Spaces:
No application file
No application file
| namespace Mautic\UserBundle\Security\SAML\Store; | |
| use LightSaml\Meta\TrustOptions\TrustOptions; | |
| use LightSaml\Store\TrustOptions\TrustOptionsStoreInterface; | |
| use Mautic\CoreBundle\Helper\CoreParametersHelper; | |
| class TrustOptionsStore implements TrustOptionsStoreInterface | |
| { | |
| private ?TrustOptions $trustOptions = null; | |
| public function __construct( | |
| private CoreParametersHelper $coreParametersHelper, | |
| private string $entityId | |
| ) { | |
| } | |
| public function get($entityId): TrustOptions | |
| { | |
| if ($this->trustOptions) { | |
| return $this->trustOptions; | |
| } | |
| return $this->createTrustOptions(); | |
| } | |
| public function has($entityId): bool | |
| { | |
| // SAML is not enabled | |
| if (!$this->coreParametersHelper->get('saml_idp_metadata')) { | |
| return false; | |
| } | |
| // EntityIds do not match | |
| if ($entityId !== $this->entityId) { | |
| return false; | |
| } | |
| return true; | |
| } | |
| private function createTrustOptions(): TrustOptions | |
| { | |
| $this->trustOptions = $trustOptions = new TrustOptions(); | |
| if (!$this->coreParametersHelper->get('saml_idp_own_certificate')) { | |
| return $trustOptions; | |
| } | |
| $trustOptions->setSignAuthnRequest(true); | |
| $trustOptions->setEncryptAssertions(true); | |
| $trustOptions->setEncryptAuthnRequest(true); | |
| $trustOptions->setSignAssertions(true); | |
| $trustOptions->setSignResponse(true); | |
| return $trustOptions; | |
| } | |
| } | |