From 76003858212626ca96a3cb3234bca9fa94ebe01d Mon Sep 17 00:00:00 2001 From: AramMutlu Date: Mon, 15 Sep 2025 11:17:18 +0200 Subject: [PATCH] Make metadata expiration time configurable --- app/config/parameters.yml.dist | 2 ++ src/OpenConext/EngineBlock/Xml/MetadataRenderer.php | 8 +++++--- .../EngineBlockBundle/Resources/config/services.yml | 1 + .../OpenConext/EngineBlock/Xml/MetadataRendererTest.php | 3 ++- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 5604e6fd1a..117981929d 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -57,6 +57,8 @@ parameters: ## Add RequestedAttributes to the AttributeConsumingService of the SP Proxy metadata of Engineblock, default is all ## Options are 'all' (optional and required attributes), 'required' (only required attributes) or 'none' metadata_add_requested_attributes: all + ## The number of seconds a Metadata document is deemed valid (default 24h) + metadata_expiration_time: 86400 ########################################################################################## ## PHP SETTINGS diff --git a/src/OpenConext/EngineBlock/Xml/MetadataRenderer.php b/src/OpenConext/EngineBlock/Xml/MetadataRenderer.php index f8e1348cff..8ae5238ffa 100644 --- a/src/OpenConext/EngineBlock/Xml/MetadataRenderer.php +++ b/src/OpenConext/EngineBlock/Xml/MetadataRenderer.php @@ -37,7 +37,7 @@ class MetadataRenderer /** * The number of seconds a Metadata document is deemed valid */ - const METADATA_EXPIRATION_TIME = 86400; + private $metadataExpirationTime; /** * @var Environment @@ -83,7 +83,8 @@ public function __construct( KeyPairFactory $keyPairFactory, DocumentSigner $documentSigner, TimeProvider $timeProvider, - string $addRequestedAttributes + string $addRequestedAttributes, + int $metadataExpirationTime ) { $this->languageSupportProvider = $languageSupportProvider; $this->twig = $twig; @@ -92,6 +93,7 @@ public function __construct( $this->documentSigner = $documentSigner; $this->timeProvider = $timeProvider; $this->addRequestedAttributes = $addRequestedAttributes; + $this->metadataExpirationTime = $metadataExpirationTime; } public function fromServiceProviderEntity(ServiceProviderEntityInterface $sp, string $keyId) : string @@ -190,6 +192,6 @@ private function renderMetadataXmlIdentityProviderCollection(IdentityProviderEnt private function getValidUntil(): string { - return $this->timeProvider->timestamp(self::METADATA_EXPIRATION_TIME); + return $this->timeProvider->timestamp($this->metadataExpirationTime); } } diff --git a/src/OpenConext/EngineBlockBundle/Resources/config/services.yml b/src/OpenConext/EngineBlockBundle/Resources/config/services.yml index df8b1b8637..ced1358b62 100644 --- a/src/OpenConext/EngineBlockBundle/Resources/config/services.yml +++ b/src/OpenConext/EngineBlockBundle/Resources/config/services.yml @@ -158,6 +158,7 @@ services: - "@OpenConext\\EngineBlock\\Xml\\DocumentSigner" - "@engineblock.service.time_provider" - "%metadata_add_requested_attributes%" + - "%metadata_expiration_time%" OpenConext\EngineBlock\Xml\MetadataProvider: arguments: diff --git a/tests/unit/OpenConext/EngineBlock/Xml/MetadataRendererTest.php b/tests/unit/OpenConext/EngineBlock/Xml/MetadataRendererTest.php index 77a82bcd84..b54d5a9d60 100644 --- a/tests/unit/OpenConext/EngineBlock/Xml/MetadataRendererTest.php +++ b/tests/unit/OpenConext/EngineBlock/Xml/MetadataRendererTest.php @@ -345,7 +345,8 @@ private function buildMetadataRenderer(string $addRequestedAttributes) $keyPairFactory, $documentSigner, new TimeProvider(), - $addRequestedAttributes + $addRequestedAttributes, + 86400 ); }