/** * Calling validate on an unsigned assertion must return * false, not an exception. */ public function testVerifyUnsignedAssertion() { $xml = <<<XML <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_593e33ddf86449ce4d4c22b60ac48e067d98a0b2bf" Version="2.0" IssueInstant="2010-03-05T13:34:28Z" > <saml:Issuer>testIssuer</saml:Issuer> <saml:Conditions> <saml:AudienceRestriction> <saml:Audience>audience1</saml:Audience> <saml:Audience>audience2</saml:Audience> </saml:AudienceRestriction> </saml:Conditions> <saml:AuthnStatement AuthnInstant="2010-03-05T13:34:28Z"> <saml:AuthnContext> <saml:AuthnContextClassRef>someAuthnContext</saml:AuthnContextClassRef> <saml:AuthenticatingAuthority>someIdP1</saml:AuthenticatingAuthority> <saml:AuthenticatingAuthority>someIdP2</saml:AuthenticatingAuthority> </saml:AuthnContext> </saml:AuthnStatement> </saml:Assertion> XML; $document = DOMDocumentFactory::fromString($xml); $assertion = new Assertion($document->firstChild); // Was not signed $this->assertFalse($assertion->getWasSignedAtConstruction()); $publicKey = CertificatesMock::getPublicKeySha1(); $result = $assertion->validate($publicKey); $this->assertFalse($result); }