Skip to content
Snippets Groups Projects
Unverified Commit f5cec241 authored by Tim van Dijen's avatar Tim van Dijen Committed by GitHub
Browse files

Restore metadata.sign functionality (#1792)

parent 4672adfc
No related branches found
No related tags found
No related merge requests found
......@@ -806,8 +806,9 @@ class SAML2
*/
public static function getHostedMetadata(string $entityid, MetaDataStorageHandler $handler = null): array
{
$globalConfig = Configuration::getInstance();
if ($handler === null) {
$handler = MetaDataStorageHandler::getMetadataHandler(Configuration::getInstance());
$handler = MetaDataStorageHandler::getMetadataHandler($globalConfig);
}
$config = $handler->getMetaDataConfig($entityid, 'saml20-idp-hosted');
......@@ -858,6 +859,24 @@ class SAML2
'NameIDFormat' => $config->getOptionalArrayizeString('NameIDFormat', [C::NAMEID_TRANSIENT]),
];
// metadata signing
if ($config->hasValue('metadata.sign.enable')) {
$metadata += ['metadata.sign.enable' => $config->getBoolean('metadata.sign.enable')];
if ($config->hasValue('metadata.sign.privatekey')) {
$metadata += ['metadata.sign.privatekey' => $config->getString('metadata.sign.privatekey')];
}
if ($config->hasValue('metadata.sign.privatekey_pass')) {
$metadata += ['metadata.sign.privatekey_pass' => $config->getString('metadata.sign.privatekey_pass')];
}
if ($config->hasValue('metadata.sign.certificate')) {
$metadata += ['metadata.sign.certificate' => $config->getString('metadata.sign.certificate')];
}
if ($config->hasValue('metadata.sign.algorithm')) {
$metadata += ['metadata.sign.algorithm' => $config->getString('metadata.sign.algorithm')];
}
}
$cryptoUtils = new Utils\Crypto();
$httpUtils = new Utils\HTTP();
......@@ -1000,7 +1019,6 @@ class SAML2
}
}
$globalConfig = Configuration::getInstance();
$email = $globalConfig->getOptionalString('technicalcontact_email', 'na@example.org');
if (!empty($email) && $email !== 'na@example.org') {
$contact = [
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment