private function validateAuthnStatement(AuthnStatement $statement) { if (false == $statement->getAuthnInstantTimestamp()) { throw new LightSamlValidationException('AuthnStatement MUST have an AuthnInstant attribute'); } if (false == Helper::validateOptionalString($statement->getSessionIndex())) { throw new LightSamlValidationException('SessionIndex attribute of AuthnStatement must contain at least one non-whitespace character'); } if ($statement->getSubjectLocality()) { if (false == Helper::validateOptionalString($statement->getSubjectLocality()->getAddress())) { throw new LightSamlValidationException('Address attribute of SubjectLocality must contain at least one non-whitespace character'); } if (false == Helper::validateOptionalString($statement->getSubjectLocality()->getDnsName())) { throw new LightSamlValidationException('DNSName attribute of SubjectLocality must contain at least one non-whitespace character'); } } if (false == $statement->getAuthnContext()) { throw new LightSamlValidationException('AuthnStatement MUST have an AuthnContext element'); } $this->validateAuthnContext($statement->getAuthnContext()); }