FOUR-12245 customize SAML library used for the idp

ProcessMaker/Http/Controllers/Saml/MetadataController.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace ProcessMaker\Http\Controllers\Saml;
+
+use CodeGreenCreative\SamlIdp\Http\Controllers\MetadataController as SamlIdpMetadataController;
+use DateTime;
+use Illuminate\Support\Facades\View;
+
+class MetadataController extends SamlIdpMetadataController
+{
+    public function __construct()
+    {
+        $validUntil = $this->getValidUntil();
+        $cacheDuration = $this->getCacheDuration();
+
+        View::share([
+            'saml_valid_until' => $validUntil,
+            'saml_cache_duration' => $cacheDuration,
+        ]);
+    }
+
+    /**
+     * The function returns the current date and time plus one year.
+     *
+     * @return the current date and time plus one year in the format 'Y-m-d\TH:i:s\Z'.
+     */
+    protected function getValidUntil()
+    {
+        return date('Y-m-d\TH:i:s\Z', strtotime('+1 year'));
+    }
+
+    /**
+     * The getCacheDuration function calculates the duration in seconds between the current time
+     *
+     * @return a string representing the duration in seconds
+     */
+    protected function getCacheDuration()
+    {
+        $now = new DateTime();
+        $oneMonthFromNow = new DateTime('+1 month');
+        $interval = $now->diff($oneMonthFromNow);
+        $seconds = $interval->days * 24 * 60 * 60;
+
+        return 'PT' . $seconds . 'S';
+    }
+}

resources/views/vendor/samlidp/metadata.blade.php

@@ -0,0 +1,21 @@
+@php echo '<?xml version="1.0"?>' @endphp
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="{{ $saml_valid_until }}" cacheDuration="{{ $saml_cache_duration }}" entityID="{{ url(config('samlidp.issuer_uri')) }}">
+  <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>{{ $cert }}</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>{{ $cert }}</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{ url(config('samlidp.login_uri')) }}"/>
+  </md:IDPSSODescriptor>
+</md:EntityDescriptor>

routes/web.php

@@ -30,6 +30,7 @@
 use ProcessMaker\Http\Controllers\ProcessesCatalogueController;
 use ProcessMaker\Http\Controllers\ProfileController;
 use ProcessMaker\Http\Controllers\RequestController;
+use ProcessMaker\Http\Controllers\Saml\MetadataController;
 use ProcessMaker\Http\Controllers\TaskController;
 use ProcessMaker\Http\Controllers\TemplateController;
 use ProcessMaker\Http\Controllers\TestStatusController;
@@ -178,3 +179,6 @@
 })->name('password-success');
 
 Route::get('/unavailable', [UnavailableController::class, 'show'])->name('error.unavailable');
+
+// SAML Metadata Route
+Route::resource('/saml/metadata', MetadataController::class)->only('index');