| public hasValidSignature ( SAML2\SignedElement $signedElement, SAML2\Configuration\CertificateProvider $configuration ) : boolean | ||
| $signedElement | SAML2\SignedElement | |
| $configuration | SAML2\Configuration\CertificateProvider | |
| return | boolean | |
/**
* @test
* @group signature
*/
public function signed_message_with_valid_signature_is_validated_correctly()
{
$pattern = Certificate::CERTIFICATE_PATTERN;
preg_match($pattern, CertificatesMock::PUBLIC_KEY_PEM, $matches);
$certdata = X509::createFromCertificateData($matches[1]);
$fingerprint = $certdata->getFingerprint();
$fingerprint_retry = $certdata->getFingerprint();
$this->assertTrue($fingerprint->equals($fingerprint_retry), 'Cached fingerprint does not match original');
$config = new IdentityProvider(array('certificateFingerprints' => array($fingerprint->getRaw())));
$validator = new FingerprintValidator(new SimpleTestLogger(), new FingerprintLoader());
$doc = DOMDocumentFactory::fromFile(__DIR__ . '/response.xml');
$response = new Response($doc->firstChild);
$response->setSignatureKey(CertificatesMock::getPrivateKey());
$response->setCertificates(array(CertificatesMock::PUBLIC_KEY_PEM));
// convert to signed response
$response = new Response($response->toSignedXML());
$this->assertTrue($validator->canValidate($response, $config), 'Cannot validate the element');
$this->assertTrue($validator->hasValidSignature($response, $config), 'The signature is not valid');
}
