Skip to content

Support x509certMulti #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
woodseowl merged 3 commits into from
Jan 26, 2026
Merged

Support x509certMulti #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
50d8f93
Support for x509certMulti
woodseowl Jan 26, 2026
1e52785
Assure forcing generate keys removes existing keys
woodseowl Jan 26, 2026
8e46b75
Linting; PHP 5 workflow
woodseowl Jan 26, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/phpunit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ jobs:
strategy:
fail-fast: true
matrix:
php: [8.2, 8.3, 8.4]
php: [8.2, 8.3, 8.4, 8.5]
laravel: [11.*, 12.*]
stability: [prefer-stable]
include:
Expand Down
11 changes: 3 additions & 8 deletions config/php-saml-toolkit.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -267,14 +267,9 @@
| certificates here.
|
*/
// 'x509certMulti' => [
// 'signing' => [
// 0 => '<cert1-string>',
// ],
// 'encryption' => [
// 0 => '<cert2-string>',
// ],
// ],
'x509certMulti' => (file_exists($cert_path.'/idp_cert_multi.json'))
? json_decode(file_get_contents($cert_path.'/idp_cert_multi.json'), true)
: null,
Comment on lines +270 to +272
Copy link

Copilot AI Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The json_decode call lacks error handling. If the JSON file is corrupted or contains invalid JSON, this will silently fail and return null, which could be confused with the intentional null for missing files. Consider validating the JSON decode result or handling JSON_ERROR_NONE to distinguish between missing files and malformed JSON.

Copilot uses AI. Check for mistakes.
],

];
19 changes: 14 additions & 5 deletions src/Commands/GenerateKeys.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,19 @@ public function handle(): void
File::ensureDirectoryExists($certPath);

$idpCertPath = $certPath.'/idp_cert.pem';
if ($force || ! File::exists($idpCertPath)) {
$idpMultiCertPath = $certPath.'/idp_cert_multi.json';
if ($force || (! File::exists($idpCertPath) && ! File::exists($idpMultiCertPath))) {
// Remove any existing cert files
File::exists($idpCertPath) && File::delete($idpCertPath);
File::exists($idpMultiCertPath) && File::delete($idpMultiCertPath);

$this->info('Downloading IDP certificate...');
$idpCertContents = $this->getIdpCert($weill);
File::put($idpCertPath, $idpCertContents);
if (! empty($idpCertContents['x509certMulti'])) {
File::put($idpMultiCertPath, json_encode($idpCertContents['x509certMulti'], JSON_PRETTY_PRINT));
} else {
File::put($idpCertPath, $idpCertContents['x509cert']);
}
} else {
$this->info('IDP certificate already exists.');
}
Expand Down Expand Up @@ -57,7 +66,7 @@ public function handle(): void
$this->info('Keys generated successfully.');
}

private function getIdpCert(bool $weill): string|false
private function getIdpCert(bool $weill): array|false
{
if ($weill) {
$metadataUrl = app()->isProduction()
Expand All @@ -72,7 +81,7 @@ private function getIdpCert(bool $weill): string|false
}

return app()->runningUnitTests()
? $testContent // Placeholder content for testing
: IdPMetadataParser::parseRemoteXML($metadataUrl)['idp']['x509cert'];
? ['x509cert' => $testContent] // Placeholder content for testing
: IdPMetadataParser::parseRemoteXML($metadataUrl)['idp'];
}
}