feat(settings): optional config option for sp entityId

lib/SAMLSettings.php

@@ -58,6 +58,7 @@ class SAMLSettings {
 		'saml-attribute-mapping-group_mapping_prefix',
 		'saml-user-filter-reject_groups',
 		'saml-user-filter-require_groups',
+		'sp-entityId',
 		'sp-x509cert',
 		'sp-name-id-format',
 		'sp-privateKey',
@@ -140,7 +141,9 @@ public function getOneLoginSettingsArray(int $idp): array {
 				// "sloWebServerDecode" is not expected to be passed to the OneLogin class
 			],
 			'sp' => [
-				'entityId' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.getMetadata'),
+				'entityId' => (array_key_exists('sp-entityId', $this->configurations[$idp]) && trim($this->configurations[$idp]['sp-entityId']) != '')
+					? $this->configurations[$idp]['sp-entityId']
+					: $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.getMetadata'),
 				'assertionConsumerService' => [
 					'url' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.assertionConsumerService'),
 				],

lib/Settings/Admin.php

@@ -37,8 +37,21 @@ public function getForm() {
 			];
 		}
 		$serviceProviderFields = [
-			'x509cert' => $this->l10n->t('X.509 certificate of the Service Provider'),
-			'privateKey' => $this->l10n->t('Private key of the Service Provider'),
+			'x509cert' => [
+				'text' => $this->l10n->t('X.509 certificate of the Service Provider'),
+				'type' => 'text',
+				'required' => false,
+			],
+			'privateKey' => [
+				'text' => $this->l10n->t('Private key of the Service Provider'),
+				'type' => 'text',
+				'required' => false,
+			],
+			'entityId' => [
+				'text' => $this->l10n->t('Service Provider EntityId (optional)'),
+				'type' => 'line',
+				'required' => false,
+			]
 		];
 		$securityOfferFields = [
 			'nameIdEncrypted' => $this->l10n->t('Indicates that the nameID of the <samlp:logoutRequest> sent by this SP will be encrypted.'),

templates/admin.php

@@ -121,10 +121,14 @@
 						} ?> ><?php p($value['label']) ?></option>
 					<?php endforeach; ?>
 				</select>
-				<?php foreach ($_['sp'] as $key => $text): ?>
+				<?php foreach ($_['sp'] as $key => $attribute): ?>
 					<p>
-						<label class="user-saml-standalone-label" for="user-saml-<?php p($key) ?>"><?php p($text) ?></label><br/>
-						<textarea id="user-saml-<?php p($key) ?>" name="<?php p($key) ?>"><?php p($_['config']['sp-' . $key] ?? '') ?></textarea>
+						<label class="user-saml-standalone-label" for="user-saml-<?php p($key) ?>"><?php p($attribute['text']) ?></label><br/>
+						<?php if ($attribute['type'] === 'line'): ?>
+							<input id="user-saml-<?php p($key) ?>" name="<?php p($key) ?>" value="<?php p($_['config']['sp-' . $key] ?? '') ?>" type="text" <?php if (isset($attribute['required']) && $attribute['required'] === true): ?>class="required"<?php endif;?>/>
+						<?php else: ?>
+							<textarea id="user-saml-<?php p($key) ?>" name="<?php p($key) ?>" <?php if (isset($attribute['required']) && $attribute['required'] === true): ?>class="required"<?php endif;?>><?php p($_['config']['sp-' . $key] ?? '') ?></textarea>
+						<?php endif; ?>
 					</p>
 				<?php endforeach; ?>
 			</div>

tests/unit/Settings/AdminTest.php

@@ -52,8 +52,21 @@ public function formDataProvider() {
 			});
 
 		$serviceProviderFields = [
-			'x509cert' => 'X.509 certificate of the Service Provider',
-			'privateKey' => 'Private key of the Service Provider',
+			'x509cert' => [
+				'text' => 'X.509 certificate of the Service Provider',
+				'type' => 'text',
+				'required' => false,
+			],
+			'privateKey' => [
+				'text' => 'Private key of the Service Provider',
+				'type' => 'text',
+				'required' => false,
+			],
+			'entityId' => [
+				'text' => 'Service Provider EntityId (optional)',
+				'type' => 'line',
+				'required' => false,
+			]
 		];
 		$securityOfferFields = [
 			'nameIdEncrypted' => 'Indicates that the nameID of the <samlp:logoutRequest> sent by this SP will be encrypted.',