Skip to content

Commit 701897f

Browse files
tvdijentvdijen
committed
Fix unit tests
1 parent fae8c5b commit 701897f

File tree

1 file changed

+17
-26
lines changed

1 file changed

+17
-26
lines changed

src/Aggregator.php

Lines changed: 17 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@
1919
use SimpleSAML\SAML2\XML\mdrpi\RegistrationInfo;
2020
use SimpleSAML\Utils;
2121
use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmFactory;
22-
use SimpleSAML\XMLSecurity\CryptoEncoding\PEM;
2322
use SimpleSAML\XMLSecurity\Key\PrivateKey;
23+
use SimpleSAML\XMLSecurity\Key\PublicKey;
2424
use SimpleSAML\XMLSecurity\XML\ds\KeyInfo;
2525
use SimpleSAML\XMLSecurity\XML\ds\X509Certificate;
2626
use SimpleSAML\XMLSecurity\XML\ds\X509Data;
@@ -120,7 +120,7 @@ class Aggregator
120120
*
121121
* Values will be true if enabled, false otherwise.
122122
*
123-
* @var string[]
123+
* @var array<string, bool>
124124
*/
125125
protected array $protocols = [];
126126

@@ -133,30 +133,23 @@ class Aggregator
133133
*
134134
* Values will be true if enabled, false otherwise.
135135
*
136-
* @var array<\SimpleSAML\SAML2\XML\md\AbstractSSODescriptor>
136+
* @var array<string, bool>
137137
*/
138138
protected array $roles;
139139

140140
/**
141141
* The key we should use to sign the metadata.
142142
*
143-
* @var \SimpleSAML\XMLSecurity\CryptoEncoding\PEM|null
143+
* @var \SimpleSAML\XMLSecurity\Key\PrivateKey|null
144144
*/
145-
protected ?PEM $signKey = null;
146-
147-
/**
148-
* The password for the private key.
149-
*
150-
* @var string|null
151-
*/
152-
protected ?string $signKeyPass;
145+
protected ?PrivateKey $signKey = null;
153146

154147
/**
155148
* The certificate of the key we sign the metadata with.
156149
*
157-
* @var \SimpleSAML\XMLSecurity\CryptoEncoding\PEM|null
150+
* @var \SimpleSAML\XMLSecurity\Key\PublicKey|null
158151
*/
159-
protected ?PEM $signCert;
152+
protected ?PublicKey $signCert;
160153

161154
/**
162155
* The algorithm to use for metadata signing.
@@ -249,18 +242,17 @@ protected function __construct(string $id, Configuration $config)
249242
$globalConfig = Configuration::getInstance();
250243
$certDir = $globalConfig->getPathValue('certdir', 'cert/');
251244

245+
$signKeyPass = $config->getOptionalString('sign.privatekey_pass', null);
252246
$signKey = $config->getOptionalString('sign.privatekey', null);
253247
if ($signKey !== null) {
254248
$signKey = $sysUtils->resolvePath($signKey, $certDir);
255-
$this->signKey = PEM::fromFile($signKey);
249+
$this->signKey = PrivateKey::fromFile($signKey, $signKeyPass);
256250
}
257251

258-
$this->signKeyPass = $config->getOptionalString('sign.privatekey_pass', null);
259-
260252
$signCert = $config->getOptionalString('sign.certificate', null);
261253
if ($signCert !== null) {
262254
$signCert = $sysUtils->resolvePath($signCert, $certDir);
263-
$this->signCert = PEM::fromFile($signCert);
255+
$this->signCert = PublicKey::fromFile($signCert);
264256
}
265257

266258
$this->signAlg = $config->getOptionalString('sign.algorithm', C::SIG_RSA_SHA256);
@@ -456,19 +448,18 @@ protected function addSignature(SignableElementInterface $element): void
456448
new X509Data(
457449
[
458450
new X509Certificate(
459-
trim(chunk_split(base64_encode($this->signCert->Data()), 64, "\n")),
451+
trim(chunk_split(base64_encode($this->signCert->getPEM()->data()), 64, "\n")),
460452
),
461453
],
462454
),
463455
],
464456
);
465457
}
466458

467-
/** @var string $this->signAlg */
468-
$key = PrivateKey::fromFile($this->signKey, $this->signKeyPass);
469459
$signer = (new SignatureAlgorithmFactory())->getAlgorithm(
460+
/** @var string $this->signAlg */
470461
$this->signAlg,
471-
$key,
462+
$this->signKey,
472463
);
473464

474465
$element->sign($signer, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo);
@@ -479,9 +470,9 @@ protected function addSignature(SignableElementInterface $element): void
479470
* Recursively browse the children of an EntitiesDescriptor element looking for EntityDescriptor elements, and
480471
* return an array containing all of them.
481472
*
482-
* @param \SAML2\XML\md\EntitiesDescriptor $entity The source EntitiesDescriptor that holds the entities to extract.
473+
* @param \SimpleSAML\SAML2\XML\md\EntitiesDescriptor $entity The source EntitiesDescriptor that holds the entities to extract.
483474
*
484-
* @return array An array containing all the EntityDescriptors found.
475+
* @return array<\SimpleSAML\SAML2\XML\md\EntityDescriptor> An array containing all the EntityDescriptors found.
485476
*/
486477
private static function extractEntityDescriptors(EntitiesDescriptor $entity): array
487478
{
@@ -628,7 +619,7 @@ protected function filter(EntitiesDescriptor $descriptor): EntitiesDescriptor
628619
/**
629620
* Set this aggregator to exclude a set of entities from the resulting aggregate.
630621
*
631-
* @param array $entities The entity IDs of the entities to exclude.
622+
* @param string[] $entities The entity IDs of the entities to exclude.
632623
*/
633624
public function excludeEntities(array $entities): void
634625
{
@@ -649,7 +640,7 @@ public function excludeEntities(array $entities): void
649640
* - 'saml20-sp': all SAML2.0-capable service providers.
650641
* - 'saml20-aa': all SAML2.0-capable attribute authorities.
651642
*
652-
* @param array $set An array of the different roles and protocols to filter by.
643+
* @param string[] $set An array of the different roles and protocols to filter by.
653644
*/
654645
public function setFilters(array $set): void
655646
{

0 commit comments

Comments
 (0)