Implement AuthenticationStatement

simplesamlphp · Feb 27, 2024 · 43ab97a · 43ab97a
1 parent c2a6838
commit 43ab97a
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 8 deletions.
diff --git a/src/SAML11/XML/saml/AbstractAuthenticationStatementType.php b/src/SAML11/XML/saml/AbstractAuthenticationStatementType.php
@@ -24,13 +24,14 @@ abstract class AbstractAuthenticationStatementType extends AbstractSubjectStatem
     /**
      * Initialize a saml:AuthenticationStatementType from scratch
      *
+     * @param \SimpleSAML\SAML11\XML\saml\Subject $subject
      * @param string $authenticationMethod
      * @param \DateTimeImmutable $authenticationInstant
-     * @param \SimpleSAML\SAML11\XML\saml\Subject $subject
      * @param \SimpleSAML\SAML11\XML\saml\SubjectLocality|null $subjectLocality
      * @param array<\SimpleSAML\SAML11\XML\saml\AuthorityBinding> $authorityBinding
      */
     public function __construct(
+        Subject $subject,
         protected string $authenticationMethod,
         protected DateTimeImmutable $authenticationInstant,
         protected ?SubjectLocality $subjectLocality = null,
@@ -117,9 +118,9 @@ public static function fromXML(DOMElement $xml): static
         Assert::maxCount($subject, 1, TooManyElementsException::class);
 
         return new static(
+            array_pop($subject),
             self::getAttribute($xml, 'AuthenticationMethod'),
             $authenticationInstant,
-            array_pop($subject),
             array_pop($subjectLocality),
             $authorityBinding,
         );

diff --git a/tests/resources/xml/saml_AuthenticationStatement.xml b/tests/resources/xml/saml_AuthenticationStatement.xml
@@ -1,5 +1,6 @@
 <saml:AuthenticationStatement xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2023-01-24T09:42:26Z">
   <saml:Subject>
+    <saml:NameIdentifier NameQualifier="TheNameQualifier" Format="urn:the:format">TheNameIDValue</saml:NameIdentifier>
     <saml:SubjectConfirmation>
       <saml:ConfirmationMethod>_Test1</saml:ConfirmationMethod>
       <saml:ConfirmationMethod>_Test2</saml:ConfirmationMethod>

diff --git a/tests/src/SAML11/XML/saml/AuthenticationStatementTest.php b/tests/src/SAML11/XML/saml/AuthenticationStatementTest.php
@@ -7,6 +7,7 @@
 use DateTimeImmutable;
 use PHPUnit\Framework\TestCase;
 use SimpleSAML\SAML11\Constants as C;
+use SimpleSAML\SAML11\Utils\XPath;
 use SimpleSAML\SAML11\XML\saml\AuthenticationStatement;
 use SimpleSAML\SAML11\XML\saml\AuthorityBinding;
 use SimpleSAML\SAML11\XML\saml\ConfirmationMethod;
@@ -19,7 +20,6 @@
 use SimpleSAML\XML\DOMDocumentFactory;
 use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
 use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
-use SimpleSAML\XML\Utils\XPath;
 use SimpleSAML\XMLSecurity\TestUtils\PEMCertificatesMock;
 use SimpleSAML\XMLSecurity\XML\ds\KeyInfo;
 use SimpleSAML\XMLSecurity\XML\ds\KeyName;
@@ -137,6 +137,7 @@ public function testMarshalling(): void
         );
 
         $authenticationStatement = new AuthenticationStatement(
+            $subject,
             C::AC_PASSWORD,
             new DateTimeImmutable('2023-01-24T09:42:26Z'),
             $subjectLocality,
@@ -155,11 +156,11 @@ public function testMarshallingElementOrdering(): void
         $authenticationStatement = AuthenticationStatement::fromXML(self::$xmlRepresentation->documentElement);
         $authenticationStatementElement = $authenticationStatement->toXML();
 
-        // Test for a SubjectLocality
+        // Test for a Subject
         $xpCache = XPath::getXPath($authenticationStatementElement);
         $authenticationStatementElements = XPath::xpQuery(
             $authenticationStatementElement,
-            './saml_assertion:SubjectLocality',
+            './saml_assertion:Subject',
             $xpCache,
         );
         $this->assertCount(1, $authenticationStatementElements);
@@ -168,10 +169,11 @@ public function testMarshallingElementOrdering(): void
         /** @psalm-var \DOMElement[] $authnStatementElements */
         $authenticationStatementElements = XPath::xpQuery(
             $authenticationStatementElement,
-            './saml_assertion:SubjectLocality/following-sibling::*',
+            './saml_assertion:Subject/following-sibling::*',
             $xpCache,
         );
-        $this->assertCount(1, $authenticationStatementElements);
-        $this->assertEquals('saml:AuthorityBinding', $authenticationStatementElements[0]->tagName);
+        $this->assertCount(2, $authenticationStatementElements);
+        $this->assertEquals('saml:SubjectLocality', $authenticationStatementElements[0]->tagName);
+        $this->assertEquals('saml:AuthorityBinding', $authenticationStatementElements[1]->tagName);
     }
 }