From 50d39dd5e2042ed4bca86d53f86043cfa7e39edc Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 10 Aug 2010 11:26:27 +0000
Subject: [PATCH] SAMLParser: Extract all supported public keys.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2508 44740490-163a-0410-bde0-09ae8108e29a
---
lib/SimpleSAML/Metadata/SAMLParser.php | 90 ++++----------------------
1 file changed, 12 insertions(+), 78 deletions(-)
diff --git a/lib/SimpleSAML/Metadata/SAMLParser.php b/lib/SimpleSAML/Metadata/SAMLParser.php
index d84d9620a..1efd6b01a 100644
--- a/lib/SimpleSAML/Metadata/SAMLParser.php
+++ b/lib/SimpleSAML/Metadata/SAMLParser.php
@@ -466,24 +466,9 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['description'] = $spd['description'];
}
- /* Add certificate data. Only the first valid certificate will be added. */
- foreach($spd['keys'] as $key) {
- if($key['type'] !== 'X509Certificate') {
- continue;
- }
-
- if ($key['signing'] !== TRUE) {
- continue;
- }
-
- $certData = base64_decode($key['X509Certificate']);
- if($certData === FALSE) {
- /* Empty/invalid certificate. */
- continue;
- }
-
- $ret['certData'] = preg_replace('/\s+/', '', str_replace(array("\r", "\n"), '', $key['X509Certificate']));
- break;
+ /* Add public keys. */
+ if (!empty($spd['keys'])) {
+ $ret['keys'] = $spd['keys'];
}
/* Add extensions. */
@@ -532,27 +517,9 @@ class SimpleSAML_Metadata_SAMLParser {
/* Find the ArtifactResolutionService endpoint. */
$ret['ArtifactResolutionService'] = $idp['ArtifactResolutionService'];
- /* Add certificate to metadata. Only the first valid certificate will be added. */
- $ret['certFingerprint'] = array();
- foreach($idp['keys'] as $key) {
- if($key['type'] !== 'X509Certificate') {
- continue;
- }
-
- if ($key['signing'] !== TRUE) {
- continue;
- }
-
- $certData = base64_decode($key['X509Certificate']);
- if($certData === FALSE) {
- /* Empty/invalid certificate. */
- continue;
- }
-
- /* Add the certificate data to the metadata. Only the first certificate will be added. */
- $ret['certData'] = preg_replace('/\s+/', '', str_replace(array("\r", "\n"), '', $key['X509Certificate']));
- $ret['certFingerprint'][] = sha1($certData);
- break;
+ /* Add public keys. */
+ if (!empty($idp['keys'])) {
+ $ret['keys'] = $idp['keys'];
}
/* Add extensions. */
@@ -626,24 +593,9 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['description'] = $spd['description'];
}
- /* Add certificate data. Only the first valid certificate will be added. */
- foreach($spd['keys'] as $key) {
- if($key['type'] !== 'X509Certificate') {
- continue;
- }
-
- if ($key['signing'] !== TRUE) {
- continue;
- }
-
- $certData = base64_decode($key['X509Certificate']);
- if($certData === FALSE) {
- /* Empty/invalid certificate. */
- continue;
- }
-
- $ret['certData'] = preg_replace('/\s+/', '', str_replace(array("\r", "\n"), '', $key['X509Certificate']));
- break;
+ /* Add public keys. */
+ if (!empty($spd['keys'])) {
+ $ret['keys'] = $spd['keys'];
}
@@ -706,27 +658,9 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['ArtifactResolutionService'] = $idp['ArtifactResolutionService'];
- /* Add certificate to metadata. Only the first valid certificate will be added. */
- $ret['certFingerprint'] = array();
- foreach($idp['keys'] as $key) {
- if($key['type'] !== 'X509Certificate') {
- continue;
- }
-
- if ($key['signing'] !== TRUE) {
- continue;
- }
-
- $certData = base64_decode($key['X509Certificate']);
- if($certData === FALSE) {
- /* Empty/invalid certificate. */
- continue;
- }
-
- /* Add the certificate data to the metadata. Only the first certificate will be added. */
- $ret['certData'] = preg_replace('/\s+/', '', str_replace(array("\r", "\n"), '', $key['X509Certificate']));
- $ret['certFingerprint'][] = sha1($certData);
- break;
+ /* Add public keys. */
+ if (!empty($idp['keys'])) {
+ $ret['keys'] = $idp['keys'];
}
/* Add extensions. */
--
GitLab