From 5ecd40100b118efaa3f379adf6f9b752bffec3fe Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Sat, 20 Aug 2022 22:11:28 +0200
Subject: [PATCH] Fix metadata endpoints
---
modules/saml/src/IdP/SAML2.php | 6 ++---
.../Metadata/MetaDataStorageHandler.php | 4 ++--
tests/modules/saml/src/IdP/SAML2Test.php | 24 +++++++++----------
3 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/modules/saml/src/IdP/SAML2.php b/modules/saml/src/IdP/SAML2.php
index afefa5656..3fb76aa8d 100644
--- a/modules/saml/src/IdP/SAML2.php
+++ b/modules/saml/src/IdP/SAML2.php
@@ -851,7 +851,7 @@ class SAML2
$metadata['ArtifactResolutionService'][] = [
'index' => 0,
'Binding' => Constants::BINDING_SOAP,
- 'Location' => $httpUtils->getBaseURL() . 'saml2/idp/ArtifactResolutionService.php'
+ 'Location' => $httpUtils->getBaseURL() . 'module.php/saml/idp/artifactResolutionService'
];
}
@@ -862,7 +862,7 @@ class SAML2
[
'hoksso:ProtocolBinding' => Constants::BINDING_HTTP_REDIRECT,
'Binding' => Constants::BINDING_HOK_SSO,
- 'Location' => $httpUtils->getBaseURL() . 'saml2/idp/SSOService.php',
+ 'Location' => $httpUtils->getBaseURL() . 'module.php/saml/idp/singleSignOnService',
]
);
}
@@ -872,7 +872,7 @@ class SAML2
$metadata['SingleSignOnService'][] = [
'index' => 0,
'Binding' => Constants::BINDING_SOAP,
- 'Location' => $httpUtils->getBaseURL() . 'saml2/idp/SSOService.php',
+ 'Location' => $httpUtils->getBaseURL() . 'module.php/saml/idp/singleSignOnService',
];
}
diff --git a/src/SimpleSAML/Metadata/MetaDataStorageHandler.php b/src/SimpleSAML/Metadata/MetaDataStorageHandler.php
index 5d8727e75..99a82ac7e 100644
--- a/src/SimpleSAML/Metadata/MetaDataStorageHandler.php
+++ b/src/SimpleSAML/Metadata/MetaDataStorageHandler.php
@@ -118,13 +118,13 @@ class MetaDataStorageHandler implements ClearableState
} elseif ($set == 'saml20-idp-hosted') {
switch ($property) {
case 'SingleSignOnService':
- return $baseurl . 'saml2/idp/SSOService.php';
+ return $baseurl . 'module.php/saml/idp/singleSignOnService';
case 'SingleSignOnServiceBinding':
return Constants::BINDING_HTTP_REDIRECT;
case 'SingleLogoutService':
- return $baseurl . 'saml2/idp/SingleLogoutService.php';
+ return $baseurl . 'module.php/saml/idp/singleLogout';
case 'SingleLogoutServiceBinding':
return Constants::BINDING_HTTP_REDIRECT;
diff --git a/tests/modules/saml/src/IdP/SAML2Test.php b/tests/modules/saml/src/IdP/SAML2Test.php
index 206bcceb9..c99f52203 100644
--- a/tests/modules/saml/src/IdP/SAML2Test.php
+++ b/tests/modules/saml/src/IdP/SAML2Test.php
@@ -60,7 +60,7 @@ class SAML2Test extends ClearStateTestCase
$this->assertEquals('https://some-sp-entity-id', $state['SPMetadata']['entityid']);
$this->assertStringStartsWith(
- 'http://idp.examlple.com/saml2/idp/SSOService.php?spentityid=https%3A%2F%2Fsome-sp-entity-id&cookie',
+ 'http://idp.examlple.com/module.php/saml/idp/singleSignOnService?spentityid=https%3A%2F%2Fsome-sp-entity-id&cookie',
$state['\SimpleSAML\Auth\State.restartURL']
);
unset($state['saml:AuthnRequestReceivedAt']); // timestamp can't be tested in equality assertion
@@ -91,7 +91,7 @@ class SAML2Test extends ClearStateTestCase
//currently only spentityid and relay state are used in the restart url.
$this->assertStringStartsWith(
- 'http://idp.examlple.com/saml2/idp/SSOService.php?'
+ 'http://idp.examlple.com/module.php/saml/idp/singleSignOnService?'
. 'spentityid=https%3A%2F%2Fsome-sp-entity-id&RelayState=http%3A%2F%2Frelay&cookieTime',
$state['\SimpleSAML\Auth\State.restartURL']
);
@@ -120,7 +120,7 @@ class SAML2Test extends ClearStateTestCase
$this->assertEquals('https://some-sp-entity-id', $state['SPMetadata']['entityid']);
$this->assertStringStartsWith(
- 'http://idp.examlple.com/saml2/idp/SSOService.php?spentityid=https%3A%2F%2Fsome-sp-entity-id&cookie',
+ 'http://idp.examlple.com/module.php/saml/idp/singleSignOnService?spentityid=https%3A%2F%2Fsome-sp-entity-id&cookie',
$state['\SimpleSAML\Auth\State.restartURL']
);
unset($state['saml:AuthnRequestReceivedAt']); // timestamp can't be tested in equality assertion
@@ -149,7 +149,7 @@ class SAML2Test extends ClearStateTestCase
//currently only spentityid and relay state are used in the restart url.
$this->assertStringStartsWith(
- 'http://idp.examlple.com/saml2/idp/SSOService.php?'
+ 'http://idp.examlple.com/module.php/saml/idp/singleSignOnService?'
. 'spentityid=https%3A%2F%2Fsome-sp-entity-id&RelayState=http%3A%2F%2Frelay&cookieTime',
$state['\SimpleSAML\Auth\State.restartURL']
);
@@ -208,7 +208,7 @@ EOT;
// won't line up perfectly
$_REQUEST = $_REQUEST + $queryParams;
$_SERVER['HTTP_HOST'] = 'idp.examlple.com';
- $_SERVER['REQUEST_URI'] = '/saml2/idp/SSOService.php?' . http_build_query($queryParams);
+ $_SERVER['REQUEST_URI'] = '/module.php/saml/idp/singleSignOnService?' . http_build_query($queryParams);
$state = [];
@@ -285,14 +285,14 @@ EOT;
$this->assertIsArray($hostedMd['SingleSignOnService']);
$this->assertCount(1, $hostedMd['SingleSignOnService']);
$this->assertEquals(['Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
- 'Location' => 'http://localhost/simplesaml/saml2/idp/SSOService.php'], $hostedMd['SingleSignOnService'][0]);
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/singleSignOnService'], $hostedMd['SingleSignOnService'][0]);
$this->assertArrayHasKey('SingleLogoutService', $hostedMd);
$this->assertIsArray($hostedMd['SingleLogoutService']);
$this->assertCount(1, $hostedMd['SingleLogoutService']);
$this->assertEquals(
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
- 'Location' => 'http://localhost/simplesaml/saml2/idp/SingleLogoutService.php'
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/singleLogout'
],
$hostedMd['SingleLogoutService'][0]
);
@@ -359,7 +359,7 @@ EOT;
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'index' => 0,
- 'Location' => 'http://localhost/simplesaml/saml2/idp/ArtifactResolutionService.php'
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/artifactResolutionService'
],
$hostedMd['ArtifactResolutionService'][0]
);
@@ -376,13 +376,13 @@ EOT;
$this->assertEquals(
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser',
- 'Location' => 'http://localhost/simplesaml/saml2/idp/SSOService.php',
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/singleSignOnService',
'hoksso:ProtocolBinding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
],
$hostedMd['SingleSignOnService'][0]
);
$this->assertEquals(['Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
- 'Location' => 'http://localhost/simplesaml/saml2/idp/SSOService.php'], $hostedMd['SingleSignOnService'][1]);
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/singleSignOnService'], $hostedMd['SingleSignOnService'][1]);
}
public function testIdPGetHostedMetadataECP(): void
@@ -394,9 +394,9 @@ EOT;
$this->assertIsArray($hostedMd['SingleSignOnService']);
$this->assertCount(2, $hostedMd['SingleSignOnService']);
$this->assertEquals(['Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
- 'Location' => 'http://localhost/simplesaml/saml2/idp/SSOService.php'], $hostedMd['SingleSignOnService'][0]);
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/singleSignOnService'], $hostedMd['SingleSignOnService'][0]);
$this->assertEquals(['Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP', 'index' => 0,
- 'Location' => 'http://localhost/simplesaml/saml2/idp/SSOService.php'], $hostedMd['SingleSignOnService'][1]);
+ 'Location' => 'http://localhost/simplesaml/module.php/saml/idp/singleSignOnService'], $hostedMd['SingleSignOnService'][1]);
}
/**
--
GitLab