diff options
| -rw-r--r-- | docs/simplesamlphp-reference-idp-remote.txt | 3 | ||||
| -rw-r--r-- | lib/SimpleSAML/XHTML/IdPDisco.php | 26 |
2 files changed, 28 insertions, 1 deletions
diff --git a/docs/simplesamlphp-reference-idp-remote.txt b/docs/simplesamlphp-reference-idp-remote.txt index 0ecf9e0..078b3ce 100644 --- a/docs/simplesamlphp-reference-idp-remote.txt +++ b/docs/simplesamlphp-reference-idp-remote.txt @@ -111,6 +111,9 @@ The following SAML 2.0 options are available: discouraged to do so. For your own safety, please include the string 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' if you make use of this option. +`hide.from.discovery` +: Whether to hide hide this IdP from the local discovery or not. Set to true to hide it. Defaults to false. + `nameid.encryption` : Whether NameIDs sent to this IdP should be encrypted. The default value is `FALSE`. diff --git a/lib/SimpleSAML/XHTML/IdPDisco.php b/lib/SimpleSAML/XHTML/IdPDisco.php index 8b084f3..e93d193 100644 --- a/lib/SimpleSAML/XHTML/IdPDisco.php +++ b/lib/SimpleSAML/XHTML/IdPDisco.php @@ -448,7 +448,30 @@ class SimpleSAML_XHTML_IdPDisco { protected function getScopedIDPList() { return $this->scopedIDPList; } - + + + /** + * Filter the list of IdPs. + * + * This method returns the IdPs that comply with the following conditions: + * - The IdP does not have the 'hide.from.discovery' configuration option. + * + * @param array $list An associative array containing metadata for the IdPs to apply the filtering to. + * + * @return array An associative array containing metadata for the IdPs that were not filtered out. + */ + protected function filter($list) + { + foreach ($list as $entity => $metadata) { + if (array_key_exists('hide.from.discovery', $metadata) && $metadata['hide.from.discovery'] === true) { + unset($list[$entity]); + } + } + return $list; + } + + + /** * Handles a request to this discovery service. * @@ -487,6 +510,7 @@ class SimpleSAML_XHTML_IdPDisco { /* No choice made. Show discovery service page. */ $idpList = $this->getIdPList(); + $idpList = $this->filter($idpList); $preferredIdP = $this->getRecommendedIdP(); $idpintersection = array_intersect(array_keys($idpList), $this->getScopedIDPList()); |