private function validateAuthnContext(AuthnContext $authnContext) { if (false == $authnContext->getAuthnContextClassRef() && false == $authnContext->getAuthnContextDecl() && false == $authnContext->getAuthnContextDeclRef()) { throw new LightSamlValidationException('AuthnContext element MUST contain at least one AuthnContextClassRef, AuthnContextDecl or AuthnContextDeclRef element'); } if ($authnContext->getAuthnContextClassRef() && $authnContext->getAuthnContextDecl() && $authnContext->getAuthnContextDeclRef()) { throw new LightSamlValidationException('AuthnContext MUST NOT contain more than two elements.'); } if ($authnContext->getAuthnContextClassRef()) { if (false == Helper::validateWellFormedUriString($authnContext->getAuthnContextClassRef())) { throw new LightSamlValidationException('AuthnContextClassRef has a value which is not a wellformed absolute uri'); } } if ($authnContext->getAuthnContextDeclRef()) { if (false === Helper::validateWellFormedUriString($authnContext->getAuthnContextDeclRef())) { throw new LightSamlValidationException('AuthnContextDeclRef has a value which is not a wellformed absolute uri'); } } }