public function test_entity_descriptor_with_xsd()
{
$entityDescriptor = new EntityDescriptor();
$entityDescriptor->setID(Helper::generateID())->setEntityID('https://idp.com');
$entityDescriptor->addItem($idpSsoDescriptor = new IdpSsoDescriptor());
$idpSsoDescriptor->addAttribute((new Attribute(ClaimTypes::EMAIL_ADDRESS))->setNameFormat('urn:oasis:names:tc:SAML:2.0:attrname-format:uri')->setFriendlyName('Email address'))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate()));
$entityDescriptor->addItem($spSsoDescriptor = new SpSsoDescriptor());
$spSsoDescriptor->addAssertionConsumerService(new AssertionConsumerService('https://sp.com/acs', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate()));
$entityDescriptor->addContactPerson((new ContactPerson())->setContactType(ContactPerson::TYPE_SUPPORT)->setEmailAddress('*****@*****.**'))->addOrganization((new Organization())->setOrganizationName('Org name')->setOrganizationDisplayName('Org display name')->setOrganizationURL('https://idp.com'));
$this->sign($entityDescriptor);
$this->validateMetadata($entityDescriptor);
}
private function checkSSO(IdpSsoDescriptor $idp, $binding, $location)
{
$arr = $idp->getAllSingleSignOnServicesByBinding($binding);
/** @var SingleSignOnService $svc */
$svc = array_shift($arr);
$this->assertNotNull($svc);
$this->assertEquals($binding, $svc->getBinding());
$this->assertEquals($location, $svc->getLocation());
}
/**
* @return IdpSsoDescriptor
*/
protected function getIdpSsoDescriptor()
{
if (null === $this->ssoUrl) {
return null;
}
$idpSso = new IdpSsoDescriptor();
foreach ($this->ssoBindings as $index => $binding) {
$sso = new SingleSignOnService();
$sso->setLocation($this->ssoUrl)->setBinding($binding);
$idpSso->addSingleSignOnService($sso);
}
$this->addKeyDescriptors($idpSso);
return $idpSso;
}