Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/mautic.corals.io/app/bundles/UserBundle/Security/SAML/Store/ |
<?php
namespace Mautic\UserBundle\Security\SAML\Store;
use LightSaml\Meta\TrustOptions\TrustOptions;
use LightSaml\Store\TrustOptions\TrustOptionsStoreInterface;
use Mautic\CoreBundle\Helper\CoreParametersHelper;
class TrustOptionsStore implements TrustOptionsStoreInterface
{
private ?TrustOptions $trustOptions = null;
public function __construct(
private CoreParametersHelper $coreParametersHelper,
private string $entityId
) {
}
public function get($entityId): TrustOptions
{
if ($this->trustOptions) {
return $this->trustOptions;
}
return $this->createTrustOptions();
}
public function has($entityId): bool
{
// SAML is not enabled
if (!$this->coreParametersHelper->get('saml_idp_metadata')) {
return false;
}
// EntityIds do not match
if ($entityId !== $this->entityId) {
return false;
}
return true;
}
private function createTrustOptions(): TrustOptions
{
$this->trustOptions = $trustOptions = new TrustOptions();
if (!$this->coreParametersHelper->get('saml_idp_own_certificate')) {
return $trustOptions;
}
$trustOptions->setSignAuthnRequest(true);
$trustOptions->setEncryptAssertions(true);
$trustOptions->setEncryptAuthnRequest(true);
$trustOptions->setSignAssertions(true);
$trustOptions->setSignResponse(true);
return $trustOptions;
}
}