Remove 'output=xhtml' variants of IdP/SP metadata URLs

They were broken in master. The admin module now performs this function. So to reduce duplication and to keep the metadata endpoints simple, we remove the broken code here instead of fixing it.

Remove 'output=xhtml' variants of IdP/SP metadata URLs
7565df19 · Thijs Kinkhorst · 73f682f0 · 7565df19 · 7565df19
Commit 7565df19 authored 3 years ago by Thijs Kinkhorst
--- a/modules/saml/www/sp/metadata.php
+++ b/modules/saml/www/sp/metadata.php
 <?php

-use SAML2\Constants;
 use SimpleSAML\Auth;
 use SimpleSAML\Configuration;
 use SimpleSAML\Error;
-use SimpleSAML\Locale\Translate;
 use SimpleSAML\Metadata;
 use SimpleSAML\Module;
 use SimpleSAML\Store\StoreFactory;
 use SimpleSAML\Utils;
-use SimpleSAML\XHTML\Template;
-use Symfony\Component\VarExporter\VarExporter;

 if (!array_key_exists('PATH_INFO', $_SERVER)) {
    throw new Error\BadRequest('Missing authentication source id in metadata URL');
@@ -47,30 +43,8 @@ $metaBuilder->addOrganizationInfo($metaArray20);

 $xml = $metaBuilder->getEntityDescriptorText();

-unset($metaArray20['UIInfo']);
-unset($metaArray20['metadata-set']);
-unset($metaArray20['entityid']);
-
-// sanitize the attributes array to remove friendly names
-if (isset($metaArray20['attributes']) && is_array($metaArray20['attributes'])) {
-    $metaArray20['attributes'] = array_values($metaArray20['attributes']);
-}
-
 // sign the metadata if enabled
 $xml = Metadata\Signer::sign($xml, $spconfig->toArray(), 'SAML 2 SP');

-if (array_key_exists('output', $_REQUEST) && $_REQUEST['output'] == 'xhtml') {
-    $t = new Template($config, 'metadata.twig', 'admin');
-
-    $t->data['clipboard.js'] = true;
-    $t->data['header'] = 'saml20-sp'; // TODO: Replace with headerString in 2.0
-    $t->data['headerString'] = Translate::noop('metadata_saml20-sp');
-    $t->data['metadata'] = htmlspecialchars($xml);
-    $t->data['metadataflat'] = '$metadata[' . var_export($entityId, true)
-        . '] = ' . VarExporter::export($metaArray20) . ';';
-    $t->data['metaurl'] = $source->getMetadataURL();
-    $t->send();
-} else {
-    header('Content-Type: application/samlmetadata+xml');
-    echo($xml);
-}
+header('Content-Type: application/samlmetadata+xml');
+echo($xml);
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -2,16 +2,11 @@

 require_once('../../_include.php');

-use Symfony\Component\VarExporter\VarExporter;
-
-use SAML2\Constants;
-use SimpleSAML\Assert\Assert;
 use SimpleSAML\Configuration;
 use SimpleSAML\Error;
 use SimpleSAML\Module;
 use SimpleSAML\Module\saml\IdP\SAML2 as SAML2_IdP;
 use SimpleSAML\Utils;
-use SimpleSAML\Utils\Config\Metadata as Metadata;

 $config = Configuration::getInstance();
 if (!$config->getBoolean('enable.saml20-idp', false) || !Module::isModuleEnabled('saml')) {
@@ -24,7 +19,6 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
    $authUtils->requireAdmin();
 }

-$httpUtils = new Utils\HTTP();
 $metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler();

 try {
@@ -38,39 +32,13 @@ try {

    $metaxml = $metaBuilder->getEntityDescriptorText();

-    $metaflat = '$metadata[' . var_export($idpentityid, true) . '] = ' . VarExporter::export($metaArray) . ';';
-
    // sign the metadata if enabled
    $metaxml = \SimpleSAML\Metadata\Signer::sign($metaxml, $metaArray, 'SAML 2 IdP');

-    if (array_key_exists('output', $_GET) && $_GET['output'] == 'xhtml') {
-        $t = new \SimpleSAML\XHTML\Template($config, 'metadata.tpl.php', 'admin');
-
-        $t->data['clipboard.js'] = true;
-        $t->data['available_certs'] = $availableCerts;
-        $certdata = [];
-        foreach (array_keys($availableCerts) as $availableCert) {
-            $certdata[$availableCert]['name'] = $availableCert;
-            $certdata[$availableCert]['url'] = Module::getModuleURL('saml/idp/certs.php') . '/' . $availableCert;
-            $certdata[$availableCert]['comment'] = (
-                $availableCerts[$availableCert]['certFingerprint'][0] === 'afe71c28ef740bc87425be13a2263d37971da1f9' ?
-                'This is the default certificate. Generate a new certificate if this is a production system.' :
-                ''
-            );
-        }
-        $t->data['certdata'] = $certdata;
-        $t->data['header'] = 'saml20-idp'; // TODO: Replace with headerString in 2.0
-        $t->data['headerString'] = \SimpleSAML\Locale\Translate::noop('metadata_saml20-idp');
-        $t->data['metaurl'] = $httpUtils->getSelfURLNoQuery();
-        $t->data['metadata'] = htmlspecialchars($metaxml);
-        $t->data['metadataflat'] = htmlspecialchars($metaflat);
-        $t->send();
-    } else {
-        header('Content-Type: application/samlmetadata+xml');
+    header('Content-Type: application/samlmetadata+xml');

-        echo $metaxml;
-        exit(0);
-    }
+    echo $metaxml;
+    exit(0);
 } catch (\Exception $exception) {
    throw new Error\Error('METADATA', $exception);
 }