-
Notifications
You must be signed in to change notification settings - Fork 26
Expand file tree
/
Copy pathFederationFactory.php
More file actions
50 lines (44 loc) · 1.67 KB
/
FederationFactory.php
File metadata and controls
50 lines (44 loc) · 1.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
declare(strict_types=1);
namespace SimpleSAML\Module\oidc\Factories;
use SimpleSAML\Module\oidc\ModuleConfig;
use SimpleSAML\Module\oidc\Services\LoggerService;
use SimpleSAML\Module\oidc\Utils\FederationCache;
use SimpleSAML\OpenID\Algorithms\SignatureAlgorithmBag;
use SimpleSAML\OpenID\Algorithms\SignatureAlgorithmEnum;
use SimpleSAML\OpenID\Federation;
use SimpleSAML\OpenID\SupportedAlgorithms;
class FederationFactory
{
public function __construct(
protected readonly ModuleConfig $moduleConfig,
protected readonly LoggerService $loggerService,
protected readonly ?FederationCache $federationCache = null,
) {
}
/**
* @throws \ReflectionException
* @throws \SimpleSAML\Error\ConfigurationError
*/
public function build(): Federation
{
$supportedAlgorithms = new SupportedAlgorithms(
new SignatureAlgorithmBag(
SignatureAlgorithmEnum::from($this->moduleConfig->getFederationSigner()->algorithmId()),
SignatureAlgorithmEnum::RS384,
SignatureAlgorithmEnum::RS512,
SignatureAlgorithmEnum::ES256,
SignatureAlgorithmEnum::ES384,
SignatureAlgorithmEnum::ES512,
),
);
return new Federation(
supportedAlgorithms: $supportedAlgorithms,
maxCacheDuration: $this->moduleConfig->getFederationCacheMaxDurationForFetched(),
cache: $this->federationCache?->cache,
logger: $this->loggerService,
defaultTrustMarkStatusEndpointUsagePolicyEnum:
$this->moduleConfig->getFederationTrustMarkStatusEndpointUsagePolicy(),
);
}
}