In my SAML2 SP (HTTP-POST Binding) I need to specify "Comparison='minimum'" attribute on my "samlp:RequestedAuthnContext", but every call of "SAML2_AuthnRequest::setRequestedAuthnContext" or every assignment to the attribute "SAML2_AuthnRequest::requestedAuthnContext" just doesn't include this configuration in the value array.
Am I misunderstanding some usage?
<samlp:RequestedAuthnContext Comparison="minimum">
<saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:SpidL2</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext>
The 3 levels of possibile AuthContextClassRef:
urn:oasis:names:tc:SAML:2.0:ac:classes:SpidL1
urn:oasis:names:tc:SAML:2.0:ac:classes:SpidL2
urn:oasis:names:tc:SAML:2.0:ac:classes:SpidL3
if (isset($rac['Comparison']) && $rac['Comparison'] !== SAML2_Const::COMPARISON_EXACT) {
$e->setAttribute('Comparison', $rac['Comparison']);
}