/**
  * @param SAML2_AuthnRequest $authnRequest
  * @param SimpleSAML_Configuration $idpConfig
  * @param $nameId
  * @param $issuer
  * @param array $attributes
  * @return SAML2_Response
  */
 public function create(SAML2_AuthnRequest $authnRequest, SimpleSAML_Configuration $idpConfig, $nameId, $issuer, array $attributes)
 {
     /* $returnAttributes contains the attributes we should return. Send them. */
     $assertion = new SAML2_Assertion();
     $assertion->setIssuer($issuer);
     $assertion->setNameId(array('Value' => $nameId, 'Format' => SAML2_Const::NAMEID_UNSPECIFIED));
     $assertion->setNotBefore(time());
     $assertion->setNotOnOrAfter(time() + 5 * 60);
     // Valid audiences is not required so disabled for now
     // $assertion->setValidAudiences(array($authnRequest->getIssuer()));
     $assertion->setAttributes($attributes);
     $assertion->setAttributeNameFormat(SAML2_Const::NAMEFORMAT_UNSPECIFIED);
     $assertion->setAuthnContext(SAML2_Const::AC_PASSWORD);
     $subjectConfirmation = new SAML2_XML_saml_SubjectConfirmation();
     $subjectConfirmation->Method = SAML2_Const::CM_BEARER;
     $subjectConfirmation->SubjectConfirmationData = new SAML2_XML_saml_SubjectConfirmationData();
     $subjectConfirmation->SubjectConfirmationData->NotOnOrAfter = time() + 5 * 60;
     $subjectConfirmation->SubjectConfirmationData->Recipient = $authnRequest->getAssertionConsumerServiceURL();
     $subjectConfirmation->SubjectConfirmationData->InResponseTo = $authnRequest->getId();
     $assertion->setSubjectConfirmation(array($subjectConfirmation));
     $response = new SAML2_Response();
     $response->setRelayState($authnRequest->getRelayState());
     $response->setDestination($authnRequest->getAssertionConsumerServiceURL());
     $response->setIssuer($issuer);
     $response->setInResponseTo($authnRequest->getId());
     $response->setAssertions(array($assertion));
     $this->addSigns($response, $idpConfig);
     return $response;
 }
Esempio n. 2
0
 public function testMarshalling()
 {
     // Create an assertion
     $assertion = new \SAML2_Assertion();
     $assertion->setIssuer('testIssuer');
     $assertion->setValidAudiences(array('audience1', 'audience2'));
     $assertion->setAuthnContext('someAuthnContext');
     // Marshall it to a DOMElement
     $assertionElement = $assertion->toXML();
     // Test for an Issuer
     $issuerElements = \SAML2_Utils::xpQuery($assertionElement, './saml_assertion:Issuer');
     $this->assertCount(1, $issuerElements);
     $this->assertEquals('testIssuer', $issuerElements[0]->textContent);
     // Test for an AudienceRestriction
     $audienceElements = \SAML2_Utils::xpQuery($assertionElement, './saml_assertion:Conditions/saml_assertion:AudienceRestriction/saml_assertion:Audience');
     $this->assertCount(2, $audienceElements);
     $this->assertEquals('audience1', $audienceElements[0]->textContent);
     $this->assertEquals('audience2', $audienceElements[1]->textContent);
     // Test for an Authentication Context
     $authnContextElements = \SAML2_Utils::xpQuery($assertionElement, './saml_assertion:AuthnStatement/saml_assertion:AuthnContext/saml_assertion:AuthnContextClassRef');
     $this->assertCount(1, $authnContextElements);
     $this->assertEquals('someAuthnContext', $authnContextElements[0]->textContent);
 }