Skip to content
Snippets Groups Projects
Commit 7231f2e5 authored by Olav Morken's avatar Olav Morken
Browse files

Shib13/Artifact: Support multiple public keys for IdP. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2513 44740490-163a-0410-bde0-09ae8108e29a
parent 1130073f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Bindings/Shib13/Artifact.php
+ 9
5
View file @ 7231f2e5
...@@ -125,12 +125,16 @@ class SimpleSAML_Bindings_Shib13_Artifact { ...@@ -125,12 +125,16 @@ class SimpleSAML_Bindings_Shib13_Artifact {
$url = $idpMetadata->getDefaultEndpoint('ArtifactResolutionService', array('urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding')); $url = $idpMetadata->getDefaultEndpoint('ArtifactResolutionService', array('urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding'));
$url = $url['Location']; $url = $url['Location'];
$certData = SimpleSAML_Utilities::loadPublicKey($idpMetadata, TRUE); $peerPublicKeys = $idpMetadata->getPublicKeys('signing', TRUE);
if (!array_key_exists('PEM', $certData)) { $certData = '';
throw new SimpleSAML_Error_Exception('Missing one of certData or certificate in metadata for ' foreach ($peerPublicKeys as $key) {
. var_export($idpMetadata->getString('entityid'), TRUE)); if ($key['type'] !== 'X509Certificate') {
continue;
}
$certData .= "-----BEGIN CERTIFICATE-----\n" .
chunk_split($key['X509Certificate'], 64) .
"-----END CERTIFICATE-----\n";
} }
$certData = $certData['PEM'];
$file = SimpleSAML_Utilities::getTempDir() . '/' . sha1($certData) . '.crt'; $file = SimpleSAML_Utilities::getTempDir() . '/' . sha1($certData) . '.crt';
if (!file_exists($file)) { if (!file_exists($file)) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment