/**
* Constructor for SAML 2 logout request messages.
*
* @param DOMElement|NULL $xml The input message.
* @throws Exception
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('LogoutRequest', $xml);
$this->sessionIndexes = array();
if ($xml === NULL) {
return;
}
if ($xml->hasAttribute('NotOnOrAfter')) {
$this->notOnOrAfter = SAML2_Utils::xsDateTimeToTimestamp($xml->getAttribute('NotOnOrAfter'));
}
$nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData');
if (empty($nameId)) {
throw new Exception('Missing <saml:NameID> or <saml:EncryptedID> in <samlp:LogoutRequest>.');
} elseif (count($nameId) > 1) {
throw new Exception('More than one <saml:NameID> or <saml:EncryptedD> in <samlp:LogoutRequest>.');
}
$nameId = $nameId[0];
if ($nameId->localName === 'EncryptedData') {
/* The NameID element is encrypted. */
$this->encryptedNameId = $nameId;
} else {
$this->nameId = SAML2_Utils::parseNameId($nameId);
}
$sessionIndexes = SAML2_Utils::xpQuery($xml, './saml_protocol:SessionIndex');
foreach ($sessionIndexes as $sessionIndex) {
$this->sessionIndexes[] = trim($sessionIndex->textContent);
}
}
public function testMarshalling()
{
$attributeQuery = new SAML2_AttributeQuery();
$attributeQuery->setNameID(array('Value' => 'NameIDValue'));
$attributeQuery->setAttributes(array('test1' => array('test1_attrv1', 'test1_attrv2'), 'test2' => array('test2_attrv1', 'test2_attrv2', 'test2_attrv3'), 'test3' => array()));
$attributeQueryElement = $attributeQuery->toUnsignedXML();
// Test Attribute Names
$attributes = SAML2_Utils::xpQuery($attributeQueryElement, './saml_assertion:Attribute');
$this->assertCount(3, $attributes);
$this->assertEquals('test1', $attributes[0]->getAttribute('Name'));
$this->assertEquals('test2', $attributes[1]->getAttribute('Name'));
$this->assertEquals('test3', $attributes[2]->getAttribute('Name'));
// Test Attribute Values for Attribute 1
$av1 = SAML2_Utils::xpQuery($attributes[0], './saml_assertion:AttributeValue');
$this->assertCount(2, $av1);
$this->assertEquals('test1_attrv1', $av1[0]->textContent);
$this->assertEquals('test1_attrv2', $av1[1]->textContent);
// Test Attribute Values for Attribute 2
$av2 = SAML2_Utils::xpQuery($attributes[1], './saml_assertion:AttributeValue');
$this->assertCount(3, $av2);
$this->assertEquals('test2_attrv1', $av2[0]->textContent);
$this->assertEquals('test2_attrv2', $av2[1]->textContent);
$this->assertEquals('test2_attrv3', $av2[2]->textContent);
// Test Attribute Values for Attribute 3
$av3 = SAML2_Utils::xpQuery($attributes[2], './saml_assertion:AttributeValue');
$this->assertCount(0, $av3);
}
/**
* Constructor for SAML 2 response messages.
*
* @param string $tagName The tag name of the root element.
* @param DOMElement|NULL $xml The input message.
*/
protected function __construct($tagName, DOMElement $xml = NULL)
{
parent::__construct($tagName, $xml);
$this->status = array('Code' => SAML2_Const::STATUS_SUCCESS, 'SubCode' => NULL, 'Message' => NULL);
if ($xml === NULL) {
return;
}
if ($xml->hasAttribute('InResponseTo')) {
$this->inResponseTo = $xml->getAttribute('InResponseTo');
}
$status = SAML2_Utils::xpQuery($xml, './saml_protocol:Status');
if (empty($status)) {
throw new Exception('Missing status code on response.');
}
$status = $status[0];
$statusCode = SAML2_Utils::xpQuery($status, './saml_protocol:StatusCode');
if (empty($statusCode)) {
throw new Exception('Missing status code in status element.');
}
$statusCode = $statusCode[0];
$this->status['Code'] = $statusCode->getAttribute('Value');
$subCode = SAML2_Utils::xpQuery($statusCode, './saml_protocol:StatusCode');
if (!empty($subCode)) {
$this->status['SubCode'] = $subCode[0]->getAttribute('Value');
}
$message = SAML2_Utils::xpQuery($status, './saml_protocol:StatusMessage');
if (!empty($message)) {
$this->status['Message'] = trim($message[0]->textContent);
}
}
/**
* Create a ECP Request element.
*
* @param DOMElement|NULL $xml The XML element we should load.
*/
public function __construct(DOMElement $xml = NULL)
{
if ($xml === NULL) {
return;
}
if ($this->checkXML($xml) !== TRUE) {
throw new Exception($this->checkXML($xml));
}
if ($xml->hasAttribute('ProviderName')) {
$this->ProviderName = $xml->getAttribute('ProviderName');
}
$this->IsPassive = SAML2_Utils::parseBoolean($xml, 'IsPassive', NULL);
$issuer = SAML2_Utils::xpQuery($xml, './saml_assertion:Issuer');
if (empty($issuer)) {
throw new Exception('Missing <saml:Issuer> in <ecp:Request>.');
} elseif (count($issuer) > 1) {
throw new Exception('More than one <saml:Issuer> in <ecp:Request>.');
}
$this->Issuer = trim($issuer[0]->textContent);
$idpList = SAML2_Utils::xpQuery($xml, './saml_protocol:IDPList');
if (count($idpList) === 1) {
$this->IDPList = new SAML2_XML_samlp_IDPList($idpList[0]);
} elseif (count($idpList) > 1) {
throw new Exception('More than one <samlp:IDPList> in ECP Request.');
}
}
public function testUnmarshalling()
{
$mdNamespace = SAML2_Const::NS_MD;
$document = SAML2_DOMDocumentFactory::fromString(<<<XML
<md:Test xmlns:md="{$mdNamespace}" Binding="urn:something" Location="https://whatever/" xmlns:test="urn:test" test:attr="value" />
XML
);
$endpointType = new SAML2_XML_md_EndpointType($document->firstChild);
$this->assertEquals(TRUE, $endpointType->hasAttributeNS('urn:test', 'attr'));
$this->assertEquals('value', $endpointType->getAttributeNS('urn:test', 'attr'));
$this->assertEquals(FALSE, $endpointType->hasAttributeNS('urn:test', 'invalid'));
$this->assertEquals('', $endpointType->getAttributeNS('urn:test', 'invalid'));
$endpointType->removeAttributeNS('urn:test', 'attr');
$this->assertEquals(FALSE, $endpointType->hasAttributeNS('urn:test', 'attr'));
$this->assertEquals('', $endpointType->getAttributeNS('urn:test', 'attr'));
$endpointType->setAttributeNS('urn:test2', 'test2:attr2', 'value2');
$this->assertEquals('value2', $endpointType->getAttributeNS('urn:test2', 'attr2'));
$document->loadXML('<root />');
$endpointTypeElement = $endpointType->toXML($document->firstChild, 'md:Test');
$endpointTypeElements = SAML2_Utils::xpQuery($endpointTypeElement, '/root/saml_metadata:Test');
$this->assertCount(1, $endpointTypeElements);
$endpointTypeElement = $endpointTypeElements[0];
$this->assertEquals('value2', $endpointTypeElement->getAttributeNS('urn:test2', 'attr2'));
$this->assertEquals(FALSE, $endpointTypeElement->hasAttributeNS('urn:test', 'attr'));
}
/**
* Initialize an EntitiesDescriptor.
*
* @param DOMElement|NULL $xml The XML element we should load.
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct($xml);
if ($xml === NULL) {
return;
}
if ($xml->hasAttribute('ID')) {
$this->ID = $xml->getAttribute('ID');
}
if ($xml->hasAttribute('validUntil')) {
$this->validUntil = SAML2_Utils::xsDateTimeToTimestamp($xml->getAttribute('validUntil'));
}
if ($xml->hasAttribute('cacheDuration')) {
$this->cacheDuration = $xml->getAttribute('cacheDuration');
}
if ($xml->hasAttribute('Name')) {
$this->Name = $xml->getAttribute('Name');
}
$this->Extensions = SAML2_XML_md_Extensions::getList($xml);
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:EntityDescriptor|./saml_metadata:EntitiesDescriptor') as $node) {
if ($node->localName === 'EntityDescriptor') {
$this->children[] = new SAML2_XML_md_EntityDescriptor($node);
} else {
$this->children[] = new SAML2_XML_md_EntitiesDescriptor($node);
}
}
}
public function testMarshalling()
{
$indexedEndpointType = new SAML2_XML_md_IndexedEndpointType();
$indexedEndpointType->Binding = 'TestBinding';
$indexedEndpointType->Location = 'TestLocation';
$indexedEndpointType->index = 42;
$indexedEndpointType->isDefault = FALSE;
$document = SAML2_DOMDocumentFactory::fromString('<root />');
$indexedEndpointTypeElement = $indexedEndpointType->toXML($document->firstChild, 'md:Test');
$indexedEndpointElements = SAML2_Utils::xpQuery($indexedEndpointTypeElement, '/root/saml_metadata:Test');
$this->assertCount(1, $indexedEndpointElements);
$indexedEndpointElement = $indexedEndpointElements[0];
$this->assertEquals('TestBinding', $indexedEndpointElement->getAttribute('Binding'));
$this->assertEquals('TestLocation', $indexedEndpointElement->getAttribute('Location'));
$this->assertEquals('42', $indexedEndpointElement->getAttribute('index'));
$this->assertEquals('false', $indexedEndpointElement->getAttribute('isDefault'));
$indexedEndpointType->isDefault = TRUE;
$document->loadXML('<root />');
$indexedEndpointTypeElement = $indexedEndpointType->toXML($document->firstChild, 'md:Test');
$indexedEndpointTypeElement = SAML2_Utils::xpQuery($indexedEndpointTypeElement, '/root/saml_metadata:Test');
$this->assertCount(1, $indexedEndpointTypeElement);
$this->assertEquals('true', $indexedEndpointTypeElement[0]->getAttribute('isDefault'));
$indexedEndpointType->isDefault = NULL;
$document->loadXML('<root />');
$indexedEndpointTypeElement = $indexedEndpointType->toXML($document->firstChild, 'md:Test');
$indexedEndpointTypeElement = SAML2_Utils::xpQuery($indexedEndpointTypeElement, '/root/saml_metadata:Test');
$this->assertCount(1, $indexedEndpointTypeElement);
$this->assertTrue(!$indexedEndpointTypeElement[0]->hasAttribute('isDefault'));
}
/**
* Get a list of Extensions in the given element.
*
* @param DOMElement $parent The element that may contain the samlp:Extensions element.
* @return array Array of extensions.
*/
public static function getList(DOMElement $parent)
{
$ret = array();
foreach (SAML2_Utils::xpQuery($parent, './saml_protocol:Extensions/*') as $node) {
$ret[] = new SAML2_XML_Chunk($node);
}
return $ret;
}
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('ArtifactResolve', $xml);
if (!is_null($xml)) {
$results = SAML2_Utils::xpQuery($xml, './saml_protocol:Artifact');
$this->artifact = $results[0]->textContent;
}
}
/**
* Retrieve the value of a child DOMElements as an array of strings.
*
* @param DOMElement $parent The parent element.
* @param string $name The name of the child elements.
* @return array The value of the child elements.
*/
private static function getStringElements(DOMElement $parent, $name)
{
assert('is_string($name)');
$e = SAML2_Utils::xpQuery($parent, './saml_metadata:' . $name);
$ret = array();
foreach ($e as $i) {
$ret[] = $i->textContent;
}
return $ret;
}
/**
* Receive a SAML 2 message sent using the HTTP-POST binding.
*
* Throws an exception if it is unable receive the message.
*
* @return SAML2_Message The received message.
* @throws Exception
*/
public function receive()
{
$postText = file_get_contents('php://input');
if (empty($postText)) {
throw new Exception('Invalid message received to AssertionConsumerService endpoint.');
}
$document = SAML2_DOMDocumentFactory::fromString($postText);
$xml = $document->firstChild;
SAML2_Utils::getContainer()->debugMessage($xml, 'in');
$results = SAML2_Utils::xpQuery($xml, '/soap-env:Envelope/soap-env:Body/*[1]');
return SAML2_Message::fromXML($results[0]);
}
/**
* Create a DiscoHints element.
*
* @param DOMElement|NULL $xml The XML element we should load.
*/
public function __construct(DOMElement $xml = NULL)
{
if ($xml === NULL) {
return;
}
$this->IPHint = SAML2_Utils::extractStrings($xml, self::NS, 'IPHint');
$this->DomainHint = SAML2_Utils::extractStrings($xml, self::NS, 'DomainHint');
$this->GeolocationHint = SAML2_Utils::extractStrings($xml, self::NS, 'GeolocationHint');
foreach (SAML2_Utils::xpQuery($xml, "./*[namespace-uri()!='" . self::NS . "']") as $node) {
$this->children[] = new SAML2_XML_Chunk($node);
}
}
/**
* Test querying a SAML XML document.
*/
public function testXpQuery()
{
$aq = new SAML2_AttributeQuery();
$aq->setNameID(array('Value' => 'NameIDValue', 'Format' => 'SomeNameIDFormat', 'NameQualifier' => 'OurNameQualifier', 'SPNameQualifier' => 'TheSPNameQualifier'));
$xml = $aq->toUnsignedXML();
$nameID = SAML2_Utils::xpQuery($xml, './saml_assertion:Subject/saml_assertion:NameID');
$this->assertTrue(count($nameID) === 1);
$this->assertEquals('SomeNameIDFormat', $nameID[0]->getAttribute("Format"));
$this->assertEquals('OurNameQualifier', $nameID[0]->getAttribute("NameQualifier"));
$this->assertEquals('TheSPNameQualifier', $nameID[0]->getAttribute("SPNameQualifier"));
$this->assertEquals('NameIDValue', $nameID[0]->textContent);
}
/**
* Test that signatures no longer validate if the value has been tampered with.
*/
public function testValidateWithValueTampering()
{
// Test modification of SignatureValue.
$signedMockElementCopy = SAML2_Utils::copyElement($this->signedMockElement);
$signedMockElementCopy->ownerDocument->appendChild($signedMockElementCopy);
$digestValueElements = SAML2_Utils::xpQuery($signedMockElementCopy, '/root/ds:Signature/ds:SignatureValue');
$this->assertCount(1, $digestValueElements);
$digestValueElements[0]->firstChild->data = 'invalid';
$tmp = new SAML2_SignedElementHelperMock($signedMockElementCopy);
$this->setExpectedException('Exception', 'Unable to validate Signature');
$tmp->validate(SAML2_CertificatesMock::getPublicKey());
}
/**
* Receive a SAML 2 message sent using the HTTP-POST binding.
*
* Throws an exception if it is unable receive the message.
*
* @return SAML2_Message The received message.
*/
public function receive()
{
$postText = file_get_contents('php://input');
if (empty($postText)) {
throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.');
}
$document = new DOMDocument();
$document->loadXML($postText);
$xml = $document->firstChild;
$results = SAML2_Utils::xpQuery($xml, '/soap-env:Envelope/soap-env:Body/*[1]');
return SAML2_Message::fromXML($results[0]);
}
public function testMarshalling()
{
$response = new SAML2_Response();
$response->setConsent(SAML2_Const::CONSENT_EXPLICIT);
$response->setIssuer('SomeIssuer');
$responseElement = $response->toUnsignedXML();
$this->assertTrue($responseElement->hasAttribute('Consent'));
$this->assertEquals($responseElement->getAttribute('Consent'), SAML2_Const::CONSENT_EXPLICIT);
$issuerElements = SAML2_Utils::xpQuery($responseElement, './saml_assertion:Issuer');
$this->assertCount(1, $issuerElements);
$this->assertEquals('SomeIssuer', $issuerElements[0]->textContent);
}
public function testMarshalling()
{
$document = SAML2_DOMDocumentFactory::fromString('<root/>');
$additionalMetadataLocation = new SAML2_XML_md_AdditionalMetadataLocation();
$additionalMetadataLocation->namespace = 'NamespaceAttribute';
$additionalMetadataLocation->location = 'TheLocation';
$additionalMetadataLocationElement = $additionalMetadataLocation->toXML($document->firstChild);
$additionalMetadataLocationElements = SAML2_Utils::xpQuery($additionalMetadataLocationElement, '/root/saml_metadata:AdditionalMetadataLocation');
$this->assertCount(1, $additionalMetadataLocationElements);
$additionalMetadataLocationElement = $additionalMetadataLocationElements[0];
$this->assertEquals('TheLocation', $additionalMetadataLocationElement->textContent);
$this->assertEquals('NamespaceAttribute', $additionalMetadataLocationElement->getAttribute("namespace"));
}
/**
* Create a EntityAttributes element.
*
* @param DOMElement|NULL $xml The XML element we should load.
*/
public function __construct(DOMElement $xml = NULL)
{
if ($xml === NULL) {
return;
}
foreach (SAML2_Utils::xpQuery($xml, './saml_assertion:Attribute|./saml_assertion:Assertion') as $node) {
if ($node->localName === 'Attribute') {
$this->children[] = new SAML2_XML_saml_Attribute($node);
} else {
$this->children[] = new SAML2_XML_Chunk($node);
}
}
}
/**
* Constructor for SAML 2 encrypted assertions.
*
* @param DOMElement|NULL $xml The encrypted assertion XML element.
* @throws Exception
*/
public function __construct(DOMElement $xml = NULL)
{
if ($xml === NULL) {
return;
}
$data = SAML2_Utils::xpQuery($xml, './xenc:EncryptedData');
if (count($data) === 0) {
throw new Exception('Missing encrypted data in <saml:EncryptedAssertion>.');
} elseif (count($data) > 1) {
throw new Exception('More than one encrypted data element in <saml:EncryptedAssertion>.');
}
$this->encryptedData = $data[0];
}
/**
* Get a list of Extensions in the given element.
*
* @param DOMElement $parent The element that may contain the md:Extensions element.
* @return array Array of extensions.
*/
public static function getList(DOMElement $parent)
{
$ret = array();
foreach (SAML2_Utils::xpQuery($parent, './saml_metadata:Extensions/*') as $node) {
if ($node->namespaceURI === SAML2_XML_shibmd_Scope::NS && $node->localName === 'Scope') {
$ret[] = new SAML2_XML_shibmd_Scope($node);
} elseif ($node->namespaceURI === SAML2_XML_mdattr_EntityAttributes::NS && $node->localName === 'EntityAttributes') {
$ret[] = new SAML2_XML_mdattr_EntityAttributes($node);
} else {
$ret[] = new SAML2_XML_Chunk($node);
}
}
return $ret;
}
public function testUnmarshalling()
{
$authnRequest = new SAML2_AuthnRequest();
$authnRequest->setRequestedAuthnContext(array('AuthnContextClassRef' => array('accr1', 'accr2'), 'Comparison' => 'better'));
$authnRequestElement = $authnRequest->toUnsignedXML();
$requestedAuthnContextElements = SAML2_Utils::xpQuery($authnRequestElement, './saml_protocol:RequestedAuthnContext');
$this->assertCount(1, $requestedAuthnContextElements);
$requestedAuthnConextElement = $requestedAuthnContextElements[0];
$this->assertEquals('better', $requestedAuthnConextElement->getAttribute("Comparison"));
$authnContextClassRefElements = SAML2_Utils::xpQuery($requestedAuthnConextElement, './saml_assertion:AuthnContextClassRef');
$this->assertCount(2, $authnContextClassRefElements);
$this->assertEquals('accr1', $authnContextClassRefElements[0]->textContent);
$this->assertEquals('accr2', $authnContextClassRefElements[1]->textContent);
}
/**
* Initialize a SPSSODescriptor.
*
* @param DOMElement|NULL $xml The XML element we should load.
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('md:SPSSODescriptor', $xml);
if ($xml === NULL) {
return;
}
$this->AuthnRequestsSigned = SAML2_Utils::parseBoolean($xml, 'AuthnRequestsSigned', NULL);
$this->WantAssertionsSigned = SAML2_Utils::parseBoolean($xml, 'WantAssertionsSigned', NULL);
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AssertionConsumerService') as $ep) {
$this->AssertionConsumerService[] = new SAML2_XML_md_IndexedEndpointType($ep);
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AttributeConsumingService') as $acs) {
$this->AttributeConsumingService[] = new SAML2_XML_md_AttributeConsumingService($acs);
}
}
public function testMarshalling()
{
$attribute = new SAML2_XML_saml_Attribute();
$attribute->Name = 'TheName';
$attribute->NameFormat = 'TheNameFormat';
$attribute->FriendlyName = 'TheFriendlyName';
$attribute->AttributeValue = array(new SAML2_XML_saml_AttributeValue('FirstValue'), new SAML2_XML_saml_AttributeValue('SecondValue'));
$document = SAML2_DOMDocumentFactory::fromString('<root />');
$attributeElement = $attribute->toXML($document->firstChild);
$attributeElements = SAML2_Utils::xpQuery($attributeElement, '/root/saml_assertion:Attribute');
$this->assertCount(1, $attributeElements);
$attributeElement = $attributeElements[0];
$this->assertEquals('TheName', $attributeElement->getAttribute('Name'));
$this->assertEquals('TheNameFormat', $attributeElement->getAttribute('NameFormat'));
$this->assertEquals('TheFriendlyName', $attributeElement->getAttribute('FriendlyName'));
}
public function testMarshalling()
{
$subjectConfirmation = new SAML2_XML_saml_SubjectConfirmation();
$subjectConfirmation->Method = 'SomeMethod';
$subjectConfirmation->NameID = new SAML2_XML_saml_NameID();
$subjectConfirmation->NameID->value = 'SomeNameIDValue';
$subjectConfirmation->SubjectConfirmationData = new SAML2_XML_saml_SubjectConfirmationData();
$document = SAML2_DOMDocumentFactory::fromString('<root />');
$subjectConfirmationElement = $subjectConfirmation->toXML($document->firstChild);
$subjectConfirmationElements = SAML2_Utils::xpQuery($subjectConfirmationElement, '//saml_assertion:SubjectConfirmation');
$this->assertCount(1, $subjectConfirmationElements);
$subjectConfirmationElement = $subjectConfirmationElements[0];
$this->assertEquals('SomeMethod', $subjectConfirmationElement->getAttribute("Method"));
$this->assertCount(1, SAML2_Utils::xpQuery($subjectConfirmationElement, "./saml_assertion:NameID"));
$this->assertCount(1, SAML2_Utils::xpQuery($subjectConfirmationElement, "./saml_assertion:SubjectConfirmationData"));
}
/**
* Constructor for SAML 2 logout request messages.
*
* @param DOMElement|NULL $xml The input message.
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('LogoutRequest', $xml);
if ($xml === NULL) {
return;
}
$nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID');
if (empty($nameId)) {
throw new Exception('Missing NameID in logout request.');
}
$this->nameId = SAML2_Utils::parseNameId($nameId[0]);
$sessionIndex = SAML2_Utils::xpQuery($xml, './saml_protocol:SessionIndex');
if (!empty($sessionIndex)) {
$this->sessionIndex = trim($sessionIndex[0]->textContent);
}
}
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('ArtifactResponse', $xml);
if (!is_null($xml)) {
$status = SAML2_Utils::xpQuery($xml, './saml_protocol:Status');
assert('!empty($status)');
/* Will have failed during StatusResponse parsing. */
$status = $status[0];
for ($any = $status->nextSibling; $any !== NULL; $any = $any->nextSibling) {
if ($any instanceof DOMElement) {
$this->any = $any;
break;
}
/* Ignore comments and text nodes. */
}
}
}
public function testMarshalling()
{
$response = new SAML2_Response();
$response->setStatus(array('Code' => 'OurStatusCode', 'SubCode' => 'OurSubStatusCode', 'Message' => 'OurMessageText'));
$responseElement = $response->toUnsignedXML();
$statusElements = SAML2_Utils::xpQuery($responseElement, './saml_protocol:Status');
$this->assertCount(1, $statusElements);
$statusCodeElements = SAML2_Utils::xpQuery($statusElements[0], './saml_protocol:StatusCode');
$this->assertCount(1, $statusCodeElements);
$this->assertEquals('OurStatusCode', $statusCodeElements[0]->getAttribute("Value"));
$nestedStatusCodeElements = SAML2_Utils::xpQuery($statusCodeElements[0], './saml_protocol:StatusCode');
$this->assertCount(1, $nestedStatusCodeElements);
$this->assertEquals('OurSubStatusCode', $nestedStatusCodeElements[0]->getAttribute("Value"));
$statusMessageElements = SAML2_Utils::xpQuery($statusElements[0], './saml_protocol:StatusMessage');
$this->assertCount(1, $statusMessageElements);
$this->assertEquals('OurMessageText', $statusMessageElements[0]->textContent);
}
/**
* Initialize an IDPSSODescriptor.
*
* @param DOMElement|NULL $xml The XML element we should load.
* @throws Exception
*/
public function __construct(DOMElement $xml = NULL)
{
parent::__construct('md:PDPDescriptor', $xml);
if ($xml === NULL) {
return;
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AuthzService') as $ep) {
$this->AuthzService[] = new SAML2_XML_md_EndpointType($ep);
}
if (empty($this->AuthzService)) {
throw new Exception('Must have at least one AuthzService in PDPDescriptor.');
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:AssertionIDRequestService') as $ep) {
$this->AssertionIDRequestService[] = new SAML2_XML_md_EndpointType($ep);
}
$this->NameIDFormat = SAML2_Utils::extractStrings($xml, SAML2_Const::NS_MD, 'NameIDFormat');
}
/**
* Initialize a SSODescriptor.
*
* @param string $elementName The name of this element.
* @param DOMElement|NULL $xml The XML element we should load.
*/
protected function __construct($elementName, DOMElement $xml = NULL)
{
assert('is_string($elementName)');
parent::__construct($elementName, $xml);
if ($xml === NULL) {
return;
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:ArtifactResolutionService') as $ep) {
$this->ArtifactResolutionService[] = new SAML2_XML_md_IndexedEndpointType($ep);
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:SingleLogoutService') as $ep) {
$this->SingleLogoutService[] = new SAML2_XML_md_EndpointType($ep);
}
foreach (SAML2_Utils::xpQuery($xml, './saml_metadata:ManageNameIDService') as $ep) {
$this->ManageNameIDService[] = new SAML2_XML_md_EndpointType($ep);
}
$this->NameIDFormat = SAML2_Utils::extractStrings($xml, SAML2_Const::NS_MD, 'NameIDFormat');
}
public function testMarshalling()
{
$nameId = new SAML2_XML_saml_NameID();
$nameId->NameQualifier = 'TheNameQualifier';
$nameId->SPNameQualifier = 'TheSPNameQualifier';
$nameId->Format = 'TheFormat';
$nameId->SPProvidedID = 'TheSPProvidedID';
$nameId->value = 'TheNameIDValue';
$nameIdElement = $nameId->toXML();
$nameIdElements = SAML2_Utils::xpQuery($nameIdElement, '/saml_assertion:NameID');
$this->assertCount(1, $nameIdElements);
$nameIdElement = $nameIdElements[0];
$this->assertEquals('TheNameQualifier', $nameIdElement->getAttribute("NameQualifier"));
$this->assertEquals('TheSPNameQualifier', $nameIdElement->getAttribute("SPNameQualifier"));
$this->assertEquals('TheFormat', $nameIdElement->getAttribute("Format"));
$this->assertEquals('TheSPProvidedID', $nameIdElement->getAttribute("SPProvidedID"));
$this->assertEquals('TheNameIDValue', $nameIdElement->textContent);
}
