/**
* @dataProvider _provider
*/
public function test_credential_criterias($profileRole, $expectedMetadataType)
{
$signatureResolver = new OwnSignatureResolver($credentialResolverMock = TestHelper::getCredentialResolverMock($this));
$context = TestHelper::getProfileContext(Profiles::METADATA, $profileRole);
$context->getOwnEntityContext()->setEntityDescriptor($ownEntityDescriptor = new EntityDescriptor($ownEntityId = 'http://own.id'));
$credentialResolverMock->method('query')->willReturn($query = new CredentialResolverQuery($credentialResolverMock));
$credentialResolverMock->method('resolve')->willReturnCallback(function (CriteriaSet $criteriaSet) use($ownEntityId, $expectedMetadataType) {
TestHelper::assertCriteria($this, $criteriaSet, EntityIdCriteria::class, 'getEntityId', $ownEntityId);
TestHelper::assertCriteria($this, $criteriaSet, UsageCriteria::class, 'getUsage', UsageType::SIGNING);
TestHelper::assertCriteria($this, $criteriaSet, X509CredentialCriteria::class, null, null);
TestHelper::assertCriteria($this, $criteriaSet, MetadataCriteria::class, 'getMetadataType', $expectedMetadataType);
return [TestHelper::getX509CredentialMock($this)];
});
$signatureResolver->getSignature($context);
}
/**
* @expectedException \LightSaml\Error\LightSamlContextException
* @expectedExceptionMessage Recipient 'http://recipient.com' does not match SP descriptor
*/
public function test_throws_context_exception_when_recipient_does_not_match_any_own_acs_service_location()
{
$action = new RecipientValidatorAction($loggerMock = TestHelper::getLoggerMock($this), $endpointResolver = TestHelper::getEndpointResolverMock($this));
$assertionContext = TestHelper::getAssertionContext($assertion = new Assertion());
$assertion->addItem(new AuthnStatement());
$assertion->setSubject(new Subject());
$assertion->getSubject()->addSubjectConfirmation($subjectConfirmation = (new SubjectConfirmation())->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER));
$subjectConfirmation->setSubjectConfirmationData((new SubjectConfirmationData())->setRecipient($recipient = 'http://recipient.com'));
$profileContext = TestHelper::getProfileContext();
$profileContext->getOwnEntityContext()->setEntityDescriptor($ownEntityDescriptor = new EntityDescriptor());
$assertionContext->setParent($profileContext);
$endpointResolver->expects($this->once())->method('resolve')->with($this->isInstanceOf(CriteriaSet::class), $this->isType('array'))->willReturnCallback(function (CriteriaSet $criteriaSet) use($recipient) {
TestHelper::assertCriteria($this, $criteriaSet, DescriptorTypeCriteria::class, 'getDescriptorType', SpSsoDescriptor::class);
TestHelper::assertCriteria($this, $criteriaSet, ServiceTypeCriteria::class, 'getServiceType', AssertionConsumerService::class);
TestHelper::assertCriteria($this, $criteriaSet, LocationCriteria::class, 'getLocation', $recipient);
return [];
});
$loggerMock->expects($this->once())->method('error')->with("Recipient 'http://recipient.com' does not match SP descriptor");
$action->execute($assertionContext);
}