponse', $res)) {
-            Assert::same($res['SAMLResponse'], $query['SAMLResponse'], 'Parse failure.');
-            $message = $res['SAMLResponse'];
+        if (array_key_exists('SAMLRequest', $query)) {
+            $message = $query['SAMLRequest'];
+            $signedQuery = 'SAMLRequest=' . urlencode($query['SAMLRequest']);
+        } elseif (array_key_exists('SAMLResponse', $query)) {
+            $message = $query['SAMLResponse'];
+            $signedQuery = 'SAMLResponse=' . urlencode($query['SAMLResponse']);
         } else {
             throw new Exception('Missing SAMLRequest or SAMLResponse parameter.');
         }
 
+        if (array_key_exists('SAMLRequest', $query) && array_key_exists('SAMLResponse', $query)) {
+            throw new Exception('Both SAMLRequest and SAMLResponse provided.');
+        }
+
         if (isset($query['SAMLEncoding']) && $query['SAMLEncoding'] !== C::BINDING_HTTP_REDIRECT_DEFLATE) {
             throw new Exception(sprintf('Unknown SAMLEncoding: %s', $query['SAMLEncoding']));
         }
@@ -178,6 +163,7 @@ public function receive(ServerRequestInterface $request): AbstractMessage
 
         if (array_key_exists('RelayState', $query)) {
             $this->setRelayState($query['RelayState']);
+            $signedQuery .= '&RelayState=' . urlencode($query['RelayState']);
         }
 
         if (!array_key_exists('Signature', $query)) {
@@ -196,6 +182,8 @@ public function receive(ServerRequestInterface $request): AbstractMessage
 
         if (!array_key_exists('SigAlg', $query)) {
             throw new Exception('Missing signature algorithm.');
+        } else {
+            $signedQuery .= '&SigAlg=' . urlencode($query['SigAlg']);
         }
 
         $container = ContainerSingleton::getInstance();
@@ -212,67 +200,4 @@ public function receive(ServerRequestInterface $request): AbstractMessage
 
         return $message;
     }
-
-
-    /**
-     * Helper function to parse query data.
-     *
-     * This function returns the query string split into key=>value pairs.
-     * It also adds a new parameter, SignedQuery, which contains the data that is
-     * signed.
-     *
-     * @return array The query data that is signed.
-     * @throws \Exception
-     */
-    private static function parseQuery(): array
-    {
-        /*
-         * Parse the query string. We need to do this ourself, so that we get access
-         * to the raw (urlencoded) values. This is required because different software
-         * can urlencode to different values.
-         */
-        $data = [];
-        $relayState = '';
-        $sigAlg = '';
-        $sigQuery = '';
-
-        foreach (explode('&', $_SERVER['QUERY_STRING']) as $e) {
-            $tmp = explode('=', $e, 2);
-            $name = $tmp[0];
-            if (count($tmp) === 2) {
-                $value = $tmp[1];
-            } else {
-                /* No value for this parameter. */
-                $value = '';
-            }
-
-            $name = urldecode($name);
-            // Prevent keys from being set more than once
-            if (array_key_exists($name, $data)) {
-                throw new Exception('Duplicate parameter.');
-            }
-            $data[$name] = urldecode($value);
-
-            switch ($name) {
-                case 'SAMLRequest':
-                case 'SAMLResponse':
-                    $sigQuery = $name . '=' . $value;
-                    break;
-                case 'RelayState':
-                    $relayState = '&RelayState=' . $value;
-                    break;
-                case 'SigAlg':
-                    $sigAlg = '&SigAlg=' . $value;
-                    break;
-            }
-        }
-
-        if (array_key_exists('SAMLRequest', $data) && array_key_exists('SAMLResponse', $data)) {
-                throw new Exception('Both SAMLRequest and SAMLResponse provided.');
-        }
-
-        $data['SignedQuery'] = $sigQuery . $relayState . $sigAlg;
-
-        return $data;
-    }
 }