public function testAuthenticate() { $protectedContentUri = 'https://protected'; $idpEcpEndpoint = 'https://idp.example.org/endpoint'; $consumerEndpointUrl = 'https://idp.example.org/endpoint'; $spInitialRequest = $this->getMock('Saml\\Ecp\\Request\\RequestInterface'); $idpAuthnRequest = $this->getMock('Saml\\Ecp\\Request\\RequestInterface'); $spConveyRequest = $this->getMock('Saml\\Ecp\\Request\\RequestInterface'); $spResourceRequest = $this->getMock('Saml\\Ecp\\Request\\RequestInterface'); $spInitialResponse = $this->getMock('Saml\\Ecp\\Response\\ResponseInterface'); $idpAuthnResponse = $this->getMock('Saml\\Ecp\\Response\\AuthnResponseInterface'); $idpAuthnResponse->expects($this->once())->method('getConsumerEndpointUrl')->will($this->returnValue($consumerEndpointUrl)); $spConveyResponse = $this->getMock('Saml\\Ecp\\Response\\ResponseInterface'); $spResourceResponse = $this->getMock('Saml\\Ecp\\Response\\ResponseInterface'); $authenticationMethod = $this->getMock('Saml\\Ecp\\Authentication\\Method\\MethodInterface'); $discoveryMethod = $this->getMock('Saml\\Ecp\\Discovery\\Method\\MethodInterface'); $discoveryMethod->expects($this->once())->method('getIdpEcpEndpoint')->will($this->returnValue($idpEcpEndpoint)); $requestFactory = $this->getMock('Saml\\Ecp\\Request\\RequestFactoryInterface'); $requestFactory->expects($this->once())->method('createSpInitialRequest')->with($protectedContentUri)->will($this->returnValue($spInitialRequest)); $requestFactory->expects($this->once())->method('createIdpAuthnRequest')->with($spInitialResponse, $idpEcpEndpoint)->will($this->returnValue($idpAuthnRequest)); $requestFactory->expects($this->once())->method('createSpAuthnConveyRequest')->with($idpAuthnResponse, $consumerEndpointUrl)->will($this->returnValue($spConveyRequest)); $requestFactory->expects($this->once())->method('createSpResourceRequest')->with($protectedContentUri)->will($this->returnValue($spResourceRequest)); $this->_flow->setRequestFactory($requestFactory); $client = $this->_getClientMock(); $client->expects($this->once())->method('sendInitialRequestToSp')->with($spInitialRequest)->will($this->returnValue($spInitialResponse)); $client->expects($this->once())->method('sendAuthnRequestToIdp')->with($idpAuthnRequest, $authenticationMethod)->will($this->returnValue($idpAuthnResponse)); $client->expects($this->once())->method('sendAuthnResponseToSp')->with($spConveyRequest)->will($this->returnValue($spConveyResponse)); $client->expects($this->once())->method('sendResourceRequestToSp')->with($spResourceRequest)->will($this->returnValue($spResourceResponse)); $this->_flow->setClient($client); $this->assertSame($spResourceResponse, $this->_flow->authenticate($protectedContentUri, $discoveryMethod, $authenticationMethod)); }
use Saml\Ecp\Client\Exception\InvalidResponseException; use Saml\Ecp\Flow; use Saml\Ecp\Client\Client; use Saml\Ecp\Discovery\Method\StaticIdp; use Saml\Ecp\Authentication\Method\BasicAuth; require __DIR__ . '/_common.php'; $credentials = $globalConfig->get('credentials'); $authenticationMethod = new BasicAuth($credentials->toArray()); $discoveryOptions = $globalConfig->get('discovery')->get('options'); $discoveryMethod = new StaticIdp($discoveryOptions->toArray()); $logger = new Zend\Log\Logger(); $writer = new Zend\Log\Writer\Stream($globalConfig->get('logger')->get('file')); $filter = new Zend\Log\Filter\Priority($globalConfig->get('logger')->get('priority')); $writer->addFilter($filter); $logger->addWriter($writer); $client = new Client($globalConfig->get('client')); $client->setLogger($logger); $flow = new Flow\Basic(); $flow->setClient($client); try { $response = $flow->authenticate($globalConfig->get('protected_content_uri'), $discoveryMethod, $authenticationMethod); } catch (ResponseValidationException $e) { _dump('Validation exception:'); _dump("{$e}"); } catch (InvalidResponseException $e) { _dump('Invalid response:'); _dump("{$e}"); } catch (\Exception $e) { _dump('General exception:'); _dump("{$e}"); }
<?php use Saml\Ecp\Flow; use Saml\Ecp\Client\Client; use Saml\Ecp\Discovery\Method\StaticIdp; use Saml\Ecp\Authentication\Method\BasicAuth; $flow = new Flow\Basic(); $client = new Client(array('http_client' => array('options' => array('cafile' => '/etc/ssl/certs/ca-bundle.pem')))); $flow->setClient($client); $authenticationMethod = new BasicAuth(array('username' => 'user', 'password' => 'passwd')); $discoveryMethod = new StaticIdp(array('idp_ecp_endpoint' => 'https://idp.example.org/idp/profile/SAML2/SOAP/ECP')); $response = $flow->authenticate('https://sp.example.com/secure', $discoveryMethod, $authenticationMethod);