Add SAML 2.0 SP metadata.
| public addMetadataSP20 ( array $metadata, array $protocols = [SAML2\Constants::NS_SAMLP] ) | ||
| $metadata | array | The metadata. |
| $protocols | array | The protocols supported. Defaults to \SAML2\Constants::NS_SAMLP. |
if ($spconfig->getBoolean('saml11.binding.artifact.enable', FALSE)) {
$metaArray11['AssertionConsumerService.artifact'] = SimpleSAML_Module::getModuleURL('saml/sp/saml1-acs.php/' . $sourceId . '/artifact');
}
$metaArray20 = array('AssertionConsumerService' => SimpleSAML_Module::getModuleURL('saml/sp/saml2-acs.php/' . $sourceId), 'SingleLogoutService' => SimpleSAML_Module::getModuleURL('saml/sp/saml2-logout.php/' . $sourceId));
if ($spconfig->getBoolean('saml20.binding.artifact.enable', FALSE)) {
$metaArray20['AssertionConsumerService.artifact'] = SimpleSAML_Module::getModuleURL('saml/sp/saml2-acs.php/' . $sourceId);
}
$certInfo = SimpleSAML_Utilities::loadPublicKey($spconfig->toArray());
if ($certInfo !== NULL && array_key_exists('certData', $certInfo)) {
$certData = $certInfo['certData'];
$metaArray11['certData'] = $certData;
$metaArray20['certData'] = $certData;
}
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($entityId);
$metaBuilder->addMetadataSP11($metaArray11);
$metaBuilder->addMetadataSP20($metaArray20);
$config = SimpleSAML_Configuration::getInstance();
$metaBuilder->addContact('technical', array('emailAddress' => $config->getString('technicalcontact_email', NULL), 'name' => $config->getString('technicalcontact_name', NULL)));
$xml = $metaBuilder->getEntityDescriptorText();
if (array_key_exists('output', $_REQUEST) && $_REQUEST['output'] == 'xhtml') {
$t = new SimpleSAML_XHTML_Template($config, 'metadata.php', 'admin');
$t->data['header'] = 'saml20-sp';
$t->data['metadata'] = htmlspecialchars($xml);
$t->data['metadataflat'] = '$metadata[' . var_export($entityId, TRUE) . '] = ' . var_export($metaArray20, TRUE) . ';';
$t->data['metaurl'] = $source->getMetadataURL();
$t->data['idpsend'] = array();
$t->data['sentok'] = FALSE;
$t->data['adminok'] = FALSE;
$t->data['adminlogin'] = NULL;
$t->data['techemail'] = $config->getString('technicalcontact_email', NULL);
$t->show();
$contacts = $spconfig->getArray('contacts', array());
// add certificate
if (count($keys) === 1) {
$metaArray20['certData'] = $keys[0]['X509Certificate'];
} elseif (count($keys) > 1) {
$metaArray20['keys'] = $keys;
}
// add UIInfo extension
if ($spconfig->hasValue('UIInfo')) {
$metaArray20['UIInfo'] = $spconfig->getArray('UIInfo');
}
$supported_protocols = array('urn:oasis:names:tc:SAML:1.1:protocol', SAML2_Const::NS_SAMLP);
$metaArray20['metadata-set'] = 'saml20-sp-remote';
$metaArray20['entityid'] = $entityId;
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($entityId);
$metaBuilder->addMetadataSP20($metaArray20, $supported_protocols);
$metaBuilder->addOrganizationInfo($metaArray20);
if (!empty($contact)) {
$metaBuilder->addContact('technical', $contact);
}
foreach ($contacts as $c) {
$metaBuilder->addContact($c['contactType'], $c);
}
$xml = $metaBuilder->getEntityDescriptorText();
unset($metaArray20['attributes.required']);
unset($metaArray20['UIInfo']);
unset($metaArray20['metadata-set']);
unset($metaArray20['entityid']);
/* Sign the metadata if enabled. */
$xml = SimpleSAML_Metadata_Signer::sign($xml, $spconfig->toArray(), 'SAML 2 SP');
if (array_key_exists('output', $_REQUEST) && $_REQUEST['output'] == 'xhtml') {
