/** * @param \SAML2\Response $response * * @return \SAML2\Assertion[] */ private function processAssertions(Response $response) { $assertions = $response->getAssertions(); if (empty($assertions)) { throw new NoAssertionsFoundException('No assertions found in response from IdP.'); } if (!$this->responseIsSigned) { foreach ($assertions as $assertion) { if (!$assertion->getWasSignedAtConstruction()) { throw new UnsignedResponseException('Both the response and the assertion it containes are not signed.'); } } } return $this->assertionProcessor->processAssertions($assertions); }
/** * @return \SAML2\Response */ private function getSignedResponseWithSignedAssertion() { $doc = new \DOMDocument(); $doc->load(__DIR__ . '/response.xml'); $response = new Response($doc->firstChild); $response->setSignatureKey(CertificatesMock::getPrivateKey()); $response->setCertificates(array(CertificatesMock::PUBLIC_KEY_PEM)); $assertions = $response->getAssertions(); $assertion = $assertions[0]; $assertion->setSignatureKey(CertificatesMock::getPrivateKey()); $assertion->setCertificates(array(CertificatesMock::PUBLIC_KEY_PEM)); return new Response($response->toSignedXML()); }