/**
* @param \XMLSecurityKey $key
* @return bool True if validated, False if validation was not performed
* @throws \AerialShip\LightSaml\Error\SecurityException If validation fails
*/
public function validate(\XMLSecurityKey $key)
{
if ($this->getSignature() == null) {
return false;
}
if ($key->type !== \XMLSecurityKey::RSA_SHA1) {
throw new SecurityException('Invalid key type for validating signature on query string');
}
if ($key->type !== $this->getAlgorithm()) {
$key = KeyHelper::castKey($key, $this->getAlgorithm());
}
$signature = base64_decode($this->getSignature());
if (!$key->verifySignature($this->getData(), $signature)) {
throw new SecurityException('Unable to validate signature on query string');
}
return true;
}
/**
* @param \XMLSecurityKey $key
* @return \XMLSecurityKey
*/
private function castKeyIfNecessary(\XMLSecurityKey $key)
{
$algorithm = $this->getAlgorithm();
if ($key->type === \XMLSecurityKey::RSA_SHA1 && $algorithm !== $key->type) {
$key = KeyHelper::castKey($key, $algorithm);
}
return $key;
}
