x509certMulti Example - Githubissues

aacotroneo / laravel-saml2

A Laravel 5 package for Saml2 integration as a SP (service provider) based on the simple OneLogin toolkit

MIT License

567 stars 238 forks source link

x509certMulti Example #198

Closed macgngsta closed 5 years ago

macgngsta commented 5 years ago

provide example for idp to allow different certificates for signing/encryption
fixed typo of 'Optional' on saml2_settings

rlcurrall commented 5 years ago

I feel this is a good start to address the issue of allowing multiple certs. I think to make this a complete feature you would need to modify the Saml2Auth class, specifically the loadOneLoginAuthFromIpdConfig function to allow the use of file:///... to load the certificates from the file system.

This is important because all other configurations that deal with certs or keys have this functionality. (i.e. SP private key, SP x509 cert, IdP x509 cert)

rlcurrall commented 5 years ago

I think something along these lines would achieve the desired behaviour:

// ...
if (!empty($config['idp']['x509certMulti']['signing'])) {
    $config['idp']['x509certMulti']['signing'] = array_map(
        function ($val) {
            if (strpos($val, "file://") === 0) {
                return static::extractCertFromFile($val);
            }
            return $val;
        },
        $config['idp']['x509certMulti']['signing']
    );
}
// ...

aacotroneo commented 5 years ago

sorry! because of the merge order we got conflict in your PRs - if you could resolve (doesn't look bad with this Resolve Confclits button) I'll happily merge them

aacotroneo commented 5 years ago

great! thanks