diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index f4c224852ada83591708e1ca96381467b0028e95..be7aa5f54fcf874a3250102947db05e9ebe263d5 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -92,38 +92,37 @@ class SimpleSAML_Metadata_SAMLBuilder {
}
/**
- * @param $metadata Metadata array
+ * @param SimpleSAML_Configuration $metadata Metadata.
* @param $e Reference to the element where the Extensions element should be included.
*/
- private function addExtensions($metadata, &$e = NULL) {
+ private function addExtensions(SimpleSAML_Configuration $metadata, &$e = NULL) {
$extensions = $this->createElement('Extensions');
$includeExtensions = FALSE;
- if (array_key_exists('tags', $metadata)) {
+ if ($metadata->hasValue('tags')) {
$includeExtensions = TRUE;
$attr = $this->createElement('saml:Attribute', 'urn:oasis:names:tc:SAML:2.0:assertion');
$attr->setAttribute('Name', 'tags');
- foreach ($metadata['tags'] AS $tag) {
+ foreach ($metadata->getArray('tags') as $tag) {
$attr->appendChild($this->createTextElement('saml:AttributeValue', $tag, 'urn:oasis:names:tc:SAML:2.0:assertion'));
}
$extensions->appendChild($attr);
}
- if (array_key_exists('hint.cidr', $metadata)) {
+ if ($metadata->hasValue('hint.cidr')) {
$includeExtensions = TRUE;
$attr = $this->createElement('saml:Attribute', 'urn:oasis:names:tc:SAML:2.0:assertion');
$attr->setAttribute('Name', 'hint.cidr');
- $hints = self::arrayize($metadata['hint.cidr']);
- foreach ($hints AS $hint) {
+ foreach ($metadata->getArrayizeString('hint.cidr') as $hint) {
$attr->appendChild($this->createTextElement('saml:AttributeValue', $hint, 'urn:oasis:names:tc:SAML:2.0:assertion'));
}
$extensions->appendChild($attr);
}
- if (array_key_exists('scope', $metadata)) {
+ if ($metadata->hasValue('scope')) {
$includeExtensions = TRUE;
- foreach ($metadata['scope'] AS $scopetext) {
+ foreach ($metadata->getArray('scope') as $scopetext) {
$scope = $this->createElement('shibmd:Scope', 'urn:mace:shibboleth:metadata:1.0');
$scope->setAttribute('regexp', 'false');
$scope->appendChild($this->document->createTextNode($scopetext));
@@ -239,118 +238,101 @@ class SimpleSAML_Metadata_SAMLBuilder {
assert('isset($metadata["entityid"])');
assert('isset($metadata["metadata-set"])');
+ $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
+
$e = $this->createElement('SPSSODescriptor');
$e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:2.0:protocol');
-
-
+
+
$this->addExtensions($metadata, $e);
$this->addCertificate($e, $metadata);
- if (array_key_exists('SingleLogoutService', $metadata)) {
+ if ($metadata->hasValue('SingleLogoutService')) {
$t = $this->createElement('SingleLogoutService');
$t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect');
- $t->setAttribute('Location', $metadata['SingleLogoutService']);
+ $t->setAttribute('Location', $metadata->getString('SingleLogoutService'));
- if (array_key_exists('SingleLogoutServiceResponse', $metadata)) {
- $t->setAttribute('ResponseLocation', $metadata['SingleLogoutServiceResponse']);
+ if ($metadata->hasValue('SingleLogoutServiceResponse')) {
+ $t->setAttribute('ResponseLocation', $metadata->getString('SingleLogoutServiceResponse'));
}
$e->appendChild($t);
}
- if (array_key_exists('NameIDFormat', $metadata)) {
+ if ($metadata->hasValue('NameIDFormat')) {
$t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata['NameIDFormat']));
+ $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
$e->appendChild($t);
}
$acsIndex = 0;
- if (array_key_exists('AssertionConsumerService', $metadata)) {
- foreach (SimpleSAML_Utilities::arrayize($metadata['AssertionConsumerService']) as $acs) {
- $t = $this->createElement('AssertionConsumerService');
- $t->setAttribute('index', (string)$acsIndex);
- $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST');
- $t->setAttribute('Location', $acs);
- $e->appendChild($t);
- $acsIndex += 1;
- }
+ foreach ($metadata->getArrayizeString('AssertionConsumerService', array()) as $acs) {
+ $t = $this->createElement('AssertionConsumerService');
+ $t->setAttribute('index', (string)$acsIndex);
+ $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST');
+ $t->setAttribute('Location', $acs);
+ $e->appendChild($t);
+ $acsIndex += 1;
}
- if (array_key_exists('AssertionConsumerService.artifact', $metadata)) {
- foreach (SimpleSAML_Utilities::arrayize($metadata['AssertionConsumerService.artifact']) as $acs) {
- $t = $this->createElement('AssertionConsumerService');
- $t->setAttribute('index', (string)$acsIndex);
- $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact');
- $t->setAttribute('Location', $acs);
- $e->appendChild($t);
- $acsIndex += 1;
- }
-
+ foreach ($metadata->getArrayizeString('AssertionConsumerService.artifact', array()) as $acs) {
+ $t = $this->createElement('AssertionConsumerService');
+ $t->setAttribute('index', (string)$acsIndex);
+ $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact');
+ $t->setAttribute('Location', $acs);
+ $e->appendChild($t);
+ $acsIndex += 1;
}
-
- if ( array_key_exists('name', $metadata) && array_key_exists('attributes', $metadata)) {
- /**
+ $attributes = $metadata->getArray('attributes', array());
+ if ( $metadata->hasValue('name') && count($attributes) > 0 ) {
+ /*
* Add an AttributeConsumingService element with information as name and description and list
* of requested attributes
*/
$attributeconsumer = $this->createElement('AttributeConsumingService');
$attributeconsumer->setAttribute('index', '0');
-
- if (array_key_exists('name', $metadata)) {
- if (is_array($metadata['name'])) {
- foreach($metadata['name'] AS $lang => $localname) {
- $t = $this->createTextElement('ServiceName', $localname);
- $t->setAttribute('xml:lang', $lang);
- $attributeconsumer->appendChild($t);
- }
- } else {
- $t = $this->createTextElement('ServiceName', $metadata['name']);
- $t->setAttribute('xml:lang', 'en');
- $attributeconsumer->appendChild($t);
+
+ $name = $metadata->getArrayizeString('name');
+ foreach($name AS $lang => $localname) {
+ if ($lang === 0) {
+ /* We use 'en' as the default language. */
+ $lang = 'en';
}
+ $t = $this->createTextElement('ServiceName', $localname);
+ $t->setAttribute('xml:lang', $lang);
+ $attributeconsumer->appendChild($t);
}
-
-
-
- if (array_key_exists('description', $metadata)) {
- if (is_array($metadata['description'])) {
- foreach($metadata['description'] AS $lang => $localname) {
- $t = $this->createTextElement('ServiceDescription', $localname);
- $t->setAttribute('xml:lang', $lang);
- $attributeconsumer->appendChild($t);
- }
- } else {
- $t = $this->createTextElement('ServiceDescription', $metadata['description']);
- $t->setAttribute('xml:lang', 'en');
- $attributeconsumer->appendChild($t);
+
+ $description = $metadata->getArrayizeString('description', array());
+ foreach($metadata['description'] AS $lang => $localname) {
+ if ($lang === 0) {
+ /* We use 'en' as the default language. */
+ $lang = 'en';
}
+ $t = $this->createTextElement('ServiceDescription', $localname);
+ $t->setAttribute('xml:lang', $lang);
+ $attributeconsumer->appendChild($t);
}
-
- if (array_key_exists('attributes', $metadata) && is_array($metadata['attributes'])) {
- foreach ($metadata['attributes'] AS $attribute) {
- $t = $this->createElement('RequestedAttribute');
- $t->setAttribute('Name', $attribute);
- $attributeconsumer->appendChild($t);
- }
+
+
+ foreach ($attributes as $attribute) {
+ $t = $this->createElement('RequestedAttribute');
+ $t->setAttribute('Name', $attribute);
+ $attributeconsumer->appendChild($t);
}
+
$e->appendChild($attributeconsumer);
}
$this->entityDescriptor->appendChild($e);
-
-
- if (array_key_exists('contacts', $metadata) && is_array($metadata['contacts']) ) {
- foreach($metadata['contacts'] AS $contact) {
- if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
- $this->addContact($contact['contactType'], $contact);
- }
+ foreach ($metadata->getArray('contacts', array()) as $contact) {
+ if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
+ $this->addContact($contact['contactType'], $contact);
}
}
-
-
-
+
}
@@ -364,51 +346,49 @@ class SimpleSAML_Metadata_SAMLBuilder {
assert('isset($metadata["entityid"])');
assert('isset($metadata["metadata-set"])');
+ $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
+
$e = $this->createElement('IDPSSODescriptor');
$e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:2.0:protocol');
- if (array_key_exists('redirect.sign', $metadata) && $metadata['redirect.sign']) {
+ if ($metadata->getBoolean('redirect.sign', FALSE)) {
$e->setAttribute('WantAuthnRequestSigned', 'true');
}
-
+
$this->addExtensions($metadata, $e);
$this->addCertificate($e, $metadata);
- if (array_key_exists('SingleLogoutService', $metadata)) {
+ if ($metadata->hasValue('SingleLogoutService')) {
$t = $this->createElement('SingleLogoutService');
$t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect');
- $t->setAttribute('Location', $metadata['SingleLogoutService']);
+ $t->setAttribute('Location', $metadata->getString('SingleLogoutService'));
- if (array_key_exists('SingleLogoutServiceResponse', $metadata)) {
- $t->setAttribute('ResponseLocation', $metadata['SingleLogoutServiceResponse']);
+ if ($metadata->hasValue('SingleLogoutServiceResponse')) {
+ $t->setAttribute('ResponseLocation', $metadata->getString('SingleLogoutServiceResponse'));
}
$e->appendChild($t);
}
- if (array_key_exists('NameIDFormat', $metadata)) {
+ if ($metadata->hasValue('NameIDFormat')) {
$t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata['NameIDFormat']));
+ $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
$e->appendChild($t);
}
- if (array_key_exists('SingleSignOnService', $metadata)) {
+ if ($metadata->hasValue('SingleSignOnService')) {
$t = $this->createElement('SingleSignOnService');
$t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect');
- $t->setAttribute('Location', $metadata['SingleSignOnService']);
+ $t->setAttribute('Location', $metadata->getString('SingleSignOnService'));
$e->appendChild($t);
}
-
+
$this->entityDescriptor->appendChild($e);
-
-
- if (array_key_exists('contacts', $metadata) && is_array($metadata['contacts']) ) {
- foreach($metadata['contacts'] AS $contact) {
- if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
- $this->addContact($contact['contactType'], $contact);
- }
+ foreach ($metadata->getArray('contacts', array()) as $contact) {
+ if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
+ $this->addContact($contact['contactType'], $contact);
}
}
@@ -425,38 +405,35 @@ class SimpleSAML_Metadata_SAMLBuilder {
assert('isset($metadata["entityid"])');
assert('isset($metadata["metadata-set"])');
+ $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
+
$e = $this->createElement('SPSSODescriptor');
$e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:1.1:protocol');
$this->addCertificate($e, $metadata);
- if (array_key_exists('NameIDFormat', $metadata)) {
+ if ($metadata->hasValue('NameIDFormat')) {
$t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata['NameIDFormat']));
+ $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
$e->appendChild($t);
}
$acsIndex = 0;
- if (array_key_exists('AssertionConsumerService', $metadata)) {
- foreach (SimpleSAML_Utilities::arrayize($metadata['AssertionConsumerService']) as $acs) {
- $t = $this->createElement('AssertionConsumerService');
- $t->setAttribute('index', (string)$acsIndex);
- $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post');
- $t->setAttribute('Location', $acs);
- $e->appendChild($t);
- $acsIndex += 1;
- }
+ foreach ($metadata->getArrayizeString('AssertionConsumerService', array()) as $acs) {
+ $t = $this->createElement('AssertionConsumerService');
+ $t->setAttribute('index', (string)$acsIndex);
+ $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post');
+ $t->setAttribute('Location', $acs);
+ $e->appendChild($t);
+ $acsIndex += 1;
}
- if (array_key_exists('AssertionConsumerService.artifact', $metadata)) {
- foreach (SimpleSAML_Utilities::arrayize($metadata['AssertionConsumerService.artifact']) as $acs) {
- $t = $this->createElement('AssertionConsumerService');
- $t->setAttribute('index', (string)$acsIndex);
- $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01');
- $t->setAttribute('Location', $acs);
- $e->appendChild($t);
- $acsIndex += 1;
- }
-
+ foreach ($metadata->getArrayizeString('AssertionConsumerService.artifact', array()) as $acs) {
+ $t = $this->createElement('AssertionConsumerService');
+ $t->setAttribute('index', (string)$acsIndex);
+ $t->setAttribute('Binding', 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01');
+ $t->setAttribute('Location', $acs);
+ $e->appendChild($t);
+ $acsIndex += 1;
}
$this->entityDescriptor->appendChild($e);
@@ -473,21 +450,23 @@ class SimpleSAML_Metadata_SAMLBuilder {
assert('isset($metadata["entityid"])');
assert('isset($metadata["metadata-set"])');
+ $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
+
$e = $this->createElement('IDPSSODescriptor');
$e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:1.1:protocol');
$this->addCertificate($e, $metadata);
- if (array_key_exists('NameIDFormat', $metadata)) {
+ if ($metadata->hasValue('NameIDFormat')) {
$t = $this->createElement('NameIDFormat');
- $t->appendChild($this->document->createTextNode($metadata['NameIDFormat']));
+ $t->appendChild($this->document->createTextNode($metadata->getString('NameIDFormat')));
$e->appendChild($t);
}
- if (array_key_exists('SingleSignOnService', $metadata)) {
+ if ($metadata->hasValue('SingleSignOnService')) {
$t = $this->createElement('SingleSignOnService');
$t->setAttribute('Binding', 'urn:mace:shibboleth:1.0:profiles:AuthnRequest');
- $t->setAttribute('Location', $metadata['SingleSignOnService']);
+ $t->setAttribute('Location', $metadata->getString('SingleSignOnService'));
$e->appendChild($t);
}
@@ -648,12 +627,11 @@ class SimpleSAML_Metadata_SAMLBuilder {
*
* @param DOMElement $ssoDesc The IDPSSODescroptor or SPSSODecriptor the certificate
* should be added to.
- * @param array $metadata The metadata for the entity.
+ * @param SimpleSAML_Configuration $metadata The metadata for the entity.
*/
- private function addCertificate(DOMElement $ssoDesc, $metadata) {
- assert('is_array($metadata)');
+ private function addCertificate(DOMElement $ssoDesc, SimpleSAML_Configuration $metadata) {
- $certInfo = SimpleSAML_Utilities::loadPublicKey($metadata);
+ $certInfo = SimpleSAML_Utilities::loadPublicKey($metadata->toArray());
if ($certInfo === NULL || !array_key_exists('certData', $certInfo)) {
/* No certificate to add. */
return;