/** * @param SAML2_Response $response * @param SAML2_Configuration_IdentityProvider $identityProviderConfiguration */ private function verifySignature(SAML2_Response $response, SAML2_Configuration_IdentityProvider $identityProviderConfiguration) { if (!$response->isMessageConstructedWithSignature()) { $this->logger->info(sprintf('SAMLResponse with id "%s" was not signed at root level, not attempting to verify the signature of the' . ' reponse itself', $response->getId())); return; } $this->logger->info(sprintf('Attempting to verify the signature of SAMLResponse with id "%s"', $response->getId())); $this->responseIsSigned = TRUE; if (!$this->signatureValidator->hasValidSignature($response, $identityProviderConfiguration)) { throw new SAML2_Response_Exception_InvalidResponseException(); } }