Skip to content
Snippets Groups Projects
Commit bdb1181b authored by Olav Morken's avatar Olav Morken
Browse files

Metadata: Convert between WantAuthnRequestsSigned and redirect.sign metadata options.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@944 44740490-163a-0410-bde0-09ae8108e29a
parent 2adf6265
No related branches found
No related tags found
No related merge requests found
......@@ -153,6 +153,10 @@ class SimpleSAML_Metadata_SAMLBuilder {
$e = $this->createElement('IDPSSODescriptor');
$e->setAttribute('protocolSupportEnumeration', 'urn:oasis:names:tc:SAML:2.0:protocol');
if (array_key_exists('redirect.sign', $metadata) && $metadata['redirect.sign']) {
$e->setAttribute('WantAuthnRequestSigned', 'true');
}
$this->addCertificate($e, $metadata);
if (array_key_exists('SingleLogoutService', $metadata)) {
......
......@@ -647,6 +647,7 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['name'] = $this->entityId;
/* Find IdP information which supports the SAML 2.0 protocol. */
$idp = $this->getIdPDescriptors(self::$SAML20Protocols);
if(count($idp) === 0) {
......@@ -661,6 +662,11 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['expire'] = $idp['expire'];
}
/* Enable redirect.sign if WantAuthnRequestsSigned is enabled. */
if ($idp['wantAuthnRequestsSigned']) {
$ret['redirect.sign'] = TRUE;
}
/* Find the SSO service endpoint. */
$sso = $this->getDefaultEndpoint($idp['singleSignOnServices'], array(self::SAML_20_REDIRECT_BINDING));
if($sso === NULL) {
......@@ -842,6 +848,11 @@ class SimpleSAML_Metadata_SAMLParser {
$idp['singleSignOnServices'][] = self::parseSingleSignOnService($child);
}
if ($element->getAttribute('WantAuthnRequestsSigned') === 'true') {
$idp['wantAuthnRequestsSigned'] = TRUE;
} else {
$idp['wantAuthnRequestsSigned'] = FALSE;
}
$this->idpDescriptors[] = $idp;
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment