public function test__sp2()
{
$resolver = $this->getResolver();
$set = (new CriteriaSet())->add(new EntityIdCriteria($entityId = 'https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp'))->add(new MetadataCriteria(MetadataCriteria::TYPE_SP, SamlConstants::PROTOCOL_SAML2))->add(new UsageCriteria(UsageType::SIGNING));
$arrCredentials = $resolver->resolve($set);
$this->assertCount(1, $arrCredentials);
$credential = $arrCredentials[0];
$this->assertEquals($entityId, $credential->getEntityId());
$crt = new X509Certificate();
$crt->loadPem($credential->getPublicKey()->getX509Certificate());
$this->assertEquals('MIIDrDCCApSgAwIBAgIJAIxzbGLou3BjMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlJTMQ8wDQYDVQQIEwZTZXJiaWExDDAKBgNVBAoTA0JPUzEUMBIGA1UEAxMLbXQuZXZvLnRlYW0wHhcNMTMxMDA4MTg1OTMyWhcNMjMxMDA4MTg1OTMyWjBCMQswCQYDVQQGEwJSUzEPMA0GA1UECBMGU2VyYmlhMQwwCgYDVQQKEwNCT1MxFDASBgNVBAMTC210LmV2by50ZWFtMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws7jML47jTQbWleRwihk15wOjuspoKPcxW1aERexAMWe8BMs1MeeTOMXjnA35breGa9PwJi2KjtDz3gkhVCglZzLZGBLLO7uchZvagFhTomZa20jTqO6JQbDli3pYNP0fBIrmEbH9cfhgm91Fm+6bTVnJ4xQhT4aPWrPAVKU2FDTBFBf4QNMIb1iI1oNErt3iocsbRTbIyjjvIe8yLVrtmZXA0DnkxB/riym0GT+4gpOEKV6GUMTF1x0eQMUzw4dkxhFs7fv6YrJymtEMmHOeiA5vVPEtxEr84JAXJyZUaZfufkj/jHUlX+POFWx2JRv+428ghrXpNvqUNqv7ozfFwIDAQABo4GkMIGhMB0GA1UdDgQWBBRomf3Xyc5ck3ceIXq0n45pxUkgwjByBgNVHSMEazBpgBRomf3Xyc5ck3ceIXq0n45pxUkgwqFGpEQwQjELMAkGA1UEBhMCUlMxDzANBgNVBAgTBlNlcmJpYTEMMAoGA1UEChMDQk9TMRQwEgYDVQQDEwttdC5ldm8udGVhbYIJAIxzbGLou3BjMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGAXc8pe6+6owl9z2iqybE6pbjXTKqjSclMGrdeooItU1xGqBhYu/b2q6hEvYZCzlqYe5euf3r8C7GAAKEYyuwu3xuLDYV4n6l6eWTIl1doug+r0Bl8Z3157A4BcgmUT64QkekI2VDHO8WAdDOWQg1UTEoqCryTOtmRaC391iGAqbz1wtZtV95boGdur8SChK9LKcPrbCDxpo64BMgtPk2HkRgE7h5YWkLHxmxwZrYi3EAfS6IucblY3wwY4GEix8DQh1lYgpv5TOD8IMVf+oUWdp81Un/IqHqLhnSupwk6rBYbUFhN/ClK5UcoDqWHcj27tGKD6aNlxTdSwcYBl3Ts=', $crt->getData());
/** @var \LightSaml\Credential\Context\MetadataCredentialContext $metadataContext */
$metadataContext = $credential->getCredentialContext()->get('LightSaml\\Credential\\Context\\MetadataCredentialContext');
$this->assertNotNull($metadataContext);
$this->assertInstanceOf('LightSaml\\Model\\Metadata\\SpSsoDescriptor', $metadataContext->getRoleDescriptor());
$this->assertEquals(UsageType::SIGNING, $credential->getUsageType());
}
/**
* Get saml authnRequest.
*
* @param string $consumer_service_url
* @param string $idp_destination
* @param string $issuer
* @param string $saml_crt
* @param string $saml_key
* @return string
*/
public function getAuthnRequest($consumer_service_url, $idp_destination, $issuer, $saml_crt, $saml_key)
{
$authn_request = new AuthnRequest();
$authn_request->setAssertionConsumerServiceURL($consumer_service_url)->setProtocolBinding(SamlConstants::BINDING_SAML2_HTTP_POST)->setID(Helper::generateID())->setIssueInstant(new DateTime())->setDestination($idp_destination)->setIssuer(new Issuer($issuer));
$certificate = new X509Certificate();
$certificate->loadPem($saml_crt);
$private_key = KeyHelper::createPrivateKey($saml_key, '', false);
$authn_request->setSignature(new SignatureWriter($certificate, $private_key));
$serialization_context = new SerializationContext();
$authn_request->serialize($serialization_context->getDocument(), $serialization_context);
$binding_factory = new BindingFactory();
$redirect_binding = $binding_factory->create(SamlConstants::BINDING_SAML2_HTTP_REDIRECT);
$message_context = new MessageContext();
$message_context->setMessage($authn_request);
/** @var \Symfony\Component\HttpFoundation\RedirectResponse $http_response */
$http_response = $redirect_binding->send($message_context);
return $http_response->getTargetUrl();
}
/**
* @expectedException \InvalidArgumentException
* @expectedExceptionMessage Invalid PEM encoded certificate
*/
public function test__error_on_invalid_load_pem_context()
{
$certificate = new X509Certificate();
$certificate->loadPem('not a pem format');
}
