From 82f02d490cd09790c525f13735f0ecda9d00d14b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20P=C3=A9rez=20Crespo?= <jaime.perez@uninett.no>
Date: Tue, 28 Jan 2014 15:19:17 +0000
Subject: [PATCH] Add support to publish RegistrationInfo (MDRPI) in the IdP.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3339 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/simplesamlphp-reference-idp-hosted.txt | 18 ++++++++++++++++++
 lib/SimpleSAML/Metadata/SAMLBuilder.php     | 19 +++++++++++++++++++
 metadata-templates/saml20-idp-hosted.php    | 16 ++++++++++++++++
 www/saml2/idp/metadata.php                  |  4 ++++
 4 files changed, 57 insertions(+)

diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt
index de6ec04a9..665238bfd 100644
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -208,6 +208,24 @@ The following SAML 2.0 options are available:
 :   Note that the value set here will be added to the metadata generated for this IdP,
     in the `NameIDFormat` element.
 
+`RegistrationInfo`
+:   Allows to specify information about the registrar of this IdP. Please refer to the
+    'SAML V2.0 Metadata Extensions for Registration and Publication Information' document
+    for further information on this topic. This option accepts an array with the following
+    options:
+
+:   -   `authority`: The unique identifier of the authority that registered the entity.
+    It is recommended that this be a URL that resolves to a human readable page describing
+    the registrar authority (e.g., the registrar's home page). This parameter is REQUIRED.
+
+:   -   `instant`: The instant the entity was registered with the authority. Time values 
+    must be expressed in the UTC timezone using the 'Z' timezone identifier. This parameter
+    is OPTIONAL.
+
+:   -   `policies`: The policy under which the entity was registered. An indexed array with
+    URLs pointing to the localized versions of the policy. Each index will be used as the
+    language identifier. This parameter is OPTIONAL.
+
 `saml20.sendartifact`
 :   Set to `TRUE` to enable the IdP to send responses with the HTTP-Artifact binding.
     Defaults to `FALSE`.
diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index da63e8991..865412f94 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -147,6 +147,25 @@ class SimpleSAML_Metadata_SAMLBuilder {
 			$this->entityDescriptor->Extensions[] = $ea;
 		}
 
+		if ($metadata->hasValue('RegistrationInfo')) {
+			$ri = new SAML2_XML_mdrpi_RegistrationInfo();
+			foreach ($metadata->getArray('RegistrationInfo') as $riName => $riValues) {
+				switch ($riName) {
+					case 'authority':
+						$ri->registrationAuthority = $riValues;
+						break;
+					case 'instant':
+						$ri->registrationInstant = SAML2_Utils::xsDateTimeToTimestamp($riValues);
+						break;
+					case 'policies':
+						$ri->RegistrationPolicy = $riValues;
+						break;
+				}
+			}
+			$this->entityDescriptor->Extensions[] = $ri;
+
+		}
+
 		if ($metadata->hasValue('UIInfo')) {
 			$ui = new SAML2_XML_mdui_UIInfo();
 			foreach ($metadata->getArray('UIInfo') as $uiName => $uiValues) {
diff --git a/metadata-templates/saml20-idp-hosted.php b/metadata-templates/saml20-idp-hosted.php
index 56b1c66e4..d2f1c973f 100644
--- a/metadata-templates/saml20-idp-hosted.php
+++ b/metadata-templates/saml20-idp-hosted.php
@@ -52,4 +52,20 @@ $metadata['__DYNAMIC:1__'] = array(
 	),
 	*/
 
+	/*
+	 * Uncomment the following to specify the registration information in the
+	 * exported metadata. Refer to:
+     * http://docs.oasis-open.org/security/saml/Post2.0/saml-metadata-rpi/v1.0/cs01/saml-metadata-rpi-v1.0-cs01.html
+	 * for more information.
+	 */
+	/*
+	'RegistrationInfo' => array(
+		'authority' => 'urn:mace:example.org',
+		'instant' => '2008-01-17T11:28:03Z',
+		'policies' => array(
+			'en' => 'http://example.org/policy',
+			'es' => 'http://example.org/politica',
+		),
+	),
+	*/
 );
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index a7d278553..cf24b788f 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -146,6 +146,10 @@ try {
 		$metaArray['DiscoHints'] = $idpmeta->getArray('DiscoHints');
 	}
 
+	if ($idpmeta->hasValue('RegistrationInfo')) {
+		$metaArray['RegistrationInfo'] = $idpmeta->getArray('RegistrationInfo');
+	}
+
 	$metaflat = '$metadata[' . var_export($idpentityid, TRUE) . '] = ' . var_export($metaArray, TRUE) . ';';
 
 	$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid);
-- 
GitLab