/** * @param SSODescriptor $ssoDescriptor * @param EntityDescriptor $entityDescriptor * @param array $result */ protected function handleDescriptor(SSODescriptor $ssoDescriptor, EntityDescriptor $entityDescriptor, array &$result) { foreach ($ssoDescriptor->getAllKeyDescriptors() as $keyDescriptor) { $credential = (new X509Credential($keyDescriptor->getCertificate()))->setEntityId($entityDescriptor->getEntityID())->addKeyName($keyDescriptor->getCertificate()->getName())->setCredentialContext(new CredentialContextSet(array(new MetadataCredentialContext($keyDescriptor, $ssoDescriptor, $entityDescriptor))))->setUsageType($keyDescriptor->getUse()); $result[] = $credential; } }
/** * @return EntityDescriptor */ public function get() { if (null == $this->entityDescriptor) { $this->entityDescriptor = new EntityDescriptor(); $deserializationContext = new DeserializationContext(); $deserializationContext->getDocument()->load($this->filename); $this->entityDescriptor->deserialize($deserializationContext->getDocument()->firstChild, $deserializationContext); } return $this->entityDescriptor; }
public function test__serialization() { $ed = new EntityDescriptor(); $ed->setEntityID($entityID = 'http://vendor.com/id')->setID($edID = '_127800fe-39ac-46ad-b073-6fb6106797a0')->addItem((new IdpSsoDescriptor())->addSingleSignOnService((new SingleSignOnService())->setBinding(SamlConstants::BINDING_SAML2_HTTP_POST)->setLocation('http://idp.example.com/sso/post'))->addSingleSignOnService((new SingleSignOnService())->setBinding(SamlConstants::BINDING_SAML2_HTTP_REDIRECT)->setLocation('http://idp.example.com/slo/get'))->addSingleLogoutService((new SingleLogoutService())->setBinding(SamlConstants::BINDING_SAML2_HTTP_REDIRECT)->setLocation('http://idp.example.com/slo/redirect'))->addAttribute((new Attribute())->setName(ClaimTypes::COMMON_NAME)->setFriendlyName('Common Name')->addAttributeValue('common name value'))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addKeyDescriptor((new KeyDescriptor())->setCertificate((new X509Certificate())->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt')))->addOrganization((new Organization())->setOrganizationName('Organization Name')->setOrganizationDisplayName('Display Name')->setOrganizationURL('http://organization.org'))->addContactPerson((new ContactPerson())->setContactType(ContactPerson::TYPE_SUPPORT)->setGivenName('Support')->setSurName('Smith')->setEmailAddress('*****@*****.**')))->addItem((new SpSsoDescriptor())->addSingleLogoutService((new SingleLogoutService())->setBinding(SamlConstants::BINDING_SAML2_HTTP_POST)->setLocation('http://sp.example.com/slo/post'))->addAssertionConsumerService((new AssertionConsumerService())->setBinding(SamlConstants::BINDING_SAML2_HTTP_POST)->setLocation('http://sp.example.com/acs/post')->setIndex(0)->setIsDefault(true))->addAssertionConsumerService((new AssertionConsumerService())->setBinding(SamlConstants::BINDING_SAML2_HTTP_REDIRECT)->setLocation('http://sp.example.com/acs/redirect')->setIndex(1)->setIsDefault(false))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)); $context = new SerializationContext(); $ed->serialize($context->getDocument(), $context); $context->getDocument()->formatOutput = true; $xml = $context->getDocument()->saveXML(); $expectedXml = <<<EOT <?xml version="1.0"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://vendor.com/id" ID="_127800fe-39ac-46ad-b073-6fb6106797a0"> <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <KeyDescriptor> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDrDCCApSgAwIBAgIJAIxzbGLou3BjMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlJTMQ8wDQYDVQQIEwZTZXJiaWExDDAKBgNVBAoTA0JPUzEUMBIGA1UEAxMLbXQuZXZvLnRlYW0wHhcNMTMxMDA4MTg1OTMyWhcNMjMxMDA4MTg1OTMyWjBCMQswCQYDVQQGEwJSUzEPMA0GA1UECBMGU2VyYmlhMQwwCgYDVQQKEwNCT1MxFDASBgNVBAMTC210LmV2by50ZWFtMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws7jML47jTQbWleRwihk15wOjuspoKPcxW1aERexAMWe8BMs1MeeTOMXjnA35breGa9PwJi2KjtDz3gkhVCglZzLZGBLLO7uchZvagFhTomZa20jTqO6JQbDli3pYNP0fBIrmEbH9cfhgm91Fm+6bTVnJ4xQhT4aPWrPAVKU2FDTBFBf4QNMIb1iI1oNErt3iocsbRTbIyjjvIe8yLVrtmZXA0DnkxB/riym0GT+4gpOEKV6GUMTF1x0eQMUzw4dkxhFs7fv6YrJymtEMmHOeiA5vVPEtxEr84JAXJyZUaZfufkj/jHUlX+POFWx2JRv+428ghrXpNvqUNqv7ozfFwIDAQABo4GkMIGhMB0GA1UdDgQWBBRomf3Xyc5ck3ceIXq0n45pxUkgwjByBgNVHSMEazBpgBRomf3Xyc5ck3ceIXq0n45pxUkgwqFGpEQwQjELMAkGA1UEBhMCUlMxDzANBgNVBAgTBlNlcmJpYTEMMAoGA1UEChMDQk9TMRQwEgYDVQQDEwttdC5ldm8udGVhbYIJAIxzbGLou3BjMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGAXc8pe6+6owl9z2iqybE6pbjXTKqjSclMGrdeooItU1xGqBhYu/b2q6hEvYZCzlqYe5euf3r8C7GAAKEYyuwu3xuLDYV4n6l6eWTIl1doug+r0Bl8Z3157A4BcgmUT64QkekI2VDHO8WAdDOWQg1UTEoqCryTOtmRaC391iGAqbz1wtZtV95boGdur8SChK9LKcPrbCDxpo64BMgtPk2HkRgE7h5YWkLHxmxwZrYi3EAfS6IucblY3wwY4GEix8DQh1lYgpv5TOD8IMVf+oUWdp81Un/IqHqLhnSupwk6rBYbUFhN/ClK5UcoDqWHcj27tGKD6aNlxTdSwcYBl3Ts=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <Organization> <OrganizationName>Organization Name</OrganizationName> <OrganizationDisplayName>Display Name</OrganizationDisplayName> <OrganizationURL>http://organization.org</OrganizationURL> </Organization> <ContactPerson contactType="support"> <GivenName>Support</GivenName> <SurName>Smith</SurName> <EmailAddress>support@idp.com</EmailAddress> </ContactPerson> <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://idp.example.com/slo/redirect"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://idp.example.com/sso/post"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://idp.example.com/slo/get"/> <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" FriendlyName="Common Name"> <AttributeValue>common name value</AttributeValue> </Attribute> </IDPSSODescriptor> <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sp.example.com/slo/post"/> <AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sp.example.com/acs/post"/> <AssertionConsumerService index="1" isDefault="false" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://sp.example.com/acs/redirect"/> </SPSSODescriptor> </EntityDescriptor> EOT; $xml = trim(str_replace("\r", '', $xml)); $expectedXml = trim(str_replace("\r", '', $expectedXml)); $this->assertEquals($expectedXml, $xml); }
/** * @return EntityDescriptor */ protected function getEntityDescriptor() { $entityDescriptor = new EntityDescriptor(); $entityDescriptor->setEntityID($this->entityId); $spSsoDescriptor = $this->getSpSsoDescriptor(); if ($spSsoDescriptor) { $entityDescriptor->addItem($spSsoDescriptor); } $idpSsoDescriptor = $this->getIdpSsoDescriptor(); if ($idpSsoDescriptor) { $entityDescriptor->addItem($idpSsoDescriptor); } return $entityDescriptor; }
public function test__deserialize_formatted_certificate() { $context = new DeserializationContext(); $context->getDocument()->load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/ed01-formatted-certificate.xml'); $ed = new EntityDescriptor(); $ed->deserialize($context->getDocument()->firstChild, $context); $this->assertNotNull($ed->getFirstIdpSsoDescriptor()); $arr = $ed->getFirstIdpSsoDescriptor()->getAllKeyDescriptors(); $this->assertCount(1, $arr); /** @var KeyDescriptor $kd */ $kd = array_shift($arr); $crt = openssl_x509_parse($kd->getCertificate()->toPem()); $this->assertEquals('idp.testshib.org', $crt['subject']['CN']); }
public function test_creates_composite_store() { $factory = new CredentialFactory(); $idpStore = new FixedEntityDescriptorStore(); $idpStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $spStore = new FixedEntityDescriptorStore(); $spStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $ownCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.pem', '', true)); $ownCredential->setEntityId('own'); $extraCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.key', '', true)); $extraCredential->setEntityId('extra'); $store = $factory->build($idpStore, $spStore, [$ownCredential], [$extraCredential]); /** @var X509Credential[] $credentials */ $credentials = $store->getByEntityId('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/'); $this->assertCount(1, $credentials); $this->assertEquals('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/', $credentials[0]->getEntityId()); $this->assertEquals(['CN' => 'accounts.accesscontrol.windows.net'], $credentials[0]->getCertificate()->getSubject()); $this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType()); $credentials = $store->getByEntityId('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp'); $this->assertCount(2, $credentials); $this->assertEquals('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp', $credentials[0]->getEntityId()); $subject = $credentials[0]->getCertificate()->getSubject(); $this->assertEquals('mt.evo.team', $subject['CN']); $this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType()); $this->assertEquals(UsageType::ENCRYPTION, $credentials[1]->getUsageType()); $credentials = $store->getByEntityId('own'); $this->assertCount(1, $credentials); $credentials = $store->getByEntityId('extra'); $this->assertCount(1, $credentials); }
/** * @param EntityDescriptor|EntitiesDescriptor $entityDescriptor * * @return FixedEntityDescriptorStore * * @throws \InvalidArgumentException */ public function add($entityDescriptor) { if ($entityDescriptor instanceof EntityDescriptor) { if (false == $entityDescriptor->getEntityID()) { throw new \InvalidArgumentException('EntityDescriptor must have entityId set'); } $this->descriptors[$entityDescriptor->getEntityID()] = $entityDescriptor; } elseif ($entityDescriptor instanceof EntitiesDescriptor) { foreach ($entityDescriptor->getAllItems() as $item) { $this->add($item); } } else { throw new \InvalidArgumentException('Expected EntityDescriptor or EntitiesDescriptor'); } return $this; }
private function load() { try { $this->object = EntityDescriptor::load($this->filename); } catch (LightSamlXmlException $ex) { $this->object = EntitiesDescriptor::load($this->filename); } }
/** * @param string $ownRole * @param SamlMessage $inboundMessage * @param Endpoint $endpoint * @param EntityDescriptor $partyEntityDescriptor * @param string $profileId * * @return \LightSaml\Context\Profile\ProfileContext */ protected function createContext($ownRole = ProfileContext::ROLE_IDP, SamlMessage $inboundMessage = null, Endpoint $endpoint = null, EntityDescriptor $partyEntityDescriptor = null, $profileId = Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST) { $context = TestHelper::getProfileContext($profileId, $ownRole); if ($endpoint) { $context->getEndpointContext()->setEndpoint($endpoint); } if (null == $partyEntityDescriptor) { $partyEntityDescriptor = EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/idp2-ed-formatted.xml'); } $context->getPartyEntityContext()->setEntityDescriptor($partyEntityDescriptor); if ($inboundMessage) { $context->getInboundContext()->setMessage($inboundMessage); } return $context; }
public function test_entity_descriptor_with_xsd() { $entityDescriptor = new EntityDescriptor(); $entityDescriptor->setID(Helper::generateID())->setEntityID('https://idp.com'); $entityDescriptor->addItem($idpSsoDescriptor = new IdpSsoDescriptor()); $idpSsoDescriptor->addAttribute((new Attribute(ClaimTypes::EMAIL_ADDRESS))->setNameFormat('urn:oasis:names:tc:SAML:2.0:attrname-format:uri')->setFriendlyName('Email address'))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleSignOnService(new SingleSignOnService('https://idp.com/login', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://idp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate())); $entityDescriptor->addItem($spSsoDescriptor = new SpSsoDescriptor()); $spSsoDescriptor->addAssertionConsumerService(new AssertionConsumerService('https://sp.com/acs', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_POST))->addSingleLogoutService(new SingleLogoutService('https://sp.com/logout', SamlConstants::BINDING_SAML2_HTTP_REDIRECT))->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT)->addNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL)->setProtocolSupportEnumeration(SamlConstants::PROTOCOL_SAML2)->addKeyDescriptor(new KeyDescriptor(UsageType::SIGNING, $this->getX509Certificate()))->addKeyDescriptor(new KeyDescriptor(UsageType::ENCRYPTION, $this->getX509Certificate())); $entityDescriptor->addContactPerson((new ContactPerson())->setContactType(ContactPerson::TYPE_SUPPORT)->setEmailAddress('*****@*****.**'))->addOrganization((new Organization())->setOrganizationName('Org name')->setOrganizationDisplayName('Org display name')->setOrganizationURL('https://idp.com')); $this->sign($entityDescriptor); $this->validateMetadata($entityDescriptor); }
private function getBuildContainer($inResponseTo = null, TimeProviderInterface $timeProvider = null) { $buildContainer = new BuildContainer($pimple = new Container()); // OWN $ownCredential = new \LightSaml\Credential\X509Credential(\LightSaml\Credential\X509Certificate::fromFile(__DIR__ . '/../../../../../../web/sp/saml.crt'), \LightSaml\Credential\KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../web/sp/saml.key', null, true)); $ownCredential->setEntityId(self::OWN_ENTITY_ID); $ownEntityDescriptor = new \LightSaml\Builder\EntityDescriptor\SimpleEntityDescriptorBuilder(self::OWN_ENTITY_ID, 'https://localhost/lightsaml/lightSAML/web/sp/acs.php', null, $ownCredential->getCertificate()); $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\OwnContainerProvider($ownEntityDescriptor, [$ownCredential])); // SYSTEM $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\SystemContainerProvider(true)); if ($timeProvider) { $pimple[SystemContainer::TIME_PROVIDER] = function () use($timeProvider) { return $timeProvider; }; } // PARTY $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\PartyContainerProvider()); $pimple[PartyContainer::IDP_ENTITY_DESCRIPTOR] = function () { $idpProvider = new \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore(); $idpProvider->add(\LightSaml\Model\Metadata\EntitiesDescriptor::load(__DIR__ . '/../../../../../../web/sp/testshib-providers.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/../../../../../../web/sp/localhost-lightsaml-lightsaml-idp.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/../../../../../../web/sp/openidp.feide.no.xml')); return $idpProvider; }; // STORE $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\StoreContainerProvider($buildContainer->getSystemContainer())); if ($inResponseTo) { $pimple[StoreContainer::REQUEST_STATE_STORE] = function () use($inResponseTo) { $store = new RequestStateArrayStore(); $store->set(new RequestState($inResponseTo)); return $store; }; } // PROVIDER $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\ProviderContainerProvider()); // CREDENTIAL $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\CredentialContainerProvider($buildContainer->getPartyContainer(), $buildContainer->getOwnContainer())); // SERVICE $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\ServiceContainerProvider($buildContainer->getCredentialContainer(), $buildContainer->getStoreContainer(), $buildContainer->getSystemContainer())); return $buildContainer; }
/** * @param EntitiesDescriptor|EntityDescriptor $item * * @return EntitiesDescriptor * * @throws \InvalidArgumentException */ public function addItem($item) { if (false == $item instanceof self && false == $item instanceof EntityDescriptor) { throw new \InvalidArgumentException('Expected EntitiesDescriptor or EntityDescriptor'); } if ($item === $this) { throw new \InvalidArgumentException('Circular reference detected'); } if ($item instanceof self) { if ($item->containsItem($this)) { throw new \InvalidArgumentException('Circular reference detected'); } } $this->items[] = $item; return $this; }
/** * @param SamlMessage|EntityDescriptor|EntitiesDescriptor|Assertion $object */ protected function sign($object) { $object->setSignature(new SignatureWriter($this->getX509Certificate(), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../resources/sample/Certificate/saml.pem', '', true))); }
/** * @return \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore */ private function buildSpEntityStore() { $idpProvider = new \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore(); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/localhost-lightsaml-demosp.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/localhost-lightsaml-lightsaml.xml')); return $idpProvider; }
/** * @return \LightSaml\Resolver\Credential\CredentialResolverInterface */ private function getResolver() { $provider = new FixedEntityDescriptorStore(); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp2-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/ed01-formatted-certificate.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $metadataStore = new MetadataCredentialStore($provider); $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.crt'); $credential = new X509Credential($certificate, KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.pem', '', true)); $credential->setUsageType(UsageType::ENCRYPTION)->setEntityId('https://mt.evo.loc/sp'); $staticStore = new StaticCredentialStore(); $staticStore->add($credential); $compositeStore = new CompositeCredentialStore(); $compositeStore->add($metadataStore)->add($staticStore); $resolverFactory = new CredentialResolverFactory($compositeStore); $resolver = $resolverFactory->build(); return $resolver; }
/** * @param EntityDescriptor $ed */ private function fillEntityDescriptor(EntityDescriptor $ed) { $ed->addItem($sp = new SpSsoDescriptor()); $sp->addAssertionConsumerService(new AssertionConsumerService('https://location.com', SamlConstants::BINDING_SAML2_HTTP_POST)); }
/** * @return \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore */ private function buildIdpEntityStore() { $idpProvider = new \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore(); $idpProvider->add(\LightSaml\Model\Metadata\EntitiesDescriptor::load(__DIR__ . '/testshib-providers.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/localhost-lightsaml-lightsaml-idp.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/openidp.feide.no.xml')); return $idpProvider; }
/** * @expectedException \LightSaml\Error\LightSamlXmlException * @expectedExceptionMessage Expected 'EntityDescriptor' xml node and 'urn:oasis:names:tc:SAML:2.0:metadata' namespace but got node 'EntitiesDescriptor' and namespace 'urn:oasis:names:tc:SAML:2.0:metadata' */ public function test_throws_on_entities_descriptor_document() { EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntitiesDescriptor/testshib-providers.xml'); }