/** * Create authentication sources configuration file and place in SimpleSAMLphp configuration directory */ private function createAuthSourcesFromTemplate() { $this->message(sprintf('Creating authsources file in %s/config/ from config in template dir %s', $this->service->getSimpleSamlConfigDir(), $this->getConfigurationTemplateDir())); $configDir = $this->getConfigurationTemplateDir(); $templateFile = Controller::join_links($configDir, 'authsources.php'); if (false === $this->isReadable($templateFile)) { throw new Exception(sprintf("Can't read authsources.php file at %s", $templateFile)); } /** * @todo Determine what to do with multiple certificates. * * This currently uses the same signing and mutual certificate paths and password for all 3 environments. This * means that you can't test e.g. connectivity with ITE on the production server environment. However, the * alternative is that all certificates and passwords must be present on all servers, which is sub-optimal. * * See realme/templates/simplesaml-configuration/authsources.php */ $this->writeConfigFile($templateFile, $this->getSimpleSAMLAuthSourcesFilePath(), array('{{mts-entityID}}' => $this->service->getEntityIDForEnvironment('mts'), '{{mts-authncontext}}' => $this->service->getAuthnContextForEnvironment('mts'), '{{mts-privatepemfile-signing}}' => $this->service->getSigningCertPath(), '{{mts-privatepemfile-mutual}}' => $this->service->getMutualCertPath(), '{{mts-privatepemfile-signing-password}}' => $this->service->getSigningCertPassword(), '{{mts-privatepemfile-mutual-password}}' => $this->service->getMutualCertPassword(), '{{mts-backchannel-proxyhost}}' => $this->service->getProxyHostForEnvironment('mts'), '{{mts-backchannel-proxyport}}' => $this->service->getProxyPortForEnvironment('mts'), '{{ite-entityID}}' => $this->service->getEntityIDForEnvironment('ite'), '{{ite-authncontext}}' => $this->service->getAuthnContextForEnvironment('ite'), '{{ite-privatepemfile-signing}}' => $this->service->getSigningCertPath(), '{{ite-privatepemfile-mutual}}' => $this->service->getMutualCertPath(), '{{ite-privatepemfile-signing-password}}' => $this->service->getSigningCertPassword(), '{{ite-privatepemfile-mutual-password}}' => $this->service->getMutualCertPassword(), '{{ite-backchannel-proxyhost}}' => $this->service->getProxyHostForEnvironment('ite'), '{{ite-backchannel-proxyport}}' => $this->service->getProxyPortForEnvironment('ite'), '{{prod-entityID}}' => $this->service->getEntityIDForEnvironment('prod'), '{{prod-authncontext}}' => $this->service->getAuthnContextForEnvironment('prod'), '{{prod-privatepemfile-signing}}' => $this->service->getSigningCertPath(), '{{prod-privatepemfile-mutual}}' => $this->service->getMutualCertPath(), '{{prod-privatepemfile-signing-password}}' => $this->service->getSigningCertPassword(), '{{prod-privatepemfile-mutual-password}}' => $this->service->getMutualCertPassword(), '{{prod-backchannel-proxyhost}}' => $this->service->getProxyHostForEnvironment('prod'), '{{prod-backchannel-proxyport}}' => $this->service->getProxyPortForEnvironment('prod'))); }