public function setAuthnContextDecl(Chunk $authnContextDecl) { if (!empty($this->authnContextDeclRef)) { throw new \Exception('AuthnContextDeclRef is already registered! May only have either a Decl or a DeclRef, not both!'); } $this->authnContextDecl = $authnContextDecl; }
public function testAuthnContextDeclAndRefConstraint() { $xml = <<<XML <samlac:AuthenticationContextDeclaration xmlns:samlac="urn:oasis:names:tc:SAML:2.0:ac"> </samlac:AuthenticationContextDeclaration> XML; $document = DOMDocumentFactory::fromString($xml); $assertion = new Assertion(); $e = null; try { $assertion->setAuthnContextDecl(new Chunk($document->documentElement)); $assertion->setAuthnContextDeclRef('/relative/path/to/document.xml'); } catch (\Exception $e) { } $this->assertNotEmpty($e); // Try again in reverse order for good measure. $assertion = new Assertion(); $e = null; try { $assertion->setAuthnContextDeclRef('/relative/path/to/document.xml'); $assertion->setAuthnContextDecl(new Chunk($document->documentElement)); } catch (\Exception $e) { } $this->assertNotEmpty($e); // Try with unmarshalling $xml = <<<XML <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_593e33ddf86449ce4d4c22b60ac48e067d98a0b2bf" Version="2.0" IssueInstant="2010-03-05T13:34:28Z" > <saml:Issuer>testIssuer</saml:Issuer> <saml:AuthnStatement AuthnInstant="2010-03-05T13:34:28Z"> <saml:AuthnContext> <saml:AuthnContextDecl> <samlac:AuthenticationContextDeclaration xmlns:samlac="urn:oasis:names:tc:SAML:2.0:ac"> </samlac:AuthenticationContextDeclaration> </saml:AuthnContextDecl> <saml:AuthnContextDeclRef>/relative/path/to/document.xml</saml:AuthnContextDeclRef> </saml:AuthnContext> </saml:AuthnStatement> </saml:Assertion> XML; $document = DOMDocumentFactory::fromString($xml); $e = null; try { new Assertion($document->documentElement); } catch (\Exception $e) { } $this->assertNotEmpty($e); }