public function test_entity_descriptor_with_xsd() { $entityDescriptor = new EntityDescriptor(); $entityDescriptor->setID(Helper::generateID())->setEntityID('https://idp.com'); $entityDescriptor->addItem($idpSsoDescriptor = new IdpSsoDescriptor()); $idpSsoDescriptor->addAttribute((new Attribute(ClaimTypes::EMAIL_ADDRESS))->setNameFormat('urn:oasis:names:tc:SAML:2.0:attrname-format:uri')->setFriendlyName('Email address'))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate())); $entityDescriptor->addItem($spSsoDescriptor = new SpSsoDescriptor()); $spSsoDescriptor->addAssertionConsumerService(new AssertionConsumerService('https://sp.com/acs', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate())); $entityDescriptor->addContactPerson((new ContactPerson())->setContactType(ContactPerson::TYPE_SUPPORT)->setEmailAddress('*****@*****.**'))->addOrganization((new Organization())->setOrganizationName('Org name')->setOrganizationDisplayName('Org display name')->setOrganizationURL('https://idp.com')); $this->sign($entityDescriptor); $this->validateMetadata($entityDescriptor); }
private function checkSSO(IdpSsoDescriptor $idp, $binding, $location) { $arr = $idp->getAllSingleSignOnServicesByBinding($binding); /** @var SingleSignOnService $svc */ $svc = array_shift($arr); $this->assertNotNull($svc); $this->assertEquals($binding, $svc->getBinding()); $this->assertEquals($location, $svc->getLocation()); }
/** * @return IdpSsoDescriptor */ protected function getIdpSsoDescriptor() { if (null === $this->ssoUrl) { return null; } $idpSso = new IdpSsoDescriptor(); foreach ($this->ssoBindings as $index => $binding) { $sso = new SingleSignOnService(); $sso->setLocation($this->ssoUrl)->setBinding($binding); $idpSso->addSingleSignOnService($sso); } $this->addKeyDescriptors($idpSso); return $idpSso; }