private function parseSubject(\DOMElement $xml)
{
$subject = Utils::xpQuery($xml, './saml_assertion:Subject');
if (empty($subject)) {
return;
}
if (count($subject) > 1) {
throw new \Exception('More than one <saml:Subject> in <saml:AuthnRequest>.');
}
$subject = $subject[0];
$nameId = Utils::xpQuery($subject, './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData');
if (empty($nameId)) {
throw new \Exception('Missing <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.');
} elseif (count($nameId) > 1) {
throw new \Exception('More than one <saml:NameID> or <saml:EncryptedID> in <saml:Subject>.');
}
$nameId = $nameId[0];
if ($nameId->localName === 'EncryptedData') {
/* The NameID element is encrypted. */
$this->encryptedNameId = $nameId;
} else {
$this->nameId = Utils::parseNameId($nameId);
}
$subjectConfirmation = Utils::xpQuery($subject, './saml_assertion:SubjectConfirmation');
foreach ($subjectConfirmation as $sc) {
$this->subjectConfirmation[] = new SubjectConfirmation($sc);
}
}
