/**
* @param Response $response
*
* @return string|null
*/
public function getUsername(Response $response)
{
foreach ($response->getAllAssertions() as $assertion) {
$username = $this->getUsernameFromAssertion($assertion);
if ($username) {
return $username;
}
}
return null;
}
/**
* @param Response $response
* @return null|string
*/
public function getEmailAddress(Response $response)
{
foreach ($response->getAllAssertions() as $assertion) {
foreach ($assertion->getAllAttributeStatements() as $statement) {
$username = $statement->getFirstAttributeByName(ClaimTypes::EMAIL_ADDRESS);
if ($username) {
return $username->getFirstAttributeValue();
}
}
}
}
/**
* @dataProvider resolves_credentials_for_own_entity_id_party_role_and_encryption_usage_provider
*/
public function test_resolves_credentials_and_decrypts_assertions($ownRole, $expectedMetadataCriteria)
{
$action = new DecryptAssertionsAction($loggerMock = TestHelper::getLoggerMock($this), $credentialResolverMock = $this->getCredentialResolverMock());
$context = new ProfileContext(Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST, $ownRole);
$context->getOwnEntityContext()->setEntityDescriptor(new EntityDescriptor($entityId = 'http://entity.id'));
$context->getInboundContext()->setMessage($response = new Response());
$response->addEncryptedAssertion($encryptedAssertionMock1 = $this->getEncryptedAssertionReaderMock());
$encryptedAssertionMock1->expects($this->once())->method('decryptMultiAssertion')->willReturn($decryptedAssertion = new Assertion());
$credentialResolverMock->expects($this->once())->method('query')->willReturn($query = new CredentialResolverQuery($credentialResolverMock));
$credentialResolverMock->expects($this->once())->method('resolve')->with($query)->willReturn($credentials = [$credentialMock1 = $this->getCredentialMock()]);
$credentialMock1->expects($this->any())->method('getPrivateKey')->willReturn($privateKey = new XMLSecurityKey(XMLSecurityKey::TRIPLEDES_CBC));
$action->execute($context);
$this->assertTrue($query->has(EntityIdCriteria::class));
$this->assertEquals($entityId, $query->getSingle(EntityIdCriteria::class)->getEntityId());
$this->assertTrue($query->has(MetadataCriteria::class));
$this->assertEquals($expectedMetadataCriteria, $query->getSingle(MetadataCriteria::class)->getMetadataType());
$this->assertTrue($query->has(UsageCriteria::class));
$this->assertEquals(UsageType::ENCRYPTION, $query->getSingle(UsageCriteria::class)->getUsage());
$this->assertCount(1, $response->getAllAssertions());
$this->assertSame($decryptedAssertion, $response->getFirstAssertion());
}
public function test_deserialize_invalid02()
{
$context = new DeserializationContext();
$context->getDocument()->load(__DIR__ . '/../../../../../../resources/sample/Response/invalid02.xml');
$response = new Response();
$response->deserialize($context->getDocument(), $context);
$this->assertEquals('_274be8a4-c2ba-43ca-a7c6-2f1613762576', $response->getID());
$this->assertEquals('2.0', $response->getVersion());
$this->assertEquals('2013-11-17T12:35:10Z', $response->getIssueInstantString());
$this->assertEquals('_b04e5e6166a0ba08f3ae9327a7145498e9f8a60e2f', $response->getInResponseTo());
$this->assertNotNull($response->getIssuer());
$this->assertEquals('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/', $response->getIssuer()->getValue());
$this->assertNotNull($response->getStatus());
$this->assertEquals(SamlConstants::STATUS_REQUESTER, $response->getStatus()->getStatusCode()->getValue());
$this->assertEquals(SamlConstants::STATUS_UNSUPPORTED_BINDING, $response->getStatus()->getStatusCode()->getStatusCode()->getValue());
$expectedMessage = <<<EOT
ACS75006: An error occurred while processing a SAML2 Authentication request. ACS75003: SAML protocol response cannot be sent via bindings other than HTTP POST. Requested binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
Trace ID: d75d5305-d3fc-40b0-9087-d59032682dd9
Correlation ID: ca26b4bd-23d4-4233-9c28-96bc0a336c39
Timestamp: 2013-11-17 12:35:10Z
EOT;
$expectedMessage = trim(str_replace("\r", '', $expectedMessage));
$this->assertEquals($expectedMessage, trim(str_replace("\r", '', $response->getStatus()->getStatusMessage())));
$this->assertCount(0, $response->getAllAssertions());
}
