From f32e0e4726eb9b55d4bb54fb5c606412e4bfbf11 Mon Sep 17 00:00:00 2001
From: Thijs Kinkhorst <thijs@kinkhorst.com>
Date: Wed, 14 Feb 2018 13:43:54 +0000
Subject: [PATCH] Add twig template for metadata output.
Rework logic away from template into calling pages.
---
modules/adfs/www/idp/metadata.php | 7 ++++
templates/metadata.twig | 54 +++++++++++++++++++++++++++++++
www/saml2/idp/metadata.php | 7 ++++
3 files changed, 68 insertions(+)
create mode 100644 templates/metadata.twig
diff --git a/modules/adfs/www/idp/metadata.php b/modules/adfs/www/idp/metadata.php
index aaec9361c..bb77b56f6 100644
--- a/modules/adfs/www/idp/metadata.php
+++ b/modules/adfs/www/idp/metadata.php
@@ -148,6 +148,13 @@ try {
$t->data['clipboard.js'] = true;
$t->data['available_certs'] = $availableCerts;
+ $certdata = array();
+ foreach(array_keys($availableCerts) as $availableCert) {
+ $certdata[$availableCert]['name'] = $availableCert;
+ $certdata[$availableCert]['url'] = SimpleSAML\Module::getModuleURL('saml/idp/certs.php') . '/' . $availableCert;
+ $certdata[$availableCert]['comment'] = ( $availableCerts[$availableCert]['certFingerprint'][0] === 'afe71c28ef740bc87425be13a2263d37971da1f9' ? 'This is the default certificate. Generate a new certificate if this is a production system.' : '');
+ }
+ $t->data['certdata'] = $certdata;
$t->data['header'] = 'adfs-idp'; // TODO: Replace with headerString in 2.0
$t->data['headerString'] = $t->noop('metadata_adfs-idp');
$t->data['metaurl'] = \SimpleSAML\Utils\HTTP::getSelfURLNoQuery();
diff --git a/templates/metadata.twig b/templates/metadata.twig
new file mode 100644
index 000000000..f62aa13a6
--- /dev/null
+++ b/templates/metadata.twig
@@ -0,0 +1,54 @@
+{% set pagetile = 'SimpleSAMLphp Show Metadata'|trans %}
+{% extends 'base.twig' %}
+{% block content %}
+ <h2>{{ header }}</h2>
+ <p>{{ metadata_intro }}</p>
+
+{% if metaurl is defined %}
+ <p>{{ 'You can get the metadata xml on a dedicated URL:' | trans }}</p>
+ <div class="input-group">
+ <pre id="metadataurl" class="input-left">{{ metaurl }}</pre>
+ <button data-clipboard-target="#metadataurl" id="btnurl" class="pure-button right clipboard-btn">
+ <span class="fa fa-copy"></span>
+ </button>
+ </div>
+{% endif %}
+
+ <h2>{{ 'Metadata' | trans }}</h2>
+ <div class="code-box">
+ <div class="code-box-title">
+ <p>{{ 'In SAML 2.0 Metadata XML format:' | trans }}</p>
+ <button data-clipboard-target="#xmlmetadata" id="btnxml" class="pure-button right clipboard-btn">
+ <span class="fa fa-copy"></span>
+ </button>
+ </div>
+ <div class="code-box-content">
+ <pre id="xmlmetadata">{{ metadata | raw }}</pre>
+ </div>
+ </div>
+
+ <div class="code-box">
+ <div class="code-box-title">
+ <p>{{ 'In SimpleSAMLphp flat file format - use this if you are using a SimpleSAMLphp entity on the other side:' | trans }}</p>
+ <button data-clipboard-target="#phpmetadata" id="btnphp" class="pure-button right clipboard-btn">
+ <span class="fa fa-copy"></span>
+ </button>
+ </div>
+ <div class="code-box-content">
+ <pre id="phpmetadata">{{ metadataflat | raw }}</pre>
+ </div>
+ </div>
+
+{% if certdata is defined %}
+ <h2>{{ 'Certificates' |trans }}</h2>
+ <p>{{ 'Download the X509 certificates as PEM-encoded files.' |trans }}</p>
+
+ <ul>
+ {% for cert in certdata %}
+ <li><a href="{{ cert.url }}">{{ cert.name }}</a> {{ cert.comment }}</li>
+ {% endfor %}
+ </ul>
+
+{% endif %}
+
+{% endblock content %}
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index fabe2a2ef..e39645517 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -211,6 +211,13 @@ try {
$t->data['clipboard.js'] = true;
$t->data['available_certs'] = $availableCerts;
+ $certdata = array();
+ foreach(array_keys($availableCerts) as $availableCert) {
+ $certdata[$availableCert]['name'] = $availableCert;
+ $certdata[$availableCert]['url'] = SimpleSAML\Module::getModuleURL('saml/idp/certs.php') . '/' . $availableCert;
+ $certdata[$availableCert]['comment'] = ( $availableCerts[$availableCert]['certFingerprint'][0] === 'afe71c28ef740bc87425be13a2263d37971da1f9' ? 'This is the default certificate. Generate a new certificate if this is a production system.' : '');
+ }
+ $t->data['certdata'] = $certdata;
$t->data['header'] = 'saml20-idp'; // TODO: Replace with headerString in 2.0
$t->data['headerString'] = $t->noop('metadata_saml20-idp');
$t->data['metaurl'] = HTTP::getSelfURLNoQuery();
--
GitLab