aggregator Module
=================

<!--
	This file is written in Markdown syntax.
	For more information about how to use the Markdown syntax, read here:
	http://daringfireball.net/projects/markdown/syntax
-->

  * Author: Andreas Åkre Solberg <andreas.solberg@uninett.no>, UNINETT AS
  * Package: simpleSAMLphp

This module, aggregates a set of metadata of SAML entities to SAML 2.0 documents with an `EntitiesDescriptor` with multiple entities inside.

Multiple aggregates can be configured.



The configuration file: module_aggregate.php
--------------------------------------------

The configuration file includes an option `aggregators`, which includes a indexed list of different aggregator configurations that all can be accessed independently. The structure is as follows:

	'aggregators' => array(
		'aggr1' => array(
			'sources' => [...]
			[...local params...]
		),
		'aggr2' => ...
	)
	[...global params...]

All of the global parameters can be overriden for each aggregator. Here is a list of the available (global) paramters:

`maxDuration`
: Max validity of metadata (duration) in seconds.

`reconstruct`
: Whether simpleSAMLphp should regenerate the metadata XML (TRUE) or pass-through the input metadata XML (FALSE).

`RegistrationInfo`
:   Allows to specify information about the registrar of this metadata. Please refer to the
    [MDRPI extension](./simplesamlphp-metadata-extensions-rpi) document for further information.

`set`
: By default all SAML types are available, including: `array('saml20-idp-remote', 'saml20-sp-remote', 'shib13-idp-remote', 'shib13-sp-remote')`. This list can be reduced by specifying one of the following values:

  * `saml20-idp-remote`
  * `saml20-sp-remote`
  * `shib13-idp-remote`
  * `shib13-sp-remote`
  * `saml2`
  * `shib13`

`sign.enable`
: Enable signing of metadata document

`sign.certificate`
: Certificate to embed, corresponding to the private key.

`sign.privatekey`
: Private key to use when signing

`sign.privatekey_pass`
: Optionally a passphrase to the private key


Accessing the aggregate
-----------------------

On the SimpleSAMLphp frontpage on the federation tab, there is a link to the aggregator named *Metadata aggregator*.

When accessing the aggregator endpoint without specifying an aggregate ID, a list of available aggregators will be presented, with different options for mime-type presenting the result.

The endpoint supports the following query parameter:

`id`
: The ID of the aggregator (From configuration file)

`set`
: Subset the available types of SAML entities. Similar to the `set` parameter described over in the configuration file description.

`exclude`
: Specify a `tag` that will be excluded from the metadata set. Useful for leaving out your own federation metadata.

`mimetype`
: Select the Mime-Type that will be used. Default is `application/samlmetadata+xml`.