summaryrefslogtreecommitdiffstats
path: root/lib/SAML2
diff options
context:
space:
mode:
authorOlav Morken <olav.morken@uninett.no>2010-09-10 08:29:24 +0000
committerOlav Morken <olav.morken@uninett.no>2010-09-10 08:29:24 +0000
commitfc356daaa3766bac7027b32e9e7d23b5db47990c (patch)
tree9d79741313bf4194af5365f9507f3f5dd8f9af05 /lib/SAML2
parentdbf8d56d666a5214b55ccb377be0d30cadacb820 (diff)
downloadsimplesamlphp-fc356daaa3766bac7027b32e9e7d23b5db47990c.zip
simplesamlphp-fc356daaa3766bac7027b32e9e7d23b5db47990c.tar.gz
simplesamlphp-fc356daaa3766bac7027b32e9e7d23b5db47990c.tar.bz2
SAML2_SOAPClient: Always create stream context.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2539 44740490-163a-0410-bde0-09ae8108e29a
Diffstat (limited to 'lib/SAML2')
-rw-r--r--lib/SAML2/SOAPClient.php47
1 files changed, 21 insertions, 26 deletions
diff --git a/lib/SAML2/SOAPClient.php b/lib/SAML2/SOAPClient.php
index 219d03f..612b5d4 100644
--- a/lib/SAML2/SOAPClient.php
+++ b/lib/SAML2/SOAPClient.php
@@ -23,16 +23,16 @@ class SAML2_SOAPClient {
$issuer = $msg->getIssuer();
- $options = array(
- 'uri' => $issuer,
- 'location' => $msg->getDestination(),
+ $ctxOpts = array(
+ 'ssl' => array(
+ ),
);
// Determine if we are going to do a MutualSSL connection between the IdP and SP - Shoaib
if ($srcMetadata->hasValue('saml.SOAPClient.certificate')) {
- $options['local_cert'] = SimpleSAML_Utilities::resolveCert($srcMetadata->getString('saml.SOAPClient.certificate'));
+ $ctxOpts['ssl']['local_cert'] = SimpleSAML_Utilities::resolveCert($srcMetadata->getString('saml.SOAPClient.certificate'));
if ($srcMetadata->hasValue('saml.SOAPClient.privatekey_pass')) {
- $options['passphrase'] = $srcMetadata->getString('saml.SOAPClient.privatekey_pass');
+ $ctxOpts['ssl']['passphrase'] = $srcMetadata->getString('saml.SOAPClient.privatekey_pass');
}
} else {
/* Use the SP certificate and privatekey if it is configured. */
@@ -44,9 +44,9 @@ class SAML2_SOAPClient {
if (!file_exists($file)) {
SimpleSAML_Utilities::writeFile($file, $keyCertData);
}
- $options['local_cert'] = $file;
+ $ctxOpts['ssl']['local_cert'] = $file;
if (isset($privateKey['password'])) {
- $options['passphrase'] = $privateKey['password'];
+ $ctxOpts['ssl']['passphrase'] = $privateKey['password'];
}
}
}
@@ -68,27 +68,22 @@ class SAML2_SOAPClient {
SimpleSAML_Utilities::writeFile($peerCertFile, $certData);
}
// create ssl context
- $ctxOpts = array(
- 'ssl' => array(
- 'verify_peer' => TRUE,
- 'verify_depth' => 1,
- 'cafile' => $peerCertFile
- ));
- if (isset($options['local_cert'])) {
- $ctxOpts['ssl']['local_cert'] = $options['local_cert'];
- unset($options['local_cert']);
- }
- if (isset($options['passhprase'])) {
- $ctxOpts['ssl']['passphrase'] = $options['passphrase'];
- unset($options['passphrase']);
- }
- $context = stream_context_create($ctxOpts);
- if ($context === NULL) {
- throw new Exception('Unable to create SSL stream context');
- }
- $options['stream_context'] = $context;
+ $ctxOpts['ssl']['verify_peer'] = TRUE;
+ $ctxOpts['ssl']['verify_depth'] = 1;
+ $ctxOpts['ssl']['cafile'] = $peerCertFile;
}
+ $context = stream_context_create($ctxOpts);
+ if ($context === NULL) {
+ throw new Exception('Unable to create SSL stream context');
+ }
+
+ $options = array(
+ 'uri' => $issuer,
+ 'location' => $msg->getDestination(),
+ 'stream_context' => $context,
+ );
+
$x = new SoapClient(NULL, $options);
// Add soap-envelopes