private static function createSubjectConfirmationValidator(IdentityProvider $identityProvider, ServiceProvider $serviceProvider, Destination $currentDestination, Response $response) { $validator = new SubjectConfirmationValidator($identityProvider, $serviceProvider); $validator->addConstraintValidator(new SubjectConfirmationMethod()); $validator->addConstraintValidator(new SubjectConfirmationNotBefore()); $validator->addConstraintValidator(new SubjectConfirmationNotOnOrAfter()); $validator->addConstraintValidator(new SubjectConfirmationRecipientMatches($currentDestination)); $validator->addConstraintValidator(new SubjectConfirmationResponseToMatches($response)); return $validator; }
/** * @param \SAML2\Assertion $assertion */ public function validateAssertion(Assertion $assertion) { $assertionValidationResult = $this->assertionValidator->validate($assertion); if (!$assertionValidationResult->isValid()) { throw new InvalidAssertionException(sprintf('Invalid Assertion in SAML Response, erorrs: "%s"', implode('", "', $assertionValidationResult->getErrors()))); } foreach ($assertion->getSubjectConfirmation() as $subjectConfirmation) { $subjectConfirmationValidationResult = $this->subjectConfirmationValidator->validate($subjectConfirmation); if (!$subjectConfirmationValidationResult->isValid()) { throw new InvalidSubjectConfirmationException(sprintf('Invalid SubjectConfirmation in Assertion, errors: "%s"', implode('", "', $subjectConfirmationValidationResult->getErrors()))); } } }