public function test_creates_composite_store() { $factory = new CredentialFactory(); $idpStore = new FixedEntityDescriptorStore(); $idpStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $spStore = new FixedEntityDescriptorStore(); $spStore->add(EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $ownCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/saml.pem', '', true)); $ownCredential->setEntityId('own'); $extraCredential = new X509Credential(X509Certificate::fromFile(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.crt'), KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../../resources/sample/Certificate/lightsaml-idp.key', '', true)); $extraCredential->setEntityId('extra'); $store = $factory->build($idpStore, $spStore, [$ownCredential], [$extraCredential]); /** @var X509Credential[] $credentials */ $credentials = $store->getByEntityId('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/'); $this->assertCount(1, $credentials); $this->assertEquals('https://sts.windows.net/554fadfe-f04f-4975-90cb-ddc8b147aaa2/', $credentials[0]->getEntityId()); $this->assertEquals(['CN' => 'accounts.accesscontrol.windows.net'], $credentials[0]->getCertificate()->getSubject()); $this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType()); $credentials = $store->getByEntityId('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp'); $this->assertCount(2, $credentials); $this->assertEquals('https://mt.evo.team/simplesaml/module.php/saml/sp/metadata.php/default-sp', $credentials[0]->getEntityId()); $subject = $credentials[0]->getCertificate()->getSubject(); $this->assertEquals('mt.evo.team', $subject['CN']); $this->assertEquals(UsageType::SIGNING, $credentials[0]->getUsageType()); $this->assertEquals(UsageType::ENCRYPTION, $credentials[1]->getUsageType()); $credentials = $store->getByEntityId('own'); $this->assertCount(1, $credentials); $credentials = $store->getByEntityId('extra'); $this->assertCount(1, $credentials); }
private function load() { try { $this->object = EntityDescriptor::load($this->filename); } catch (LightSamlXmlException $ex) { $this->object = EntitiesDescriptor::load($this->filename); } }
/** * @param string $ownRole * @param SamlMessage $inboundMessage * @param Endpoint $endpoint * @param EntityDescriptor $partyEntityDescriptor * @param string $profileId * * @return \LightSaml\Context\Profile\ProfileContext */ protected function createContext($ownRole = ProfileContext::ROLE_IDP, SamlMessage $inboundMessage = null, Endpoint $endpoint = null, EntityDescriptor $partyEntityDescriptor = null, $profileId = Profiles::SSO_IDP_RECEIVE_AUTHN_REQUEST) { $context = TestHelper::getProfileContext($profileId, $ownRole); if ($endpoint) { $context->getEndpointContext()->setEndpoint($endpoint); } if (null == $partyEntityDescriptor) { $partyEntityDescriptor = EntityDescriptor::load(__DIR__ . '/../../../../../../../resources/sample/EntityDescriptor/idp2-ed-formatted.xml'); } $context->getPartyEntityContext()->setEntityDescriptor($partyEntityDescriptor); if ($inboundMessage) { $context->getInboundContext()->setMessage($inboundMessage); } return $context; }
private function getBuildContainer($inResponseTo = null, TimeProviderInterface $timeProvider = null) { $buildContainer = new BuildContainer($pimple = new Container()); // OWN $ownCredential = new \LightSaml\Credential\X509Credential(\LightSaml\Credential\X509Certificate::fromFile(__DIR__ . '/../../../../../../web/sp/saml.crt'), \LightSaml\Credential\KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../web/sp/saml.key', null, true)); $ownCredential->setEntityId(self::OWN_ENTITY_ID); $ownEntityDescriptor = new \LightSaml\Builder\EntityDescriptor\SimpleEntityDescriptorBuilder(self::OWN_ENTITY_ID, 'https://localhost/lightsaml/lightSAML/web/sp/acs.php', null, $ownCredential->getCertificate()); $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\OwnContainerProvider($ownEntityDescriptor, [$ownCredential])); // SYSTEM $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\SystemContainerProvider(true)); if ($timeProvider) { $pimple[SystemContainer::TIME_PROVIDER] = function () use($timeProvider) { return $timeProvider; }; } // PARTY $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\PartyContainerProvider()); $pimple[PartyContainer::IDP_ENTITY_DESCRIPTOR] = function () { $idpProvider = new \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore(); $idpProvider->add(\LightSaml\Model\Metadata\EntitiesDescriptor::load(__DIR__ . '/../../../../../../web/sp/testshib-providers.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/../../../../../../web/sp/localhost-lightsaml-lightsaml-idp.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/../../../../../../web/sp/openidp.feide.no.xml')); return $idpProvider; }; // STORE $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\StoreContainerProvider($buildContainer->getSystemContainer())); if ($inResponseTo) { $pimple[StoreContainer::REQUEST_STATE_STORE] = function () use($inResponseTo) { $store = new RequestStateArrayStore(); $store->set(new RequestState($inResponseTo)); return $store; }; } // PROVIDER $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\ProviderContainerProvider()); // CREDENTIAL $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\CredentialContainerProvider($buildContainer->getPartyContainer(), $buildContainer->getOwnContainer())); // SERVICE $buildContainer->getPimple()->register(new \LightSaml\Bridge\Pimple\Container\Factory\ServiceContainerProvider($buildContainer->getCredentialContainer(), $buildContainer->getStoreContainer(), $buildContainer->getSystemContainer())); return $buildContainer; }
/** * @return \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore */ private function buildSpEntityStore() { $idpProvider = new \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore(); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/localhost-lightsaml-demosp.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/localhost-lightsaml-lightsaml.xml')); return $idpProvider; }
/** * @return \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore */ private function buildIdpEntityStore() { $idpProvider = new \LightSaml\Store\EntityDescriptor\FixedEntityDescriptorStore(); $idpProvider->add(\LightSaml\Model\Metadata\EntitiesDescriptor::load(__DIR__ . '/testshib-providers.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/localhost-lightsaml-lightsaml-idp.xml')); $idpProvider->add(\LightSaml\Model\Metadata\EntityDescriptor::load(__DIR__ . '/openidp.feide.no.xml')); return $idpProvider; }
/** * @expectedException \LightSaml\Error\LightSamlXmlException * @expectedExceptionMessage Expected 'EntityDescriptor' xml node and 'urn:oasis:names:tc:SAML:2.0:metadata' namespace but got node 'EntitiesDescriptor' and namespace 'urn:oasis:names:tc:SAML:2.0:metadata' */ public function test_throws_on_entities_descriptor_document() { EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntitiesDescriptor/testshib-providers.xml'); }
/** * @return \LightSaml\Resolver\Credential\CredentialResolverInterface */ private function getResolver() { $provider = new FixedEntityDescriptorStore(); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp2-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/ed01-formatted-certificate.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $metadataStore = new MetadataCredentialStore($provider); $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.crt'); $credential = new X509Credential($certificate, KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.pem', '', true)); $credential->setUsageType(UsageType::ENCRYPTION)->setEntityId('https://mt.evo.loc/sp'); $staticStore = new StaticCredentialStore(); $staticStore->add($credential); $compositeStore = new CompositeCredentialStore(); $compositeStore->add($metadataStore)->add($staticStore); $resolverFactory = new CredentialResolverFactory($compositeStore); $resolver = $resolverFactory->build(); return $resolver; }