private function addAuthnStatement(\DOMElement $root)
{
if ($this->authnInstant === null || $this->authnContextClassRef === null && $this->authnContextDecl === null && $this->authnContextDeclRef === null) {
/* No authentication context or AuthnInstant => no authentication statement. */
return;
}
$document = $root->ownerDocument;
$authnStatementEl = $document->createElementNS(Constants::NS_SAML, 'saml:AuthnStatement');
$root->appendChild($authnStatementEl);
$authnStatementEl->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant));
if ($this->sessionNotOnOrAfter !== null) {
$authnStatementEl->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter));
}
if ($this->sessionIndex !== null) {
$authnStatementEl->setAttribute('SessionIndex', $this->sessionIndex);
}
$authnContextEl = $document->createElementNS(Constants::NS_SAML, 'saml:AuthnContext');
$authnStatementEl->appendChild($authnContextEl);
if (!empty($this->authnContextClassRef)) {
Utils::addString($authnContextEl, Constants::NS_SAML, 'saml:AuthnContextClassRef', $this->authnContextClassRef);
}
if (!empty($this->authnContextDecl)) {
$this->authnContextDecl->toXML($authnContextEl);
}
if (!empty($this->authnContextDeclRef)) {
Utils::addString($authnContextEl, Constants::NS_SAML, 'saml:AuthnContextDeclRef', $this->authnContextDeclRef);
}
Utils::addStrings($authnContextEl, Constants::NS_SAML, 'saml:AuthenticatingAuthority', false, $this->AuthenticatingAuthority);
}