public function test_entity_descriptor_with_xsd() { $entityDescriptor = new EntityDescriptor(); $entityDescriptor->setID(Helper::generateID())->setEntityID('https://idp.com'); $entityDescriptor->addItem($idpSsoDescriptor = new IdpSsoDescriptor()); $idpSsoDescriptor->addAttribute((new Attribute(ClaimTypes::EMAIL_ADDRESS))->setNameFormat('urn:oasis:names:tc:SAML:2.0:attrname-format:uri')->setFriendlyName('Email address'))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate())); $entityDescriptor->addItem($spSsoDescriptor = new SpSsoDescriptor()); $spSsoDescriptor->addAssertionConsumerService(new AssertionConsumerService('https://sp.com/acs', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate())); $entityDescriptor->addContactPerson((new ContactPerson())->setContactType(ContactPerson::TYPE_SUPPORT)->setEmailAddress('*****@*****.**'))->addOrganization((new Organization())->setOrganizationName('Org name')->setOrganizationDisplayName('Org display name')->setOrganizationURL('https://idp.com')); $this->sign($entityDescriptor); $this->validateMetadata($entityDescriptor); }
private function checkACS(SpSsoDescriptor $sp, $binding, $location, $index, $isDefault) { $arr = $sp->getAllAssertionConsumerServicesByBinding($binding); /** @var AssertionConsumerService $svc */ $svc = array_shift($arr); $this->assertNotNull($svc); $this->assertEquals($binding, $svc->getBinding()); $this->assertEquals($location, $svc->getLocation()); $this->assertEquals($index, $svc->getIndex()); $this->assertEquals($isDefault, $svc->getIsDefaultBool()); }
/** * @param EntityDescriptor $ed */ private function fillEntityDescriptor(EntityDescriptor $ed) { $ed->addItem($sp = new SpSsoDescriptor()); $sp->addAssertionConsumerService(new AssertionConsumerService('https://location.com', SamlConstants::BINDING_SAML2_HTTP_POST)); }
/** * @return SpSsoDescriptor|null */ protected function getSpSsoDescriptor() { if (null === $this->acsUrl) { return null; } $spSso = new SpSsoDescriptor(); foreach ($this->acsBindings as $index => $biding) { $acs = new AssertionConsumerService(); $acs->setIndex($index)->setLocation($this->acsUrl)->setBinding($biding); $spSso->addAssertionConsumerService($acs); } $this->addKeyDescriptors($spSso); return $spSso; }