Allow downloading sp metadata without idp

app/Http/Controllers/Auth/SamlController.php

@@ -48,12 +48,10 @@ class SamlController extends Controller
      */
     public function metadata(Request $request)
     {
-        $auth = $this->saml->getAuth();
+        $metadata = $this->saml->getSPMetadata();
-        $settings = $auth->getSettings();
-        $metadata = $settings->getSPMetadata(true);
 
-        if (is_null($metadata)) {
+        if (empty($metadata)) {
-            return response($metadata, 403);
+            return response()->view('errors.403', [], 403);
         }
 
         return response($metadata)->header('Content-Type', 'text/xml');

app/Http/Requests/SettingsSamlRequest.php

@@ -33,7 +33,6 @@ class SettingsSamlRequest extends FormRequest
     public function rules()
     {
         return [
-            "saml_idp_metadata" => 'sometimes|required_if:saml_enabled,1',
         ];
     }
 
@@ -41,11 +40,11 @@ class SettingsSamlRequest extends FormRequest
     {
         $validator->after(function ($validator) {
             if ($this->input('saml_enabled') == '1') {
-                if ($this->has('saml_idp_metadata')) {
+                
                 $idpMetadata = $this->input('saml_idp_metadata');
+                if (!empty($idpMetadata)) {
                     try {
                         if (filter_var($idpMetadata, FILTER_VALIDATE_URL)) {
-                            $url = $idpMetadata;
                             $metadataInfo = OneLogin_Saml2_IdPMetadataParser::parseRemoteXML($idpMetadata);
                         } else {
                             $metadataInfo = OneLogin_Saml2_IdPMetadataParser::parseXML($idpMetadata);

app/Services/Saml.php

@@ -4,6 +4,7 @@ namespace App\Services;
 
 use OneLogin\Saml2\Auth as OneLogin_Saml2_Auth;
 use OneLogin\Saml2\IdPMetadataParser as OneLogin_Saml2_IdPMetadataParser;
+use OneLogin\Saml2\Settings as OneLogin_Saml2_Settings;
 use App\Models\Setting;
 use App\Models\User;
 use Exception;
@@ -131,10 +132,6 @@ class Saml
         try {
             $this->_auth = new OneLogin_Saml2_Auth($this->_settings);
         } catch (Exception $e) {
-            if ($this->isEnabled()) {
-                throw $e;
-            }
-
             $this->_enabled = false;
         }
     }
@@ -323,6 +320,31 @@ class Saml
         return $this->_auth;
     }
 
+    /**
+     * Gets the SP metadata. The XML representation.
+     *
+     * @param bool $alwaysPublishEncryptionCert When 'true', the returned
+     * metadata will always include an 'encryption' KeyDescriptor. Otherwise,
+     * the 'encryption' KeyDescriptor will only be included if
+     * $advancedSettings['security']['wantNameIdEncrypted'] or
+     * $advancedSettings['security']['wantAssertionsEncrypted'] are enabled.
+     * @param int|null      $validUntil    Metadata's valid time
+     * @param int|null      $cacheDuration Duration of the cache in seconds
+     *
+     * @return string  SP metadata (xml)
+     */
+    public function getSPMetadata($alwaysPublishEncryptionCert = false, $validUntil = null, $cacheDuration = null)
+    {
+        try {
+            $settings = new OneLogin_Saml2_Settings($this->_settings , true);
+            $metadata = $settings->getSPMetadata($alwaysPublishEncryptionCert, $validUntil, $cacheDuration);
+    
+            return $metadata;
+        } catch (Exception $e) {
+            return "";
+        }
+    }
+
     /**
      * Extract data from SAML Response. 
      *