/**
  * @param string $entityId
  *
  * @return EntityDescriptor|null
  */
 public function get($entityId)
 {
     if (null == $this->object) {
         $this->load();
     }
     if ($this->object instanceof EntityDescriptor) {
         if ($this->object->getEntityID() == $entityId) {
             return $this->object;
         } else {
             return null;
         }
     } else {
         return $this->object->getByEntityId($entityId);
     }
 }
 /**
  * @param EntityDescriptor|EntitiesDescriptor $entityDescriptor
  *
  * @return FixedEntityDescriptorStore
  *
  * @throws \InvalidArgumentException
  */
 public function add($entityDescriptor)
 {
     if ($entityDescriptor instanceof EntityDescriptor) {
         if (false == $entityDescriptor->getEntityID()) {
             throw new \InvalidArgumentException('EntityDescriptor must have entityId set');
         }
         $this->descriptors[$entityDescriptor->getEntityID()] = $entityDescriptor;
     } elseif ($entityDescriptor instanceof EntitiesDescriptor) {
         foreach ($entityDescriptor->getAllItems() as $item) {
             $this->add($item);
         }
     } else {
         throw new \InvalidArgumentException('Expected EntityDescriptor or EntitiesDescriptor');
     }
     return $this;
 }
예제 #3
0
 /**
  * @param SSODescriptor    $ssoDescriptor
  * @param EntityDescriptor $entityDescriptor
  * @param array            $result
  */
 protected function handleDescriptor(SSODescriptor $ssoDescriptor, EntityDescriptor $entityDescriptor, array &$result)
 {
     foreach ($ssoDescriptor->getAllKeyDescriptors() as $keyDescriptor) {
         $credential = (new X509Credential($keyDescriptor->getCertificate()))->setEntityId($entityDescriptor->getEntityID())->addKeyName($keyDescriptor->getCertificate()->getName())->setCredentialContext(new CredentialContextSet(array(new MetadataCredentialContext($keyDescriptor, $ssoDescriptor, $entityDescriptor))))->setUsageType($keyDescriptor->getUse());
         $result[] = $credential;
     }
 }
 public function test__deserialization_idp2_ed()
 {
     $context = new DeserializationContext();
     $context->getDocument()->load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp2-ed.xml');
     $ed = new EntityDescriptor();
     $ed->deserialize($context->getDocument()->firstChild, $context);
     $this->assertEquals('_2240bd9c-30c4-4d2a-ab3e-87a94ea334fd', $ed->getID());
     $this->assertEquals('https://B1.bead.loc/adfs/services/trust', $ed->getEntityID());
     $this->assertNotNull($ed->getSignature());
     $this->assertCount(1, $ed->getAllIdpSsoDescriptors());
     $this->assertCount(1, $ed->getAllSpSsoDescriptors());
     $this->assertCount(1, $ed->getAllContactPersons());
     //region SP
     $sp = $ed->getFirstSpSsoDescriptor();
     $this->assertNotNull($sp);
     $this->assertTrue($sp->getWantAssertionsSigned());
     $this->assertEquals(SamlConstants::PROTOCOL_SAML2, $sp->getProtocolSupportEnumeration());
     $this->assertCount(2, $sp->getAllKeyDescriptors());
     $this->assertCount(1, $sp->getAllKeyDescriptorsByUse(KeyDescriptor::USE_SIGNING));
     $this->assertCount(1, $sp->getAllKeyDescriptorsByUse(KeyDescriptor::USE_ENCRYPTION));
     $this->checkKD($sp, KeyDescriptor::USE_SIGNING, 'MIIC0jCCAbqgAwIBAgIQGFT6omLmWbhAD65bM40rGzANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExpBREZTIFNpZ25pbmcgLSBCMS5iZWFkLmxvYzAeFw0xMzEwMDkxNDUyMDVaFw0xNDEwMDkxNDUyMDVaMCUxIzAhBgNVBAMTGkFERlMgU2lnbmluZyAtIEIxLmJlYWQubG9jMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGKV64+63lpqdPmCTZ0kt/yKr8xukR1Y071SlmRVV5sSFhTe8cjylPqqxdyEBrfPhpL6vwFQyKfDhuM8T9E+BW5fUdoXO4WmIHrLOxV/BzKv2rDGidlCFzDSQPDxPH2RdQkMBksiauIMSHIYXB92rO4fkcsTgQ6cc+PZp4M3Z/jR1mcxQzz9RQk3I9w2OtI9xcv+uDC5mQU0ZWVHc99VSFQt+zshduwIqxQdHvMdTRslso+oCLEQom42pGCD8TksQTGw4sB7Ctb0mgXdfy0PDIznfi2oDBGtPY2Hkms6/n9xoyCynQea0YYXcpEe7lAvs+t6Lq+ZaKp2kUaa2x8d+QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBfwlmaN1iPg0gNiqdVphJjWnzpV4h6/Mz3L0xYzNQeglWCDKCKuajQfmo/AQBErtOWZJsP8avzK79gNRqFHXF6CirjGnL6WO+S6Ug1hvy3xouOxOkIYgZsbmcNL2XO1hIxP4z/QWPthotp3FSUTae2hFBHuy4Gtb+9d9a60GDtgrHnfgVeCTE7CSiaI/D/51JNbtpg2tCpcEzMQgPkQqb8E+V79xc0dnEcI5cBaS6eYgkJgS5gKIMbwaJ/VxzCVGIKwFjFnJedJ5N7zH7OVwor56Q7nuKD7X4yFY9XR3isjGnwXveh9E4d9wD4CMl52AHJpsYsToXsi3eRvApDV/PE');
     $this->checkKD($sp, KeyDescriptor::USE_ENCRYPTION, 'MIIC2DCCAcCgAwIBAgIQGUB7ppqiALBK62Hy+nSDsTANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIEVuY3J5cHRpb24gLSBCMS5iZWFkLmxvYzAeFw0xMzEwMDkxNDUyMDZaFw0xNDEwMDkxNDUyMDZaMCgxJjAkBgNVBAMTHUFERlMgRW5jcnlwdGlvbiAtIEIxLmJlYWQubG9jMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ngzZI32ekN1jP8f4N6DpF9jBIwAiLi+bMhhz6lc1QpIbxAsbDQqZEeNSXPj548eEbG2K4dCWFdXWM6fjmjf9olYtDZSJe7XsHciBZoNjxRkLoiNkqIJzLT8Eb+G8NRm8oU6NneziJZtIm6Y6bV/fo3q0fX6aAdOAT7gSoFEEmlkw0Uf49XJCGrS4sMfD5gpXeQpcUuislpnEGgN1NfftE/K1sf6Rdx+5TabCAhEo9wKA9D0qkq6rdf1NEnDSur8RJkrhXy7XIX1pmCw70fLs456vksWzj98j3puZ7soOc3yKf+05UjlNy9ZNnNILgiHarcKMIP4Tp7vp9167TVreQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAKBxeIITIO3bu3ln+pH9djN9MTNCFsm7AU9BULbmj/1kHol73Te/xlS4lBzLUjv2WfSm3fN96lzSwYZY/OIQzz69sSnj0sLnU8eSdk5q5l1l5fhMK05cJsUqJQ6eRWsIdxGkDb3c8pUwpSDu3y+sGRAj7aR8tu4JcvqtvLrBpBHk6eCLdj7D3UeRcTW9bSsfxnxhT1pXVaK8VEVrKSOe26vD6VOnGactYff2gL8a3zouqAKFHQKRA8ogci3zoh8Q7ypApuwEohlUlX7boPQ3trwVA24hor/MfCFZ2GPi3at2F4rX+p0ZGrjWzYt0wUIUUQSy15GLPo972qctydzDeE');
     $this->assertCount(2, $sp->getAllSingleLogoutServices());
     $this->assertCount(3, $sp->getAllAssertionConsumerServices());
     $this->assertCount(3, $sp->getAllNameIDFormats());
     $this->assertContainsOnly('LightSaml\\Model\\Metadata\\SingleLogoutService', $sp->getAllSingleLogoutServices());
     $this->assertContainsOnly('LightSaml\\Model\\Metadata\\AssertionConsumerService', $sp->getAllAssertionConsumerServices());
     $this->assertContainsOnly('string', $sp->getAllNameIDFormats());
     $this->checkSLO($sp, SamlConstants::BINDING_SAML2_HTTP_REDIRECT, 'https://b1.bead.loc/adfs/ls/');
     $this->checkSLO($sp, SamlConstants::BINDING_SAML2_HTTP_POST, 'https://b1.bead.loc/adfs/ls/');
     $this->assertTrue($sp->hasNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL));
     $this->assertTrue($sp->hasNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT));
     $this->assertTrue($sp->hasNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT));
     $this->checkACS($sp, SamlConstants::BINDING_SAML2_HTTP_POST, 'https://b1.bead.loc/adfs/ls/', '0', true);
     $this->checkACS($sp, SamlConstants::BINDING_SAML2_HTTP_ARTIFACT, 'https://b1.bead.loc/adfs/ls/', '1', false);
     $this->checkACS($sp, SamlConstants::BINDING_SAML2_HTTP_REDIRECT, 'https://b1.bead.loc/adfs/ls/', '2', false);
     unset($sp);
     //endregion
     //region IDP
     $idp = $ed->getFirstIdpSsoDescriptor();
     $this->assertNotNull($idp);
     $this->assertEquals(SamlConstants::PROTOCOL_SAML2, $idp->getProtocolSupportEnumeration());
     $this->checkKD($idp, KeyDescriptor::USE_ENCRYPTION, 'MIIC2DCCAcCgAwIBAgIQGUB7ppqiALBK62Hy+nSDsTANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIEVuY3J5cHRpb24gLSBCMS5iZWFkLmxvYzAeFw0xMzEwMDkxNDUyMDZaFw0xNDEwMDkxNDUyMDZaMCgxJjAkBgNVBAMTHUFERlMgRW5jcnlwdGlvbiAtIEIxLmJlYWQubG9jMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ngzZI32ekN1jP8f4N6DpF9jBIwAiLi+bMhhz6lc1QpIbxAsbDQqZEeNSXPj548eEbG2K4dCWFdXWM6fjmjf9olYtDZSJe7XsHciBZoNjxRkLoiNkqIJzLT8Eb+G8NRm8oU6NneziJZtIm6Y6bV/fo3q0fX6aAdOAT7gSoFEEmlkw0Uf49XJCGrS4sMfD5gpXeQpcUuislpnEGgN1NfftE/K1sf6Rdx+5TabCAhEo9wKA9D0qkq6rdf1NEnDSur8RJkrhXy7XIX1pmCw70fLs456vksWzj98j3puZ7soOc3yKf+05UjlNy9ZNnNILgiHarcKMIP4Tp7vp9167TVreQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAKBxeIITIO3bu3ln+pH9djN9MTNCFsm7AU9BULbmj/1kHol73Te/xlS4lBzLUjv2WfSm3fN96lzSwYZY/OIQzz69sSnj0sLnU8eSdk5q5l1l5fhMK05cJsUqJQ6eRWsIdxGkDb3c8pUwpSDu3y+sGRAj7aR8tu4JcvqtvLrBpBHk6eCLdj7D3UeRcTW9bSsfxnxhT1pXVaK8VEVrKSOe26vD6VOnGactYff2gL8a3zouqAKFHQKRA8ogci3zoh8Q7ypApuwEohlUlX7boPQ3trwVA24hor/MfCFZ2GPi3at2F4rX+p0ZGrjWzYt0wUIUUQSy15GLPo972qctydzDeE');
     $this->checkKD($idp, KeyDescriptor::USE_SIGNING, 'MIIC0jCCAbqgAwIBAgIQGFT6omLmWbhAD65bM40rGzANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExpBREZTIFNpZ25pbmcgLSBCMS5iZWFkLmxvYzAeFw0xMzEwMDkxNDUyMDVaFw0xNDEwMDkxNDUyMDVaMCUxIzAhBgNVBAMTGkFERlMgU2lnbmluZyAtIEIxLmJlYWQubG9jMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGKV64+63lpqdPmCTZ0kt/yKr8xukR1Y071SlmRVV5sSFhTe8cjylPqqxdyEBrfPhpL6vwFQyKfDhuM8T9E+BW5fUdoXO4WmIHrLOxV/BzKv2rDGidlCFzDSQPDxPH2RdQkMBksiauIMSHIYXB92rO4fkcsTgQ6cc+PZp4M3Z/jR1mcxQzz9RQk3I9w2OtI9xcv+uDC5mQU0ZWVHc99VSFQt+zshduwIqxQdHvMdTRslso+oCLEQom42pGCD8TksQTGw4sB7Ctb0mgXdfy0PDIznfi2oDBGtPY2Hkms6/n9xoyCynQea0YYXcpEe7lAvs+t6Lq+ZaKp2kUaa2x8d+QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBfwlmaN1iPg0gNiqdVphJjWnzpV4h6/Mz3L0xYzNQeglWCDKCKuajQfmo/AQBErtOWZJsP8avzK79gNRqFHXF6CirjGnL6WO+S6Ug1hvy3xouOxOkIYgZsbmcNL2XO1hIxP4z/QWPthotp3FSUTae2hFBHuy4Gtb+9d9a60GDtgrHnfgVeCTE7CSiaI/D/51JNbtpg2tCpcEzMQgPkQqb8E+V79xc0dnEcI5cBaS6eYgkJgS5gKIMbwaJ/VxzCVGIKwFjFnJedJ5N7zH7OVwor56Q7nuKD7X4yFY9XR3isjGnwXveh9E4d9wD4CMl52AHJpsYsToXsi3eRvApDV/PE');
     $this->assertCount(2, $idp->getAllSingleLogoutServices());
     $this->assertCount(3, $idp->getAllNameIDFormats());
     $this->assertCount(2, $idp->getAllSingleSignOnServices());
     $this->assertContainsOnly('LightSaml\\Model\\Metadata\\SingleLogoutService', $idp->getAllSingleLogoutServices());
     $this->assertContainsOnly('LightSaml\\Model\\Metadata\\SingleSignOnService', $idp->getAllSingleSignOnServices());
     $this->assertContainsOnly('string', $idp->getAllNameIDFormats());
     $this->checkSLO($idp, SamlConstants::BINDING_SAML2_HTTP_REDIRECT, 'https://b1.bead.loc/adfs/ls/');
     $this->checkSLO($idp, SamlConstants::BINDING_SAML2_HTTP_POST, 'https://b1.bead.loc/adfs/ls/');
     $this->assertTrue($idp->hasNameIDFormat(SamlConstants::NAME_ID_FORMAT_EMAIL));
     $this->assertTrue($idp->hasNameIDFormat(SamlConstants::NAME_ID_FORMAT_PERSISTENT));
     $this->assertTrue($idp->hasNameIDFormat(SamlConstants::NAME_ID_FORMAT_TRANSIENT));
     $this->checkSSO($idp, SamlConstants::BINDING_SAML2_HTTP_REDIRECT, 'https://b1.bead.loc/adfs/ls/');
     $this->checkSSO($idp, SamlConstants::BINDING_SAML2_HTTP_POST, 'https://b1.bead.loc/adfs/ls/');
     //endregion
 }