/** * Validates the SAML response message. * * @param AuthnResponse $soapMessage * @return boolean */ protected function _isValidSoapMessage(AuthnResponse $soapMessage) { $expectedConsumerUrl = $this->getOption(self::OPT_SP_ASSERTION_CONSUMER_URL); if (!$expectedConsumerUrl) { throw new GeneralException\MissingOptionException(self::OPT_SP_ASSERTION_CONSUMER_URL); } $consumerUrl = $soapMessage->getAssertionConsumerServiceUrl(); if (!$consumerUrl) { $this->addMessage('Missing AssertionConsumerServiceURL value in AuthnResponse'); return false; } if ($consumerUrl != $expectedConsumerUrl) { $this->addMessage(sprintf("The assertion consumer URL contained in the AuthnResponse (%s) is different \n from the one declared by the SP(%s)", $consumerUrl, $expectedConsumerUrl)); return false; } return true; }
public function testGetAssertionConsumerServiceUrl() { $this->assertSame('https://sp.example.org/Shibboleth.sso/SAML2/ECP', $this->_message->getAssertionConsumerServiceUrl()); }