From 40a4cf3194fd332cf95b0c7fc1b057a81e0ef170 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 14 May 2008 07:27:38 +0000
Subject: [PATCH] Add support for overriding autogenerated metadata values for
 endpoints. Can be useful if simpleSAMLphp is running behind a reverse proxy
 or in a CMS.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@555 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/source/simplesamlphp-idp.xml             | 30 +++++++++++
 docs/source/simplesamlphp-sp.xml              | 53 +++++++++++++++++++
 .../Metadata/MetaDataStorageHandler.php       | 10 ++++
 3 files changed, 93 insertions(+)

diff --git a/docs/source/simplesamlphp-idp.xml b/docs/source/simplesamlphp-idp.xml
index f62bb7d7e..53c800442 100644
--- a/docs/source/simplesamlphp-idp.xml
+++ b/docs/source/simplesamlphp-idp.xml
@@ -385,6 +385,36 @@ openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt
               <literal>eduPersonPrincipalName</literal>.</para>
             </glossdef>
           </glossentry>
+
+          <glossentry>
+            <glossterm>SingleSignOnService</glossterm>
+
+            <glossdef>
+              <para>Override the default URL for the SingleSignOnService
+              for this IdP. This is an absolute URL. The default value is
+              <literal>&lt;simpleSAMLphp-root&gt;/saml2/idp/SSOService.php</literal></para>
+
+              <para>Note that this only changes the values in the generated
+              metadata and in the messages sent to others. You must also
+              configure your webserver to deliver this URL to the correct
+              PHP page.</para>
+            </glossdef>
+          </glossentry>
+
+          <glossentry>
+            <glossterm>SingleLogoutService</glossterm>
+
+            <glossdef>
+              <para>Override the default URL for the SingleLogoutService
+              for this IdP. This is an absolute URL. The default value is
+              <literal>&lt;simpleSAMLphp-root&gt;/saml2/idp/SingleLogoutService.php</literal></para>
+
+              <para>Note that this only changes the values in the generated
+              metadata and in the messages sent to others. You must also
+              configure your webserver to deliver this URL to the correct
+              PHP page.</para>
+            </glossdef>
+          </glossentry>
         </glosslist>
       </section>
 
diff --git a/docs/source/simplesamlphp-sp.xml b/docs/source/simplesamlphp-sp.xml
index 7e2f8c038..6c6df9fe3 100644
--- a/docs/source/simplesamlphp-sp.xml
+++ b/docs/source/simplesamlphp-sp.xml
@@ -256,6 +256,36 @@
               default for this SP.</para>
             </glossdef>
           </glossentry>
+
+          <glossentry>
+            <glossterm>AssertionConsumerService</glossterm>
+
+            <glossdef>
+              <para>Override the default URL for the AssertionConsumerService
+              for this SP. This is an absolute URL. The default value is
+              <literal>&lt;simpleSAMLphp-root&gt;/saml2/sp/AssertionConsumerService.php</literal></para>
+
+              <para>Note that this only changes the values in the generated
+              metadata and in the messages sent to others. You must also
+              configure your webserver to deliver this URL to the correct
+              PHP page.</para>
+            </glossdef>
+          </glossentry>
+
+          <glossentry>
+            <glossterm>SingleLogoutService</glossterm>
+
+            <glossdef>
+              <para>Override the default URL for the SingleLogoutService
+              for this SP. This is an absolute URL. The default value is
+              <literal>&lt;simpleSAMLphp-root&gt;/saml2/sp/SingleLogoutService.php</literal></para>
+
+              <para>Note that this only changes the values in the generated
+              metadata and in the messages sent to others. You must also
+              configure your webserver to deliver this URL to the correct
+              PHP page.</para>
+            </glossdef>
+          </glossentry>
         </glosslist>
       </section>
 
@@ -635,6 +665,29 @@
           </glossentry>
         </glosslist>
       </section>
+
+      <section>
+        <title>Optional metadata fields</title>
+
+        <para>These fields can be left out if not needed.</para>
+
+        <glosslist>
+          <glossentry>
+            <glossterm>AssertionConsumerService</glossterm>
+
+            <glossdef>
+              <para>Override the default URL for the AssertionConsumerService
+              for this SP. This is an absolute URL. The default value is
+              <literal>&lt;simpleSAMLphp-root&gt;/shib13/sp/AssertionConsumerService.php</literal></para>
+
+              <para>Note that this only changes the values in the generated
+              metadata and in the messages sent to others. You must also
+              configure your webserver to deliver this URL to the correct
+              PHP page.</para>
+            </glossdef>
+          </glossentry>
+        </glosslist>
+      </section>
     </section>
 
     <section>
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
index 9398679a8..3ec00ebd5 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
@@ -91,6 +91,16 @@ class SimpleSAML_Metadata_MetaDataStorageHandler {
 	 * @return The autogenerated metadata property.
 	 */
 	public function getGenerated($property, $set = 'saml20-sp-hosted') {
+
+		/* First we check if the user has overridden this property in the metadata. */
+		try {
+			$metadataSet = $this->getMetaDataCurrent($set);
+			if(array_key_exists($property, $metadataSet)) {
+				return $metadataSet[$property];
+			}
+		} catch(Exception $e) {
+			/* Probably metadata wasn't found. In any case we continue by generating the metadata. */
+		}
 		
 		/* Get the configuration. */
 		$config = SimpleSAML_Configuration::getInstance();
-- 
GitLab