/**
* Sign identity certificate
*
* Sign and serialize this instance using the secret key of the issuer.
*
* @access public
* @param AbstractSecretKey $secretKey Secret key of the issuer
* @param array $additionalPayload Additional payload or null if none to add
* @return string Serialized identity certificate
*/
public function sign($secretKey, $additionalPayload = null)
{
$payload = array();
if ($additionalPayload !== null) {
$payload = array_merge($additionalPayload, $payload);
}
$payload = $this->serialize($payload);
return $this->assertion->sign($secretKey, $payload);
}
/**
* Create signed assertion
*
* Create a signed assertion using the users secret key.
*
* @access public
* @static
* @param string $audience The audience this assertion is signed for
* @param AbstractSecretkey $secretKeyIdentity An instance of the secret key matching the users certificate identity
* @param array $additionalPayload Additional fields to assert
* @param int $now Unix timestamp in milliseconds or null for now
* @return string The serialized signed assertion
*/
public static function createAssertion($audience, $secretKeyIdentity, $additionalPayload = null, $now = null)
{
if ($now == null) {
$now = time() * 1000;
}
$expires = $now + Configuration::getInstance()->get('assertion_validity') * 1000;
$assertion = new Assertion(null, $expires, null, $audience);
return $assertion->sign($secretKeyIdentity, $additionalPayload);
}
