public function setRemoteIdpMd5($remoteIdPMd5) { $idpEntityIds = $this->_repository->findAllIdentityProviderEntityIds(); foreach ($idpEntityIds as $idpEntityId) { if (md5($idpEntityId) !== $remoteIdPMd5) { continue; } $this->_configs['Idp'] = $idpEntityId; $this->_configs['TransparentProxy'] = true; $this->getSessionLog()->info("Detected pre-selection of {$idpEntityId} as IdP, switching to transparent mode"); break; } if (!isset($this->_configs['Idp'])) { throw new EngineBlock_Corto_Exception_UnknownPreselectedIdp("Unable to map remote IdpMD5 '{$remoteIdPMd5}' to a remote entity!", $remoteIdPMd5); } return $this; }
/** * @param MetadataRepositoryInterface $metadataRepository * @param EngineBlock_X509_KeyPair $keyPair * @param EngineBlock_Corto_ProxyServer $proxyServer * @return ServiceProvider * @throws EngineBlock_Corto_ProxyServer_Exception * @throws EngineBlock_Exception */ protected function getEngineSpRole(MetadataRepositoryInterface $metadataRepository, EngineBlock_X509_KeyPair $keyPair, EngineBlock_Corto_ProxyServer $proxyServer) { /** * Augment our own SP entry with stuff that can't be set via the Service Registry (yet) */ $spEntityId = $proxyServer->getUrl('spMetadataService'); $engineServiceProvider = $metadataRepository->findServiceProviderByEntityId($spEntityId); if (!$engineServiceProvider) { throw new EngineBlock_Exception("Unable to find EngineBlock configured as Service Provider. No '{$spEntityId}' in repository!"); } $engineServiceProvider->certificates = array($keyPair->getCertificate()); $engineServiceProvider->supportedNameIdFormats = array(SAML2_Const::NAMEID_PERSISTENT, SAML2_Const::NAMEID_TRANSIENT, SAML2_Const::NAMEID_UNSPECIFIED); $metadata = EngineBlock_ApplicationSingleton::getInstance()->getDiContainer()->getAttributeMetadata(); $requestedAttributeIds = $metadata->findRequestedAttributeIds(); $requiredAttributeIds = $metadata->findRequiredAttributeIds(); $requestedAttributes = array(); foreach ($requestedAttributeIds as $requestedAttributeId) { $requestedAttributes[] = new RequestedAttribute($requestedAttributeId); } foreach ($requiredAttributeIds as $requiredAttributeId) { $requestedAttributes[] = new RequestedAttribute($requiredAttributeId, true); } $engineServiceProvider->requestedAttributes = $requestedAttributes; // Allow all Identity Providers for EngineBlock. $engineServiceProvider->allowedIdpEntityIds = $metadataRepository->findAllIdentityProviderEntityIds(); $engineServiceProvider->responseProcessingService = new Service($proxyServer->getUrl('provideConsentService'), 'INTERNAL'); return $engineServiceProvider; }