/**
* Tests the OneLogin_Saml_Metadata Constructor and the getXml method.
* Prepare the object to generate SAML Metadata (initialize settings)
* and then generate the Metadata with the getXML method.
*
* @covers OneLogin_Saml_Metadata
* @covers OneLogin_Saml_Metadata::getXml
*/
public function testMetadata()
{
$settingsDir = TEST_ROOT . '/settings/';
include $settingsDir . 'settings1.php';
$metadata = new OneLogin_Saml_Metadata($settingsInfo);
$xmlMetadata = $metadata->getXML();
$this->assertNotEmpty($xmlMetadata);
$dom = new DOMDocument();
$dom->loadXML($xmlMetadata);
$entityDescriptor = $dom->firstChild;
$this->assertEquals('md:EntityDescriptor', $entityDescriptor->tagName);
$this->assertTrue($entityDescriptor->hasAttribute('entityID'));
$this->assertEquals('http://stuff.com/endpoints/metadata.php', $entityDescriptor->getAttribute('entityID'));
$this->assertTrue($entityDescriptor->hasAttribute('validUntil'));
$this->assertTrue($entityDescriptor->hasAttribute('cacheDuration'));
$this->assertTrue(time() < strtotime($entityDescriptor->getAttribute('validUntil')));
$sspSSONodes = $entityDescriptor->getElementsByTagName('SPSSODescriptor');
$this->assertEquals(1, $sspSSONodes->length);
$spSSODescriptor = $sspSSONodes->item(0);
$this->assertTrue($spSSODescriptor->hasAttribute('AuthnRequestsSigned'));
$this->assertEquals("false", $spSSODescriptor->getAttribute('AuthnRequestsSigned'));
$this->assertTrue($spSSODescriptor->hasAttribute('WantAssertionsSigned'));
$this->assertEquals("false", $spSSODescriptor->getAttribute('WantAssertionsSigned'));
$this->assertTrue($spSSODescriptor->hasAttribute('protocolSupportEnumeration'));
$this->assertEquals("urn:oasis:names:tc:SAML:2.0:protocol", $spSSODescriptor->getAttribute('protocolSupportEnumeration'));
$nameIdNodes = $entityDescriptor->getElementsByTagName('NameIDFormat');
$this->assertEquals(1, $nameIdNodes->length);
$nameID = $nameIdNodes->item(0);
$nameIdNodes = $entityDescriptor->getElementsByTagName('NameIDFormat');
$this->assertEquals(1, $nameIdNodes->length);
$nameID = $nameIdNodes->item(0);
$this->assertEquals("urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified", $nameID->nodeValue);
$assertionConsumerServiceNodes = $entityDescriptor->getElementsByTagName('AssertionConsumerService');
$this->assertEquals(1, $assertionConsumerServiceNodes->length);
$acs = $assertionConsumerServiceNodes->item(0);
$this->assertTrue($acs->hasAttribute('Binding'));
$this->assertEquals('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', $acs->getAttribute('Binding'));
$this->assertTrue($acs->hasAttribute('Location'));
$this->assertEquals('http://stuff.com/endpoints/endpoints/acs.php', $acs->getAttribute('Location'));
$this->assertTrue($acs->hasAttribute('index'));
$this->assertEquals('1', $acs->getAttribute('index'));
$singleLogoutServiceNodes = $entityDescriptor->getElementsByTagName('SingleLogoutService');
$this->assertEquals(1, $singleLogoutServiceNodes->length);
$sls = $singleLogoutServiceNodes->item(0);
$this->assertTrue($sls->hasAttribute('Binding'));
$this->assertEquals('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', $sls->getAttribute('Binding'));
$this->assertTrue($sls->hasAttribute('Location'));
$this->assertEquals('http://stuff.com/endpoints/endpoints/sls.php', $sls->getAttribute('Location'));
}
<?php
/**
* SAMPLE Code to demonstrate how to handle a SAML assertion response.
*
* Your IdP will usually want your metadata, you can use this code to generate it once,
* or expose it on a URL so your IdP can check it periodically.
*/
error_reporting(E_ALL);
$settings = null;
require 'settings.php';
header('Content-Type: text/xml');
$samlMetadata = new OneLogin_Saml_Metadata($settings);
echo $samlMetadata->getXml();
