SimpleSAML_Metadata_SAMLBuilder Class Reference

Collaboration diagram for SimpleSAML_Metadata_SAMLBuilder:

Public Member Functions
	__construct ($entityId, $maxCache=null, $maxDuration=null)
	Initialize the SAML builder. More...
	getEntityDescriptor ()
	Retrieve the EntityDescriptor element which is generated for this entity. More...
	getEntityDescriptorText ($formatted=true)
	Retrieve the EntityDescriptor as text. More...
	addSecurityTokenServiceType ($metadata)
	Add a SecurityTokenServiceType for ADFS metadata. More...
	addOrganization (array $orgName, array $orgDisplayName, array $orgURL)
	Add an Organization element based on data passed as parameters. More...
	addOrganizationInfo (array $metadata)
	Add an Organization element based on metadata array. More...
	addMetadata ($set, $metadata)
	Add a specific type of metadata to an entity. More...
	addMetadataSP20 ($metadata, $protocols=array(\SAML2\Constants::NS_SAMLP))
	Add SAML 2.0 SP metadata. More...
	addMetadataIdP20 ($metadata)
	Add metadata of a SAML 2.0 identity provider. More...
	addMetadataSP11 ($metadata)
	Add metadata of a SAML 1.1 service provider. More...
	addMetadataIdP11 ($metadata)
	Add metadata of a SAML 1.1 identity provider. More...
	addAttributeAuthority (array $metadata)
	Add metadata of a SAML attribute authority. More...
	addContact ($type, $details)
	Add contact information. More...

Private Member Functions
	setExpiration ($metadata)
	addExtensions (SimpleSAML_Configuration $metadata, \SAML2\XML\md\RoleDescriptor $e)
	Add extensions to the metadata. More...
	addAttributeConsumingService (\SAML2\XML\md\SPSSODescriptor $spDesc, SimpleSAML_Configuration $metadata)
	Add an AttributeConsumingService element to the metadata. More...
	addX509KeyDescriptor (\SAML2\XML\md\RoleDescriptor $rd, $use, $x509data)
	Add a KeyDescriptor with an X509 certificate. More...
	addCertificate (\SAML2\XML\md\RoleDescriptor $rd, SimpleSAML_Configuration $metadata)
	Add a certificate. More...

Static Private Member Functions
static	createEndpoints (array $endpoints, $indexed)
	Add a list of endpoints to metadata. More...

Private Attributes
	$entityDescriptor
	$maxCache = null
	$maxDuration = null

Detailed Description

Definition at line 11 of file SAMLBuilder.php.

Constructor & Destructor Documentation

__construct()

SimpleSAML_Metadata_SAMLBuilder::__construct	(		$entityId,
			$maxCache = null,
			$maxDuration = null
	)

Initialize the SAML builder.

Parameters

string	$entityId	The entity id of the entity.
double | null	$maxCache	The maximum time in seconds the metadata should be cached. Defaults to null
double | null	$maxDuration	The maximum time in seconds this metadata should be considered valid. Defaults to null.

Definition at line 47 of file SAMLBuilder.php.

References $entityId, $maxCache, and $maxDuration.

    {
        assert(is_string($entityId));

        $this->maxCache = $maxCache;
        $this->maxDuration = $maxDuration;

        $this->entityDescriptor = new \SAML2\XML\md\EntityDescriptor();
        $this->entityDescriptor->entityID = $entityId;
    }

Member Function Documentation

addAttributeAuthority()

SimpleSAML_Metadata_SAMLBuilder::addAttributeAuthority

(

array

$metadata

)

Add metadata of a SAML attribute authority.

Parameters

array

$metadata

The AttributeAuthorityDescriptor, in the format returned by SimpleSAML_Metadata_SAMLParser.

Definition at line 643 of file SAMLBuilder.php.

Referenced by addMetadata().

    {
        assert(is_array($metadata));
        assert(isset($metadata['entityid']));
        assert(isset($metadata['metadata-set']));

        $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);

        $e = new \SAML2\XML\md\AttributeAuthorityDescriptor();
        $e->protocolSupportEnumeration = $metadata->getArray('protocols', array(\SAML2\Constants::NS_SAMLP));

        $this->addExtensions($metadata, $e);
        $this->addCertificate($e, $metadata);

        $e->AttributeService = self::createEndpoints($metadata->getEndpoints('AttributeService'), false);
        $e->AssertionIDRequestService = self::createEndpoints(
            $metadata->getEndpoints('AssertionIDRequestService'),
            false
        );

        $e->NameIDFormat = $metadata->getArrayizeString('NameIDFormat', array());

        $this->entityDescriptor->RoleDescriptor[] = $e;
    }

Here is the caller graph for this function:

addAttributeConsumingService()

SimpleSAML_Metadata_SAMLBuilder::addAttributeConsumingService ( \SAML2\XML\md\SPSSODescriptor  $spDesc, SimpleSAML_Configuration  $metadata  )

private

Add an AttributeConsumingService element to the metadata.

Parameters

\SAML2\XML\md\SPSSODescriptor	$spDesc	The SPSSODescriptor element.
SimpleSAML_Configuration	$metadata	The metadata.

Definition at line 385 of file SAMLBuilder.php.

References $attributes, $name, $t, SimpleSAML_Configuration\getArray(), SimpleSAML_Configuration\getBoolean(), SimpleSAML_Configuration\getInteger(), SimpleSAML_Configuration\getLocalizedString(), SimpleSAML_Configuration\getString(), and SimpleSAML_Configuration\hasValue().

      {
        $attributes = $metadata->getArray('attributes', array());
        $name = $metadata->getLocalizedString('name', null);

        if ($name === null || count($attributes) == 0) {
            // we cannot add an AttributeConsumingService without name and attributes
            return;
        }

        $attributesrequired = $metadata->getArray('attributes.required', array());

        /*
         * Add an AttributeConsumingService element with information as name and description and list
         * of requested attributes
         */
        $attributeconsumer = new \SAML2\XML\md\AttributeConsumingService();

        $attributeconsumer->index = $metadata->getInteger('attributes.index', 0);

        if ($metadata->hasValue('attributes.isDefault')) {
            $attributeconsumer->isDefault = $metadata->getBoolean('attributes.isDefault', false);
        }

        $attributeconsumer->ServiceName = $name;
        $attributeconsumer->ServiceDescription = $metadata->getLocalizedString('description', array());

        $nameFormat = $metadata->getString('attributes.NameFormat', \SAML2\Constants::NAMEFORMAT_UNSPECIFIED);
        foreach ($attributes as $friendlyName => $attribute) {
            $t = new \SAML2\XML\md\RequestedAttribute();
            $t->Name = $attribute;
            if (!is_int($friendlyName)) {
                $t->FriendlyName = $friendlyName;
            }
            if ($nameFormat !== \SAML2\Constants::NAMEFORMAT_UNSPECIFIED) {
                $t->NameFormat = $nameFormat;
            }
            if (in_array($attribute, $attributesrequired, true)) {
                $t->isRequired = true;
            }
            $attributeconsumer->RequestedAttribute[] = $t;
        }

        $spDesc->AttributeConsumingService[] = $attributeconsumer;
    }

Here is the call graph for this function:

addCertificate()

SimpleSAML_Metadata_SAMLBuilder::addCertificate ( \SAML2\XML\md\RoleDescriptor  $rd, SimpleSAML_Configuration  $metadata  )

private

Add a certificate.

Helper function for adding a certificate to the metadata.

Parameters

\SAML2\XML\md\RoleDescriptor	$rd	The RoleDescriptor the certificate should be added to.
SimpleSAML_Configuration	$metadata	The metadata of the entity.

Definition at line 758 of file SAMLBuilder.php.

Referenced by addSecurityTokenServiceType().

    {
        $keys = $metadata->getPublicKeys();
        foreach ($keys as $key) {
            if ($key['type'] !== 'X509Certificate') {
                continue;
            }
            if (!isset($key['signing']) || $key['signing'] === true) {
                $this->addX509KeyDescriptor($rd, 'signing', $key['X509Certificate']);
            }
            if (!isset($key['encryption']) || $key['encryption'] === true) {
                $this->addX509KeyDescriptor($rd, 'encryption', $key['X509Certificate']);
            }
        }

        if ($metadata->hasValue('https.certData')) {
            $this->addX509KeyDescriptor($rd, 'signing', $metadata->getString('https.certData'));
        }
    }

Here is the caller graph for this function:

addContact()

SimpleSAML_Metadata_SAMLBuilder::addContact	(		$type,
			$details
	)

Add contact information.

Accepts a contact type, and a contact array that must be previously sanitized.

WARNING: This function will change its signature and no longer parse a 'name' element.

Parameters

string	$type	The type of contact. Deprecated.
array	$details	The details about the contact.

Todo:

Change the signature to remove $type.

Remove the capability to pass a name and parse it inside the method.

Definition at line 682 of file SAMLBuilder.php.

    {
        assert(is_string($type));
        assert(is_array($details));
        assert(in_array($type, array('technical', 'support', 'administrative', 'billing', 'other'), true));

        // TODO: remove this check as soon as getContact() is called always before calling this function
        $details = \SimpleSAML\Utils\Config\Metadata::getContact($details);

        $e = new \SAML2\XML\md\ContactPerson();
        $e->contactType = $type;

        if (!empty($details['attributes'])) {
            $e->ContactPersonAttributes = $details['attributes'];
        }

        if (isset($details['company'])) {
            $e->Company = $details['company'];
        }
        if (isset($details['givenName'])) {
            $e->GivenName = $details['givenName'];
        }
        if (isset($details['surName'])) {
            $e->SurName = $details['surName'];
        }

        if (isset($details['emailAddress'])) {
            $eas = $details['emailAddress'];
            if (!is_array($eas)) {
                $eas = array($eas);
            }
            foreach ($eas as $ea) {
                $e->EmailAddress[] = $ea;
            }
        }

        if (isset($details['telephoneNumber'])) {
            $tlfNrs = $details['telephoneNumber'];
            if (!is_array($tlfNrs)) {
                $tlfNrs = array($tlfNrs);
            }
            foreach ($tlfNrs as $tlfNr) {
                $e->TelephoneNumber[] = $tlfNr;
            }
        }

        $this->entityDescriptor->ContactPerson[] = $e;
    }

addExtensions()

SimpleSAML_Metadata_SAMLBuilder::addExtensions ( SimpleSAML_Configuration  $metadata, \SAML2\XML\md\RoleDescriptor  $e  )

private

Add extensions to the metadata.

Parameters

SimpleSAML_Configuration	$metadata	The metadata to get extensions from.
\SAML2\XML\md\RoleDescriptor	$e	Reference to the element where the Extensions element should be included.

Definition at line 140 of file SAMLBuilder.php.

References $lang, $s, $tag, SimpleSAML_Configuration\getArray(), SimpleSAML_Configuration\hasValue(), and SAML2\Utils\xsDateTimeToTimestamp().

    {
        if ($metadata->hasValue('tags')) {
            $a = new \SAML2\XML\saml\Attribute();
            $a->Name = 'tags';
            foreach ($metadata->getArray('tags') as $tag) {
                $a->AttributeValue[] = new \SAML2\XML\saml\AttributeValue($tag);
            }
            $e->Extensions[] = $a;
        }

        if ($metadata->hasValue('hint.cidr')) {
            $a = new \SAML2\XML\saml\Attribute();
            $a->Name = 'hint.cidr';
            foreach ($metadata->getArray('hint.cidr') as $hint) {
                $a->AttributeValue[] = new \SAML2\XML\saml\AttributeValue($hint);
            }
            $e->Extensions[] = $a;
        }

        if ($metadata->hasValue('scope')) {
            foreach ($metadata->getArray('scope') as $scopetext) {
                $s = new \SAML2\XML\shibmd\Scope();
                $s->scope = $scopetext;
                // Check whether $ ^ ( ) * | \ are in a scope -> assume regex.
                if (1 === preg_match('/[\$\^\)\(\*\|\\\\]/', $scopetext)) {
                    $s->regexp = true;
                } else {
                    $s->regexp = false;
                }
                $e->Extensions[] = $s;
            }
        }

        if ($metadata->hasValue('EntityAttributes')) {
            $ea = new \SAML2\XML\mdattr\EntityAttributes();
            foreach ($metadata->getArray('EntityAttributes') as $attributeName => $attributeValues) {
                $a = new \SAML2\XML\saml\Attribute();
                $a->Name = $attributeName;
                $a->NameFormat = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri';

                // Attribute names that is not URI is prefixed as this: '{nameformat}name'
                if (preg_match('/^\{(.*?)\}(.*)$/', $attributeName, $matches)) {
                    $a->Name = $matches[2];
                    $nameFormat = $matches[1];
                    if ($nameFormat !== \SAML2\Constants::NAMEFORMAT_UNSPECIFIED) {
                        $a->NameFormat = $nameFormat;
                    }
                }
                foreach ($attributeValues as $attributeValue) {
                    $a->AttributeValue[] = new \SAML2\XML\saml\AttributeValue($attributeValue);
                }
                $ea->children[] = $a;
            }
            $this->entityDescriptor->Extensions[] = $ea;
        }

        if ($metadata->hasValue('RegistrationInfo')) {
            $ri = new \SAML2\XML\mdrpi\RegistrationInfo();
            foreach ($metadata->getArray('RegistrationInfo') as $riName => $riValues) {
                switch ($riName) {
                    case 'authority':
                        $ri->registrationAuthority = $riValues;
                        break;
                    case 'instant':
                        $ri->registrationInstant = \SAML2\Utils::xsDateTimeToTimestamp($riValues);
                        break;
                    case 'policies':
                        $ri->RegistrationPolicy = $riValues;
                        break;
                }
            }
            $this->entityDescriptor->Extensions[] = $ri;
        }

        if ($metadata->hasValue('UIInfo')) {
            $ui = new \SAML2\XML\mdui\UIInfo();
            foreach ($metadata->getArray('UIInfo') as $uiName => $uiValues) {
                switch ($uiName) {
                    case 'DisplayName':
                        $ui->DisplayName = $uiValues;
                        break;
                    case 'Description':
                        $ui->Description = $uiValues;
                        break;
                    case 'InformationURL':
                        $ui->InformationURL = $uiValues;
                        break;
                    case 'PrivacyStatementURL':
                        $ui->PrivacyStatementURL = $uiValues;
                        break;
                    case 'Keywords':
                        foreach ($uiValues as $lang => $keywords) {
                            $uiItem = new \SAML2\XML\mdui\Keywords();
                            $uiItem->lang = $lang;
                            $uiItem->Keywords = $keywords;
                            $ui->Keywords[] = $uiItem;
                        }
                        break;
                    case 'Logo':
                        foreach ($uiValues as $logo) {
                            $uiItem = new \SAML2\XML\mdui\Logo();
                            $uiItem->url = $logo['url'];
                            $uiItem->width = $logo['width'];
                            $uiItem->height = $logo['height'];
                            if (isset($logo['lang'])) {
                                $uiItem->lang = $logo['lang'];
                            }
                            $ui->Logo[] = $uiItem;
                        }
                        break;
                }
            }
            $e->Extensions[] = $ui;
        }

        if ($metadata->hasValue('DiscoHints')) {
            $dh = new \SAML2\XML\mdui\DiscoHints();
            foreach ($metadata->getArray('DiscoHints') as $dhName => $dhValues) {
                switch ($dhName) {
                    case 'IPHint':
                        $dh->IPHint = $dhValues;
                        break;
                    case 'DomainHint':
                        $dh->DomainHint = $dhValues;
                        break;
                    case 'GeolocationHint':
                        $dh->GeolocationHint = $dhValues;
                        break;
                }
            }
            $e->Extensions[] = $dh;
        }
    }

Here is the call graph for this function:

addMetadata()

SimpleSAML_Metadata_SAMLBuilder::addMetadata	(		$set,
			$metadata
	)

Add a specific type of metadata to an entity.

Parameters

string	$set	The metadata set this metadata comes from.
array	$metadata	The metadata.

Definition at line 440 of file SAMLBuilder.php.

References $metadata, addAttributeAuthority(), addMetadataIdP11(), addMetadataIdP20(), addMetadataSP11(), addMetadataSP20(), setExpiration(), and SimpleSAML\Logger\warning().

    {
        assert(is_string($set));
        assert(is_array($metadata));

        $this->setExpiration($metadata);

        switch ($set) {
            case 'saml20-sp-remote':
                $this->addMetadataSP20($metadata);
                break;
            case 'saml20-idp-remote':
                $this->addMetadataIdP20($metadata);
                break;
            case 'shib13-sp-remote':
                $this->addMetadataSP11($metadata);
                break;
            case 'shib13-idp-remote':
                $this->addMetadataIdP11($metadata);
                break;
            case 'attributeauthority-remote':
                $this->addAttributeAuthority($metadata);
                break;
            default:
                SimpleSAML\Logger::warning('Unable to generate metadata for unknown type \''.$set.'\'.');
        }
    }

Here is the call graph for this function:

addMetadataIdP11()

SimpleSAML_Metadata_SAMLBuilder::addMetadataIdP11

(

$metadata

)

Add metadata of a SAML 1.1 identity provider.

Parameters

array

$metadata

The metadata.

Definition at line 615 of file SAMLBuilder.php.

Referenced by addMetadata().

    {
        assert(is_array($metadata));
        assert(isset($metadata['entityid']));
        assert(isset($metadata['metadata-set']));

        $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);

        $e = new \SAML2\XML\md\IDPSSODescriptor();
        $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:1.1:protocol';
        $e->protocolSupportEnumeration[] = 'urn:mace:shibboleth:1.0';

        $this->addCertificate($e, $metadata);

        $e->NameIDFormat = $metadata->getArrayizeString('NameIDFormat', array());

        $e->SingleSignOnService = self::createEndpoints($metadata->getEndpoints('SingleSignOnService'), false);

        $this->entityDescriptor->RoleDescriptor[] = $e;
    }

Here is the caller graph for this function:

addMetadataIdP20()

SimpleSAML_Metadata_SAMLBuilder::addMetadataIdP20

(

$metadata

)

Add metadata of a SAML 2.0 identity provider.

Parameters

array

$metadata

The metadata.

Definition at line 531 of file SAMLBuilder.php.

Referenced by addMetadata().

    {
        assert(is_array($metadata));
        assert(isset($metadata['entityid']));
        assert(isset($metadata['metadata-set']));

        $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);

        $e = new \SAML2\XML\md\IDPSSODescriptor();
        $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:2.0:protocol';

        if ($metadata->hasValue('sign.authnrequest')) {
            $e->WantAuthnRequestsSigned = $metadata->getBoolean('sign.authnrequest');
        } elseif ($metadata->hasValue('redirect.sign')) {
            $e->WantAuthnRequestsSigned = $metadata->getBoolean('redirect.sign');
        }

        $this->addExtensions($metadata, $e);

        $this->addCertificate($e, $metadata);

        if ($metadata->hasValue('ArtifactResolutionService')) {
            $e->ArtifactResolutionService = self::createEndpoints(
                $metadata->getEndpoints('ArtifactResolutionService'),
                true
            );
        }

        $e->SingleLogoutService = self::createEndpoints($metadata->getEndpoints('SingleLogoutService'), false);

        $e->NameIDFormat = $metadata->getArrayizeString('NameIDFormat', array());

        $e->SingleSignOnService = self::createEndpoints($metadata->getEndpoints('SingleSignOnService'), false);

        $this->entityDescriptor->RoleDescriptor[] = $e;

        foreach ($metadata->getArray('contacts', array()) as $contact) {
            if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
                $this->addContact($contact['contactType'], \SimpleSAML\Utils\Config\Metadata::getContact($contact));
            }
        }
    }

Here is the caller graph for this function:

addMetadataSP11()

SimpleSAML_Metadata_SAMLBuilder::addMetadataSP11

(

$metadata

)

Add metadata of a SAML 1.1 service provider.

Parameters

array

$metadata

The metadata.

Definition at line 580 of file SAMLBuilder.php.

Referenced by addMetadata().

    {
        assert(is_array($metadata));
        assert(isset($metadata['entityid']));
        assert(isset($metadata['metadata-set']));

        $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);

        $e = new \SAML2\XML\md\SPSSODescriptor();
        $e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:1.1:protocol';

        $this->addCertificate($e, $metadata);

        $e->NameIDFormat = $metadata->getArrayizeString('NameIDFormat', array());

        $endpoints = $metadata->getEndpoints('AssertionConsumerService');
        foreach ($metadata->getArrayizeString('AssertionConsumerService.artifact', array()) as $acs) {
            $endpoints[] = array(
                'Binding'  => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01',
                'Location' => $acs,
            );
        }
        $e->AssertionConsumerService = self::createEndpoints($endpoints, true);

        $this->addAttributeConsumingService($e, $metadata);

        $this->entityDescriptor->RoleDescriptor[] = $e;
    }

Here is the caller graph for this function:

addMetadataSP20()

SimpleSAML_Metadata_SAMLBuilder::addMetadataSP20	(		$metadata,
			$protocols = array(\SAML2\Constants::NS_SAMLP)
	)

Add SAML 2.0 SP metadata.

Parameters

array	$metadata	The metadata.
array	$protocols	The protocols supported. Defaults to ::NS_SAMLP.

Definition at line 475 of file SAMLBuilder.php.

Referenced by addMetadata().

    {
        assert(is_array($metadata));
        assert(is_array($protocols));
        assert(isset($metadata['entityid']));
        assert(isset($metadata['metadata-set']));

        $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);

        $e = new \SAML2\XML\md\SPSSODescriptor();
        $e->protocolSupportEnumeration = $protocols;

        if ($metadata->hasValue('saml20.sign.assertion')) {
            $e->WantAssertionsSigned = $metadata->getBoolean('saml20.sign.assertion');
        }

        if ($metadata->hasValue('redirect.validate')) {
            $e->AuthnRequestsSigned = $metadata->getBoolean('redirect.validate');
        } elseif ($metadata->hasValue('validate.authnrequest')) {
            $e->AuthnRequestsSigned = $metadata->getBoolean('validate.authnrequest');
        }

        $this->addExtensions($metadata, $e);

        $this->addCertificate($e, $metadata);

        $e->SingleLogoutService = self::createEndpoints($metadata->getEndpoints('SingleLogoutService'), false);

        $e->NameIDFormat = $metadata->getArrayizeString('NameIDFormat', array());

        $endpoints = $metadata->getEndpoints('AssertionConsumerService');
        foreach ($metadata->getArrayizeString('AssertionConsumerService.artifact', array()) as $acs) {
            $endpoints[] = array(
                'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
                'Location' => $acs,
            );
        }
        $e->AssertionConsumerService = self::createEndpoints($endpoints, true);

        $this->addAttributeConsumingService($e, $metadata);

        $this->entityDescriptor->RoleDescriptor[] = $e;

        foreach ($metadata->getArray('contacts', array()) as $contact) {
            if (array_key_exists('contactType', $contact) && array_key_exists('emailAddress', $contact)) {
                $this->addContact($contact['contactType'], \SimpleSAML\Utils\Config\Metadata::getContact($contact));
            }
        }
    }

Here is the caller graph for this function:

addOrganization()

SimpleSAML_Metadata_SAMLBuilder::addOrganization	(	array	$orgName,
		array	$orgDisplayName,
		array	$orgURL
	)

Add an Organization element based on data passed as parameters.

Parameters

array	$orgName	An array with the localized OrganizationName.
array	$orgDisplayName	An array with the localized OrganizationDisplayName.
array	$orgURL	An array with the localized OrganizationURL.

Definition at line 283 of file SAMLBuilder.php.

References $orgName.

Referenced by addOrganizationInfo().

    {
        $org = new \SAML2\XML\md\Organization();

        $org->OrganizationName = $orgName;
        $org->OrganizationDisplayName = $orgDisplayName;
        $org->OrganizationURL = $orgURL;

        $this->entityDescriptor->Organization = $org;
    }

Here is the caller graph for this function:

addOrganizationInfo()

SimpleSAML_Metadata_SAMLBuilder::addOrganizationInfo

(

array

$metadata

)

Add an Organization element based on metadata array.

Parameters

array

$metadata

The metadata we should extract the organization information from.

Definition at line 300 of file SAMLBuilder.php.

References $orgName, addOrganization(), and SimpleSAML\Utils\Arrays\arrayize().

    {
        if (empty($metadata['OrganizationName']) ||
            empty($metadata['OrganizationDisplayName']) ||
            empty($metadata['OrganizationURL'])
        ) {
            // empty or incomplete organization information
            return;
        }

        $orgName = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationName'], 'en');
        $orgDisplayName = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationDisplayName'], 'en');
        $orgURL = SimpleSAML\Utils\Arrays::arrayize($metadata['OrganizationURL'], 'en');

        $this->addOrganization($orgName, $orgDisplayName, $orgURL);
    }

Here is the call graph for this function:

addSecurityTokenServiceType()

SimpleSAML_Metadata_SAMLBuilder::addSecurityTokenServiceType

(

$metadata

)

Add a SecurityTokenServiceType for ADFS metadata.

Parameters

array

$metadata

The metadata with the information about the SecurityTokenServiceType.

Definition at line 117 of file SAMLBuilder.php.

References $metadata, addCertificate(), and SimpleSAML_Configuration\loadFromArray().

    {
        assert(is_array($metadata));
        assert(isset($metadata['entityid']));
        assert(isset($metadata['metadata-set']));

        $metadata = SimpleSAML_Configuration::loadFromArray($metadata, $metadata['entityid']);
        $defaultEndpoint = $metadata->getDefaultEndpoint('SingleSignOnService');
        $e = new sspmod_adfs_SAML2_XML_fed_SecurityTokenServiceType();
        $e->Location = $defaultEndpoint['Location'];

        $this->addCertificate($e, $metadata);

        $this->entityDescriptor->RoleDescriptor[] = $e;
    }

Here is the call graph for this function:

addX509KeyDescriptor()

SimpleSAML_Metadata_SAMLBuilder::addX509KeyDescriptor ( \SAML2\XML\md\RoleDescriptor  $rd,   $use,   $x509data  )

private

Add a KeyDescriptor with an X509 certificate.

Parameters

\SAML2\XML\md\RoleDescriptor	$rd	The RoleDescriptor the certificate should be added to.
string	$use	The value of the 'use' attribute.
string	$x509data	The certificate data.

Definition at line 739 of file SAMLBuilder.php.

    {
        assert(in_array($use, array('encryption', 'signing'), true));
        assert(is_string($x509data));

        $keyDescriptor = \SAML2\Utils::createKeyDescriptor($x509data);
        $keyDescriptor->use = $use;
        $rd->KeyDescriptor[] = $keyDescriptor;
    }

createEndpoints()

static SimpleSAML_Metadata_SAMLBuilder::createEndpoints ( array  $endpoints,   $indexed  )

staticprivate

Add a list of endpoints to metadata.

Parameters

array	$endpoints	The endpoints.
bool	$indexed	Whether the endpoints should be indexed.

Returns

array An array of endpoint objects, either or .

Definition at line 326 of file SAMLBuilder.php.

References $ret, and $t.

    {
        assert(is_bool($indexed));

        $ret = array();

        foreach ($endpoints as &$ep) {
            if ($indexed) {
                $t = new \SAML2\XML\md\IndexedEndpointType();
            } else {
                $t = new \SAML2\XML\md\EndpointType();
            }

            $t->Binding = $ep['Binding'];
            $t->Location = $ep['Location'];
            if (isset($ep['ResponseLocation'])) {
                $t->ResponseLocation = $ep['ResponseLocation'];
            }
            if (isset($ep['hoksso:ProtocolBinding'])) {
                $t->setAttributeNS(
                    \SAML2\Constants::NS_HOK,
                    'hoksso:ProtocolBinding',
                    \SAML2\Constants::BINDING_HTTP_REDIRECT
                );
            }

            if ($indexed) {
                if (!isset($ep['index'])) {
                    // Find the maximum index
                    $maxIndex = -1;
                    foreach ($endpoints as $ep) {
                        if (!isset($ep['index'])) {
                            continue;
                        }

                        if ($ep['index'] > $maxIndex) {
                            $maxIndex = $ep['index'];
                        }
                    }

                    $ep['index'] = $maxIndex + 1;
                }

                $t->index = $ep['index'];
            }

            $ret[] = $t;
        }

        return $ret;
    }

getEntityDescriptor()

SimpleSAML_Metadata_SAMLBuilder::getEntityDescriptor

(

)

Retrieve the EntityDescriptor element which is generated for this entity.

Returns

DOMElement The EntityDescriptor element of this entity.

Definition at line 81 of file SAMLBuilder.php.

References $xml.

Referenced by getEntityDescriptorText().

    {
        $xml = $this->entityDescriptor->toXML();
        $xml->ownerDocument->appendChild($xml);

        return $xml;
    }

Here is the caller graph for this function:

getEntityDescriptorText()

SimpleSAML_Metadata_SAMLBuilder::getEntityDescriptorText

(

$formatted = true

)

Retrieve the EntityDescriptor as text.

This function serializes this EntityDescriptor, and returns it as text.

Parameters

bool

$formatted

Whether the returned EntityDescriptor should be formatted first.

Returns

string The serialized EntityDescriptor.

Definition at line 99 of file SAMLBuilder.php.

References $xml, and getEntityDescriptor().

    {
        assert(is_bool($formatted));

        $xml = $this->getEntityDescriptor();
        if ($formatted) {
            SimpleSAML\Utils\XML::formatDOMElement($xml);
        }

        return $xml->ownerDocument->saveXML();
    }

Here is the call graph for this function:

setExpiration()

SimpleSAML_Metadata_SAMLBuilder::setExpiration (   $metadata )

private

Definition at line 59 of file SAMLBuilder.php.

References $maxDuration, and $metadata.

Referenced by addMetadata().

    {
        if (array_key_exists('expire', $metadata)) {
            if ($metadata['expire'] - time() < $this->maxDuration) {
                $this->maxDuration = $metadata['expire'] - time();
            }
        }

        if ($this->maxCache !== null) {
            $this->entityDescriptor->cacheDuration = 'PT'.$this->maxCache.'S';
        }
        if ($this->maxDuration !== null) {
            $this->entityDescriptor->validUntil = time() + $this->maxDuration;
        }
    }

Here is the caller graph for this function:

Field Documentation

$entityDescriptor

SimpleSAML_Metadata_SAMLBuilder::$entityDescriptor

private

Definition at line 20 of file SAMLBuilder.php.

$maxCache

SimpleSAML_Metadata_SAMLBuilder::$maxCache = null

private

Definition at line 28 of file SAMLBuilder.php.

Referenced by __construct().

$maxDuration

SimpleSAML_Metadata_SAMLBuilder::$maxDuration = null

private

Definition at line 36 of file SAMLBuilder.php.

Referenced by __construct(), and setExpiration().

---

The documentation for this class was generated from the following file:

• libs/composer/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/SAMLBuilder.php