OpenConext /
Stepup-Gateway
@@ -239,7 +239,7 @@ |
||
| 239 | 239 | $keyLoader = new KeyLoader(); |
| 240 | 240 | $keyLoader->loadCertificateFile('/var/www/html/ci/certificates/idp.crt'); |
| 241 | 241 | /** |
| 242 | - * @var \SAML2\Certificate\X509 $publicKey |
|
| 242 | + * @var \SAML2\Certificate\X509 $publicKey |
|
| 243 | 243 | */ |
| 244 | 244 | $publicKey = $keyLoader->getKeys()->getOnlyElement(); |
| 245 | 245 | |
@@ -83,15 +83,15 @@ discard block |
||
| 83 | 83 | public function aUserIdentifiedByWithAVettedToken($institution, $nameId, $tokenType) |
| 84 | 84 | { |
| 85 | 85 | switch (strtolower($tokenType)) { |
| 86 | - case "yubikey": |
|
| 87 | - $this->currentToken = $this->fixtureService->registerYubikeyToken($nameId, $institution); |
|
| 88 | - break; |
|
| 89 | - case "sms": |
|
| 90 | - $this->currentToken = $this->fixtureService->registerSmsToken($nameId, $institution); |
|
| 91 | - break; |
|
| 92 | - case "tiqr": |
|
| 93 | - $this->currentToken = $this->fixtureService->registerTiqrToken($nameId, $institution); |
|
| 94 | - break; |
|
| 86 | + case "yubikey": |
|
| 87 | + $this->currentToken = $this->fixtureService->registerYubikeyToken($nameId, $institution); |
|
| 88 | + break; |
|
| 89 | + case "sms": |
|
| 90 | + $this->currentToken = $this->fixtureService->registerSmsToken($nameId, $institution); |
|
| 91 | + break; |
|
| 92 | + case "tiqr": |
|
| 93 | + $this->currentToken = $this->fixtureService->registerTiqrToken($nameId, $institution); |
|
| 94 | + break; |
|
| 95 | 95 | } |
| 96 | 96 | } |
| 97 | 97 | |
@@ -101,15 +101,15 @@ discard block |
||
| 101 | 101 | public function aUserIdentifiedByWithASelfAssertedToken($institution, $nameId, $tokenType) |
| 102 | 102 | { |
| 103 | 103 | switch (strtolower($tokenType)) { |
| 104 | - case "yubikey": |
|
| 105 | - $this->currentToken = $this->fixtureService->registerYubikeyToken($nameId, $institution, true); |
|
| 106 | - break; |
|
| 107 | - case "sms": |
|
| 108 | - $this->currentToken = $this->fixtureService->registerSmsToken($nameId, $institution, true); |
|
| 109 | - break; |
|
| 110 | - case "tiqr": |
|
| 111 | - $this->currentToken = $this->fixtureService->registerTiqrToken($nameId, $institution, true); |
|
| 112 | - break; |
|
| 104 | + case "yubikey": |
|
| 105 | + $this->currentToken = $this->fixtureService->registerYubikeyToken($nameId, $institution, true); |
|
| 106 | + break; |
|
| 107 | + case "sms": |
|
| 108 | + $this->currentToken = $this->fixtureService->registerSmsToken($nameId, $institution, true); |
|
| 109 | + break; |
|
| 110 | + case "tiqr": |
|
| 111 | + $this->currentToken = $this->fixtureService->registerTiqrToken($nameId, $institution, true); |
|
| 112 | + break; |
|
| 113 | 113 | } |
| 114 | 114 | } |
| 115 | 115 | |
@@ -197,11 +197,11 @@ discard block |
||
| 197 | 197 | public function anInstitutionThatAllows(string $institution, string $option) |
| 198 | 198 | { |
| 199 | 199 | switch(true) { |
| 200 | - case $option === 'sso_on_2fa': |
|
| 201 | - $optionColumnName = 'sso_on2fa_enabled'; |
|
| 202 | - break; |
|
| 203 | - default: |
|
| 204 | - throw new RuntimeException(sprintf('Option "%s" is not supported', $option)); |
|
| 200 | + case $option === 'sso_on_2fa': |
|
| 201 | + $optionColumnName = 'sso_on2fa_enabled'; |
|
| 202 | + break; |
|
| 203 | + default: |
|
| 204 | + throw new RuntimeException(sprintf('Option "%s" is not supported', $option)); |
|
| 205 | 205 | } |
| 206 | 206 | $this->fixtureService->configureBoolean($institution, $optionColumnName, true); |
| 207 | 207 | } |
@@ -212,15 +212,15 @@ discard block |
||
| 212 | 212 | public function iShouldSelectMyTokenOnTheWAYG($tokenType) |
| 213 | 213 | { |
| 214 | 214 | switch (strtolower($tokenType)) { |
| 215 | - case "yubikey": |
|
| 216 | - $this->minkContext->pressButton('gateway_choose_second_factor_choose_yubikey'); |
|
| 217 | - break; |
|
| 218 | - case "sms": |
|
| 219 | - $this->minkContext->pressButton('gateway_choose_second_factor_choose_sms'); |
|
| 220 | - break; |
|
| 221 | - case "tiqr": |
|
| 222 | - $this->minkContext->pressButton('gateway_choose_second_factor_choose_tiqr'); |
|
| 223 | - break; |
|
| 215 | + case "yubikey": |
|
| 216 | + $this->minkContext->pressButton('gateway_choose_second_factor_choose_yubikey'); |
|
| 217 | + break; |
|
| 218 | + case "sms": |
|
| 219 | + $this->minkContext->pressButton('gateway_choose_second_factor_choose_sms'); |
|
| 220 | + break; |
|
| 221 | + case "tiqr": |
|
| 222 | + $this->minkContext->pressButton('gateway_choose_second_factor_choose_tiqr'); |
|
| 223 | + break; |
|
| 224 | 224 | } |
| 225 | 225 | } |
| 226 | 226 | |
@@ -196,7 +196,7 @@ discard block |
||
| 196 | 196 | */ |
| 197 | 197 | public function anInstitutionThatAllows(string $institution, string $option) |
| 198 | 198 | { |
| 199 | - switch(true) { |
|
| 199 | + switch (true) { |
|
| 200 | 200 | case $option === 'sso_on_2fa': |
| 201 | 201 | $optionColumnName = 'sso_on2fa_enabled'; |
| 202 | 202 | break; |
@@ -364,7 +364,7 @@ discard block |
||
| 364 | 364 | private function getCookieNames(array $responseCookieHeaders): array |
| 365 | 365 | { |
| 366 | 366 | $response = []; |
| 367 | - foreach($responseCookieHeaders as $cookie) { |
|
| 367 | + foreach ($responseCookieHeaders as $cookie) { |
|
| 368 | 368 | $parts = explode('=', $cookie); |
| 369 | 369 | $response[] = array_shift($parts); |
| 370 | 370 | } |
@@ -125,7 +125,7 @@ discard block |
||
| 125 | 125 | $publicKeyLoader->loadCertificateFile('/var/www/html/ci/certificates/sp.crt'); |
| 126 | 126 | $keys = $publicKeyLoader->getKeys(); |
| 127 | 127 | /** |
| 128 | - * @var Key $cert |
|
| 128 | + * @var Key $cert |
|
| 129 | 129 | */ |
| 130 | 130 | $cert = $keys->first(); |
| 131 | 131 | |
@@ -146,7 +146,7 @@ discard block |
||
| 146 | 146 | $publicKeyLoader->loadCertificateFile('/var/www/html/ci/certificates/idp.crt'); |
| 147 | 147 | $keys = $publicKeyLoader->getKeys(); |
| 148 | 148 | /** |
| 149 | - * @var Key $cert |
|
| 149 | + * @var Key $cert |
|
| 150 | 150 | */ |
| 151 | 151 | $cert = $keys->first(); |
| 152 | 152 | |
@@ -325,7 +325,7 @@ discard block |
||
| 325 | 325 | public function getIdentityProvider() |
| 326 | 326 | { |
| 327 | 327 | /** |
| 328 | - * @var RequestStack $stack |
|
| 328 | + * @var RequestStack $stack |
|
| 329 | 329 | */ |
| 330 | 330 | |
| 331 | 331 | $stack = $this->kernel->getContainer()->get('request_stack'); |
@@ -186,20 +186,20 @@ discard block |
||
| 186 | 186 | $this->loadPrivateKey(new PrivateKey('/var/www/html/ci/certificates/sp.key', 'default')) |
| 187 | 187 | ); |
| 188 | 188 | switch ($loa) { |
| 189 | - case "1": |
|
| 190 | - case "2": |
|
| 191 | - case "3": |
|
| 192 | - $authnRequest->setRequestedAuthnContext( |
|
| 193 | - ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/sfo-level' . $loa]] |
|
| 194 | - ); |
|
| 195 | - break; |
|
| 196 | - case "self-asserted": |
|
| 197 | - $authnRequest->setRequestedAuthnContext( |
|
| 198 | - ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/loa-self-asserted']] |
|
| 199 | - ); |
|
| 200 | - break; |
|
| 201 | - default: |
|
| 202 | - throw new RuntimeException(sprintf('The specified LoA-%s is not supported', $loa)); |
|
| 189 | + case "1": |
|
| 190 | + case "2": |
|
| 191 | + case "3": |
|
| 192 | + $authnRequest->setRequestedAuthnContext( |
|
| 193 | + ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/sfo-level' . $loa]] |
|
| 194 | + ); |
|
| 195 | + break; |
|
| 196 | + case "self-asserted": |
|
| 197 | + $authnRequest->setRequestedAuthnContext( |
|
| 198 | + ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/loa-self-asserted']] |
|
| 199 | + ); |
|
| 200 | + break; |
|
| 201 | + default: |
|
| 202 | + throw new RuntimeException(sprintf('The specified LoA-%s is not supported', $loa)); |
|
| 203 | 203 | } |
| 204 | 204 | $request = Saml2AuthnRequest::createNew($authnRequest); |
| 205 | 205 | $query = $request->buildRequestQuery(); |
@@ -284,19 +284,19 @@ discard block |
||
| 284 | 284 | ); |
| 285 | 285 | |
| 286 | 286 | switch ($loa) { |
| 287 | - case "1": |
|
| 288 | - case "2": |
|
| 289 | - case "3": |
|
| 290 | - $authnRequest->setRequestedAuthnContext( |
|
| 291 | - ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/level' . $loa]] |
|
| 292 | - ); |
|
| 293 | - break; |
|
| 294 | - case "self-asserted": |
|
| 295 | - $authnRequest->setRequestedAuthnContext( |
|
| 296 | - ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/loa-self-asserted']] |
|
| 297 | - ); |
|
| 298 | - default: |
|
| 299 | - throw new RuntimeException(sprintf('The specified LoA-%s is not supported', $loa)); |
|
| 287 | + case "1": |
|
| 288 | + case "2": |
|
| 289 | + case "3": |
|
| 290 | + $authnRequest->setRequestedAuthnContext( |
|
| 291 | + ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/level' . $loa]] |
|
| 292 | + ); |
|
| 293 | + break; |
|
| 294 | + case "self-asserted": |
|
| 295 | + $authnRequest->setRequestedAuthnContext( |
|
| 296 | + ['AuthnContextClassRef' => ['http://stepup.example.com/assurance/loa-self-asserted']] |
|
| 297 | + ); |
|
| 298 | + default: |
|
| 299 | + throw new RuntimeException(sprintf('The specified LoA-%s is not supported', $loa)); |
|
| 300 | 300 | } |
| 301 | 301 | |
| 302 | 302 | $request = Saml2AuthnRequest::createNew($authnRequest); |
