WIP

cicnavi · cicnavi · commit 2e33193d478e · 2026-04-23T14:52:49.000+02:00
diff --git a/composer.json b/composer.json
@@ -31,7 +31,7 @@
         "psr/container": "^2.0",
         "psr/log": "^3",
         "simplesamlphp/composer-module-installer": "^1.3",
-        "simplesamlphp/openid": "~v0.1.1",
+        "simplesamlphp/openid": "dev-entity-collection",
         "spomky-labs/base64url": "^2.0",
         "symfony/expression-language": "^7.4",
         "symfony/psr-http-message-bridge": "^7.4",
diff --git a/routing/routes/routes.php b/routing/routes/routes.php
@@ -77,6 +77,9 @@
     $routes->add(RoutesEnum::AdminTestTrustMarkValidation->name, RoutesEnum::AdminTestTrustMarkValidation->value)
         ->controller([FederationTestController::class, 'trustMarkValidation'])
         ->methods([HttpMethodsEnum::GET->value, HttpMethodsEnum::POST->value]);
+    $routes->add(RoutesEnum::AdminTestFederationDiscovery->name, RoutesEnum::AdminTestFederationDiscovery->value)
+        ->controller([FederationTestController::class, 'federationDiscovery'])
+        ->methods([HttpMethodsEnum::GET->value, HttpMethodsEnum::POST->value]);
     $routes->add(
         RoutesEnum::AdminTestVerifiableCredentialIssuance->name,
         RoutesEnum::AdminTestVerifiableCredentialIssuance->value,
diff --git a/src/Codebooks/RoutesEnum.php b/src/Codebooks/RoutesEnum.php
@@ -28,6 +28,7 @@ enum RoutesEnum: string
     // Testing
     case AdminTestTrustChainResolution = 'admin/test/trust-chain-resolution';
     case AdminTestTrustMarkValidation = 'admin/test/trust-mark-validation';
+    case AdminTestFederationDiscovery = 'admin/test/federation-discovery';
     case AdminTestVerifiableCredentialIssuance = 'admin/test/verifiable-credential-issuance';
 
 
diff --git a/src/Controllers/Admin/FederationTestController.php b/src/Controllers/Admin/FederationTestController.php
@@ -169,4 +169,51 @@ public function trustMarkValidation(Request $request): Response
             RoutesEnum::AdminTestTrustMarkValidation->value,
         );
     }
+
+
+    /**
+     * @throws \SimpleSAML\Error\ConfigurationError
+     * @throws \SimpleSAML\Module\oidc\Server\Exceptions\OidcServerException
+     * @throws \SimpleSAML\Module\oidc\Exceptions\OidcException
+     */
+    public function federationDiscovery(Request $request): Response
+    {
+        $trustAnchorId = null;
+        $isFormSubmitted = false;
+        $entities = [];
+
+        if ($request->isMethod(Request::METHOD_POST)) {
+            $isFormSubmitted = true;
+
+            !empty($trustAnchorId = $request->request->getString('trustAnchorId')) ||
+            throw new OidcException('Empty Trust Anchor ID.');
+
+            try {
+                $entities = $this->federationWithArrayLogger->federationDiscovery()->discoverAndFetch(
+                    trustAnchorId: $trustAnchorId,
+                    forceRefresh: true,
+                );
+
+            } catch (\Throwable $exception) {
+                $this->arrayLogger->error(sprintf(
+                    'Error during entity discovery under Trust Anchor %s. Error was %s',
+                    $trustAnchorId,
+                    $exception->getMessage(),
+                ));
+            }
+        }
+
+        $logMessages = $this->arrayLogger->getEntries();
+
+        return $this->templateFactory->build(
+            'oidc:tests/federation-discovery.twig',
+            compact(
+                'trustAnchorId',
+                'logMessages',
+                'isFormSubmitted',
+                'entities',
+            ),
+            RoutesEnum::AdminTestFederationDiscovery->value,
+        );
+    }
 }
diff --git a/src/Factories/TemplateFactory.php b/src/Factories/TemplateFactory.php
@@ -142,6 +142,13 @@ protected function includeDefaultMenuItems(): void
             ),
         );
 
+        $this->oidcMenu->addItem(
+            $this->oidcMenu->buildItem(
+                $this->moduleConfig->getModuleUrl(RoutesEnum::AdminTestFederationDiscovery->value),
+                Translate::noop('Test Federation Discovery'),
+            ),
+        );
+
         $this->oidcMenu->addItem(
             $this->oidcMenu->buildItem(
                 $this->moduleConfig->getModuleUrl(RoutesEnum::AdminConfigVerifiableCredential->value),
diff --git a/src/Utils/Routes.php b/src/Utils/Routes.php
@@ -146,6 +146,11 @@ public function urlAdminTestTrustMarkValidation(array $parameters = []): string
         return $this->getModuleUrl(RoutesEnum::AdminTestTrustMarkValidation->value, $parameters);
     }
 
+    public function urlAdminTestFederationDiscovery(array $parameters = []): string
+    {
+        return $this->getModuleUrl(RoutesEnum::AdminTestFederationDiscovery->value, $parameters);
+    }
+
     public function urlAdminTestVerifiableCredentialIssuance(array $parameters = []): string
     {
         return $this->getModuleUrl(RoutesEnum::AdminTestVerifiableCredentialIssuance->value, $parameters);
diff --git a/templates/tests/federation-discovery.twig b/templates/tests/federation-discovery.twig
@@ -0,0 +1,55 @@
+{% set subPageTitle = 'Test Federation Discovery'|trans %}
+
+{% extends "@oidc/base.twig" %}
+
+{% block oidcContent %}
+
+    <p>
+        {{ 'You can use the form below to test Federation Discovery under given Trust Anchor.'|trans }}
+        {{ 'Log messages will show if any warnings or errors were raised during the process.'|trans }}
+    </p>
+
+    <form method="post"
+          action="{{ routes.urlAdminTestFederationDiscovery }}"
+          class="pure-form pure-form-stacked">
+
+        <fieldset>
+            <label for="trustAnchorId">{{ 'Trust Anchor ID'|trans }}</label>
+            <input type="text"
+                   name="trustAnchorId"
+                   id="trustAnchorId"
+                   class="full-width"
+                   required=""
+                   value="{{ trustAnchorId|default }}"
+            >
+            <span class="pure-form-message"></span>
+
+            <br>
+            <button type="submit" class="pure-button ">{{ (actionText|default('Submit'))|trans }}</button>
+        </fieldset>
+    </form>
+
+    {% if isFormSubmitted|default %}
+        <h4>{{ 'Log messages'|trans }}</h4>
+        <p>
+        {% if logMessages|default %}
+            <code class="code-box code-box-content">
+                {{- logMessages|json_encode(constant('JSON_PRETTY_PRINT') b-or constant('JSON_UNESCAPED_SLASHES')) -}}
+            </code>
+        {% else %}
+            {{ 'Federation discovery passed (there were no warnings or errors during the process).'|trans }}
+        {% endif %}
+        </p>
+
+        <h4>{{ 'Entities'|trans }}</h4>
+        {% if entities|default %}
+            <code class="code-box code-box-content">
+                {{- entities|json_encode(constant('JSON_PRETTY_PRINT') b-or constant('JSON_UNESCAPED_SLASHES')) -}}
+            </code>
+        {% else %}
+            {{ 'No entities were found during the process.'|trans }}
+        {% endif %}
+
+    {% endif %}
+
+{% endblock oidcContent -%}

Original file line number	Diff line number	Diff line change
`@@ -146,6 +146,11 @@ public function urlAdminTestTrustMarkValidation(array $parameters = []): string`
`146`	`146`	`return $this->getModuleUrl(RoutesEnum::AdminTestTrustMarkValidation->value, $parameters);`
`147`	`147`	`}`
`148`	`148`
	`149`	`+ public function urlAdminTestFederationDiscovery(array $parameters = []): string`
	`150`	`+ {`
	`151`	`+ return $this->getModuleUrl(RoutesEnum::AdminTestFederationDiscovery->value, $parameters);`
	`152`	`+ }`
	`153`	`+`
`149`	`154`	`public function urlAdminTestVerifiableCredentialIssuance(array $parameters = []): string`
`150`	`155`	`{`
`151`	`156`	`return $this->getModuleUrl(RoutesEnum::AdminTestVerifiableCredentialIssuance->value, $parameters);`