SAML2\Assertion::getAuthnContext PHP Method

Assertion Class Documentation Usage Examples Of SAML2\Assertion::getAuthnContext Datei anzeigen Open project: simplesamlphp/saml2

getAuthnContext() public method

This will return null if no authentication statement was included in the assertion. Note that this returns either the AuthnContextClassRef or the AuthnConextDeclRef, whose definition overlaps but is slightly different (consult the specification for more information). This was done to work around an old bug of Shibboleth ( https://bugs.internet2.edu/jira/browse/SIDP-187 ). Should no longer be required, please use either getAuthnConextClassRef or getAuthnContextDeclRef.

Deprecation: use getAuthnContextClassRef

public getAuthnContext ( ) : string \| null
return	string \| null	The authentication method.

    public function getAuthnContext()
    {
        if (!empty($this->authnContextClassRef)) {
            return $this->authnContextClassRef;
        }
        if (!empty($this->authnContextDeclRef)) {
            return $this->authnContextDeclRef;
        }
        return null;
    }

Usage Example

Beispiel #1

Datei anzeigen

Datei: AssertionTest.php Projekt: simplesamlphp/saml2

    public function testAuthnContextDeclAndRefConstraint()
    {
        $xml = <<<XML
<samlac:AuthenticationContextDeclaration xmlns:samlac="urn:oasis:names:tc:SAML:2.0:ac">
</samlac:AuthenticationContextDeclaration>
XML;
        $document = DOMDocumentFactory::fromString($xml);
        $assertion = new Assertion();
        $e = null;
        try {
            $assertion->setAuthnContextDecl(new Chunk($document->documentElement));
            $assertion->setAuthnContextDeclRef('/relative/path/to/document.xml');
        } catch (\Exception $e) {
        }
        $this->assertNotEmpty($e);
        // Try again in reverse order for good measure.
        $assertion = new Assertion();
        $e = null;
        try {
            $assertion->setAuthnContextDeclRef('/relative/path/to/document.xml');
            $assertion->setAuthnContextDecl(new Chunk($document->documentElement));
        } catch (\Exception $e) {
        }
        $this->assertNotEmpty($e);
        // Try with unmarshalling
        $xml = <<<XML
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                ID="_593e33ddf86449ce4d4c22b60ac48e067d98a0b2bf"
                Version="2.0"
                 IssueInstant="2010-03-05T13:34:28Z"
>
  <saml:Issuer>testIssuer</saml:Issuer>
  <saml:AuthnStatement AuthnInstant="2010-03-05T13:34:28Z">
    <saml:AuthnContext>
      <saml:AuthnContextDecl>
        <samlac:AuthenticationContextDeclaration xmlns:samlac="urn:oasis:names:tc:SAML:2.0:ac">
        </samlac:AuthenticationContextDeclaration>
      </saml:AuthnContextDecl>
      <saml:AuthnContextDeclRef>/relative/path/to/document.xml</saml:AuthnContextDeclRef>
    </saml:AuthnContext>
  </saml:AuthnStatement>
</saml:Assertion>
XML;
        $document = DOMDocumentFactory::fromString($xml);
        $e = null;
        try {
            new Assertion($document->documentElement);
        } catch (\Exception $e) {
        }
        $this->assertNotEmpty($e);
        // deprecated function
        $this->assertEquals('/relative/path/to/document.xml', $assertion->getAuthnContext());
    }

Assertion

__construct

addAttributeStatement

addAuthnStatement

addConditions

addEncryptedAttributeStatement

addSubject

decryptAttributes

decryptNameId

encryptNameId

getAttributeNameFormat

getAttributes