public function test_does_nothing_if_there_is_bearer_assertion() { $action = new HasBearerAssertionsValidatorAction(TestHelper::getLoggerMock($this)); $context = new ProfileContext(Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST, ProfileContext::ROLE_IDP); $context->getInboundContext()->setMessage($response = new Response()); $response->addAssertion($assertion = new Assertion()); $assertion->addItem(new AuthnStatement()); $assertion->setSubject($subject = new Subject()); $subject->addSubjectConfirmation($subjectConfirmation = new SubjectConfirmation()); $subjectConfirmation->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER); $action->execute($context); }
public function test_adds_known_in_response_to_request_state_to_context() { $action = new InResponseToValidatorAction(TestHelper::getLoggerMock($this), $requestStateMock = TestHelper::getRequestStateStoreMock($this)); $context = TestHelper::getAssertionContext($assertion = new Assertion()); $assertion->setSubject($subject = new Subject()); $subject->addSubjectConfirmation($subjectConfirmation = new SubjectConfirmation()); $subjectConfirmation->setSubjectConfirmationData(new SubjectConfirmationData()); $subjectConfirmation->getSubjectConfirmationData()->setInResponseTo($inResponseTo = '123123123'); $requestStateMock->expects($this->once())->method('get')->with($inResponseTo)->willReturn(new RequestState($inResponseTo)); $action->execute($context); /** @var RequestStateContext $requestStateContext */ $requestStateContext = $context->getSubContext(ProfileContexts::REQUEST_STATE); $this->assertInstanceOf(RequestStateContext::class, $requestStateContext); $this->assertEquals($inResponseTo, $requestStateContext->getRequestState()->getId()); }
/** * @param Subject $subject * * @throws LightSamlValidationException * * @return void */ public function validateSubject(Subject $subject) { if (false == $subject->getNameID() && false == $subject->getAllSubjectConfirmations()) { throw new LightSamlValidationException('Subject MUST contain either an identifier or a subject confirmation'); } if ($subject->getNameID()) { $this->nameIdValidator->validateNameId($subject->getNameID()); } foreach ($subject->getAllSubjectConfirmations() as $subjectConfirmation) { $this->validateSubjectConfirmation($subjectConfirmation); } }
/** * @expectedException \LightSaml\Error\LightSamlValidationException * @expectedExceptionMessage SubjectConfirmationData NotBefore MUST be less than NotOnOrAfter */ public function test_fails_on_not_on_or_after_less_then_not_before() { $subject = new Subject(); $subjectConfirmationData = new SubjectConfirmationData(); $subjectConfirmationData->setNotOnOrAfter(999)->setNotBefore(1000); $subjectConfirmation = new SubjectConfirmation(); $subjectConfirmation->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER); $subjectConfirmation->setSubjectConfirmationData($subjectConfirmationData); $subject->addSubjectConfirmation($subjectConfirmation); $validator = new SubjectValidator($this->getNameIdValidatorMock()); $validator->validateSubject($subject); }