From 50d8f9305a97143f274b420010d807385a589eaf Mon Sep 17 00:00:00 2001
From: Eric Woods <woodseowl@gmail.com>
Date: Mon, 26 Jan 2026 16:28:34 -0500
Subject: [PATCH 1/3] Support for x509certMulti

---
 config/php-saml-toolkit.php   | 11 +++--------
 src/Commands/GenerateKeys.php | 15 ++++++++++-----
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/config/php-saml-toolkit.php b/config/php-saml-toolkit.php
index fb66c47..a645410 100644
--- a/config/php-saml-toolkit.php
+++ b/config/php-saml-toolkit.php
@@ -267,14 +267,9 @@
         | certificates here.
         |
         */
-        // 'x509certMulti' => [
-        //     'signing' => [
-        //         0 => '<cert1-string>',
-        //     ],
-        //     'encryption' => [
-        //         0 => '<cert2-string>',
-        //     ],
-        // ],
+        'x509certMulti' => (file_exists($cert_path.'/idp_cert_multi.json'))
+            ? json_decode(file_get_contents($cert_path.'/idp_cert_multi.json'), true)
+            : null,
     ],
 
 ];
diff --git a/src/Commands/GenerateKeys.php b/src/Commands/GenerateKeys.php
index e565c1e..7e6a942 100644
--- a/src/Commands/GenerateKeys.php
+++ b/src/Commands/GenerateKeys.php
@@ -21,10 +21,15 @@ public function handle(): void
         File::ensureDirectoryExists($certPath);
 
         $idpCertPath = $certPath.'/idp_cert.pem';
-        if ($force || ! File::exists($idpCertPath)) {
+        $idpMultiCertPath = $certPath.'/idp_cert_multi.json';
+        if ($force || (! File::exists($idpCertPath) && ! File::exists($idpMultiCertPath))) {
             $this->info('Downloading IDP certificate...');
             $idpCertContents = $this->getIdpCert($weill);
-            File::put($idpCertPath, $idpCertContents);
+            if (!empty($idpCertContents['x509certMulti'])) {
+                File::put($idpMultiCertPath, json_encode($idpCertContents['x509certMulti'], JSON_PRETTY_PRINT));
+            } else {
+                File::put($idpCertPath, $idpCertContents['x509cert']);
+            }
         } else {
             $this->info('IDP certificate already exists.');
         }
@@ -57,7 +62,7 @@ public function handle(): void
         $this->info('Keys generated successfully.');
     }
 
-    private function getIdpCert(bool $weill): string|false
+    private function getIdpCert(bool $weill): array|false
     {
         if ($weill) {
             $metadataUrl = app()->isProduction()
@@ -72,7 +77,7 @@ private function getIdpCert(bool $weill): string|false
         }
 
         return app()->runningUnitTests()
-            ? $testContent // Placeholder content for testing
-            : IdPMetadataParser::parseRemoteXML($metadataUrl)['idp']['x509cert'];
+            ? ['x509cert' => $testContent] // Placeholder content for testing
+            : IdPMetadataParser::parseRemoteXML($metadataUrl)['idp'];
     }
 }

From 1e5278535bfbed086ce40f000cebead60cf0a9d8 Mon Sep 17 00:00:00 2001
From: Eric Woods <woodseowl@gmail.com>
Date: Mon, 26 Jan 2026 16:45:22 -0500
Subject: [PATCH 2/3] Assure forcing generate keys removes existing keys

---
 src/Commands/GenerateKeys.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/Commands/GenerateKeys.php b/src/Commands/GenerateKeys.php
index 7e6a942..218188a 100644
--- a/src/Commands/GenerateKeys.php
+++ b/src/Commands/GenerateKeys.php
@@ -23,6 +23,10 @@ public function handle(): void
         $idpCertPath = $certPath.'/idp_cert.pem';
         $idpMultiCertPath = $certPath.'/idp_cert_multi.json';
         if ($force || (! File::exists($idpCertPath) && ! File::exists($idpMultiCertPath))) {
+            // Remove any existing cert files
+            File::exists($idpCertPath) && File::delete($idpCertPath);
+            File::exists($idpMultiCertPath) && File::delete($idpMultiCertPath);
+
             $this->info('Downloading IDP certificate...');
             $idpCertContents = $this->getIdpCert($weill);
             if (!empty($idpCertContents['x509certMulti'])) {

From 8e46b7541bd21bace4a715e5cd2739bfefb7b7d9 Mon Sep 17 00:00:00 2001
From: Eric Woods <woodseowl@gmail.com>
Date: Mon, 26 Jan 2026 17:01:07 -0500
Subject: [PATCH 3/3] Linting; PHP 5 workflow

---
 .github/workflows/phpunit.yml | 2 +-
 src/Commands/GenerateKeys.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/phpunit.yml b/.github/workflows/phpunit.yml
index e0344e2..91bc61c 100644
--- a/.github/workflows/phpunit.yml
+++ b/.github/workflows/phpunit.yml
@@ -6,7 +6,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: [8.2, 8.3, 8.4]
+        php: [8.2, 8.3, 8.4, 8.5]
         laravel: [11.*, 12.*]
         stability: [prefer-stable]
         include:
diff --git a/src/Commands/GenerateKeys.php b/src/Commands/GenerateKeys.php
index 218188a..1f63d57 100644
--- a/src/Commands/GenerateKeys.php
+++ b/src/Commands/GenerateKeys.php
@@ -29,7 +29,7 @@ public function handle(): void
 
             $this->info('Downloading IDP certificate...');
             $idpCertContents = $this->getIdpCert($weill);
-            if (!empty($idpCertContents['x509certMulti'])) {
+            if (! empty($idpCertContents['x509certMulti'])) {
                 File::put($idpMultiCertPath, json_encode($idpCertContents['x509certMulti'], JSON_PRETTY_PRINT));
             } else {
                 File::put($idpCertPath, $idpCertContents['x509cert']);