/** * @param AuthnRequest $request * @param ServiceProvider $serviceProvider * @return bool */ public function hasValidSignature(AuthnRequest $request, ServiceProvider $serviceProvider) { $this->logger->debug(sprintf('Extracting public keys for ServiceProvider "%s"', $serviceProvider->getEntityId())); $keys = $this->keyLoader->extractPublicKeys($serviceProvider); $this->logger->debug(sprintf('Found "%d" keys, filtering the keys to get X509 keys', $keys->count())); $x509Keys = $keys->filter(function (SAML2_Certificate_Key $key) { return $key instanceof SAML2_Certificate_X509; }); $this->logger->debug(sprintf('Found "%d" X509 keys, attempting to use each for signature verification', $x509Keys->count())); foreach ($x509Keys as $key) { if ($this->isSignedWith($request, $key)) { return true; } } $this->logger->debug('Signature could not be verified with any of the found X509 keys.'); return false; }
/** * @param SAML2_SignedElement $signedElement * @param SAML2_Configuration_CertificateProvider $configuration * * @return bool */ public function canValidate(SAML2_SignedElement $signedElement, SAML2_Configuration_CertificateProvider $configuration) { $this->configuredKeys = $this->keyLoader->extractPublicKeys($configuration); return !!count($this->configuredKeys); }