You are here

Home » API reference » SAML Service Provider 7.8 » saml_sp.admin.inc

function saml_sp__configure_idp_form in SAML Service Provider 7.8

Same name and namespace in other branches
  1. 7 saml_sp.admin.inc \saml_sp__configure_idp_form()
  2. 7.2 saml_sp.admin.inc \saml_sp__configure_idp_form()
  3. 7.3 saml_sp.admin.inc \saml_sp__configure_idp_form()

Configure or add a SAML IDP.

1 string reference to 'saml_sp__configure_idp_form'
saml_sp_menu in ./saml_sp.module
Implements hook_menu().

File

./saml_sp.admin.inc, line 26
Admin pages for the SAML Service Provider module.

Code

function saml_sp__configure_idp_form($form, &$form_state, $saml_idp = NULL) {
  $show_metadata = TRUE;
  if (is_null($saml_idp)) {
    $show_metadata = FALSE;

    // Populate a default IDP object, with empty fields.
    $saml_idp = _saml_sp__default_idp();
  }
  $form['#destination'] = 'admin/config/people/saml_sp/IDP';
  $form['export_type'] = array(
    '#type' => 'value',
    '#value' => isset($saml_idp->export_type) ? $saml_idp->export_type : NULL,
  );

  // If this is an update to an existing IDP, track the original machine name,
  // in case it is changed.
  if (!empty($saml_idp->machine_name)) {
    $form['orig_machine_name'] = array(
      '#type' => 'value',
      '#value' => $saml_idp->machine_name,
    );
  }
  $form['name'] = array(
    '#type' => 'textfield',
    '#title' => t('Name'),
    '#default_value' => $saml_idp->name,
    '#description' => t('The human-readable name of this IDP. This text will be displayed to administrators who can configure SAML.'),
    '#required' => TRUE,
    '#size' => 30,
    '#maxlength' => 30,
  );
  $form['machine_name'] = array(
    '#type' => 'machine_name',
    '#default_value' => $saml_idp->machine_name,
    '#maxlength' => 32,
    '#machine_name' => array(
      'exists' => 'saml_sp_idp_load',
    ),
    '#description' => t('A unique machine-readable name for this IDP. It must only contain lowercase letters, numbers, and underscores.'),
  );
  $form['entity_id'] = array(
    '#type' => 'textfield',
    '#title' => t('Entity ID'),
    '#description' => t('The entityID identifier which the Identity Provider will use to identiy itself by, this may sometimes be a URL.'),
    '#default_value' => $saml_idp->entity_id,
    '#maxlength' => 255,
  );
  $form['app_name'] = array(
    '#type' => 'textfield',
    '#title' => t('App name'),
    '#description' => t('The app name is provided to the Identiy Provider, to identify the origin of the request.'),
    '#default_value' => $saml_idp->app_name,
    '#maxlength' => 255,
  );

  // Adding mail and extra fields to select list
  $fields = array(
    'mail' => t('Email'),
  );
  $extra_fields = field_info_instances($entity_type = 'user', $bundle_name = NULL);
  $extra_fields = array_keys($extra_fields['user']);
  foreach ($extra_fields as $value) {
    $fields[$value] = $value;
  }
  $form['nameid_field'] = array(
    '#type' => 'select',
    '#title' => t('NameID field'),
    '#description' => t('Mail is usually used between IdP and SP, but if you want to let users change the email address in IdP, you need to use a custom field to store the ID.'),
    '#options' => $fields,
    '#default_value' => $saml_idp->nameid_field,
  );

  // The SAML Login URL and x.509 certificate must match the details provided
  // by the IDP.
  $form['idp'] = array(
    '#type' => 'fieldset',
    '#title' => t('IDP configuration'),
    '#description' => t('Enter the details provided by the IDP.'),
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );
  $form['idp']['idp_login_url'] = array(
    '#type' => 'textfield',
    '#title' => t('IDP Login URL'),
    '#description' => t('Login URL of the Identity Provider server.'),
    '#default_value' => $saml_idp->login_url,
    '#required' => TRUE,
    '#max_length' => 255,
  );
  $form['idp']['idp_logout_url'] = array(
    '#type' => 'textfield',
    '#title' => t('IDP Logout URL'),
    '#description' => t('Logout URL of the Identity Provider server.'),
    '#default_value' => $saml_idp->logout_url,
    '#required' => TRUE,
    '#max_length' => 255,
  );
  $form['idp']['idp_x509_cert'] = array(
    '#type' => 'textarea',
    '#title' => t('x.509 Certificate'),
    '#description' => t('Enter the application certificate provided by the IdP.'),
    '#default_value' => $saml_idp->x509_cert,
    '#required' => TRUE,
    '#max_length' => 1024,
  );
  $authn_context_class_ref_options = array(
    'urn:oasis:names:tc:SAML:2.0:ac:classes:Password' => t('User Name and Password'),
    'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' => t('Password Protected Transport'),
    'urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient' => t('Transport Layer Security (TLS) Client'),
    'urn:oasis:names:tc:SAML:2.0:ac:classes:X509' => t('X.509 Certificate'),
    'urn:federation:authentication:windows' => t('Integrated Windows Authentication'),
    'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos' => t('Kerberos'),
  );
  $form['idp']['authn_context_class_ref'] = array(
    '#type' => 'select',
    '#title' => t('Authentication Method'),
    '#description' => t('What authentication method would you like to use with this IdP?'),
    '#default_value' => $saml_idp->authn_context_class_ref,
    '#options' => $authn_context_class_ref_options,
    '#required' => TRUE,
  );
  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Save settings'),
  );
  return $form;
}