ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
Public Member Functions | Private Member Functions
ILIAS\Saml\Metadata Class Reference
+ Collaboration diagram for ILIAS\Saml\Metadata:

Public Member Functions

 __construct (private readonly SimpleSamlFactory $create)
 
 buildXML (ilSamlAuth $auth)
 

Private Member Functions

 singleLogoutService (Configuration $config, string $logout_url, string $source_id)
 
 assertionConsumerServices (Configuration $config, array $default)
 
 defaultAssertionConsumerServices (Configuration $config, string $base_url, string $source_id)
 
 nameIdPolicy (Configuration $config)
 
 nameInformation (Configuration $config)
 
 organizationalInformation (Configuration $config)
 
 certificates (Configuration $config)
 
 buildCertData (?array $cert_info, bool $encryption)
 
 extensions (Configuration $config)
 
 removeKey ($key)
 
 mergeList (array $list)
 
 addIfExists (Configuration $config, string $needle, string $selector='getValue', ?string $as_key=null)
 
 mergeListIfExists (Configuration $config, array $list)
 

Detailed Description

Definition at line 30 of file Metadata.php.

Constructor & Destructor Documentation

◆ __construct()

ILIAS\Saml\Metadata::__construct ( private readonly SimpleSamlFactory  $create)

Definition at line 32 of file Metadata.php.

33 {
34 }

Member Function Documentation

◆ addIfExists()

ILIAS\Saml\Metadata::addIfExists ( Configuration  $config,
string  $needle,
string  $selector = 'getValue',
?string  $as_key = null 
)
private

Definition at line 263 of file Metadata.php.

263 : array
264 {
265 return $config->hasValue($needle) ?
266 [$as_key ?? $needle => $config->$selector($needle)] :
267 [];
268 }

Referenced by ILIAS\Saml\Metadata\mergeListIfExists(), and ILIAS\Saml\Metadata\organizationalInformation().

+ Here is the caller graph for this function:

◆ assertionConsumerServices()

ILIAS\Saml\Metadata::assertionConsumerServices ( Configuration  $config,
array  $default 
)
private

Definition at line 90 of file Metadata.php.

90 : array
91 {
92 $services = $config->getOptionalArray('acs.Bindings', array_keys($default));
93
94 $services = array_intersect($services, array_keys($default));
95
96 $services = array_map(static fn(string $service, int $index): array => array_merge($default[$service] ?? [], [
97 'index' => $index,
98 ]), $services, range(0, count($services) - 1));
99
100 return [
101 'services' => array_map($this->removeKey('Protocol'), $services),
102 'supported_protocols' => array_unique(array_values(array_column($services, 'Protocol'))),
103 ];
104 }
$service
$service
Definition: ltiresult.php:36

References $service, and ILIAS\Saml\Metadata\removeKey().

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ buildCertData()

ILIAS\Saml\Metadata::buildCertData ( ?array  $cert_info,
bool  $encryption 
)
private

Definition at line 217 of file Metadata.php.

217 : ?array
218 {
219 if ($cert_info['certData'] ?? false) {
220 return [
221 'type' => 'X509Certificate',
222 'signing' => true,
223 'encryption' => $encryption,
224 'X509Certificate' => $cert_info['certData'],
225 ];
226 }
227
228 return null;
229 }

Referenced by ILIAS\Saml\Metadata\certificates().

+ Here is the caller graph for this function:

◆ buildXML()

ILIAS\Saml\Metadata::buildXML ( ilSamlAuth  $auth)

Definition at line 36 of file Metadata.php.

36 : string
37 {
38 $source = $this->create->sourceById($auth->getAuthId());
39 $config = $source->getMetadata();
40 $base_url = rtrim(ILIAS_HTTP_PATH, '/');
41
42 $acs = $this->assertionConsumerServices($config, $this->defaultAssertionConsumerServices($config, $base_url, $auth->getAuthId()));
43
44 $base = [
45 'entityid' => $source->getEntityId(),
46 'metadata-set' => 'saml20-sp-remote',
47 'SingleLogoutService' => $this->singleLogoutService($config, $base_url, $source->getAuthId()),
48 'AssertionConsumerService' => $acs['services'],
49 ];
50
51 $metadata_sp20 = $this->mergeList([
52 $base,
53 $this->nameIdPolicy($config),
54 $this->nameInformation($config),
55 $this->organizationalInformation($config),
56 $this->certificates($config),
57 $this->extensions($config),
58 ]);
59
60 $builder = $this->create->builder($source->getEntityId());
61 $builder->addMetadataSP20($metadata_sp20, $acs['supported_protocols']);
62 $builder->addOrganizationInfo($metadata_sp20);
63
64 $xml = $builder->getEntityDescriptorText();
65 $xml = $this->create->sign($xml, $config->toArray(), 'SAML 2 SP');
66
67 return $xml;
68 }
ILIAS\Saml\Metadata\mergeList
mergeList(array $list)
Definition: Metadata.php:258
ILIAS\Saml\Metadata\assertionConsumerServices
assertionConsumerServices(Configuration $config, array $default)
Definition: Metadata.php:90
ILIAS\Saml\Metadata\defaultAssertionConsumerServices
defaultAssertionConsumerServices(Configuration $config, string $base_url, string $source_id)
Definition: Metadata.php:106
ILIAS\Saml\Metadata\nameInformation
nameInformation(Configuration $config)
Definition: Metadata.php:145
ILIAS\Saml\Metadata\extensions
extensions(Configuration $config)
Definition: Metadata.php:231
ILIAS\Saml\Metadata\singleLogoutService
singleLogoutService(Configuration $config, string $logout_url, string $source_id)
Definition: Metadata.php:70
ILIAS\Saml\Metadata\certificates
certificates(Configuration $config)
Definition: Metadata.php:196
ILIAS\Saml\Metadata\organizationalInformation
organizationalInformation(Configuration $config)
Definition: Metadata.php:165
ILIAS\Saml\Metadata\nameIdPolicy
nameIdPolicy(Configuration $config)
Definition: Metadata.php:133

References ILIAS\Saml\Metadata\assertionConsumerServices(), ILIAS\Saml\Metadata\certificates(), ILIAS\Saml\Metadata\defaultAssertionConsumerServices(), ILIAS\Saml\Metadata\extensions(), ilSamlAuth\getAuthId(), ILIAS\Saml\Metadata\mergeList(), ILIAS\Saml\Metadata\nameIdPolicy(), ILIAS\Saml\Metadata\nameInformation(), ILIAS\Saml\Metadata\organizationalInformation(), and ILIAS\Saml\Metadata\singleLogoutService().

+ Here is the call graph for this function:

◆ certificates()

ILIAS\Saml\Metadata::certificates ( Configuration  $config)
private

Definition at line 196 of file Metadata.php.

196 : array
197 {
198 $crypt = $this->create->crypt();
199
200 $key = $this->buildCertData($crypt->loadPublicKey($config, false, 'new_'), true);
201 $has_new_cert = $key !== null;
202
203 $keys = array_values(array_filter([
204 $key,
205 $this->buildCertData($crypt->loadPublicKey($config), !$has_new_cert),
206 ]));
207
208 if (count($keys) === 1) {
209 return ['certData' => $keys[0]['X509Certificate']];
210 } elseif (count($keys) > 1) {
211 return ['keys' => $keys];
212 }
213
214 return [];
215 }
ILIAS\Saml\Metadata\buildCertData
buildCertData(?array $cert_info, bool $encryption)
Definition: Metadata.php:217

References ILIAS\Saml\Metadata\buildCertData().

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ defaultAssertionConsumerServices()

ILIAS\Saml\Metadata::defaultAssertionConsumerServices ( Configuration  $config,
string  $base_url,
string  $source_id 
)
private

Definition at line 106 of file Metadata.php.

106 : array
107 {
108 $default = [
109 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' => [
110 'Binding' => Constants::BINDING_HTTP_POST,
111 'Location' => sprintf('%s/module.php/saml/sp/saml2-acs.php/%s', $base_url, $source_id),
112 'Protocol' => Constants::NS_SAMLP,
113 ],
114 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact' => [
115 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
116 'Location' => sprintf('%s/module.php/saml/sp/saml2-acs.php/%s', $base_url, $source_id),
117 'Protocol' => Constants::NS_SAMLP,
118 ],
119 ];
120
121 if ($config->getOptionalString('ProtocolBinding', '') === 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser') {
122 $default['urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser'] = [
123 'Binding' => 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser',
124 'hoksso:ProtocolBinding' => Constants::BINDING_HTTP_REDIRECT,
125 'Location' => sprintf('%s/module.php/saml2-acs/%s', $base_url, $source_id),
126 'Protocol' => Constants::NS_SAMLP,
127 ];
128 }
129
130 return $default;
131 }

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the caller graph for this function:

◆ extensions()

ILIAS\Saml\Metadata::extensions ( Configuration  $config)
private

Definition at line 231 of file Metadata.php.

231 : array
232 {
233 return $this->mergeListIfExists($config, [
234 ['EntityAttributes', 'getArray'],
235 ['UIInfo', 'getArray'],
236 ['RegistrationInfo', 'getArray'],
237 ['WantAssertionsSigned', 'getBoolean', 'saml20.sign.assertion'],
238 ['redirect.sign', 'getBoolean', 'redirect.validate'],
239 ['sign.authnrequest', 'getBoolean', 'validate.authnrequest'],
240 ]);
241 }
ILIAS\Saml\Metadata\mergeListIfExists
mergeListIfExists(Configuration $config, array $list)
Definition: Metadata.php:273

References ILIAS\Saml\Metadata\mergeListIfExists().

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mergeList()

ILIAS\Saml\Metadata::mergeList ( array  $list)
private
Parameters
list<array>$list

Definition at line 258 of file Metadata.php.

258 : array
259 {
260 return array_merge(...$list);
261 }

Referenced by ILIAS\Saml\Metadata\buildXML(), and ILIAS\Saml\Metadata\mergeListIfExists().

+ Here is the caller graph for this function:

◆ mergeListIfExists()

ILIAS\Saml\Metadata::mergeListIfExists ( Configuration  $config,
array  $list 
)
private
Parameters
list<string|list<string>>$list

Definition at line 273 of file Metadata.php.

273 : array
274 {
275 return $this->mergeList(array_map(
276 fn($pair): array => $this->addIfExists($config, ...(is_array($pair) ? $pair : [$pair])),
277 $list
278 ));
279 }
ILIAS\Saml\Metadata\addIfExists
addIfExists(Configuration $config, string $needle, string $selector='getValue', ?string $as_key=null)
Definition: Metadata.php:263

References ILIAS\Saml\Metadata\addIfExists(), and ILIAS\Saml\Metadata\mergeList().

Referenced by ILIAS\Saml\Metadata\extensions(), and ILIAS\Saml\Metadata\nameInformation().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ nameIdPolicy()

ILIAS\Saml\Metadata::nameIdPolicy ( Configuration  $config)
private

Definition at line 133 of file Metadata.php.

133 : array
134 {
135 $format = $config->getOptionalValue('NameIDPolicy', null);
136 return match (gettype($format)) {
137 'array' => [
138 'NameIDFormat' => $this->create->configFromArray($format)->getString('Format'),
139 ],
140 'string' => ['NameIDFormat' => $format],
141 default => [],
142 };
143 }

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the caller graph for this function:

◆ nameInformation()

ILIAS\Saml\Metadata::nameInformation ( Configuration  $config)
private

Definition at line 145 of file Metadata.php.

145 : array
146 {
147 if (!$config->hasValue('name') || !$config->hasValue('attributes')) {
148 return [];
149 }
150
151 $information = [
152 'name' => $config->getLocalizedString('name'),
153 'attributes' => $config->getArray('attributes'),
154 ];
155
156 return array_merge($information, $this->mergeListIfExists($config, [
157 ['attributes.required', 'getArray'],
158 ['description', 'getString'],
159 ['attributes.NameFormat', 'getString'],
160 ['attributes.index', 'getInteger'],
161 ['attributes.isDefault', 'getBoolean'],
162 ]));
163 }

References ILIAS\Saml\Metadata\mergeListIfExists().

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ organizationalInformation()

ILIAS\Saml\Metadata::organizationalInformation ( Configuration  $config)
private

Definition at line 165 of file Metadata.php.

165 : array
166 {
167 $array = [];
168 if ($config->hasValue('OrganizationName')) {
169 $array['OrganizationName'] = $config->getLocalizedString('OrganizationName');
170
171 $array = array_merge($array, $this->addIfExists($config, 'OrganizationDisplayName', 'getLocalizedString'));
172
173 if (!$config->hasValue('OrganizationURL')) {
174 throw new Exception('If OrganizationName is set, OrganizationURL must also be set.');
175 }
176 $array['OrganizationURL'] = $config->getLocalizedString('OrganizationURL');
177 }
178
179 foreach ($config->getOptionalArray('contacts', []) as $contact) {
180 $array['contacts'][] = $this->create->contact($contact);
181 }
182
183 // add technical contact
184 if ($config->hasValue('technicalcontact_email') && $config->getString('technicalcontact_email') !== 'na@example.org') {
185 $techcontact = [
186 'emailAddress' => $config->getString('technicalcontact_email'),
187 'name' => $config->getOptionalString('technicalcontact_name', null),
188 'contactType' => 'technical',
189 ];
190 $array['contacts'][] = $this->create->contact($techcontact);
191 }
192
193 return $array;
194 }

References ILIAS\Saml\Metadata\addIfExists().

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ removeKey()

ILIAS\Saml\Metadata::removeKey (   $key)
private
Parameters
string | int$key
Returns
Closure(array): array

Definition at line 247 of file Metadata.php.

247 : Closure
248 {
249 return static function (array $a) use ($key) {
250 unset($a[$key]);
251 return $a;
252 };
253 }
Vendor\Package\$a
$a
thx to https://mlocati.github.io/php-cs-fixer-configurator for the examples
Definition: example_cleaned.php:49

References Vendor\Package\$a.

Referenced by ILIAS\Saml\Metadata\assertionConsumerServices().

+ Here is the caller graph for this function:

◆ singleLogoutService()

ILIAS\Saml\Metadata::singleLogoutService ( Configuration  $config,
string  $logout_url,
string  $source_id 
)
private

Definition at line 70 of file Metadata.php.

70 : array
71 {
72 $logout_url = $logout_url . '/module.php/saml/sp/saml2-logout.php/' . $source_id;
73 $store = $this->create->store();
74
75 $bindings = $config->getOptionalArray('SingleLogoutServiceBinding', [
76 Constants::BINDING_HTTP_REDIRECT,
77 Constants::BINDING_SOAP,
78 ]);
79
80 $bindings = $store instanceof SQLStore ?
81 $bindings :
82 array_values(array_filter($bindings, static fn(string $b): bool => $b !== Constants::BINDING_SOAP));
83
84 return array_map(static fn(string $b): array => [
85 'Binding' => $b,
86 'Location' => $config->getOptionalString('SingleLogoutServiceLocation', $logout_url),
87 ], $bindings);
88 }

References Vendor\Package\$b.

Referenced by ILIAS\Saml\Metadata\buildXML().

+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: