Skip to content
Snippets Groups Projects
Commit f84b0db5 authored by Olav Morken's avatar Olav Morken
Browse files

Metadata-pages: Use SimpleSAML_Utilities::loadPublicKey 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@929 44740490-163a-0410-bde0-09ae8108e29a
parent 90c8e98d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
www/saml2/idp/metadata.php
+ 8
9
View file @ f84b0db5
...@@ -24,14 +24,13 @@ try { ...@@ -24,14 +24,13 @@ try {
$idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('saml20-idp-hosted'); $idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('saml20-idp-hosted');
$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); $idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
$publiccert = $config->getPathValue('certdir') . $idpmeta['certificate'];
if (!file_exists($publiccert)) $certInfo = SimpleSAML_Utilities::loadPublicKey($idpmeta, TRUE);
throw new Exception('Could not find certificate [' . $publiccert . '] to attach to the authentication resposne'); $certFingerprint = $certInfo['certFingerprint'];
if (count($certFingerprint) === 1) {
$cert = file_get_contents($publiccert); /* Only one valid certificate. */
$data = XMLSecurityDSig::get509XCert($cert, true); $certFingerprint = $certFingerprint[0];
}
$logouttype = 'traditional'; $logouttype = 'traditional';
if (array_key_exists('logouttype', $idpmeta)) $logouttype = $idpmeta['logouttype']; if (array_key_exists('logouttype', $idpmeta)) $logouttype = $idpmeta['logouttype'];
...@@ -45,7 +44,7 @@ try { ...@@ -45,7 +44,7 @@ try {
'SingleSignOnService' => $metadata->getGenerated('SingleSignOnService', 'saml20-idp-hosted', array()), 'SingleSignOnService' => $metadata->getGenerated('SingleSignOnService', 'saml20-idp-hosted', array()),
'SingleLogoutService' => $metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted', array('logouttype' => $logouttype)), 'SingleLogoutService' => $metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted', array('logouttype' => $logouttype)),
'SingleLogoutServiceResponse' => $metadata->getGenerated('SingleLogoutServiceResponse', 'saml20-idp-hosted', array('logouttype' => $logouttype)), 'SingleLogoutServiceResponse' => $metadata->getGenerated('SingleLogoutServiceResponse', 'saml20-idp-hosted', array('logouttype' => $logouttype)),
'certFingerprint' => strtolower(sha1(base64_decode($data))), 'certFingerprint' => $certFingerprint,
); );
if ($metaArray['SingleLogoutServiceResponse'] === $metaArray['SingleLogoutService']) { if ($metaArray['SingleLogoutServiceResponse'] === $metaArray['SingleLogoutService']) {
...@@ -54,7 +53,7 @@ try { ...@@ -54,7 +53,7 @@ try {
$metaflat = var_export($idpentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ','; $metaflat = var_export($idpentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ',';
$metaArray['certificate'] = $idpmeta['certificate']; $metaArray['certData'] = $certInfo['certData'];
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid); $metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid);
$metaBuilder->addMetadataIdP20($metaArray); $metaBuilder->addMetadataIdP20($metaArray);
$metaBuilder->addContact('technical', array( $metaBuilder->addContact('technical', array(
......
www/saml2/sp/metadata.php
+ 5
3
View file @ f84b0db5
...@@ -31,11 +31,13 @@ try { ...@@ -31,11 +31,13 @@ try {
'SingleLogoutService' => $metadata->getGenerated('SingleLogoutService', 'saml20-sp-hosted'), 'SingleLogoutService' => $metadata->getGenerated('SingleLogoutService', 'saml20-sp-hosted'),
); );
$certInfo = SimpleSAML_Utilities::loadPublicKey($spmeta);
if ($certInfo !== NULL && array_key_exists('certData', $certInfo)) {
$metaArray['certData'] = $certInfo['certData'];
}
$metaflat = var_export($spentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ','; $metaflat = var_export($spentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ',';
if (array_key_exists('certificate', $spmeta)) {
$metaArray['certificate'] = $spmeta['certificate'];
}
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($spentityid); $metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($spentityid);
$metaBuilder->addMetadataSP20($metaArray); $metaBuilder->addMetadataSP20($metaArray);
$metaBuilder->addContact('technical', array( $metaBuilder->addContact('technical', array(
......
www/shib13/idp/metadata.php
+ 8
10
View file @ f84b0db5
...@@ -25,25 +25,23 @@ try { ...@@ -25,25 +25,23 @@ try {
$idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('shib13-idp-hosted'); $idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('shib13-idp-hosted');
$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted'); $idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
$publiccert = $config->getPathValue('certdir') . $idpmeta['certificate']; $certInfo = SimpleSAML_Utilities::loadPublicKey($idpmeta, TRUE);
$certFingerprint = $certInfo['certFingerprint'];
if (count($certFingerprint) === 1) {
/* Only one valid certificate. */
$certFingerprint = $certFingerprint[0];
}
if (!file_exists($publiccert))
throw new Exception('Could not find certificate [' . $publiccert . '] to attach to the authentication resposne');
$cert = file_get_contents($publiccert);
$data = XMLSecurityDSig::get509XCert($cert, true);
$metaArray = array( $metaArray = array(
'name' => 'Type in a name for this entity', 'name' => 'Type in a name for this entity',
'description' => 'and a proper description that would help users know when to select this IdP.', 'description' => 'and a proper description that would help users know when to select this IdP.',
'SingleSignOnService' => $metadata->getGenerated('SingleSignOnService', 'shib13-idp-hosted'), 'SingleSignOnService' => $metadata->getGenerated('SingleSignOnService', 'shib13-idp-hosted'),
'certFingerprint' => strtolower(sha1(base64_decode($data))), 'certFingerprint' => $certFingerprint,
); );
$metaflat = var_export($idpentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ','; $metaflat = var_export($idpentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ',';
$metaArray['certificate'] = $idpmeta['certificate']; $metaArray['certData'] = $certInfo['certData'];
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid); $metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid);
$metaBuilder->addMetadataIdP11($metaArray); $metaBuilder->addMetadataIdP11($metaArray);
$metaBuilder->addContact('technical', array( $metaBuilder->addContact('technical', array(
......
www/shib13/sp/metadata.php
+ 5
0
View file @ f84b0db5
...@@ -31,6 +31,11 @@ try { ...@@ -31,6 +31,11 @@ try {
'AssertionConsumerService' => $metadata->getGenerated('AssertionConsumerService', 'shib13-sp-hosted'), 'AssertionConsumerService' => $metadata->getGenerated('AssertionConsumerService', 'shib13-sp-hosted'),
); );
$certInfo = SimpleSAML_Utilities::loadPublicKey($spmeta);
if ($certInfo !== NULL && array_key_exists('certData', $certInfo)) {
$metaArray['certData'] = $certInfo['certData'];
}
$metaflat = var_export($spentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ','; $metaflat = var_export($spentityid, TRUE) . ' => ' . var_export($metaArray, TRUE) . ',';
if (array_key_exists('certificate', $spmeta)) { if (array_key_exists('certificate', $spmeta)) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment