/**
* Given a list of (SAML2) entities, filter out the idps that are not allowed
* for the given Service Provider.
*
* @param array $entities
* @param string $spEntityId
* @return array Filtered entities
*/
public function filterEntitiesBySp(array $entities, $spEntityId)
{
$allowedEntities = $this->_serviceRegistry->getAllowedIdps($spEntityId);
foreach ($entities as $entityId => $entityData) {
if (isset($entityData['SingleSignOnService'])) {
// entity is an idp
if (!in_array($entityId, $allowedEntities)) {
unset($entities[$entityId]);
}
}
}
return $entities;
}
