Migrate metadata generation to new SAML2-library#1901
Conversation
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #1901 +/- ##
============================================
- Coverage 44.59% 44.10% -0.49%
+ Complexity 3743 3720 -23
============================================
Files 166 165 -1
Lines 12728 12728
============================================
- Hits 5676 5614 -62
- Misses 7052 7114 +62 |
f49e643 to
31fc0f2
Compare
31fc0f2 to
98228fb
Compare
7cd3f83 to
74d478c
Compare
ccb9b02 to
120a100
Compare
74d478c to
80b1a9d
Compare
e0b429d to
ab9195e
Compare
6004a77 to
58bf8db
Compare
5c9fb2c to
0970efc
Compare
c27831c to
71e49f4
Compare
The unit test was also expecting an epoch integer here so that got updated to expecting a Z time string.
There is a choice to either use an array of SAMLAnyURIValue for a $SAML20Protocols function replacement and then intersect on that or we can flatten the objects to strings an the normal array_intersect will work ok on the same data types here. I have code that does both things depending on which we are after.
|
There are still some changes in my vendor tree that I made to help things pass it seems. So working on that next... |
|
Looking at my diffs I added some It seems github doesn't want to allow me to fork both saml2 and saml2-legacy. I could do a PR from a branch in the main saml2 repo or remove my saml2-legacy and fork and PR from there but either of those seem a little messy Files I added toArray to: |
|
This is strange, because you have all the admin-permissions you could possibly want on those libraries. saml2-legacy you can forget about.. That one only has the v4 version of the library. For saml2 v6 I've created a pull request here.. Please review and let we know if you expect to need more classes to implement toArray/fromArray. |
|
I now have the fork https://github.com/monkeyiq/saml2 I suspect that the saml2-legacy and saml2 repos were similar enough, or maybe even forked from each other in the past that github was not wanting to let me make a fork of both of them on my account. The main saml2 lib fork is more useful so I have deleted the saml2-legacy fork I had in order to make this new fork happen. |
|
The new MetadataParser uses SimpleSAML\SAML2\XML\shibmd\Scope::toArray() which I had a basic version of. saml2/master has a more real version of
I imagine I should be using saml2 6.1 branch because that is what the composer.json is calling for. It almost works against saml2/master. |
|
It's not really a bugfix to add those helper-methods, so I will clone master into a new release-6.2 branch and tag it |
The name of the self::flatten methods are just temporary still. They are there to get the shape of the data into the format that the test suite is expecting. I will do a composer update next to make sure I have not changed anything else locally that needs to be fed back.
|
ok so composer update seems to still have it working on the 11 tests in |
|
I was looking for other example XML files with |
|
I will take another look at the MetadataParser.php and it's test next. |
|
I have also been trying to get ds:Signature creation / validation going for the MetadataParser. Sort of like |
|
It is also possible that the keys I am using from |
There should be a few examples in the saml2-library. The interoperability-tests there download a few from the Czech and Greek edu-federations. |
|
ok so I now have it working for signing and verifying. Sans a few nasty hacks in there and really nasty code in the current scratch zone. But at least doing what I wanted to get to. Which is creating signatures on |
|
Very nice work @monkeyiq ! |
|
So that is the test cleaned up a bit for less eye bleeding impact. |
|
Do I understand correctly from the failing test that you need toArray/fromArray implemented for the shibmd:Scope element? If yes, then that's something I can take care of |
This PR aims to partially migrate to the new SAML2 library. First run: metadata generation!
To do:
MetadataBuilderclass.MetadataParserclass as a replacement of the oldSAMLParserclass. This class should be able to parse XML metadata into SimpleSAMLphp's array-format. TheSignerclass should become obsolete.MetadataBuilderclass. This also requires us to add a few missing classes to the ws-security library and . Missing classes are: