private function SAML2_Assertion::addAuthnStatement in SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 8
Add a AuthnStatement-node to the assertion.
Parameters
DOMElement $root The assertion element we should add the authentication statement to.:
1 call to SAML2_Assertion::addAuthnStatement()
- SAML2_Assertion::toXML in src/
SAML2_Assertion.php - Convert this assertion to an XML element.
File
- src/
SAML2_Assertion.php, line 695
Class
Namespace
Drupal\miniorange_samlCode
private function addAuthnStatement(DOMElement $root) {
if ($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL) {
/* No authentication context or AuthnInstant => no authentication statement. */
return;
}
$document = $root->ownerDocument;
$authnStatementEl = $document
->createElementNS('urn:oasis:names:tc:SAML:2.0:assertion', 'saml:AuthnStatement');
$root
->appendChild($authnStatementEl);
$authnStatementEl
->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant));
if ($this->sessionNotOnOrAfter !== NULL) {
$authnStatementEl
->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter));
}
if ($this->sessionIndex !== NULL) {
$authnStatementEl
->setAttribute('SessionIndex', $this->sessionIndex);
}
$authnContextEl = $document
->createElementNS('urn:oasis:names:tc:SAML:2.0:assertion', 'saml:AuthnContext');
$authnStatementEl
->appendChild($authnContextEl);
if (!empty($this->authnContextClassRef)) {
Utilities::addString($authnContextEl, 'urn:oasis:names:tc:SAML:2.0:assertion', 'saml:AuthnContextClassRef', $this->authnContextClassRef);
}
if (!empty($this->authnContextDecl)) {
$this->authnContextDecl
->toXML($authnContextEl);
}
if (!empty($this->authnContextDeclRef)) {
Utilities::addString($authnContextEl, 'urn:oasis:names:tc:SAML:2.0:assertion', 'saml:AuthnContextDeclRef', $this->authnContextDeclRef);
}
Utilities::addStrings($authnContextEl, 'urn:oasis:names:tc:SAML:2.0:assertion', 'saml:AuthenticatingAuthority', FALSE, $this->AuthenticatingAuthority);
}