RequestedSecurityTokenType requestedToken = response.getRequestedSecurityToken();
assertNotNull("Unexpected null requested security token", requestedToken);
// unmarshall the SAMLV2.0 assertion.
Element assertionElement = (Element) requestedToken.getAny().get(0);
AssertionType assertion = SAMLUtil.fromElement(assertionElement);
// verify the contents of the unmarshalled assertion.
assertNotNull("Invalid null assertion ID", assertion.getID());
assertEquals(keyId.getValue().substring(1), assertion.getID());
assertEquals(lifetime.getCreated(), assertion.getIssueInstant());
// validate the assertion issuer.
assertNotNull("Unexpected null assertion issuer", assertion.getIssuer());
assertEquals("Unexpected assertion issuer name", "Test STS", assertion.getIssuer().getValue());
// validate the assertion subject.
assertNotNull("Unexpected null subject", assertion.getSubject());
SubjectType subject = assertion.getSubject();
NameIDType nameID = (NameIDType) subject.getSubType().getBaseID();
assertEquals("Unexpected name id qualifier", "urn:picketlink:identity-federation", nameID.getNameQualifier());
assertEquals("Unexpected name id value", principal, nameID.getValue());
SubjectConfirmationType subjType = subject.getConfirmation().get(0);
assertEquals("Unexpected confirmation method", confirmationMethod, subjType.getMethod());
// validate the assertion conditions.
assertNotNull("Unexpected null conditions", assertion.getConditions());
assertEquals(lifetime.getCreated(), assertion.getConditions().getNotBefore());
assertEquals(lifetime.getExpires(), assertion.getConditions().getNotOnOrAfter());
assertNotNull("Assertion should have been signed", assertion.getSignature());
return assertion;
}