SAML2\Assertion::validate PHP Method

Assertion Class Documentation Usage Examples Of SAML2\Assertion::validate Datei anzeigen Open project: simplesamlphp/saml2

validate() public method

If no signature was present on the assertion, we will return false. Otherwise, true will be returned. An exception is thrown if the signature validation fails.
public validate ( XMLSecurityKey $key ) : boolean
$key RobRichards\XMLSecLibs\XMLSecurityKey The key we should check against.
return boolean true if successful, false if it is unsigned. 
    public function validate(XMLSecurityKey $key)
    {
        assert('$key->type === \\RobRichards\\XMLSecLibs\\XMLSecurityKey::RSA_SHA1');
        if ($this->signatureData === null) {
            return false;
        }
        Utils::validateSignature($this->signatureData, $key);
        return true;
    }

Usage Example

Beispiel #1
0
    /**
     * Calling validate on an unsigned assertion must return
     * false, not an exception.
     */
    public function testVerifyUnsignedAssertion()
    {
        $xml = <<<XML
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                ID="_593e33ddf86449ce4d4c22b60ac48e067d98a0b2bf"
                Version="2.0"
                IssueInstant="2010-03-05T13:34:28Z"
>
  <saml:Issuer>testIssuer</saml:Issuer>
  <saml:Conditions>
    <saml:AudienceRestriction>
      <saml:Audience>audience1</saml:Audience>
      <saml:Audience>audience2</saml:Audience>
    </saml:AudienceRestriction>
  </saml:Conditions>
  <saml:AuthnStatement AuthnInstant="2010-03-05T13:34:28Z">
    <saml:AuthnContext>
      <saml:AuthnContextClassRef>someAuthnContext</saml:AuthnContextClassRef>
      <saml:AuthenticatingAuthority>someIdP1</saml:AuthenticatingAuthority>
      <saml:AuthenticatingAuthority>someIdP2</saml:AuthenticatingAuthority>
    </saml:AuthnContext>
  </saml:AuthnStatement>
</saml:Assertion>
XML;
        $document = DOMDocumentFactory::fromString($xml);
        $assertion = new Assertion($document->firstChild);
        // Was not signed
        $this->assertFalse($assertion->getWasSignedAtConstruction());
        $publicKey = CertificatesMock::getPublicKeySha1();
        $result = $assertion->validate($publicKey);
        $this->assertFalse($result);
    }
Assertion
__construct
addAttributeStatement
addAuthnStatement
addConditions
addEncryptedAttributeStatement
addSubject
decryptAttributes
decryptNameId
encryptNameId
getAttributeNameFormat
getAttributes
getAuthenticatingAuthority
getAuthnContext
getAuthnContextClassRef
getAuthnContextDecl
getAuthnContextDeclRef
getAuthnInstant
getCertificates
getEncryptionKey
getId
getIssueInstant
getIssuer
getNameId
getNotBefore
getNotOnOrAfter
getSessionIndex
getSessionNotOnOrAfter
getSignatureKey
getSignatureMethod
getSubjectConfirmation
getValidAudiences
getWasSignedAtConstruction
hasEncryptedAttributes
isNameIdEncrypted
parseAttributeValue
parseAttributes
parseAuthnContext
parseAuthnStatement
parseConditions
parseEncryptedAttributes
parseSignature
parseSubject
setAttributeNameFormat
setAttributes
setAuthenticatingAuthority
setAuthnContext
setAuthnContextClassRef
setAuthnContextDecl
setAuthnContextDeclRef
setAuthnInstant
setCertificates
setEncryptedAttributes
setEncryptionKey
setId
setIssueInstant
setIssuer
setNameId
setNotBefore
setNotOnOrAfter
setSessionIndex
setSessionNotOnOrAfter
setSignatureKey
setSubjectConfirmation
setValidAudiences
toXML
validate