This may be null, in which case all audiences are allowed.
public setValidAudiences ( array $validAudiences = null ) | ||
$validAudiences | array | The allowed audiences. |
public function testMarshalling() { // Create an assertion $assertion = new Assertion(); $assertion->setIssuer('testIssuer'); $assertion->setValidAudiences(array('audience1', 'audience2')); $assertion->setAuthnContext('someAuthnContext'); // Marshall it to a \DOMElement $assertionElement = $assertion->toXML(); // Test for an Issuer $issuerElements = Utils::xpQuery($assertionElement, './saml_assertion:Issuer'); $this->assertCount(1, $issuerElements); $this->assertEquals('testIssuer', $issuerElements[0]->textContent); // Test for an AudienceRestriction $audienceElements = Utils::xpQuery($assertionElement, './saml_assertion:Conditions/saml_assertion:AudienceRestriction/saml_assertion:Audience'); $this->assertCount(2, $audienceElements); $this->assertEquals('audience1', $audienceElements[0]->textContent); $this->assertEquals('audience2', $audienceElements[1]->textContent); // Test for an Authentication Context $authnContextElements = Utils::xpQuery($assertionElement, './saml_assertion:AuthnStatement/saml_assertion:AuthnContext/saml_assertion:AuthnContextClassRef'); $this->assertCount(1, $authnContextElements); $this->assertEquals('someAuthnContext', $authnContextElements[0]->textContent); }
/** * Test NameID Encryption and Decryption. */ public function testNameIdEncryption() { // Create an assertion $assertion = new Assertion(); $assertion->setIssuer('testIssuer'); $assertion->setValidAudiences(array('audience1', 'audience2')); $assertion->setAuthnContext('someAuthnContext'); $assertion->setNameId(array("Value" => "just_a_basic_identifier", "Format" => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient")); $this->assertFalse($assertion->isNameIdEncrypted()); $publicKey = CertificatesMock::getPublicKey(); $assertion->encryptNameId($publicKey); $this->assertTrue($assertion->isNameIdEncrypted()); // Marshall it to a \DOMElement $assertionElement = $assertion->toXML()->ownerDocument->saveXML(); $assertionToVerify = new Assertion(DOMDocumentFactory::fromString($assertionElement)->firstChild); $this->assertTrue($assertionToVerify->isNameIdEncrypted()); $privateKey = CertificatesMock::getPrivateKey(); $assertionToVerify->decryptNameId($privateKey); $this->assertFalse($assertionToVerify->isNameIdEncrypted()); $nameID = $assertionToVerify->getNameID(); $this->assertEquals('just_a_basic_identifier', $nameID['Value']); $this->assertEquals('urn:oasis:names:tc:SAML:2.0:nameid-format:transient', $nameID['Format']); }