public function test_creates_composite_store()
{
$factory = new CredentialFactory();
$idpStore = new FixedEntityDescriptorStore();
$idpStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/idp-ed.xml'));
$spStore = new FixedEntityDescriptorStore();
$spStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml'));
$ownCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.pem', '', true));
$ownCredential->setEntityId('own');
$extraCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.key', '', true));
$extraCredential->setEntityId('extra');
$store = $factory->build($idpStore, $spStore, [$ownCredential], [$extraCredential]);
/** @var X509Credential[] $credentials */
$credentials = $store->getByEntityId('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/');
$this->assertCount(1, $credentials);
$this->assertEquals('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/', $credentials[0]->getEntityId());
$this->assertEquals(['CN' => 'accounts.accesscontrol.windows.net'], $credentials[0]->getCertificate()->getSubject());
$this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType());
$credentials = $store->getByEntityId('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp');
$this->assertCount(2, $credentials);
$this->assertEquals('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp', $credentials[0]->getEntityId());
$subject = $credentials[0]->getCertificate()->getSubject();
$this->assertEquals('mt.evo.team', $subject['CN']);
$this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType());
$this->assertEquals(UsageType::ENCRYPTION, $credentials[1]->getUsageType());
$credentials = $store->getByEntityId('own');
$this->assertCount(1, $credentials);
$credentials = $store->getByEntityId('extra');
$this->assertCount(1, $credentials);
}
/**
* @return X509Credential
*/
public function get()
{
if (null == $this->credential) {
$this->credential = new X509Credential(X509Certificate::fromFile($this->certificatePath), KeyHelper::createPrivateKey($this->privateKeyPath, $this->privateKeyPassword, true));
$this->credential->setEntityId($this->entityId);
}
return $this->credential;
}
public function test_private_key()
{
$certificate = new X509Certificate();
$certificate->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt');
$privateKey = KeyHelper::createPrivateKey(__DIR__ . '/../../../../../resources/sample/Certificate/saml.pem', null, true);
$credential = new X509Credential($certificate, $privateKey);
$this->assertSame($certificate, $credential->getCertificate());
$this->assertNotNull($credential->getPublicKey());
$this->assertEquals($certificate->toPem(), $credential->getPublicKey()->getX509Certificate());
$this->assertNotNull($credential->getPrivateKey());
}
/**
* @param string $entityId
*
* @return CredentialInterface[]
*/
public function getByEntityId($entityId)
{
if ($entityId != $this->entityId) {
return [];
}
if (null == $this->credential) {
$certificate = X509Certificate::fromFile($this->certificatePath);
$this->credential = new X509Credential($certificate, KeyHelper::createPrivateKey($this->keyPath, $this->password, true, $certificate->getSignatureAlgorithm()));
$this->credential->setEntityId($this->entityId);
}
return [$this->credential];
}
/**
* @return \LightSaml\Resolver\Credential\CredentialResolverInterface
*/
private function getResolver()
{
$provider = new FixedEntityDescriptorStore();
$provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp2-ed.xml'));
$provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp-ed.xml'));
$provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/ed01-formatted-certificate.xml'));
$provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml'));
$metadataStore = new MetadataCredentialStore($provider);
$certificate = new X509Certificate();
$certificate->loadFromFile(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.crt');
$credential = new X509Credential($certificate, KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.pem', '', true));
$credential->setUsageType(UsageType::ENCRYPTION)->setEntityId('https://mt.evo.loc/sp');
$staticStore = new StaticCredentialStore();
$staticStore->add($credential);
$compositeStore = new CompositeCredentialStore();
$compositeStore->add($metadataStore)->add($staticStore);
$resolverFactory = new CredentialResolverFactory($compositeStore);
$resolver = $resolverFactory->build();
return $resolver;
}
