Skip to content
Snippets Groups Projects
Unverified Commit 77d72b5b authored by m0ark's avatar m0ark Committed by GitHub
Browse files

Update MetaDataStorageSource.php

Now using DiscoHints->IPHint to support specified SAML extension for IdP discovery
parent 401cf1d1
No related branches found
No related tags found
No related merge requests found
...@@ -159,7 +159,7 @@ abstract class SimpleSAML_Metadata_MetaDataStorageSource ...@@ -159,7 +159,7 @@ abstract class SimpleSAML_Metadata_MetaDataStorageSource
/** /**
* This function will go through all the metadata, and check the hint.cidr * This function will go through all the metadata, and check the DiscoHints->IPHint
* parameter, which defines a network space (ip range) for each remote entry. * parameter, which defines a network space (ip range) for each remote entry.
* This function returns the entityID for any of the entities that have an * This function returns the entityID for any of the entities that have an
* IP range which the IP falls within. * IP range which the IP falls within.
...@@ -178,14 +178,17 @@ abstract class SimpleSAML_Metadata_MetaDataStorageSource ...@@ -178,14 +178,17 @@ abstract class SimpleSAML_Metadata_MetaDataStorageSource
foreach ($metadataSet as $index => $entry) { foreach ($metadataSet as $index => $entry) {
if (!array_key_exists('hint.cidr', $entry)) { if (!array_key_exists('DiscoHints', $entry)) {
continue; continue;
} }
if (!is_array($entry['hint.cidr'])) { if (!array_key_exists('IPHint', $entry['DiscoHints'])) {
continue;
}
if (!is_array($entry['DiscoHints']['IPHint'])) {
continue; continue;
} }
foreach ($entry['hint.cidr'] as $hint_entry) { foreach ($entry['DiscoHints']['IPHint'] as $hint_entry) {
if (SimpleSAML\Utils\Net::ipCIDRcheck($hint_entry, $ip)) { if (SimpleSAML\Utils\Net::ipCIDRcheck($hint_entry, $ip)) {
if ($type === 'entityid') { if ($type === 'entityid') {
return $entry['entityid']; return $entry['entityid'];
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment