You are here

Home » API reference » SAML Service Provider 8.2 » IdpForm.php » IdpForm

public function IdpForm::form in SAML Service Provider 8.2

Same name and namespace in other branches
  1. 8.3 src/Form/IdpForm.php \Drupal\saml_sp\Form\IdpForm::form()
  2. 4.x src/Form/IdpForm.php \Drupal\saml_sp\Form\IdpForm::form()
  3. 3.x src/Form/IdpForm.php \Drupal\saml_sp\Form\IdpForm::form()

Gets the actual form array to be built.

Overrides EntityForm::form

See also

\Drupal\Core\Entity\EntityForm::processForm()

\Drupal\Core\Entity\EntityForm::afterBuild()

File

src/Form/IdpForm.php, line 21
Contains \Drupal\saml_sp\Form\SamlSpIdpAdd.

Class

IdpForm

Namespace

Drupal\saml_sp\Form

Code

public function form(array $form, FormStateInterface $form_state) {
  $form = parent::form($form, $form_state);
  $idp = $this->entity;
  $form['idp_metadata'] = array(
    '#type' => 'textarea',
    '#title' => t('XML Metadata'),
    '#description' => t('Paste in the metadata provided by the Identity Provider here and the form will be automatically filled out, or you can manually enter the information.'),
  );
  $form['#attached']['library'][] = 'saml_sp/idp_form';
  $form['idp'] = array(
    '#type' => 'fieldset',
    '#tree' => TRUE,
  );
  $form['idp']['label'] = array(
    '#type' => 'textfield',
    '#title' => t('Name'),
    '#default_value' => $idp
      ->label(),
    '#description' => t('The human-readable name of this IDP. This text will be displayed to administrators who can configure SAML.'),
    '#required' => TRUE,
    '#size' => 30,
    '#maxlength' => 30,
  );
  $form['idp']['id'] = array(
    '#type' => 'machine_name',
    '#default_value' => $idp
      ->id(),
    '#maxlength' => 32,
    '#machine_name' => array(
      'exists' => 'saml_sp_idp_load',
      'source' => array(
        'idp',
        'label',
      ),
    ),
    '#description' => t('A unique machine-readable name for this IDP. It must only contain lowercase letters, numbers, and underscores.'),
  );
  $form['idp']['entity_id'] = array(
    '#type' => 'textfield',
    '#title' => t('Entity ID'),
    '#description' => t('The entityID identifier which the Identity Provider will use to identiy itself by, this may sometimes be a URL.'),
    '#default_value' => $idp
      ->entity_id(),
    '#maxlength' => 255,
  );
  $form['idp']['app_name'] = array(
    '#type' => 'textfield',
    '#title' => t('App name'),
    '#description' => t('The app name is provided to the Identiy Provider, to identify the origin of the request.'),
    '#default_value' => $idp
      ->app_name(),
    '#maxlength' => 255,
  );
  $fields = array(
    'mail' => t('Email'),
  );
  if (!empty($extra_fields)) {
    foreach ($extra_fields as $value) {
      $fields[$value] = $value;
    }
  }
  $form['idp']['nameid_field'] = array(
    '#type' => 'select',
    '#title' => t('NameID field'),
    '#description' => t('Mail is usually used between IdP and SP, but if you want to let users change the email address in IdP, you need to use a custom field to store the ID.'),
    '#options' => $fields,
    '#default_value' => $idp
      ->nameid_field(),
  );

  // The SAML Login URL and x.509 certificate must match the details provided
  // by the IDP.
  $form['idp']['login_url'] = array(
    '#type' => 'textfield',
    '#title' => t('IDP Login URL'),
    '#description' => t('Login URL of the Identity Provider server.'),
    '#default_value' => $idp
      ->login_url(),
    '#required' => TRUE,
    '#max_length' => 255,
  );
  $form['idp']['logout_url'] = array(
    '#type' => 'textfield',
    '#title' => t('IDP Logout URL'),
    '#description' => t('Logout URL of the Identity Provider server.'),
    '#default_value' => $idp
      ->logout_url(),
    '#required' => TRUE,
    '#max_length' => 255,
  );
  $form['idp']['x509_cert'] = $this
    ->createCertsFieldset($form_state);
  $form_state
    ->setCached(FALSE);
  $refs = saml_sp_authn_context_class_refs();
  $authn_context_class_ref_options = array(
    $refs['urn:oasis:names:tc:SAML:2.0:ac:classes:Password'] => t('User Name and Password'),
    $refs['urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'] => t('Password Protected Transport'),
    $refs['urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient'] => t('Transport Layer Security (TLS) Client'),
    $refs['urn:oasis:names:tc:SAML:2.0:ac:classes:X509'] => t('X.509 Certificate'),
    $refs['urn:federation:authentication:windows'] => t('Integrated Windows Authentication'),
    $refs['urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'] => t('Kerberos'),
  );
  $default_auth = array();
  foreach ($refs as $key => $value) {
    $default_auth[$value] = $value;
  }
  $form['idp']['authn_context_class_ref'] = array(
    '#type' => 'checkboxes',
    '#title' => t('Authentication Methods'),
    '#description' => t('What authentication methods would you like to use with this IdP? If left empty all methods from the provider will be allowed.'),
    '#default_value' => $idp->id ? $idp
      ->authn_context_class_ref() : $default_auth,
    '#options' => $authn_context_class_ref_options,
    '#required' => FALSE,
  );
  return $form;
}