/** * @expectedException \LightSaml\Error\LightSamlAuthenticationException * @expectedExceptionMessage("Unsuccessful SAML response: urn:oasis:names:tc:SAML:2.0:status:Requester * urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding") */ public function test_throws_authentication_exception_if_status_not_success() { $action = new StatusAction($loggerMock = TestHelper::getLoggerMock($this)); $context = new ProfileContext(Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST, ProfileContext::ROLE_IDP); $context->getInboundContext()->setMessage($response = new Response()); $response->setStatus(new Status($statusCode = new StatusCode(SamlConstants::STATUS_REQUESTER))); $statusCode->setStatusCode(new StatusCode(SamlConstants::STATUS_UNSUPPORTED_BINDING)); $loggerMock->expects($this->once())->method('error'); $action->execute($context); }
public function test_success_response_with_xsd() { $response = new Response(); $response->setStatus(new Status(new StatusCode(SamlConstants::STATUS_SUCCESS)))->setInResponseTo(Helper::generateID())->setID(Helper::generateID())->setIssueInstant(new \DateTime())->setIssuer(new Issuer('https://idp.com')); $response->addAssertion($assertion = new Assertion()); $assertion->setId(Helper::generateID())->setIssueInstant(new \DateTime())->setIssuer(new Issuer('https://idp.com'))->setSubject((new Subject())->setNameID(new NameID('*****@*****.**', SamlConstants::NAME_ID_FORMAT_EMAIL))->addSubjectConfirmation((new SubjectConfirmation())->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER)->setSubjectConfirmationData((new SubjectConfirmationData())->setInResponseTo(Helper::generateID())->setNotOnOrAfter(new \DateTime('+1 hour'))->setRecipient('https://sp.com/acs'))))->setConditions((new Conditions())->setNotBefore(new \DateTime())->setNotOnOrAfter(new \DateTime('+1 hour'))->addItem(new AudienceRestriction(['https://sp.com/acs'])))->addItem((new AttributeStatement())->addAttribute(new Attribute(ClaimTypes::EMAIL_ADDRESS, '*****@*****.**')))->addItem((new AuthnStatement())->setAuthnInstant(new \DateTime('-1 hour'))->setSessionIndex(Helper::generateID())->setAuthnContext((new AuthnContext())->setAuthnContextClassRef(SamlConstants::AUTHN_CONTEXT_PASSWORD_PROTECTED_TRANSPORT))); $this->sign($assertion); $this->sign($response); $this->validateProtocol($response); }