/** * @expectedException SAML2_Response_Exception_UnsignedResponseException * @runInSeparateProcess */ public function testThatAnUnsignedResponseWithNoSignedAssertionsThrowsAnException() { // here the processAssertions may not be called as it should fail with an exception due to having no signature $this->assertionProcessor->shouldReceive('processAssertions')->never(); $processor = new SAML2_Response_Processor(new \Psr\Log\NullLogger()); $processor->process(new SAML2_Configuration_ServiceProvider(array()), new SAML2_Configuration_IdentityProvider(array()), new SAML2_Configuration_Destination($this->currentDestination), $this->getUnsignedResponseWithUnsignedAssertion()); }
/** * @param Request $request * @param IdentityProvider $identityProvider * @param ServiceProvider $serviceProvider * @return Assertion * @throws AuthnFailedSamlResponseException * @throws NoAuthnContextSamlResponseException * @throws PreconditionNotMetException */ public function processResponse(Request $request, IdentityProvider $identityProvider, ServiceProvider $serviceProvider) { $response = $request->request->get('SAMLResponse'); if (!$response) { throw new BadRequestHttpException('Response must include a SAMLResponse, none found'); } $response = base64_decode($response); $previous = libxml_disable_entity_loader(true); $asXml = SAML2_DOMDocumentFactory::fromString($response); libxml_disable_entity_loader($previous); try { $assertions = $this->responseProcessor->process($serviceProvider, $identityProvider, new SAML2_Configuration_Destination($serviceProvider->getAssertionConsumerUrl()), new SAML2_Response($asXml->documentElement)); } catch (PreconditionNotMetException $e) { $message = $e->getMessage(); $noAuthnContext = substr(SAML2_Const::STATUS_NO_AUTHN_CONTEXT, strlen(SAML2_Const::STATUS_PREFIX)); if (false !== strpos($message, $noAuthnContext)) { throw new NoAuthnContextSamlResponseException($message, 0, $e); } $authnFailed = substr(SAML2_Const::STATUS_AUTHN_FAILED, strlen(SAML2_Const::STATUS_PREFIX)); if (false !== strpos($message, $authnFailed)) { throw new AuthnFailedSamlResponseException($message, 0, $e); } throw $e; } return $assertions->getOnlyElement(); }