From 173409e884594a59bff702ce34694322322b72ce Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 7 May 2010 09:13:40 +0000
Subject: [PATCH] www/*/metadata: Convert to SimpleSAML_Configuration metadata.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2284 44740490-163a-0410-bde0-09ae8108e29a
---
www/saml2/idp/metadata.php | 34 ++++++++++----------------
www/saml2/sp/metadata.php | 43 +++++++++++++--------------------
www/shib13/idp/metadata.php | 29 ++++++++--------------
www/shib13/sp/metadata.php | 48 +++++++++++++++----------------------
4 files changed, 58 insertions(+), 96 deletions(-)
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index ee2b1f947..29e8fe493 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -17,11 +17,10 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
try {
-
- $idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('saml20-idp-hosted');
$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+ $idpmeta = $metadata->getMetaDataConfig($idpentityid, 'saml20-idp-hosted');
- $certInfo = SimpleSAML_Utilities::loadPublicKey($idpmeta, TRUE);
+ $certInfo = SimpleSAML_Utilities::loadPublicKey($idpmeta->toArray(), TRUE);
$certFingerprint = $certInfo['certFingerprint'];
if (count($certFingerprint) === 1) {
/* Only one valid certificate. */
@@ -36,7 +35,7 @@ try {
'certFingerprint' => $certFingerprint,
);
- if (isset($idpmeta['saml20.sendartifact']) && $idpmeta['saml20.sendartifact'] === TRUE) {
+ if ($idpmeta->getBoolean('saml20.sendartifact', FALSE)) {
/* Artifact sending enabled. */
$metaArray['ArtifactResolutionService'][] = array(
'index' => 0,
@@ -45,29 +44,20 @@ try {
);
}
- if (array_key_exists('NameIDFormat', $idpmeta)) {
- $metaArray['NameIDFormat'] = $idpmeta['NameIDFormat'];
- } else {
- $metaArray['NameIDFormat'] = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient';
- }
+ $metaArray['NameIDFormat'] = $idpmeta->getString('NameIDFormat', 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient');
- if (!empty($idpmeta['OrganizationName'])) {
- $metaArray['OrganizationName'] = $idpmeta['OrganizationName'];
-
- if (!empty($idpmeta['OrganizationDisplayName'])) {
- $metaArray['OrganizationDisplayName'] = $idpmeta['OrganizationDisplayName'];
- } else {
- $metaArray['OrganizationDisplayName'] = $idpmeta['OrganizationName'];
- }
+ if ($idpmeta->hasValue('OrganizationName')) {
+ $metaArray['OrganizationName'] = $idpmeta->getLocalizedString('OrganizationName');
+ $metaArray['OrganizationDisplayName'] = $idpmeta->getLocalizedString('OrganizationDisplayName', $metaArray['OrganizationName']);
- if (empty($idpmeta['OrganizationURL'])) {
+ if (!$idpmeta->hasValue('OrganizationURL')) {
throw new SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.');
}
- $metaArray['OrganizationURL'] = $idpmeta['OrganizationURL'];
+ $metaArray['OrganizationURL'] = $idpmeta->getLocalizedString('OrganizationURL');
}
- if (array_key_exists('scope', $idpmeta)) {
- $metaArray['scope'] = $idpmeta['scope'];
+ if ($idpmeta->hasValue('scope')) {
+ $metaArray['scope'] = $idpmeta->getArray('scope');
}
@@ -84,7 +74,7 @@ try {
$metaxml = $metaBuilder->getEntityDescriptorText();
/* Sign the metadata if enabled. */
- $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $idpmeta, 'SAML 2 IdP');
+ $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $idpmeta->toArray(), 'SAML 2 IdP');
if (array_key_exists('output', $_GET) && $_GET['output'] == 'xhtml') {
$defaultidp = $config->getString('default-saml20-idp', NULL);
diff --git a/www/saml2/sp/metadata.php b/www/saml2/sp/metadata.php
index 08034ec38..be9d039ea 100644
--- a/www/saml2/sp/metadata.php
+++ b/www/saml2/sp/metadata.php
@@ -19,8 +19,8 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
try {
- $spmeta = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrent();
$spentityid = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrentEntityID();
+ $spmeta = $metadata->getMetaDataConfig($spentityid, 'saml20-sp-hosted');
$metaArray = array(
'metadata-set' => 'saml20-sp-remote',
@@ -29,42 +29,33 @@ try {
'SingleLogoutService' => $metadata->getGenerated('SingleLogoutService', 'saml20-sp-hosted'),
);
- if (array_key_exists('NameIDFormat', $spmeta)) {
- $metaArray['NameIDFormat'] = $spmeta['NameIDFormat'];
- } else {
- $metaArray['NameIDFormat'] = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient';
- }
+ $metaArray['NameIDFormat'] = $spmeta->getString('NameIDFormat', 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient');
- if (!empty($spmeta['OrganizationName'])) {
- $metaArray['OrganizationName'] = $spmeta['OrganizationName'];
-
- if (!empty($spmeta['OrganizationDisplayName'])) {
- $metaArray['OrganizationDisplayName'] = $spmeta['OrganizationDisplayName'];
- } else {
- $metaArray['OrganizationDisplayName'] = $spmeta['OrganizationName'];
- }
+ if ($spmeta->hasValue('OrganizationName')) {
+ $metaArray['OrganizationName'] = $spmeta->getLocalizedString('OrganizationName');
+ $metaArray['OrganizationDisplayName'] = $spmeta->getLocalizedString('OrganizationDisplayName', $metaArray['OrganizationName']);
- if (empty($spmeta['OrganizationURL'])) {
+ if (!$spmeta->hasValue('OrganizationURL')) {
throw new SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.');
}
- $metaArray['OrganizationURL'] = $spmeta['OrganizationURL'];
+ $metaArray['OrganizationURL'] = $spmeta->getLocalizedString('OrganizationURL');
}
- if (array_key_exists('attributes', $spmeta)) {
- $metaArray['attributes'] = $spmeta['attributes'];
+ if ($spmeta->hasValue('attributes')) {
+ $metaArray['attributes'] = $spmeta->getArray('attributes');
}
- if (array_key_exists('attributes.NameFormat', $spmeta)) {
- $metaArray['attributes.NameFormat'] = $spmeta['attributes.NameFormat'];
+ if ($spmeta->hasValue('attributes.NameFormat')) {
+ $metaArray['attributes.NameFormat'] = $spmeta->getString('attributes.NameFormat');
}
- if (array_key_exists('name', $spmeta)) {
- $metaArray['name'] = $spmeta['name'];
+ if ($spmeta->hasValue('name')) {
+ $metaArray['name'] = $spmeta->getLocalizedString('name');
}
- if (array_key_exists('description', $spmeta)) {
- $metaArray['description'] = $spmeta['description'];
+ if ($spmeta->hasValue('description')) {
+ $metaArray['description'] = $spmeta->getLocalizedString('description');
}
- $certInfo = SimpleSAML_Utilities::loadPublicKey($spmeta);
+ $certInfo = SimpleSAML_Utilities::loadPublicKey($spmeta->toArray());
if ($certInfo !== NULL && array_key_exists('certData', $certInfo)) {
$metaArray['certData'] = $certInfo['certData'];
}
@@ -81,7 +72,7 @@ try {
$metaxml = $metaBuilder->getEntityDescriptorText();
/* Sign the metadata if enabled. */
- $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $spmeta, 'SAML 2 SP');
+ $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $spmeta->toArray(), 'SAML 2 SP');
diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php
index 4b37a17e0..f795306b4 100644
--- a/www/shib13/idp/metadata.php
+++ b/www/shib13/idp/metadata.php
@@ -18,10 +18,10 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
try {
- $idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('shib13-idp-hosted');
$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
-
- $certInfo = SimpleSAML_Utilities::loadPublicKey($idpmeta, TRUE);
+ $idpmeta = $metadata->getMetaDataConfig($idpentityid, 'shib13-idp-hosted');
+
+ $certInfo = SimpleSAML_Utilities::loadPublicKey($idpmeta->toArray(), TRUE);
$certFingerprint = $certInfo['certFingerprint'];
if (count($certFingerprint) === 1) {
/* Only one valid certificate. */
@@ -35,25 +35,16 @@ try {
'certFingerprint' => $certFingerprint,
);
- if (array_key_exists('NameIDFormat', $idpmeta)) {
- $metaArray['NameIDFormat'] = $idpmeta['NameIDFormat'];
- } else {
- $metaArray['NameIDFormat'] = 'urn:mace:shibboleth:1.0:nameIdentifier';
- }
-
- if (!empty($idpmeta['OrganizationName'])) {
- $metaArray['OrganizationName'] = $idpmeta['OrganizationName'];
+ $metaArray['NameIDFormat'] = $idpmeta->getString('NameIDFormat', 'urn:mace:shibboleth:1.0:nameIdentifier');
- if (!empty($idpmeta['OrganizationDisplayName'])) {
- $metaArray['OrganizationDisplayName'] = $idpmeta['OrganizationDisplayName'];
- } else {
- $metaArray['OrganizationDisplayName'] = $idpmeta['OrganizationName'];
- }
+ if ($idpmeta->hasValue('OrganizationName')) {
+ $metaArray['OrganizationName'] = $idpmeta->getLocalizedString('OrganizationName');
+ $metaArray['OrganizationDisplayName'] = $idpmeta->getLocalizedString('OrganizationDisplayName', $metaArray['OrganizationName']);
- if (empty($idpmeta['OrganizationURL'])) {
+ if (!$idpmeta->hasValue('OrganizationURL')) {
throw new SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.');
}
- $metaArray['OrganizationURL'] = $idpmeta['OrganizationURL'];
+ $metaArray['OrganizationURL'] = $idpmeta->getLocalizedString('OrganizationURL');
}
@@ -70,7 +61,7 @@ try {
$metaxml = $metaBuilder->getEntityDescriptorText();
/* Sign the metadata if enabled. */
- $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $idpmeta, 'Shib 1.3 IdP');
+ $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $idpmeta->toArray(), 'Shib 1.3 IdP');
if (array_key_exists('output', $_GET) && $_GET['output'] == 'xhtml') {
diff --git a/www/shib13/sp/metadata.php b/www/shib13/sp/metadata.php
index bc86f9540..a31459203 100644
--- a/www/shib13/sp/metadata.php
+++ b/www/shib13/sp/metadata.php
@@ -19,9 +19,8 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
try {
- $spmeta = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrent('shib13-sp-hosted');
$spentityid = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-sp-hosted');
-
+ $spmeta = $metadata->getMetaDataConfig($spentityid, 'shib13-sp-hosted');
$metaArray = array(
'metadata-set' => 'shib13-sp-remote',
@@ -29,50 +28,41 @@ try {
'AssertionConsumerService' => $metadata->getGenerated('AssertionConsumerService', 'shib13-sp-hosted'),
);
- $certInfo = SimpleSAML_Utilities::loadPublicKey($spmeta);
+ $certInfo = SimpleSAML_Utilities::loadPublicKey($spmeta->toArray());
if ($certInfo !== NULL && array_key_exists('certData', $certInfo)) {
$metaArray['certData'] = $certInfo['certData'];
}
- if (array_key_exists('NameIDFormat', $spmeta)) {
- $metaArray['NameIDFormat'] = $spmeta['NameIDFormat'];
- } else {
- $metaArray['NameIDFormat'] = 'urn:mace:shibboleth:1.0:nameIdentifier';
- }
-
- if (!empty($spmeta['OrganizationName'])) {
- $metaArray['OrganizationName'] = $spmeta['OrganizationName'];
+ $metaArray['NameIDFormat'] = $spmeta->getString('NameIDFormat', 'urn:mace:shibboleth:1.0:nameIdentifier');
- if (!empty($spmeta['OrganizationDisplayName'])) {
- $metaArray['OrganizationDisplayName'] = $spmeta['OrganizationDisplayName'];
- } else {
- $metaArray['OrganizationDisplayName'] = $spmeta['OrganizationName'];
- }
+ if ($spmeta->hasValue('OrganizationName')) {
+ $metaArray['OrganizationName'] = $spmeta->getLocalizedString('OrganizationName');
+ $metaArray['OrganizationDisplayName'] = $spmeta->getLocalizedString('OrganizationDisplayName', $metaArray['OrganizationName']);
- if (empty($spmeta['OrganizationURL'])) {
+ if (!$spmeta->hasValue('OrganizationURL')) {
throw new SimpleSAML_Error_Exception('If OrganizationName is set, OrganizationURL must also be set.');
}
- $metaArray['OrganizationURL'] = $spmeta['OrganizationURL'];
+ $metaArray['OrganizationURL'] = $spmeta->getLocalizedString('OrganizationURL');
}
- if (array_key_exists('attributes', $spmeta)) {
- $metaArray['attributes'] = $spmeta['attributes'];
+ if ($spmeta->hasValue('attributes')) {
+ $metaArray['attributes'] = $spmeta->getArray('attributes');
}
- if (array_key_exists('attributes.NameFormat', $spmeta)) {
- $metaArray['attributes.NameFormat'] = $spmeta['attributes.NameFormat'];
+ if ($spmeta->hasValue('attributes.NameFormat')) {
+ $metaArray['attributes.NameFormat'] = $spmeta->getString('attributes.NameFormat');
}
- if (array_key_exists('name', $spmeta)) {
- $metaArray['name'] = $spmeta['name'];
+ if ($spmeta->hasValue('name')) {
+ $metaArray['name'] = $spmeta->getLocalizedString('name');
}
- if (array_key_exists('description', $spmeta)) {
- $metaArray['description'] = $spmeta['description'];
+ if ($spmeta->hasValue('description')) {
+ $metaArray['description'] = $spmeta->getLocalizedString('description');
}
$metaflat = '$metadata[' . var_export($spentityid, TRUE) . '] = ' . var_export($metaArray, TRUE) . ';';
- if (array_key_exists('certificate', $spmeta)) {
- $metaArray['certificate'] = $spmeta['certificate'];
+ if ($spmeta->hasValue('certificate')) {
+ $metaArray['certificate'] = $spmeta->getString('certificate');
}
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($spentityid);
$metaBuilder->addMetadataSP11($metaArray);
@@ -84,7 +74,7 @@ try {
$metaxml = $metaBuilder->getEntityDescriptorText();
/* Sign the metadata if enabled. */
- $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $spmeta, 'Shib 1.3 SP');
+ $metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $spmeta->toArray(), 'Shib 1.3 SP');
if (array_key_exists('output', $_GET) && $_GET['output'] == 'xhtml') {
$t = new SimpleSAML_XHTML_Template($config, 'metadata.php', 'admin');
--
GitLab