public function testNameIDunmarshalling()
{
$xml = <<<XML
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
ID="_593e33ddf86449ce4d4c22b60ac48e067d98a0b2bf"
Version="2.0"
IssueInstant="2010-03-05T13:34:28Z"
>
<saml:Issuer>testIssuer</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">b7de81420a19416</saml:NameID>
</saml:Subject>
<saml:AuthnStatement AuthnInstant="2010-03-05T13:34:28Z">
<saml:AuthnContext>
<saml:AuthnContextClassRef>someAuthnContext</saml:AuthnContextClassRef>
<saml:AuthnContextDeclRef>/relative/path/to/document.xml</saml:AuthnContextDeclRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
XML;
$document = DOMDocumentFactory::fromString($xml);
$assertion = new Assertion($document->documentElement);
$nameID = $assertion->getNameID();
$this->assertEquals('b7de81420a19416', $nameID['Value']);
$this->assertEquals('urn:oasis:names:tc:SAML:2.0:nameid-format:transient', $nameID['Format']);
$this->assertFalse($assertion->isNameIdEncrypted());
// Not encrypted, should be a no-op
$privateKey = CertificatesMock::getPrivateKey();
$decrypted = $assertion->decryptNameId($privateKey);
$this->assertEquals('b7de81420a19416', $nameID['Value']);
$this->assertEquals('urn:oasis:names:tc:SAML:2.0:nameid-format:transient', $nameID['Format']);
$this->assertFalse($assertion->isNameIdEncrypted());
}