/**
* Validates the SAML response message.
*
* @param AuthnResponse $soapMessage
* @return boolean
*/
protected function _isValidSoapMessage(AuthnResponse $soapMessage)
{
$expectedConsumerUrl = $this->getOption(self::OPT_SP_ASSERTION_CONSUMER_URL);
if (!$expectedConsumerUrl) {
throw new GeneralException\MissingOptionException(self::OPT_SP_ASSERTION_CONSUMER_URL);
}
$consumerUrl = $soapMessage->getAssertionConsumerServiceUrl();
if (!$consumerUrl) {
$this->addMessage('Missing AssertionConsumerServiceURL value in AuthnResponse');
return false;
}
if ($consumerUrl != $expectedConsumerUrl) {
$this->addMessage(sprintf("The assertion consumer URL contained in the AuthnResponse (%s) is different \n from the one declared by the SP(%s)", $consumerUrl, $expectedConsumerUrl));
return false;
}
return true;
}
public function testGetAssertionConsumerServiceUrl()
{
$this->assertSame('https://sp.example.org/Shibboleth.sso/SAML2/ECP', $this->_message->getAssertionConsumerServiceUrl());
}
