/**
* Convert this assertion to an XML element.
*
* @param DOMNode|NULL $parentElement The DOM node the assertion should be created in.
* @return DOMElement This assertion.
*/
public function toXML(DOMNode $parentElement = NULL)
{
if ($parentElement === NULL) {
$document = new DOMDocument();
$parentElement = $document;
} else {
$document = $parentElement->ownerDocument;
}
$root = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:' . 'Assertion');
$parentElement->appendChild($root);
/* Ugly hack to add another namespace declaration to the root element. */
$root->setAttributeNS(SAML2_Const::NS_SAMLP, 'samlp:tmp', 'tmp');
$root->removeAttributeNS(SAML2_Const::NS_SAMLP, 'tmp');
$root->setAttributeNS(SAML2_Const::NS_XSI, 'xsi:tmp', 'tmp');
$root->removeAttributeNS(SAML2_Const::NS_XSI, 'tmp');
$root->setAttributeNS(SAML2_Const::NS_XS, 'xs:tmp', 'tmp');
$root->removeAttributeNS(SAML2_Const::NS_XS, 'tmp');
$root->setAttribute('ID', $this->id);
$root->setAttribute('Version', '2.0');
$root->setAttribute('IssueInstant', gmdate($this->dateformat, $this->issueInstant));
$issuer = SAML2_Utils::addString($root, SAML2_Const::NS_SAML, 'saml:Issuer', $this->issuer);
$this->addSubject($root);
$this->addConditions($root);
$this->addAuthnStatement($root);
// Add two sets of attributestatements
$tmpattr = $this->attributes;
$this->attributes = array('urn:foo' => array('bar'));
$this->addAttributeStatement($root);
$this->attributes = $tmpattr;
$this->addAttributeStatement($root);
if ($this->signatureKey !== NULL) {
SAML2_Utils::insertSignature($this->signatureKey, $this->certificates, $root, $issuer->nextSibling);
}
return $root;
}
/**
* Sign the given XML element.
*
* @param DOMElement $root The element we should sign.
* @param DOMElement|NULL $insertBefore The element we should insert the signature node before.
* @return DOMElement|NULL
*/
protected function signElement(DOMElement $root, DOMElement $insertBefore = NULL)
{
if ($this->signatureKey === NULL) {
/* We cannot sign this element. */
return NULL;
}
SAML2_Utils::insertSignature($this->signatureKey, $this->certificates, $root, $insertBefore);
return $root;
}
/**
* Convert this message to a signed XML document.
*
* This method sign the resulting XML document if the private key for
* the signature is set.
*
* @return DOMElement The root element of the DOM tree.
*/
public function toSignedXML()
{
$root = $this->toUnsignedXML();
if ($this->signatureKey === NULL) {
/* We don't have a key to sign it with. */
return $root;
}
/* Find the position we should insert the signature node at. */
if ($this->issuer !== NULL) {
/*
* We have an issuer node. The signature node should come
* after the issuer node.
*/
$issuerNode = $root->firstChild;
$insertBefore = $issuerNode->nextSibling;
} else {
/* No issuer node - the signature element should be the first element. */
$insertBefore = $root->firstChild;
}
SAML2_Utils::insertSignature($this->signatureKey, $this->certificates, $root, $insertBefore);
return $root;
}
/**
* Convert this assertion to an XML element.
*
* @param DOMNode|NULL $parentElement The DOM node the assertion should be created in.
* @return DOMElement This assertion.
*/
public function toXML(DOMNode $parentElement = NULL)
{
if ($parentElement === NULL) {
$document = new DOMDocument();
$parentElement = $document;
} else {
$document = $parentElement->ownerDocument;
}
$root = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:' . 'Assertion');
$parentElement->appendChild($root);
/* Ugly hack to add another namespace declaration to the root element. */
$root->setAttributeNS(SAML2_Const::NS_SAMLP, 'samlp:tmp', 'tmp');
$root->removeAttributeNS(SAML2_Const::NS_SAMLP, 'tmp');
$root->setAttributeNS(SAML2_Const::NS_XSI, 'xsi:tmp', 'tmp');
$root->removeAttributeNS(SAML2_Const::NS_XSI, 'tmp');
$root->setAttributeNS(SAML2_Const::NS_XS, 'xs:tmp', 'tmp');
$root->removeAttributeNS(SAML2_Const::NS_XS, 'tmp');
$root->setAttribute('ID', $this->id);
$root->setAttribute('Version', '2.0');
$root->setAttribute('IssueInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->issueInstant));
$issuer = SAML2_Utils::addString($root, SAML2_Const::NS_SAML, 'saml:Issuer', $this->issuer);
$this->addSubject($root);
$this->addConditions($root);
$this->addAuthnStatement($root);
if ($this->requiredEncAttributes == FALSE) {
$this->addAttributeStatement($root);
} else {
$this->addEncryptedAttributeStatement($root);
}
if ($this->signatureKey !== NULL) {
SAML2_Utils::insertSignature($this->signatureKey, $this->certificates, $root, $issuer->nextSibling);
}
return $root;
}
