Skip to content
Snippets Groups Projects
Commit 84db6ccc authored by Thijs Kinkhorst's avatar Thijs Kinkhorst
Browse files

admin: Do not fail with an Exception if user has enabled saml20.idp but no hosted md found

parent 6a0d93f8
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/admin/lib/Controller/Config.php
+ 24
13
View file @ 84db6ccc
...@@ -346,25 +346,36 @@ class Config ...@@ -346,25 +346,36 @@ class Config
// perform some sanity checks on the configured certificates // perform some sanity checks on the configured certificates
if ($this->config->getBoolean('enable.saml20-idp', false) !== false) { if ($this->config->getBoolean('enable.saml20-idp', false) !== false) {
$handler = MetaDataStorageHandler::getMetadataHandler(); $handler = MetaDataStorageHandler::getMetadataHandler();
$metadata = $handler->getMetaDataCurrent('saml20-idp-hosted'); try {
$metadata_config = Configuration::loadfromArray($metadata); $metadata = $handler->getMetaDataCurrent('saml20-idp-hosted');
$private = $cryptoUtils->loadPrivateKey($metadata_config, false); } catch (\Exception $e) {
$public = $cryptoUtils->loadPublicKey($metadata_config, false); $matrix[] = [
'required' => 'required',
'descr' => Translate::noop('Hosted IdP metadata present'),
'enabled'=>false
];
}
$matrix[] = [ if(isset($metadata)) {
'required' => 'required', $metadata_config = Configuration::loadfromArray($metadata);
'descr' => Translate::noop('Matching key-pair for signing assertions'), $private = $cryptoUtils->loadPrivateKey($metadata_config, false);
'enabled' => $this->matchingKeyPair($public['PEM'], $private['PEM'], $private['password']), $public = $cryptoUtils->loadPublicKey($metadata_config, false);
];
$private = $cryptoUtils->loadPrivateKey($metadata_config, false, 'new_');
if ($private !== null) {
$public = $cryptoUtils->loadPublicKey($metadata_config, false, 'new_');
$matrix[] = [ $matrix[] = [
'required' => 'required', 'required' => 'required',
'descr' => Translate::noop('Matching key-pair for signing assertions (rollover key)'), 'descr' => Translate::noop('Matching key-pair for signing assertions'),
'enabled' => $this->matchingKeyPair($public['PEM'], $private['PEM'], $private['password']), 'enabled' => $this->matchingKeyPair($public['PEM'], $private['PEM'], $private['password']),
]; ];
$private = $cryptoUtils->loadPrivateKey($metadata_config, false, 'new_');
if ($private !== null) {
$public = $cryptoUtils->loadPublicKey($metadata_config, false, 'new_');
$matrix[] = [
'required' => 'required',
'descr' => Translate::noop('Matching key-pair for signing assertions (rollover key)'),
'enabled' => $this->matchingKeyPair($public['PEM'], $private['PEM'], $private['password']),
];
}
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment