public function test_deserialize_response01()
{
$context = new DeserializationContext();
$context->getDocument()->load(__DIR__ . '/../../../../../../resources/sample/Response/response01.xml');
$response = new Response();
$response->deserialize($context->getDocument(), $context);
$this->assertEquals('_c34b38b9-5da6-4ee8-af49-2af20423d8f5', $response->getID());
$this->assertEquals('2.0', $response->getVersion());
$this->assertEquals('2013-10-27T11:55:37Z', $response->getIssueInstantString());
$this->assertEquals('https://mt.evo.team/simplesaml/module.php/saml/sp/saml2-acs.php/b1', $response->getDestination());
$this->assertEquals(SamlConstants::CONSENT_UNSPECIFIED, $response->getConsent());
$this->assertEquals('_513cb532f91881ffdcf054a573826f831cc1603241', $response->getInResponseTo());
$this->assertNotNull($response->getIssuer());
$this->assertEquals('https://B1.bead.loc/adfs/services/trust', $response->getIssuer()->getValue());
$this->assertNotNull($response->getStatus());
$this->assertEquals(SamlConstants::STATUS_SUCCESS, $response->getStatus()->getStatusCode()->getValue());
$this->assertCount(1, $response->getAllAssertions());
$as = $response->getFirstAssertion();
$this->assertNotNull($as);
$this->assertEquals('_3ba23925-e43d-4c98-ac99-a05dce99d505', $as->getId());
$this->assertEquals('2013-10-27T11:55:37Z', $as->getIssueInstantString());
$this->assertEquals('2.0', $as->getVersion());
$this->assertNotNull($as->getIssuer());
$this->assertEquals('https://B1.bead.loc/adfs/services/trust', $as->getIssuer()->getValue());
$this->assertNotNull($as->getSubject());
$this->assertEquals(SamlConstants::NAME_ID_FORMAT_TRANSIENT, $as->getSubject()->getNameID()->getFormat());
$this->assertEquals('*****@*****.**', $as->getSubject()->getNameID()->getValue());
$this->assertCount(1, $as->getSubject()->getAllSubjectConfirmations());
$sc = $as->getSubject()->getFirstSubjectConfirmation();
$this->assertEquals(SamlConstants::CONFIRMATION_METHOD_BEARER, $sc->getMethod());
$this->assertEquals('_513cb532f91881ffdcf054a573826f831cc1603241', $sc->getSubjectConfirmationData()->getInResponseTo());
$this->assertEquals('2013-10-27T12:00:37Z', $sc->getSubjectConfirmationData()->getNotOnOrAfterString());
$this->assertEquals('https://mt.evo.team/simplesaml/module.php/saml/sp/saml2-acs.php/b1', $sc->getSubjectConfirmationData()->getRecipient());
$this->assertNotNull($as->getConditions());
$this->assertEquals('2013-10-27T11:55:37Z', $as->getConditions()->getNotBeforeString());
$this->assertEquals('2013-10-27T12:55:37Z', $as->getConditions()->getNotOnOrAfterString());
$this->assertCount(1, $as->getConditions()->getFirstAudienceRestriction()->getAllAudience());
$this->assertTrue($as->getConditions()->getFirstAudienceRestriction()->hasAudience('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/b1'));
$this->assertCount(1, $as->getFirstAttributeStatement()->getAllAttributes());
$attr = $as->getFirstAttributeStatement()->getFirstAttributeByName(ClaimTypes::COMMON_NAME);
$this->assertNotNull($attr);
$this->assertEquals(ClaimTypes::COMMON_NAME, $attr->getName());
$this->assertCount(1, $attr->getAllAttributeValues());
$this->assertEquals('*****@*****.**', $attr->getFirstAttributeValue());
$this->assertEquals('2013-10-27T11:55:36Z', $as->getFirstAuthnStatement()->getAuthnInstantString());
$this->assertEquals('_3ba23925-e43d-4c98-ac99-a05dce99d505', $as->getFirstAuthnStatement()->getSessionIndex());
$this->assertEquals(SamlConstants::AUTHN_CONTEXT_WINDOWS, $as->getFirstAuthnStatement()->getAuthnContext()->getAuthnContextClassRef());
$this->assertNotNull($as->getSignature());
/** @var SignatureXmlReader $sig */
$sig = $as->getSignature();
$this->assertInstanceOf('LightSaml\\Model\\XmlDSig\\SignatureXmlReader', $sig);
$arrCertificates = $sig->getAllCertificates();
$this->assertCount(1, $arrCertificates);
$certificate = (new X509Certificate())->setData($arrCertificates[0]);
$sig->validate(KeyHelper::createPublicKey($certificate));
}
/**
* @dataProvider resolves_credentials_for_own_entity_id_party_role_and_encryption_usage_provider
*/
public function test_resolves_credentials_and_decrypts_assertions($ownRole, $expectedMetadataCriteria)
{
$action = new DecryptAssertionsAction($loggerMock = TestHelper::getLoggerMock($this), $credentialResolverMock = $this->getCredentialResolverMock());
$context = new ProfileContext(Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST, $ownRole);
$context->getOwnEntityContext()->setEntityDescriptor(new EntityDescriptor($entityId = 'http://entity.id'));
$context->getInboundContext()->setMessage($response = new Response());
$response->addEncryptedAssertion($encryptedAssertionMock1 = $this->getEncryptedAssertionReaderMock());
$encryptedAssertionMock1->expects($this->once())->method('decryptMultiAssertion')->willReturn($decryptedAssertion = new Assertion());
$credentialResolverMock->expects($this->once())->method('query')->willReturn($query = new CredentialResolverQuery($credentialResolverMock));
$credentialResolverMock->expects($this->once())->method('resolve')->with($query)->willReturn($credentials = [$credentialMock1 = $this->getCredentialMock()]);
$credentialMock1->expects($this->any())->method('getPrivateKey')->willReturn($privateKey = new XMLSecurityKey(XMLSecurityKey::TRIPLEDES_CBC));
$action->execute($context);
$this->assertTrue($query->has(EntityIdCriteria::class));
$this->assertEquals($entityId, $query->getSingle(EntityIdCriteria::class)->getEntityId());
$this->assertTrue($query->has(MetadataCriteria::class));
$this->assertEquals($expectedMetadataCriteria, $query->getSingle(MetadataCriteria::class)->getMetadataType());
$this->assertTrue($query->has(UsageCriteria::class));
$this->assertEquals(UsageType::ENCRYPTION, $query->getSingle(UsageCriteria::class)->getUsage());
$this->assertCount(1, $response->getAllAssertions());
$this->assertSame($decryptedAssertion, $response->getFirstAssertion());
}
