/** * @test * @group signature */ public function signed_message_with_valid_signature_is_validated_correctly() { $pattern = SAML2_Utilities_Certificate::CERTIFICATE_PATTERN; preg_match($pattern, SAML2_CertificatesMock::PUBLIC_KEY_PEM, $matches); $config = new SAML2_Configuration_IdentityProvider(array('certificateData' => $matches[1])); $validator = new SAML2_Signature_PublicKeyValidator(new SAML2_SimpleTestLogger(), new SAML2_Certificate_KeyLoader()); $doc = SAML2_DOMDocumentFactory::fromFile(__DIR__ . '/response.xml'); $response = new SAML2_Response($doc->firstChild); $response->setSignatureKey(SAML2_CertificatesMock::getPrivateKey()); $response->setCertificates(array(SAML2_CertificatesMock::PUBLIC_KEY_PEM)); // convert to signed response $response = new SAML2_Response($response->toSignedXML()); $this->assertTrue($validator->canValidate($response, $config), 'Cannot validate the element'); $this->assertTrue($validator->hasValidSignature($response, $config), 'The signature is not valid'); }
/** * @test * @group signature */ public function signed_message_with_valid_signature_is_validated_correctly() { $pattern = SAML2_Utilities_Certificate::CERTIFICATE_PATTERN; preg_match($pattern, SAML2_CertificatesMock::PUBLIC_KEY_PEM, $matches); $certdata = SAML2_Certificate_X509::createFromCertificateData($matches[1]); $fingerprint = $certdata->getFingerprint(); $fingerprint_retry = $certdata->getFingerprint(); $this->assertTrue($fingerprint->equals($fingerprint_retry), 'Cached fingerprint does not match original'); $config = new SAML2_Configuration_IdentityProvider(array('certificateFingerprints' => array($fingerprint->getRaw()))); $validator = new SAML2_Signature_FingerprintValidator(new SAML2_SimpleTestLogger(), new SAML2_Certificate_FingerprintLoader()); $doc = SAML2_DOMDocumentFactory::fromFile(__DIR__ . '/response.xml'); $response = new SAML2_Response($doc->firstChild); $response->setSignatureKey(SAML2_CertificatesMock::getPrivateKey()); $response->setCertificates(array(SAML2_CertificatesMock::PUBLIC_KEY_PEM)); // convert to signed response $response = new SAML2_Response($response->toSignedXML()); $this->assertTrue($validator->canValidate($response, $config), 'Cannot validate the element'); $this->assertTrue($validator->hasValidSignature($response, $config), 'The signature is not valid'); }
/** * @param $file_name * * @return static */ public static function from_xml_file($file_name) { $doc = SAML2_DOMDocumentFactory::fromFile($file_name); return static::from_DOM_document($doc); }
private function getSignedAssertionWithEmbeddedAssertionReferencedInSignature() { $document = SAML2_DOMDocumentFactory::fromFile(__DIR__ . '/signedAssertionReferencedEmbeddedAssertion.xml'); $assertion = new SAML2_Assertion($document->firstChild); return $assertion; }
/** * @group domdocument * @expectedException SAML2_Exception_RuntimeException * @expectedExceptionMessage does not have content */ public function testEmptyFileIsNotValid() { $file = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'domdocument_empty.xml'; SAML2_DOMDocumentFactory::fromFile($file); }
/** * @group domdocument */ public function testFileWithValidXMLCanBeLoaded() { $file = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'domdocument_valid_xml.xml'; $document = SAML2_DOMDocumentFactory::fromFile($file); $this->assertXmlStringEqualsXmlFile($file, $document->saveXML()); }