public function test_authn_request_with_xsd()
{
$authnRequest = new AuthnRequest();
$authnRequest->setAssertionConsumerServiceURL('https://sp.com/acs')->setNameIDPolicy(new NameIDPolicy(SamlConstants::NAME_ID_FORMAT_EMAIL, true))->setProtocolBinding(SamlConstants::PROTOCOL_SAML2)->setID(Helper::generateID())->setIssueInstant(new \DateTime())->setDestination('https://idp.com/destination')->setIssuer(new Issuer('https://sp.com'));
$this->sign($authnRequest);
$this->validateProtocol($authnRequest);
}
public function test_authn_request()
{
$authnRequest = new AuthnRequest();
$authnRequest->setAssertionConsumerServiceURL('https://mydomain.com/index.php?action_51=saml_callback')->setNameIDPolicy($nameIdPolicy = new NameIDPolicy())->setDestination('https://idp.com/login');
$nameIdPolicy->setFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT);
$nameIdPolicy->setAllowCreate(true);
$this->verify($authnRequest);
}
public function test_adds_location_criteria_for_authn_request_with_acs_url()
{
$message = new AuthnRequest();
$message->setAssertionConsumerServiceURL($url = 'http://domain.com/acs');
$context = $this->createContext(ProfileContext::ROLE_IDP, $message);
$this->setEndpointResolver(true, function (CriteriaSet $criteriaSet) use($url) {
$this->criteriaSetShouldHaveLocationCriteria($criteriaSet, $url);
return [TestHelper::getEndpointReferenceMock($this, $endpoint = new SingleSignOnService())];
});
$this->action->execute($context);
}
/**
* Get saml authnRequest.
*
* @param string $consumer_service_url
* @param string $idp_destination
* @param string $issuer
* @param string $saml_crt
* @param string $saml_key
* @return string
*/
public function getAuthnRequest($consumer_service_url, $idp_destination, $issuer, $saml_crt, $saml_key)
{
$authn_request = new AuthnRequest();
$authn_request->setAssertionConsumerServiceURL($consumer_service_url)->setProtocolBinding(SamlConstants::BINDING_SAML2_HTTP_POST)->setID(Helper::generateID())->setIssueInstant(new DateTime())->setDestination($idp_destination)->setIssuer(new Issuer($issuer));
$certificate = new X509Certificate();
$certificate->loadPem($saml_crt);
$private_key = KeyHelper::createPrivateKey($saml_key, '', false);
$authn_request->setSignature(new SignatureWriter($certificate, $private_key));
$serialization_context = new SerializationContext();
$authn_request->serialize($serialization_context->getDocument(), $serialization_context);
$binding_factory = new BindingFactory();
$redirect_binding = $binding_factory->create(SamlConstants::BINDING_SAML2_HTTP_REDIRECT);
$message_context = new MessageContext();
$message_context->setMessage($authn_request);
/** @var \Symfony\Component\HttpFoundation\RedirectResponse $http_response */
$http_response = $redirect_binding->send($message_context);
return $http_response->getTargetUrl();
}
