From 00ea28919097ac5ec19d1551b43e0e87b27a9aba Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 21 Apr 2010 12:56:33 +0000
Subject: [PATCH] SAMLBuilder: Reimplement on top of metadata classes.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2263 44740490-163a-0410-bde0-09ae8108e29a
---
lib/SimpleSAML/Metadata/SAMLBuilder.php | 350 +++++++++---------------
1 file changed, 122 insertions(+), 228 deletions(-)
diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index 5b69a056b..cafffba6e 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -12,12 +12,6 @@ class SimpleSAML_Metadata_SAMLBuilder {
- /**
- * The DOMDocument we are working in.
- */
- private $document;
-
-
/**
* The EntityDescriptor we are building.
*/
@@ -26,7 +20,7 @@ class SimpleSAML_Metadata_SAMLBuilder {
private $maxCache = NULL;
private $maxDuration = NULL;
-
+
/**
* Initialize the builder.
*
@@ -38,26 +32,21 @@ class SimpleSAML_Metadata_SAMLBuilder {
$this->maxCache = $maxCache;
$this->maxDuration = $maxDuration;
- $this->document = new DOMDocument();
-
- $this->entityDescriptor = $this->createElement('EntityDescriptor');
-# $this->entityDescriptor->setAttribute('xmlns:xml', 'http://www.w3.org/XML/1998/namespace');
- $this->entityDescriptor->setAttribute('entityID', $entityId);
-
- $this->document->appendChild($this->entityDescriptor);
+ $this->entityDescriptor = new SAML2_XML_md_EntityDescriptor();
+ $this->entityDescriptor->entityID = $entityId;
}
private function setExpiration($metadata) {
-
+
if (array_key_exists('expire', $metadata)) {
if ($metadata['expire'] - time() < $this->maxDuration)
$this->maxDuration = $metadata['expire'] - time();
}
-
- if ($this->maxCache !== NULL)
- $this->entityDescriptor->setAttribute('cacheDuration', 'PT' . $this->maxCache . 'S');
- if ($this->maxDuration !== NULL)
- $this->entityDescriptor->setAttribute('validUntil', SimpleSAML_Utilities::generateTimestamp(time() + $this->maxDuration));
+
+ if ($this->maxCache !== NULL)
+ $this->entityDescriptor->cacheDuration = 'PT' . $this->maxCache . 'S';
+ if ($this->maxDuration !== NULL)
+ $this->entityDescriptor->validUntil = time() + $this->maxDuration;
}
@@ -68,7 +57,11 @@ class SimpleSAML_Metadata_SAMLBuilder {
* @return DOMElement The EntityDescriptor element for this entity.
*/
public function getEntityDescriptor() {
- return $this->entityDescriptor;
+
+ $xml = $this->entityDescriptor->toXML();
+ $xml->ownerDocument->appendChild($xml);
+
+ return $xml;
}
@@ -84,56 +77,45 @@ class SimpleSAML_Metadata_SAMLBuilder {
public function getEntityDescriptorText($formatted = TRUE) {
assert('is_bool($formatted)');
+ $xml = $this->getEntityDescriptor();
if ($formatted) {
- SimpleSAML_Utilities::formatDOMElement($this->entityDescriptor);
+ SimpleSAML_Utilities::formatDOMElement($xml);
}
- return $this->document->saveXML();
+ return $xml->ownerDocument->saveXML();
}
-
+
+
/**
* @param SimpleSAML_Configuration $metadata Metadata.
* @param $e Reference to the element where the Extensions element should be included.
*/
- private function addExtensions(SimpleSAML_Configuration $metadata, &$e = NULL) {
- $extensions = $this->createElement('Extensions');
- $includeExtensions = FALSE;
-
+ private function addExtensions(SimpleSAML_Configuration $metadata, SAML2_XML_md_RoleDescriptor $e) {
+
if ($metadata->hasValue('tags')) {
- $includeExtensions = TRUE;
- $attr = $this->createElement('saml:Attribute', 'urn:oasis:names:tc:SAML:2.0:assertion');
- $attr->setAttribute('Name', 'tags');
+ $a = new SAML2_XML_saml_Attribute();
+ $a->Name = 'tags';
foreach ($metadata->getArray('tags') as $tag) {
- $attr->appendChild($this->createTextElement('saml:AttributeValue', $tag, 'urn:oasis:names:tc:SAML:2.0:assertion'));
+ $a->AttributeValue[] = new SAML2_XML_saml_AttributeValue($tag);
}
- $extensions->appendChild($attr);
+ $e->Extensions[] = $a;
}
if ($metadata->hasValue('hint.cidr')) {
- $includeExtensions = TRUE;
- $attr = $this->createElement('saml:Attribute', 'urn:oasis:names:tc:SAML:2.0:assertion');
- $attr->setAttribute('Name', 'hint.cidr');
- foreach ($metadata->getArrayizeString('hint.cidr') as $hint) {
- $attr->appendChild($this->createTextElement('saml:AttributeValue', $hint, 'urn:oasis:names:tc:SAML:2.0:assertion'));
+ $a = new SAML2_XML_saml_Attribute();
+ $a->Name = 'hint.cidr';
+ foreach ($metadata->getArray('hint.cidr') as $hint) {
+ $a->AttributeValue[] = new SAML2_XML_saml_AttributeValue($hint);
}
- $extensions->appendChild($attr);
+ $e->Extensions[] = $a;
}
-
if ($metadata->hasValue('scope')) {
- $includeExtensions = TRUE;
foreach ($metadata->getArray('scope') as $scopetext) {
- $scope = $this->createElement('shibmd:Scope', 'urn:mace:shibboleth:metadata:1.0');
- $scope->setAttribute('regexp', 'false');
- $scope->appendChild($this->document->createTextNode($scopetext));
- $extensions->appendChild($scope);
- }
- }
- if ($includeExtensions) {
- if (isset($e)) {
- $e->appendChild($extensions);
- } else {
- $this->entityDescriptor->appendChild($extensions);
+ $s = new SAML2_XML_shibmd_Scope();
+ $s->scope = $scopetext;
+ $s->regexp = FALSE;
+ $e->Extensions[] = $s;
}
}
}
@@ -150,27 +132,13 @@ class SimpleSAML_Metadata_SAMLBuilder {
*/
public function addOrganization(array $orgName, array $orgDisplayName, array $orgURL) {
- $org = $this->createElement('Organization');
+ $org = new SAML2_XML_md_Organization();
- foreach ($orgName AS $lang => $localname) {
- $e = $this->createTextElement('OrganizationName', $localname);
- $e->setAttribute('xml:lang', $lang);
- $org->appendChild($e);
- }
+ $org->OrganizationName = $orgName;
+ $org->OrganizationDisplayName = $orgDisplayName;
+ $org->OrganizationURL = $orgURL;
- foreach ($orgDisplayName AS $lang => $localname) {
- $e = $this->createTextElement('OrganizationDisplayName', $localname);
- $e->setAttribute('xml:lang', $lang);
- $org->appendChild($e);
- }
-
- foreach ($orgURL AS $lang => $locallink) {
- $e = $this->createTextElement('OrganizationURL', $locallink);
- $e->setAttribute('xml:lang', $lang);
- $org->appendChild($e);
- }
-
- $this->entityDescriptor->appendChild($org);
+ $this->entityDescriptor->Organization = $org;
}
@@ -201,38 +169,26 @@ class SimpleSAML_Metadata_SAMLBuilder {
/**
* Add endpoint list to metadata.
*
- * @param DOMElement $ssoDesc The *SSODescriptor element.
- * @param string $endpointType The endpoint type (e.g. 'SingleLogoutService').
* @param array $endpoints The endpoints.
+ * @param bool $indexed Whether the endpoints should be indexed.
+ * @return array Array of endpoint objects.
*/
- private function addEndpoints(DOMElement $ssoDesc, $endpointType, array $endpoints) {
- assert('is_string($endpointType)');
+ private static function createEndpoints(array $endpoints, $indexed) {
+ assert('is_bool($indexed)');
- switch ($endpointType) {
- case 'ArtifactResolutionService':
- case 'AssertionConsumerService':
- $indexed = TRUE;
- break;
- case 'AssertionIDRequestService':
- case 'AttributeService':
- case 'AuthnQueryService':
- case 'AuthzService':
- case 'ManageNameIDService':
- case 'NameIDMappingService':
- case 'SingleLogoutService':
- case 'SingleSignOnService':
- $indexed = FALSE;
- break;
- default:
- throw new SimpleSAML_Error_Exception('TODO: Add endpoint type: ' . var_export($endpointType, TRUE));
- }
+ $ret = array();
foreach ($endpoints as &$ep) {
- $t = $this->createElement($endpointType);
- $t->setAttribute('Binding', $ep['Binding']);
- $t->setAttribute('Location', $ep['Location']);
+ if ($indexed) {
+ $t = new SAML2_XML_md_IndexedEndpointType();
+ } else {
+ $t = new SAML2_XML_md_EndpointType();
+ }
+
+ $t->Binding = $ep['Binding'];
+ $t->Location = $ep['Location'];
if (isset($ep['ResponseLocation'])) {
- $t->setAttribute('ResponseLocation', $ep['ResponseLocation']);
+ $t->ResponseLocation = $ep['ResponseLocation'];
}
if ($indexed) {
@@ -252,12 +208,13 @@ class SimpleSAML_Metadata_SAMLBuilder {
$ep['index'] = $maxIndex + 1;
}
- $t->setAttribute('index', (string)$ep['index']);
+ $t->index = $ep['index'];
}
- $ssoDesc->appendChild($t);
+ $ret[] = $t;
}
+ return $ret;
}
@@ -267,7 +224,7 @@ class SimpleSAML_Metadata_SAMLBuilder {
* @param DOMElement $spDesc The SPSSODescriptor element.
* @param SimpleSAML_Configuration $metadata The metadata.
*/
- private function addAttributeConsumingService(DOMElement $spDesc, SimpleSAML_Configuration $metadata) {
+ private function addAttributeConsumingService(SAML2_XML_md_SPSSODescriptor $spDesc, SimpleSAML_Configuration $metadata) {
$attributes = $metadata->getArray('attributes', array());
$name = $metadata->getLocalizedString('name', NULL);
@@ -280,34 +237,24 @@ class SimpleSAML_Metadata_SAMLBuilder {
* Add an AttributeConsumingService element with information as name and description and list
* of requested attributes
*/
- $attributeconsumer = $this->createElement('AttributeConsumingService');
- $attributeconsumer->setAttribute('index', '0');
+ $attributeconsumer = new SAML2_XML_md_AttributeConsumingService();
- foreach($name AS $lang => $localname) {
- $t = $this->createTextElement('ServiceName', $localname);
- $t->setAttribute('xml:lang', $lang);
- $attributeconsumer->appendChild($t);
- }
+ $attributeconsumer->index = 0;
- $description = $metadata->getLocalizedString('description', array());
- foreach ($description as $lang => $localname) {
- $t = $this->createTextElement('ServiceDescription', $localname);
- $t->setAttribute('xml:lang', $lang);
- $attributeconsumer->appendChild($t);
- }
+ $attributeconsumer->ServiceName = $name;
+ $attributeconsumer->ServiceDescription = $metadata->getLocalizedString('description', array());
$nameFormat = $metadata->getString('attributes.NameFormat', SAML2_Const::NAMEFORMAT_UNSPECIFIED);
-
foreach ($attributes as $attribute) {
- $t = $this->createElement('RequestedAttribute');
- $t->setAttribute('Name', $attribute);
+ $t = new SAML2_XML_md_RequestedAttribute();
+ $t->Name = $attribute;
if ($nameFormat !== SAML2_Const::NAMEFORMAT_UNSPECIFIED) {
- $t->setAttribute('NameFormat', $nameFormat);
+ $t->NameFormat = $nameFormat;
}
- $attributeconsumer->appendChild($t);
+ $attributeconsumer->RequestedAttribute[] = $t;
}
- $spDesc->appendChild($attributeconsumer);
+ $spDesc->AttributeConsumingService[] = $attributeconsumer;
}
@@ -359,20 +306,18 @@ class SimpleSAML_Metadata_SAMLBuilder {
$metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
- $e = $this->createElement('SPSSODescriptor');
- $e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:2.0:protocol');
+ $e = new SAML2_XML_md_SPSSODescriptor();
+ $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:2.0:protocol';
$this->addExtensions($metadata, $e);
$this->addCertificate($e, $metadata);
- $this->addEndpoints($e, 'SingleLogoutService', $metadata->getEndpoints('SingleLogoutService'));
+ $e->SingleLogoutService = self::createEndpoints($metadata->getEndpoints('SingleLogoutService'), FALSE);
if ($metadata->hasValue('NameIDFormat')) {
- $t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
- $e->appendChild($t);
+ $e->NameIDFormat[] = $metadata->getString('NameIDFormat');
}
$endpoints = $metadata->getEndpoints('AssertionConsumerService');
@@ -382,11 +327,11 @@ class SimpleSAML_Metadata_SAMLBuilder {
'Location' => $acs,
);
}
- $this->addEndpoints($e, 'AssertionConsumerService', $endpoints);
+ $e->AssertionConsumerService = self::createEndpoints($endpoints, TRUE);
$this->addAttributeConsumingService($e, $metadata);
- $this->entityDescriptor->appendChild($e);
+ $this->entityDescriptor->RoleDescriptor[] = $e;
foreach ($metadata->getArray('contacts', array()) as $contact) {
if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
@@ -409,11 +354,11 @@ class SimpleSAML_Metadata_SAMLBuilder {
$metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
- $e = $this->createElement('IDPSSODescriptor');
- $e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:2.0:protocol');
+ $e = new SAML2_XML_md_IDPSSODescriptor();
+ $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:2.0:protocol';
if ($metadata->getBoolean('redirect.sign', FALSE)) {
- $e->setAttribute('WantAuthnRequestSigned', 'true');
+ $e->WantAuthnRequestSigned = TRUE;
}
$this->addExtensions($metadata, $e);
@@ -421,20 +366,18 @@ class SimpleSAML_Metadata_SAMLBuilder {
$this->addCertificate($e, $metadata);
if ($metadata->hasValue('ArtifactResolutionService')){
- $this->addEndpoints($e, 'ArtifactResolutionService', $metadata->getEndpoints('ArtifactResolutionService'));
+ $e->ArtifactResolutionService = self::createEndpoints($metadata->getEndpoints('ArtifactResolutionService'), TRUE);
}
- $this->addEndpoints($e, 'SingleLogoutService', $metadata->getEndpoints('SingleLogoutService'));
+ $e->SingleLogoutService = self::createEndpoints($metadata->getEndpoints('SingleLogoutService'), FALSE);
if ($metadata->hasValue('NameIDFormat')) {
- $t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
- $e->appendChild($t);
+ $e->NameIDFormat[] = $metadata->getString('NameIDFormat');
}
- $this->addEndpoints($e, 'SingleSignOnService', $metadata->getEndpoints('SingleSignOnService'));
+ $e->SingleSignOnService = self::createEndpoints($metadata->getEndpoints('SingleSignOnService'), FALSE);
- $this->entityDescriptor->appendChild($e);
+ $this->entityDescriptor->RoleDescriptor[] = $e;
foreach ($metadata->getArray('contacts', array()) as $contact) {
if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
@@ -457,15 +400,13 @@ class SimpleSAML_Metadata_SAMLBuilder {
$metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
- $e = $this->createElement('SPSSODescriptor');
- $e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:1.1:protocol');
+ $e = new SAML2_XML_md_SPSSODescriptor();
+ $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:1.1:protocol';
$this->addCertificate($e, $metadata);
if ($metadata->hasValue('NameIDFormat')) {
- $t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
- $e->appendChild($t);
+ $e->NameIDFormat[] = $metadata->getString('NameIDFormat');
}
$endpoints = $metadata->getEndpoints('AssertionConsumerService');
@@ -475,11 +416,11 @@ class SimpleSAML_Metadata_SAMLBuilder {
'Location' => $acs,
);
}
- $this->addEndpoints($e, 'AssertionConsumerService', $endpoints);
+ $e->AssertionConsumerService = self::createEndpoints($endpoints, TRUE);
$this->addAttributeConsumingService($e, $metadata);
- $this->entityDescriptor->appendChild($e);
+ $this->entityDescriptor->RoleDescriptor[] = $e;
}
@@ -495,20 +436,18 @@ class SimpleSAML_Metadata_SAMLBuilder {
$metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
- $e = $this->createElement('IDPSSODescriptor');
- $e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:1.1:protocol');
+ $e = new SAML2_XML_md_IDPSSODescriptor();
+ $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:1.1:protocol';
$this->addCertificate($e, $metadata);
if ($metadata->hasValue('NameIDFormat')) {
- $t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
- $e->appendChild($t);
+ $e->NameIDFormat[] = $metadata->getString('NameIDFormat');
}
- $this->addEndpoints($e, 'SingleSignOnService', $metadata->getEndpoints('SingleSignOnService'));
+ $e->SingleSignOnService = self::createEndpoints($metadata->getEndpoints('SingleSignOnService'), FALSE);
- $this->entityDescriptor->appendChild($e);
+ $this->entityDescriptor->RoleDescriptor[] = $e;
}
@@ -524,22 +463,20 @@ class SimpleSAML_Metadata_SAMLBuilder {
$metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
- $e = $this->createElement('AttributeAuthorityDescriptor');
- $e->setAttribute('protocolSupportEnumeration', implode(' ', $metadata->getArray('protocols', array())));
+ $e = new SAMl2_AttributeAuthorityDescriptor();
+ $e->protocolSupportEnumeration = $metadata->getArray('protocols', array());
$this->addExtensions($metadata, $e);
$this->addCertificate($e, $metadata);
- $this->addEndpoints($e, 'AttributeService', $metadata->getEndpoints('AttributeService'));
- $this->addEndpoints($e, 'AssertionIDRequestService', $metadata->getEndpoints('AssertionIDRequestService'));
+ $e->AttributeService = self::createEndpoints($metadata->getEndpoints('AttributeService'), FALSE);
+ $e->AssertionIDRequestService = self::createEndpoints($metadata->getEndpoints('AssertionIDRequestService'), FALSE);
foreach ($metadata->getArray('NameIDFormat', array()) as $format) {
- $t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($format));
- $e->appendChild($t);
+ $e->NameIDFormat[] = $metadata->getString('NameIDFormat');
}
- $this->entityDescriptor->appendChild($e);
+ $this->entityDescriptor->RoleDescriptor[] = $e;
}
@@ -584,17 +521,17 @@ class SimpleSAML_Metadata_SAMLBuilder {
}
}
- $e = $this->createElement('ContactPerson');
- $e->setAttribute('contactType', $type);
+ $e = new SAML2_XML_md_ContactPerson();
+ $e->contactType = $type;
if (isset($details['company'])) {
- $e->appendChild($this->createTextElement('Company', $details['company']));
+ $e->Company = $details['company'];
}
if (isset($details['givenName'])) {
- $e->appendChild($this->createTextElement('GivenName', $details['givenName']));
+ $e->GivenName = $details['givenName'];
}
if (isset($details['surName'])) {
- $e->appendChild($this->createTextElement('SurName', $details['surName']));
+ $e->SurName = $details['surName'];
}
if (isset($details['emailAddress'])) {
@@ -603,7 +540,7 @@ class SimpleSAML_Metadata_SAMLBuilder {
$eas = array($eas);
}
foreach ($eas as $ea) {
- $e->appendChild($this->createTextElement('EmailAddress', $ea));
+ $e->EmailAddress[] = $ea;
}
}
@@ -613,79 +550,39 @@ class SimpleSAML_Metadata_SAMLBuilder {
$tlfNrs = array($tlfNrs);
}
foreach ($tlfNrs as $tlfNr) {
- $e->appendChild($this->createTextElement('TelephoneNumber', $tlfNr));
+ $e->TelephoneNumber[] = $tlfNr;
}
}
- $this->entityDescriptor->appendChild($e);
- }
-
-
- /**
- * Create DOMElement in metadata namespace.
- *
- * Helper function for creating DOMElements with the metadata namespace.
- *
- * @param string $name The name of the DOMElement.
- * @return DOMElement The new DOMElement.
- */
- private function createElement($name, $ns = 'urn:oasis:names:tc:SAML:2.0:metadata') {
- assert('is_string($name)');
- assert('is_string($ns)');
- return $this->document->createElementNS($ns, $name);
- }
-
-
- /**
- * Create a DOMElement in metadata namespace with a single text node.
- *
- * @param string $name The name of the DOMElement.
- * @param string $text The text contained in the element.
- * @return DOMElement The new DOMElement with a text node.
- */
- private function createTextElement($name, $text, $ns = NULL) {
- assert('is_string($name)');
- assert('is_string($text)');
-
- if ($ns !== NULL) {
- $node = $this->createElement($name, $ns);
- } else {
- $node = $this->createElement($name);
- }
- $node->appendChild($this->document->createTextNode($text));
-
- return $node;
+ $this->entityDescriptor->ContactPerson[] = $e;
}
/**
* Add a KeyDescriptor with an X509 certificate.
*
- * @param DOMElement $ssoDesc The IDPSSODescroptor or SPSSODecriptor the certificate
- * should be added to.
- * @param string|NULL $use The value of the use-attribute.
+ * @param SAML2_XML_md_RoleDescriptor $rd The RoleDescriptor the certificate should be added to.
+ * @param string $use The value of the use-attribute.
* @param string $x509data The certificate data.
*/
- private function addX509KeyDescriptor(DOMElement $ssoDesc, $use, $x509data) {
- assert('in_array($use, array(NULL, "encryption", "signing"), TRUE)');
+ private function addX509KeyDescriptor(SAML2_XML_md_RoleDescriptor $rd, $use, $x509data) {
+ assert('in_array($use, array("encryption", "signing"), TRUE)');
assert('is_string($x509data)');
- $keyDescriptor = $this->createElement('KeyDescriptor');
- if ($use !== NULL) {
- $keyDescriptor->setAttribute('use', $use);
- }
- $ssoDesc->appendChild($keyDescriptor);
+ $keyDescriptor = new SAML2_XML_md_KeyDescriptor();
+ $keyDescriptor->use = $use;
+ $rd->KeyDescriptor[] = $keyDescriptor;
- $keyInfo = $this->document->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'ds:KeyInfo');
- $keyDescriptor->appendChild($keyInfo);
+ $keyInfo = new SAML2_XML_ds_KeyInfo();
+ $keyDescriptor->KeyInfo = $keyInfo;
- $x509Data = $this->document->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'ds:X509Data');
- $keyInfo->appendChild($x509Data);
+ $x509Data = new SAML2_XML_ds_X509Data();
+ $keyInfo->info[] = $x509Data;
- $x509Certificate = $this->document->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'ds:X509Certificate');
- $x509Data->appendChild($x509Certificate);
+ $x509Certificate = new SAML2_XML_ds_X509Certificate();
+ $x509Data->data[] = $x509Certificate;
- $x509Certificate->appendChild($this->document->createTextNode($x509data));
+ $x509Certificate->certificate = $x509data;
}
@@ -694,11 +591,10 @@ class SimpleSAML_Metadata_SAMLBuilder {
*
* Helper function for adding a certificate to the metadata.
*
- * @param DOMElement $ssoDesc The IDPSSODescroptor or SPSSODecriptor the certificate
- * should be added to.
+ * @param SAML2_XML_md_RoleDescriptor $rd The RoleDescriptor the certificate should be added to.
* @param SimpleSAML_Configuration $metadata The metadata for the entity.
*/
- private function addCertificate(DOMElement $ssoDesc, SimpleSAML_Configuration $metadata) {
+ private function addCertificate(SAML2_XML_md_RoleDescriptor $rd, SimpleSAML_Configuration $metadata) {
$certInfo = SimpleSAML_Utilities::loadPublicKey($metadata->toArray());
if ($certInfo === NULL || !array_key_exists('certData', $certInfo)) {
@@ -708,10 +604,8 @@ class SimpleSAML_Metadata_SAMLBuilder {
$certData = $certInfo['certData'];
- $this->addX509KeyDescriptor($ssoDesc, 'signing', $certData);
- $this->addX509KeyDescriptor($ssoDesc, 'encryption', $certData);
+ $this->addX509KeyDescriptor($rd, 'signing', $certData);
+ $this->addX509KeyDescriptor($rd, 'encryption', $certData);
}
}
-
-?>
--
GitLab