<?php
/*
 * This is an EXAMPLE to help you configure a SimpleSAMLphp service provider
 * to produce metadata that is reasonably complete and closely meets SAIFRE's
 * recommendations. You may need to hand-edit the result, but hopefully not much.
 */
$config['example-sp'] = [
    'saml:SP',
    'entityID' => null, /* autogenerated */
    'idp' => 'https://iziko.safire.ac.za/',
    'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', /* SHA1 not acceptable */
    'attributes' => [ /* see https://safire.ac.za/technical/attributes/ */
        'eduPersonPrincipalName' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
        'mail' => 'urn:oid:0.9.2342.19200300.100.1.3',
    ],
    'attributes.required' => [ /* must be in OID form */
        'urn:oid:0.9.2342.19200300.100.1.3', // mail
        'urn:oid:1.3.6.1.4.1.5923.1.1.1.6', // eduPersonPrincipalName
    ],
    'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
    'acs.Bindings' => ['urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'],
    'SingleLogoutServiceBinding' => ['urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'], /* SAML2int only requires HTTP-Redirect */
    'privatekey' => 'example-sp.pem',
    'privatekey_pass' => 'YourPrivateKeyPassphrase', /* you encrypt your private key, right? */
    'certificate' => 'example-sp.crt', /* see https://safire.ac.za/technical/resources/generating-certificates-for-safire/ */

    /*
     * Feel free to include as many official translations as you have.
     * English IsiZulu, isiXhosa & Afrikaans currently natively supported.
     * Where a translation is not included, English will be used by default.
     */
    'OrganizationName' => [ /* Legal Name */
        'en' => 'Example University',
        'af' => 'Byvorbeeld Universiteit',
    ],
    'OrganizationDisplayName' => [ /* Name your organisation is commonly known by */
        'en' => 'ExampleU',
        'af' => 'ByvorbeeldU',
    ],
    'OrganizationURL' => ['en' => 'https://www.example.ac.za',],

    'name' => [ /* ServiceName */
        'en' => 'Example Service Provider',
        'af' => 'Byvoorveeld Diens-Verskaffer',
    ],
    'description' => ['en' => 'The description should be short, and explain why you need the attributes your want',], /* ServiceDescription */
    'UIInfo' => [
        'DisplayName' => [ /* must match ServiceName above */
            'en' => 'Example Service Provider',
            'af' => 'Byvoorveeld Diens-Verskaffer',
        ],
        'Description' => ['en' => 'The description should be short, and explain why you need the attributes your want',], /* must match ServiceDescription above */
        'PrivacyStatementURL' => ['en' => 'SET_ME_XXX',], /* Mandatory for SPs */
        'InformationURL' => ['en' => 'https://safire.ac.za/users/who-why-what',], /* where can I find info about your service? suggested */
        'Logo' => [
            [ /* This is the size recommended by SAFIRE (at least 150x150, square) */
                'url' => 'https://static.safire.ac.za/logos/safire-logo-300x300.png',
                'height' => 300,
                'width' => 300,
            ],
        ],
    ],
    'contacts' => [ /* technical contact is added automatically from config/config.php */
        [
            'contactType' => 'support',
            'emailAddress' => 'mailto:support@example.ac.za', /* role not person */
            'givenName' => 'Example University Help Desk',
            'telephoneNumber' => '+27.21.114.0000',
        ],
    ],
];