Skip to content
Snippets Groups Projects
Commit e7b5b319 authored by Olav Morken's avatar Olav Morken
Browse files

SAMLParser: Return complete endpoint arrays. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1952 44740490-163a-0410-bde0-09ae8108e29a
parent af179cea
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Metadata/SAMLParser.php
+ 10
68
View file @ e7b5b319
...@@ -477,15 +477,8 @@ class SimpleSAML_Metadata_SAMLParser { ...@@ -477,15 +477,8 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['expire'] = $spd['expire']; $ret['expire'] = $spd['expire'];
} }
/* Find the assertion consumer service endpoint. */ /* Find the assertion consumer service endpoints. */
$acs = $this->getDefaultEndpoint($spd['AssertionConsumerService'], array(self::SAML_1X_POST_BINDING)); $ret['AssertionConsumerService'] = $spd['AssertionConsumerService'];
if($acs === NULL) {
SimpleSAML_Logger::warning('Could not find a supported SAML 1.x AssertionConsumerService endpoint for ' .
var_export($ret['entityid'], TRUE) . '.');
return;
} else {
$ret['AssertionConsumerService'] = $acs['Location'];
}
/* Add the list of attributes the SP should receive. */ /* Add the list of attributes the SP should receive. */
if (array_key_exists('attributes', $spd)) { if (array_key_exists('attributes', $spd)) {
...@@ -545,21 +538,11 @@ class SimpleSAML_Metadata_SAMLParser { ...@@ -545,21 +538,11 @@ class SimpleSAML_Metadata_SAMLParser {
$ret['expire'] = $idp['expire']; $ret['expire'] = $idp['expire'];
} }
/* Find the SSO service endpoint. */ /* Find the SSO service endpoints. */
$sso = $this->getDefaultEndpoint($idp['SingleSignOnService'], array(self::SAML_1x_AUTHN_REQUEST)); $ret['SingleSignOnService'] = $idp['SingleSignOnService'];
if($sso === NULL) {
SimpleSAML_Logger::warning('Could not find a supported SAML 1.x SingleSignOnService endpoint for ' .
var_export($ret['entityid'], TRUE) . '.');
return;
} else {
$ret['SingleSignOnService'] = $sso['Location'];
}
/* Find the ArtifactResolutionService endpoint. */ /* Find the ArtifactResolutionService endpoint. */
$artifactResolutionService = $this->getDefaultEndpoint($idp['ArtifactResolutionService'], array(self::SAML_1X_SOAP_BINDING)); $ret['ArtifactResolutionService'] = $idp['ArtifactResolutionService'];
if ($artifactResolutionService !== NULL) {
$ret['ArtifactResolutionService'] = $artifactResolutionService['Location'];
}
/* Add certificate to metadata. Only the first valid certificate will be added. */ /* Add certificate to metadata. Only the first valid certificate will be added. */
$ret['certFingerprint'] = array(); $ret['certFingerprint'] = array();
...@@ -620,34 +603,11 @@ class SimpleSAML_Metadata_SAMLParser { ...@@ -620,34 +603,11 @@ class SimpleSAML_Metadata_SAMLParser {
} }
/* Find the assertion consumer service endpoints. */ /* Find the assertion consumer service endpoints. */
$defaultACS = $this->getDefaultEndpoint($spd['AssertionConsumerService'], array(self::SAML_20_POST_BINDING)); $ret['AssertionConsumerService'] = $spd['AssertionConsumerService'];
if($defaultACS === NULL) {
SimpleSAML_Logger::warning('Could not find a supported SAML 2.0 AssertionConsumerService endpoint for ' .
var_export($ret['entityid'], TRUE) . '.');
} else {
$defaultACS = $defaultACS['Location'];
$retACS = array($defaultACS);
$allACS = $this->getEndpoints($spd['AssertionConsumerService'], array(self::SAML_20_POST_BINDING));
foreach ($allACS as $acs) {
$acs = $acs['Location'];
if ($acs !== $defaultACS) {
$retACS[] = $acs;
}
}
$ret['AssertionConsumerService'] = $retACS;
}
/* Find the single logout service endpoint. */ /* Find the single logout service endpoint. */
$slo = $this->getDefaultEndpoint($spd['SingleLogoutService'], array(self::SAML_20_REDIRECT_BINDING)); $ret['SingleLogoutService'] = $spd['SingleLogoutService'];
if($slo !== NULL) {
$ret['SingleLogoutService'] = $slo['Location'];
if (isset($slo['ResponseLocation']) && $slo['Location'] != $slo['ResponseLocation']) {
$ret['SingleLogoutServiceResponse'] = $slo['ResponseLocation'];
}
}
/* Find the NameIDFormat. This may not exists. */ /* Find the NameIDFormat. This may not exists. */
...@@ -729,32 +689,14 @@ class SimpleSAML_Metadata_SAMLParser { ...@@ -729,32 +689,14 @@ class SimpleSAML_Metadata_SAMLParser {
} }
/* Find the SSO service endpoint. */ /* Find the SSO service endpoint. */
$sso = $this->getDefaultEndpoint($idp['SingleSignOnService'], array(self::SAML_20_REDIRECT_BINDING)); $ret['SingleSignOnService'] = $idp['SingleSignOnService'];
if($sso === NULL) {
SimpleSAML_Logger::warning('Could not find a supported SAML 2.0 SingleSignOnService endpoint for ' .
var_export($ret['entityid'], TRUE) . '.');
} else {
$ret['SingleSignOnService'] = $sso['Location'];
}
/* Find the single logout service endpoint. */ /* Find the single logout service endpoint. */
$slo = $this->getDefaultEndpoint($idp['SingleLogoutService'], array(self::SAML_20_REDIRECT_BINDING)); $ret['SingleLogoutService'] = $idp['SingleLogoutService'];
if($slo !== NULL) {
$ret['SingleLogoutService'] = $slo['Location'];
/* If the response location is set, include it in the returned metadata. */
if(array_key_exists('ResponseLocation', $slo)) {
$ret['SingleLogoutServiceResponse'] = $slo['ResponseLocation'];
}
}
/* Find the ArtifactResolutionService endpoint. */ /* Find the ArtifactResolutionService endpoint. */
$artifactResolutionService = $this->getDefaultEndpoint($idp['ArtifactResolutionService'], array(SAML2_Const::BINDING_SOAP)); $ret['ArtifactResolutionService'] = $idp['ArtifactResolutionService'];
if ($artifactResolutionService !== NULL) {
$ret['ArtifactResolutionService'] = $artifactResolutionService['Location'];
}
/* Add certificate to metadata. Only the first valid certificate will be added. */ /* Add certificate to metadata. Only the first valid certificate will be added. */
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment