public function test_does_nothing_if_issuer_has_no_format()
{
$action = new AssertionIssuerFormatValidatorAction($loggerMock = TestHelper::getLoggerMock($this), $expectedIssuerFormat = SamlConstants::NAME_ID_FORMAT_EMAIL);
$context = TestHelper::getAssertionContext($assertion = new Assertion());
$assertion->setIssuer(new Issuer('http://issuer.com'));
$action->execute($context);
}
public function test_calls_assertion_validator_with_assertion_from_context()
{
$action = new AssertionValidatorAction(TestHelper::getLoggerMock($this), $assertionValidatorMock = TestHelper::getAssertionValidatorMock($this));
$context = TestHelper::getAssertionContext($assertion = new Assertion());
$assertionValidatorMock->expects($this->once())->method('validateAssertion')->with($assertion);
$action->execute($context);
}
public function test_calls_validator()
{
$action = new TimeValidatorAction($loggerMock = TestHelper::getLoggerMock($this), $validatorMock = TestHelper::getAssertionTimeValidatorMock($this), $timeProviderMock = TestHelper::getTimeProviderMock($this), $allowedSkew = 120);
$context = TestHelper::getAssertionContext($assertion = new Assertion());
$timeProviderMock->expects($this->once())->method('getTimestamp')->willReturn($timestamp = 123123123);
$validatorMock->expects($this->once())->method('validateTimeRestrictions')->with($assertion, $timestamp, $allowedSkew);
$action->execute($context);
}
public function test_logs_known_issuer()
{
$action = new KnownAssertionIssuerAction($loggerMock = TestHelper::getLoggerMock($this), $entityDescriptorStoreMock = TestHelper::getEntityDescriptorStoreMock($this));
$context = TestHelper::getAssertionContext($assertion = new Assertion());
$assertion->setIssuer(new Issuer($issuer = 'http://issuer.com'));
$entityDescriptorStoreMock->expects($this->once())->method('has')->with($issuer)->willReturn(true);
$loggerMock->expects($this->once())->method('debug')->with('Known assertion issuer: "http://issuer.com"');
$action->execute($context);
}
public function test_adds_known_in_response_to_request_state_to_context()
{
$action = new InResponseToValidatorAction(TestHelper::getLoggerMock($this), $requestStateMock = TestHelper::getRequestStateStoreMock($this));
$context = TestHelper::getAssertionContext($assertion = new Assertion());
$assertion->setSubject($subject = new Subject());
$subject->addSubjectConfirmation($subjectConfirmation = new SubjectConfirmation());
$subjectConfirmation->setSubjectConfirmationData(new SubjectConfirmationData());
$subjectConfirmation->getSubjectConfirmationData()->setInResponseTo($inResponseTo = '123123123');
$requestStateMock->expects($this->once())->method('get')->with($inResponseTo)->willReturn(new RequestState($inResponseTo));
$action->execute($context);
/** @var RequestStateContext $requestStateContext */
$requestStateContext = $context->getSubContext(ProfileContexts::REQUEST_STATE);
$this->assertInstanceOf(RequestStateContext::class, $requestStateContext);
$this->assertEquals($inResponseTo, $requestStateContext->getRequestState()->getId());
}
public function test_does_nothing_if_recipient_matches_own_acs_service_location()
{
$action = new RecipientValidatorAction($loggerMock = TestHelper::getLoggerMock($this), $endpointResolver = TestHelper::getEndpointResolverMock($this));
$assertionContext = TestHelper::getAssertionContext($assertion = new Assertion());
$assertion->addItem(new AuthnStatement());
$assertion->setSubject(new Subject());
$assertion->getSubject()->addSubjectConfirmation($subjectConfirmation = (new SubjectConfirmation())->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER));
$subjectConfirmation->setSubjectConfirmationData((new SubjectConfirmationData())->setRecipient($recipient = 'http://recipient.com'));
$profileContext = TestHelper::getProfileContext();
$profileContext->getOwnEntityContext()->setEntityDescriptor($ownEntityDescriptor = new EntityDescriptor());
$assertionContext->setParent($profileContext);
$endpointResolver->expects($this->once())->method('resolve')->willReturnCallback(function () use($recipient) {
return [TestHelper::getEndpointReferenceMock($this, new AssertionConsumerService())];
});
$action->execute($assertionContext);
}
public function test_sets_unknown_assertion_id_to_store()
{
$action = new RepeatedIdValidatorAction($loggerMock = TestHelper::getLoggerMock($this), $idStoreMock = TestHelper::getIdStoreMock($this));
$assertionContext = TestHelper::getAssertionContext($assertion = new Assertion());
$assertion->setId($assertionId = '123');
$assertion->setIssuer(new Issuer($issuer = 'http://issuer.com'));
$assertion->addItem(new AuthnStatement());
$assertion->setSubject(new Subject());
$assertion->getSubject()->addSubjectConfirmation($subjectConfirmation = new SubjectConfirmation());
$subjectConfirmation->setMethod(SamlConstants::CONFIRMATION_METHOD_BEARER);
$subjectConfirmation->setSubjectConfirmationData(new SubjectConfirmationData());
$subjectConfirmation->getSubjectConfirmationData()->setNotOnOrAfter(new \DateTime());
$idStoreMock->expects($this->once())->method('has')->with($issuer, $assertionId)->willReturn(false);
$idStoreMock->expects($this->once())->method('set')->with($issuer, $assertionId, $this->isInstanceOf(\DateTime::class));
$action->execute($assertionContext);
}
