lib/saml/kit/configuration.rb in saml-kit-0.2.3 vs lib/saml/kit/configuration.rb in saml-kit-0.2.4

@@ -1,40 +1,65 @@
 module Saml
   module Kit
     class Configuration
       attr_accessor :issuer
       attr_accessor :signature_method, :digest_method
-      attr_accessor :signing_certificate_pem, :signing_private_key_pem, :signing_private_key_password
-      attr_accessor :encryption_certificate_pem, :encryption_private_key_pem, :encryption_private_key_password
       attr_accessor :registry, :session_timeout
       attr_accessor :logger
 
       def initialize
         @signature_method = :SHA256
         @digest_method = :SHA256
-        @signing_private_key_password = SecureRandom.uuid
-        @encryption_private_key_password = SecureRandom.uuid
-        @signing_certificate_pem, @signing_private_key_pem = SelfSignedCertificate.new(@signing_private_key_password).create
-        @encryption_certificate_pem, @encryption_private_key_pem = SelfSignedCertificate.new(@encryption_private_key_password).create
         @registry = DefaultRegistry.new
         @session_timeout = 3.hours
         @logger = Logger.new(STDOUT)
+        yield self if block_given?
       end
 
-      def signing_certificate
-        Saml::Kit::Certificate.new(signing_certificate_pem, use: :signing)
+      def add_key_pair(certificate, private_key, password:, use: :signing)
+        key_pairs.push({
+          certificate: Saml::Kit::Certificate.new(certificate, use: use),
+          private_key: OpenSSL::PKey::RSA.new(private_key, password)
+        })
       end
 
+      def generate_key_pair_for(use:, password: SecureRandom.uuid)
+        certificate, private_key = SelfSignedCertificate.new(password).create
+        add_key_pair(certificate, private_key, password: password, use: use)
+      end
+
+      def certificates(use: nil)
+        certificates = key_pairs.map { |x| x[:certificate] }
+        use.present? ? certificates.find_all { |x| x.for?(use) } : certificates
+      end
+
+      def private_keys(use: :signing)
+        key_pairs.find_all { |x| x[:certificate].for?(use) }.map { |x| x[:private_key] }
+      end
+
       def encryption_certificate
-        Saml::Kit::Certificate.new(encryption_certificate_pem, use: :encryption)
+        Saml::Kit.deprecate("encryption_certificate is deprecated. Use certificates(use: :encryption) instead")
+        certificates(use: :encryption).last
       end
 
       def signing_private_key
-        OpenSSL::PKey::RSA.new(signing_private_key_pem, signing_private_key_password)
+        Saml::Kit.deprecate("signing_private_key is deprecated. Use private_keys(use: :signing) instead")
+        private_keys(use: :signing).last
       end
 
       def encryption_private_key
-        OpenSSL::PKey::RSA.new(encryption_private_key_pem, encryption_private_key_password)
+        Saml::Kit.deprecate("encryption_private_key is deprecated. Use private_keys(use: :encryption) instead")
+        private_keys(use: :encryption).last
+      end
+
+      def sign?
+        certificates(use: :signing).any?
+      end
+
+      private
+
+      def key_pairs
+        @key_pairs ||= []
       end
     end
   end
 end