public function test_creates_composite_store() { $factory = new CredentialFactory(); $idpStore = new FixedEntityDescriptorStore(); $idpStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $spStore = new FixedEntityDescriptorStore(); $spStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $ownCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.pem', '', true)); $ownCredential->setEntityId('own'); $extraCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.key', '', true)); $extraCredential->setEntityId('extra'); $store = $factory->build($idpStore, $spStore, [$ownCredential], [$extraCredential]); /** @var X509Credential[] $credentials */ $credentials = $store->getByEntityId('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/'); $this->assertCount(1, $credentials); $this->assertEquals('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/', $credentials[0]->getEntityId()); $this->assertEquals(['CN' => 'accounts.accesscontrol.windows.net'], $credentials[0]->getCertificate()->getSubject()); $this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType()); $credentials = $store->getByEntityId('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp'); $this->assertCount(2, $credentials); $this->assertEquals('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp', $credentials[0]->getEntityId()); $subject = $credentials[0]->getCertificate()->getSubject(); $this->assertEquals('mt.evo.team', $subject['CN']); $this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType()); $this->assertEquals(UsageType::ENCRYPTION, $credentials[1]->getUsageType()); $credentials = $store->getByEntityId('own'); $this->assertCount(1, $credentials); $credentials = $store->getByEntityId('extra'); $this->assertCount(1, $credentials); }
/** * @return X509Credential */ public function get() { if (null == $this->credential) { $this->credential = new X509Credential(X509Certificate::fromFile($this->certificatePath), KeyHelper::createPrivateKey($this->privateKeyPath, $this->privateKeyPassword, true)); $this->credential->setEntityId($this->entityId); } return $this->credential; }
public function test_private_key() { $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt'); $privateKey = KeyHelper::createPrivateKey(__DIR__ . '/../../../../../resources/sample/Certificate/saml.pem', null, true); $credential = new X509Credential($certificate, $privateKey); $this->assertSame($certificate, $credential->getCertificate()); $this->assertNotNull($credential->getPublicKey()); $this->assertEquals($certificate->toPem(), $credential->getPublicKey()->getX509Certificate()); $this->assertNotNull($credential->getPrivateKey()); }
/** * @param string $entityId * * @return CredentialInterface[] */ public function getByEntityId($entityId) { if ($entityId != $this->entityId) { return []; } if (null == $this->credential) { $certificate = X509Certificate::fromFile($this->certificatePath); $this->credential = new X509Credential($certificate, KeyHelper::createPrivateKey($this->keyPath, $this->password, true, $certificate->getSignatureAlgorithm())); $this->credential->setEntityId($this->entityId); } return [$this->credential]; }
/** * @return \LightSaml\Resolver\Credential\CredentialResolverInterface */ private function getResolver() { $provider = new FixedEntityDescriptorStore(); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp2-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/ed01-formatted-certificate.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $metadataStore = new MetadataCredentialStore($provider); $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.crt'); $credential = new X509Credential($certificate, KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.pem', '', true)); $credential->setUsageType(UsageType::ENCRYPTION)->setEntityId('https://mt.evo.loc/sp'); $staticStore = new StaticCredentialStore(); $staticStore->add($credential); $compositeStore = new CompositeCredentialStore(); $compositeStore->add($metadataStore)->add($staticStore); $resolverFactory = new CredentialResolverFactory($compositeStore); $resolver = $resolverFactory->build(); return $resolver; }