Esempi in PHP per sspmod_janus_EntityController::getCertificate

Esempio n. 1

File: get-entity-certificate.php Progetto: newlongwhitecloudy/OpenConext-serviceregistry

 protected function _loadEntityCertificate($entityId)
 {
     $janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
     $entityController = new sspmod_janus_EntityController($janusConfig);
     $entityController->setEntity($entityId);
     $entityController->loadEntity();
     try {
         $certificate = $entityController->getCertificate();
     } catch (Exception $e) {
         $this->_response->Errors[] = "Certificate data invalid!";
         return false;
     }
     if (!$certificate) {
         $this->_response->Warnings[] = "No certificate data for this entity";
         return false;
     }
     $this->_certificate = $certificate;
     return true;
 }

Esempio n. 2

File: ValidateEntityCertificate.php Progetto: newlongwhitecloudy/OpenConext-serviceregistry

 public function runForCronTag($cronTag)
 {
     if (!$this->_isExecuteRequired($cronTag)) {
         return array();
     }
     $cronLogger = new sspmod_janus_Cron_Logger();
     try {
         $janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
         $srConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
         $rootCertificatesFile = $srConfig->getString('ca_bundle_file');
         $util = new sspmod_janus_AdminUtil();
         $entities = $util->getEntities();
         foreach ($entities as $partialEntity) {
             try {
                 $entityController = new sspmod_janus_EntityController($janusConfig);
                 $eid = $partialEntity['eid'];
                 if (!$entityController->setEntity($eid)) {
                     $cronLogger->with($eid)->error("Failed import of entity. Wrong eid '{$eid}'.");
                     continue;
                 }
                 $entityController->loadEntity();
                 $entityId = $entityController->getEntity()->getEntityid();
                 $entityType = $entityController->getEntity()->getType();
                 try {
                     try {
                         $certificate = $entityController->getCertificate();
                         // @workaround
                         // Since getCertificate() returns false when certificate does not exist following check is required to skip validation
                         if (empty($certificate)) {
                             throw new Exception('No certificate found');
                         }
                     } catch (Exception $e) {
                         if ($entityType === 'saml20-sp') {
                             $cronLogger->with($entityId)->notice("SP does not have a certificate");
                         } else {
                             if ($entityType === 'saml20-idp') {
                                 $cronLogger->with($entityId)->warn("Unable to create certificate object, certData missing?");
                             }
                         }
                         continue;
                     }
                     $validator = new sspmod_janus_OpenSsl_Certificate_Validator($certificate);
                     $validator->setIgnoreSelfSigned(true);
                     $validator->validate();
                     $validatorWarnings = $validator->getWarnings();
                     $validatorErrors = $validator->getErrors();
                     foreach ($validatorWarnings as $warning) {
                         $cronLogger->with($entityId)->warn($warning);
                     }
                     foreach ($validatorErrors as $error) {
                         $cronLogger->with($entityId)->error($error);
                     }
                     sspmod_janus_OpenSsl_Certificate_Chain_Factory::loadRootCertificatesFromFile($rootCertificatesFile);
                     $chain = sspmod_janus_OpenSsl_Certificate_Chain_Factory::createFromCertificateIssuerUrl($certificate);
                     $validator = new sspmod_janus_OpenSsl_Certificate_Chain_Validator($chain);
                     $validator->setIgnoreSelfSigned(true);
                     $validator->setTrustedRootCertificateAuthorityFile($rootCertificatesFile);
                     $validator->validate();
                     $validatorWarnings = $validator->getWarnings();
                     $validatorErrors = $validator->getErrors();
                     foreach ($validatorWarnings as $warning) {
                         $cronLogger->with($entityId)->warn($warning);
                     }
                     foreach ($validatorErrors as $error) {
                         $cronLogger->with($entityId)->error($error);
                     }
                 } catch (Exception $e) {
                     $cronLogger->with($entityId)->error($e->getMessage());
                 }
             } catch (Exception $e) {
                 $cronLogger->error($e->getMessage() . $e->getTraceAsString());
             }
         }
     } catch (Exception $e) {
         $cronLogger->error($e->getMessage() . $e->getTraceAsString());
     }
     if ($cronLogger->hasErrors()) {
         $this->_mailTechnicalContact($cronTag, $cronLogger);
     }
     return $cronLogger->getSummaryLines();
 }