From 854c2127c650d73ea57992a0eaf44982365dfbfd Mon Sep 17 00:00:00 2001
From: m0ark <33390109+m0ark@users.noreply.github.com>
Date: Thu, 24 May 2018 08:39:33 +0200
Subject: [PATCH] Update MetaDataStorageSource.php
Support both hint.cidr and DiscoHints->IPHint
---
.../Metadata/MetaDataStorageSource.php | 23 +++++++++++++------
1 file changed, 16 insertions(+), 7 deletions(-)
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageSource.php b/lib/SimpleSAML/Metadata/MetaDataStorageSource.php
index 74822bdbf..8460ef52a 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageSource.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageSource.php
@@ -177,18 +177,27 @@ abstract class SimpleSAML_Metadata_MetaDataStorageSource
$metadataSet = $this->getMetadataSet($set);
foreach ($metadataSet as $index => $entry) {
-
- if (!array_key_exists('DiscoHints', $entry)) {
- continue;
+
+ $cidrHints = array();
+
+ // support hint.cidr for idp discovery
+ if (array_key_exists('hint.cidr', $entry) && is_array($entry['hint.cidr'])) {
+ $cidrHints = $entry['hint.cidr'];
}
- if (!array_key_exists('IPHint', $entry['DiscoHints'])) {
- continue;
+
+ // support discohints in idp metadata for idp discovery
+ if (array_key_exists('DiscoHints', $entry)
+ && array_key_exists('IPHint', $entry['DiscoHints'])
+ && is_array($entry['DiscoHints']['IPHint'])) {
+ // merge with hints derived from discohints, but prioritize hint.cidr in case it is used
+ $cidrHints = array_merge($entry['DiscoHints']['IPHint'], $cidrHints);
}
- if (!is_array($entry['DiscoHints']['IPHint'])) {
+
+ if (empty($cidrHints)) {
continue;
}
- foreach ($entry['DiscoHints']['IPHint'] as $hint_entry) {
+ foreach ($cidrHints as $hint_entry) {
if (SimpleSAML\Utils\Net::ipCIDRcheck($hint_entry, $ip)) {
if ($type === 'entityid') {
return $entry['entityid'];
--
GitLab