/**
  * @return SimpleSAML_Configuration
  */
 protected function getSspOwnMetadata()
 {
     $keyPair = $this->_server->getSigningCertificates();
     $spMetadata = SimpleSAML_Configuration::loadFromArray(array('entityid' => $this->_server->getUrl('spMetadataService'), 'SingleSignOnService' => array(array('Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => $this->_server->getUrl('spMetadataService'))), 'keys' => array(array('signing' => true, 'type' => 'X509Certificate', 'X509Certificate' => $keyPair->getCertificate()->toCertData()), array('signing' => true, 'type' => 'X509Certificate', 'X509Certificate' => $keyPair->getCertificate()->toCertData())), 'privatekey' => $keyPair->getPrivateKey() ? $keyPair->getPrivateKey()->filePath() : ''));
     return $spMetadata;
 }
 /**
  * Get all certificates from the configuration, the certificate key we were configured with and tell them to
  * the proxy server. Let the proxy server then decide which signing certificates to use.
  *
  * @param EngineBlock_Corto_ProxyServer $proxyServer
  * @param Zend_Config $applicationConfiguration
  * @return EngineBlock_X509_KeyPair
  * @throws EngineBlock_Corto_ProxyServer_Exception
  * @throws EngineBlock_Exception
  */
 protected function configureProxyCertificates(EngineBlock_Corto_ProxyServer $proxyServer, Zend_Config $applicationConfiguration)
 {
     if (!isset($applicationConfiguration->encryption) || !isset($applicationConfiguration->encryption->keys)) {
         throw new EngineBlock_Corto_ProxyServer_Exception("No encryption/signing keys defined!");
     }
     $keysConfig = $applicationConfiguration->encryption->keys->toArray();
     if (empty($keysConfig)) {
         throw new EngineBlock_Corto_ProxyServer_Exception("No encryption/signing keys defined!");
     }
     $publicKeyFactory = new EngineBlock_X509_CertificateFactory();
     $keyPairs = array();
     foreach ($keysConfig as $keyId => $keyConfig) {
         if (!isset($keyConfig['privateFile'])) {
             $this->_getSessionLog()->warning('Reference to private key file not found for key: ' . $keyId . ' skipping keypair.');
             continue;
         }
         if (!isset($keyConfig['publicFile'])) {
             $this->_getSessionLog()->warning('Reference to public key file not found for key: ' . $keyId);
             continue;
         }
         $keyPairs[$keyId] = new EngineBlock_X509_KeyPair($publicKeyFactory->fromFile($keyConfig['publicFile']), new EngineBlock_X509_PrivateKey($keyConfig['privateFile']));
     }
     if (empty($keyPairs)) {
         throw new EngineBlock_Exception('No (valid) keypairs found in configuration! Please configure at least 1 keypair under encryption.keys');
     }
     $proxyServer->setKeyPairs($keyPairs);
     if ($this->_keyId !== null) {
         $proxyServer->setKeyId($this->_keyId);
     }
     return $proxyServer->getSigningCertificates();
 }