Add SAML 2.0 SP metadata.
public addMetadataSP20 ( array $metadata, array $protocols = [SAML2\Constants::NS_SAMLP] ) | ||
$metadata | array | The metadata. |
$protocols | array | The protocols supported. Defaults to \SAML2\Constants::NS_SAMLP. |
if ($spconfig->getBoolean('saml11.binding.artifact.enable', FALSE)) { $metaArray11['AssertionConsumerService.artifact'] = SimpleSAML_Module::getModuleURL('saml/sp/saml1-acs.php/' . $sourceId . '/artifact'); } $metaArray20 = array('AssertionConsumerService' => SimpleSAML_Module::getModuleURL('saml/sp/saml2-acs.php/' . $sourceId), 'SingleLogoutService' => SimpleSAML_Module::getModuleURL('saml/sp/saml2-logout.php/' . $sourceId)); if ($spconfig->getBoolean('saml20.binding.artifact.enable', FALSE)) { $metaArray20['AssertionConsumerService.artifact'] = SimpleSAML_Module::getModuleURL('saml/sp/saml2-acs.php/' . $sourceId); } $certInfo = SimpleSAML_Utilities::loadPublicKey($spconfig->toArray()); if ($certInfo !== NULL && array_key_exists('certData', $certInfo)) { $certData = $certInfo['certData']; $metaArray11['certData'] = $certData; $metaArray20['certData'] = $certData; } $metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($entityId); $metaBuilder->addMetadataSP11($metaArray11); $metaBuilder->addMetadataSP20($metaArray20); $config = SimpleSAML_Configuration::getInstance(); $metaBuilder->addContact('technical', array('emailAddress' => $config->getString('technicalcontact_email', NULL), 'name' => $config->getString('technicalcontact_name', NULL))); $xml = $metaBuilder->getEntityDescriptorText(); if (array_key_exists('output', $_REQUEST) && $_REQUEST['output'] == 'xhtml') { $t = new SimpleSAML_XHTML_Template($config, 'metadata.php', 'admin'); $t->data['header'] = 'saml20-sp'; $t->data['metadata'] = htmlspecialchars($xml); $t->data['metadataflat'] = '$metadata[' . var_export($entityId, TRUE) . '] = ' . var_export($metaArray20, TRUE) . ';'; $t->data['metaurl'] = $source->getMetadataURL(); $t->data['idpsend'] = array(); $t->data['sentok'] = FALSE; $t->data['adminok'] = FALSE; $t->data['adminlogin'] = NULL; $t->data['techemail'] = $config->getString('technicalcontact_email', NULL); $t->show();
$contacts = $spconfig->getArray('contacts', array()); // add certificate if (count($keys) === 1) { $metaArray20['certData'] = $keys[0]['X509Certificate']; } elseif (count($keys) > 1) { $metaArray20['keys'] = $keys; } // add UIInfo extension if ($spconfig->hasValue('UIInfo')) { $metaArray20['UIInfo'] = $spconfig->getArray('UIInfo'); } $supported_protocols = array('urn:oasis:names:tc:SAML:1.1:protocol', SAML2_Const::NS_SAMLP); $metaArray20['metadata-set'] = 'saml20-sp-remote'; $metaArray20['entityid'] = $entityId; $metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($entityId); $metaBuilder->addMetadataSP20($metaArray20, $supported_protocols); $metaBuilder->addOrganizationInfo($metaArray20); if (!empty($contact)) { $metaBuilder->addContact('technical', $contact); } foreach ($contacts as $c) { $metaBuilder->addContact($c['contactType'], $c); } $xml = $metaBuilder->getEntityDescriptorText(); unset($metaArray20['attributes.required']); unset($metaArray20['UIInfo']); unset($metaArray20['metadata-set']); unset($metaArray20['entityid']); /* Sign the metadata if enabled. */ $xml = SimpleSAML_Metadata_Signer::sign($xml, $spconfig->toArray(), 'SAML 2 SP'); if (array_key_exists('output', $_REQUEST) && $_REQUEST['output'] == 'xhtml') {