public static function Utilities::validateSignature in SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 8
2 calls to Utilities::validateSignature()
- SAML2_Assertion::validate in src/
SAML2_Assertion.php - Validate this assertion against a public key.
- Utilities::checkSign in src/
Utilities.php
File
- src/
Utilities.php, line 434
Class
- Utilities
- This file is part of miniOrange SAML plugin.
Namespace
Drupal\miniorange_samlCode
public static function validateSignature(array $info, XMLSecurityKey $key) {
/** @var XMLSecurityDSig $objXMLSecDSig */
$objXMLSecDSig = $info['Signature'];
$sigMethod = self::xpQuery($objXMLSecDSig->sigNode, './ds:SignedInfo/ds:SignatureMethod');
if (empty($sigMethod)) {
echo sprintf('Missing SignatureMethod element');
// exit();
}
$sigMethod = $sigMethod[0];
if (!$sigMethod
->hasAttribute('Algorithm')) {
echo sprintf('Missing Algorithm-attribute on SignatureMethod element.');
// exit;
}
$algo = $sigMethod
->getAttribute('Algorithm');
if ($key->type === XMLSecurityKey::RSA_SHA1 && $algo !== $key->type) {
$key = self::castKey($key, $algo);
}
/* Check the signature. */
if (!$objXMLSecDSig
->verify($key)) {
echo sprintf('Unable to validate Signature');
// exit;
}
}