Skip to content

Commit 51d7ee4

Browse files
tvdijentvdijen
authored
Update metadata-extensions (#1807)
* Migrate metadata-extensions to new interface * Bump saml2-library * Migrate md:Organization to new interface * Bump saml2 library * Drop hint.cidr functionality; use mdui:DiscoHints/IPHint instead * Migrate md:KeyDescriptor to new interface * Bump saml2 library * Migrate ds-elements to new interface from xml-security lib * Migrate md:ContactPerson to new interface * Fix hosted SP metadata generation * Fix codesniffer issues * Bump saml2-lib * Migrate md:NameIDFormat to new interface * Migrate (indexed) endpoints to new interface * Fix for NameIDFormat * Fix minor bugs * Fix long lines * Fix array key initializatino * Only add isRequired attribute when it's true * Update composer-file * Remove unnecessary test; the saml2-lib ensures a specs-compliant representation of an AttributeConsumerService-element * Fix annotation
1 parent 5532d73 commit 51d7ee4

18 files changed

Lines changed: 520 additions & 873 deletions

File tree

composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@
6666
"psr/log": "^2.0 || ^3.0",
6767
"robrichards/xmlseclibs": "^3.1.1",
6868
"simplesamlphp/assert": "^1.0.0",
69-
"simplesamlphp/saml2": "^5.0.0-alpha.1",
69+
"simplesamlphp/saml2": "^5.0.0-alpha.6",
7070
"simplesamlphp/simplesamlphp-assets-base": "^2.0.0",
7171
"simplesamlphp/simplesamlphp-module-adfs": "dev-master",
7272
"symfony/cache": "^5.4||^6",

composer.lock

Lines changed: 47 additions & 48 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

docs/simplesamlphp-hok-idp.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,14 @@ The `saml20-idp-remote` metadata for SimpleSAMLphp SPs should contain something
4848
'hoksso:ProtocolBinding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
4949
'Binding' => 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser',
5050
'Location' => 'https://idp.example.org/simplesaml/saml2/idp/SSOService.php',
51+
'attributes' => [
52+
[
53+
'namespaceURI' => 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser',
54+
'namespacePrefix' => 'hoksso',
55+
'attrName' => 'ProtocolBinding',
56+
'attrValue' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
57+
],
58+
],
5159
],
5260
[
5361
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',

docs/simplesamlphp-metadata-extensions-rpi.md

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -30,16 +30,16 @@ RegistrationInfo Items
3030
The configuration is the same for all the different files, and consists of a single directive called `RegistrationInfo`, which
3131
**must** be an indexed array with the following options:
3232

33-
`authority`
33+
`RegistrationAuthority`
3434
: A string containing an identifier of the authority who has registered this metadata. This parameter is **mandatory**.
3535

36-
`instant`
36+
`RegistrationInstant`
3737
: A string containing the instant when the entity or entities where registered by the authority. This parameter is
3838
optional, and must be expressed in the UTC timezone with the *zulu* (`Z`) timezone identifier. If omitted, there will be no
3939
`registrationInstant` in the resulting metadata, except in the `aggregator2` module, which will use the instant when the metadata
4040
was generated.
4141

42-
`policies`
42+
`RegistrationPolicy`
4343
: An indexed array containing URLs pointing to the policy under which the entity or entities where registered. Each
4444
index must be the language code corresponding to the language of the URL. This parameter is optional, and will be omitted in the
4545
resulting metadata if not configured.
@@ -54,9 +54,9 @@ Service Provider:
5454
'entityID' => NULL,
5555
...
5656
'RegistrationInfo' => [
57-
'authority' => 'urn:mace:sp.example.org',
58-
'instant' => '2008-01-17T11:28:03.577Z',
59-
'policies' => ['en' => 'http://sp.example.org/policy', 'es' => 'http://sp.example.org/politica'],
57+
'RegistrationAuthority' => 'urn:mace:sp.example.org',
58+
'RegistrationInstant' => '2008-01-17T11:28:03.577Z',
59+
'RegistrationPolicy' => ['en' => 'http://sp.example.org/policy', 'es' => 'http://sp.example.org/politica'],
6060
],
6161
],
6262

@@ -66,8 +66,8 @@ Identity Provider:
6666
'host' => '__DEFAULT__',
6767
...
6868
'RegistrationInfo' => [
69-
'authority' => 'urn:mace:idp.example.org',
70-
'instant' => '2008-01-17T11:28:03.577Z',
69+
'RegistrationAuthority' => 'urn:mace:idp.example.org',
70+
'RegistrationInstant' => '2008-01-17T11:28:03.577Z',
7171
],
7272
];
7373

@@ -79,8 +79,8 @@ Identity Provider:
7979
...
8080
],
8181
'RegistrationInfo' => [
82-
'authority' => 'urn:mace:example.federation',
83-
'policies' => ['en' => 'http://example.org/federation_policy', 'es' => 'https://example.org/politica_federacion'],
82+
'RegistrationAuthority' => 'urn:mace:example.federation',
83+
'RegistrationPolicy' => ['en' => 'http://example.org/federation_policy', 'es' => 'https://example.org/politica_federacion'],
8484
],
8585
],
8686
];

docs/simplesamlphp-reference-idp-hosted.md

Lines changed: 18 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -55,12 +55,12 @@ entry matches.
5555
```php
5656
'contacts' => [
5757
[
58-
'contactType' => 'support',
59-
'emailAddress' => 'support@example.org',
60-
'givenName' => 'John',
58+
'ContactType' => 'support',
59+
'EmailAddress' => 'support@example.org',
60+
'GivenName' => 'John',
6161
'surName' => 'Doe',
62-
'telephoneNumber' => '+31(0)12345678',
63-
'company' => 'Example Inc.',
62+
'TelephoneNumber' => '+31(0)12345678',
63+
'Company' => 'Example Inc.',
6464
],
6565
],
6666
```
@@ -70,15 +70,19 @@ entry matches.
7070
```php
7171
'contacts' => [
7272
[
73-
'contactType' => 'other',
74-
'emailAddress' => 'mailto:abuse@example.org',
75-
'givenName' => 'John',
76-
'surName' => 'Doe',
77-
'telephoneNumber' => '+31(0)12345678',
78-
'company' => 'Example Inc.',
79-
'attributes' => [
80-
'xmlns:remd' => 'http://refeds.org/metadata',
81-
'remd:contactType' => 'http://refeds.org/metadata/contactType/security',
73+
'ContactType' => 'other',
74+
'EmailAddress' => 'mailto:abuse@example.org',
75+
'GivenName' => 'John',
76+
'SurName' => 'Doe',
77+
'TelephoneNumber' => '+31(0)12345678',
78+
'Company' => 'Example Inc.',
79+
'attributes' => [
80+
[
81+
'namespaceURI' => 'http://refeds.org/metadata',
82+
'namespacePrefix' => 'remd',
83+
'attrName' => 'contactType',
84+
'attrValue' => 'http://refeds.org/metadata/contactType/security',
85+
],
8286
],
8387
],
8488
],

docs/simplesamlphp-reference-sp-remote.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ The following options can be set:
110110
the actual value used is fetched from metadata by the following
111111
priority:
112112

113-
:
113+
:
114114
1. SP Remote Metadata
115115
2. IdP Hosted Metadata
116116

@@ -166,7 +166,7 @@ The following options can be set:
166166

167167
: The three most commonly used values are:
168168

169-
:
169+
:
170170
1. `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
171171
2. `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`
172172
3. `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`

0 commit comments

Comments
 (0)