Add option to skip interaction when using php artisan samlidp:cert

[joelharkes]

We used to use the command php artisan samlidp:cert in a process, that did not have interactivity. The process would hanging because a question was asked.

Added

• samlidp:cert --overwrite option to skip the question to overwrite cert files
• samlidp:cert --subject to add subject name when generating certificates

[upwebdesign]

@joelharkes I like this update. I trust this has been tested with multiple options?

[joelharkes]

let me write some unit tests to this, its better validation. i will add separate PR to add github action to run the unit tests :)

[Copilot]

Pull request overview

This PR updates the samlidp:cert Artisan command to better support non-interactive usage in automated processes by adding options that control overwriting existing cert files and customizing the generated certificate subject.

Changes:

• Add --overwrite option to skip the interactive overwrite confirmation when PEM files already exist.
• Add --subject option to pass an OpenSSL -subj value during certificate generation.
• Refactor overwrite decision logic into a dedicated canCreateFiles() helper.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The exec(...) call ignores the exit code/output, so certificate generation failures (missing openssl, permission errors, invalid --subject, etc.) will be silent. Capture the exit status and report an error via $this->error(...)/non-zero return code so automated pipelines can fail fast.

Suggested change

	exec(sprintf($command, $days, $key, $cert));
	}
	$fullCommand = sprintf($command, $days, $key, $cert);
	$output = [];
	$exitCode = 0;
	exec($fullCommand, $output, $exitCode);
	if ($exitCode !== 0) {
	$message = 'Failed to generate certificate. OpenSSL exited with code ' . $exitCode . '.';
	if (!empty($output)) {
	$message .= ' Output: ' . implode(PHP_EOL, $output);
	}
	$this->error($message);
	return 1;
	}
	$this->info('Certificate and key generated successfully.');
	return 0;
	}
	return 0;

[Copilot]

The new conditionals in canCreateFiles() don't follow the spacing convention used elsewhere in src/ (e.g., if (!file_exists(...))). Run Pint/PSR-12 formatting here (if (!$anyFileExists), if ($this->option('overwrite'))) to keep style consistent.

Suggested change

	if(!$anyFileExists) {
	return true;
	}
	if($this->option('overwrite')) {
	if (!$anyFileExists) {
	return true;
	}
	if ($this->option('overwrite')) {

[Copilot]

Grammar in the prompt string is off: "The name chosen ... already exist" mixes singular/plural. Consider rephrasing to something like "The chosen PEM file names already exist..." to avoid confusion in interactive mode.

Suggested change

	$question = 'The name chosen for the PEM files already exist. Would you like to overwrite existing PEM files?';
	$question = 'The chosen PEM file names already exist. Would you like to overwrite the existing PEM files?';

[Copilot]

--overwrite=0 defines an option with a value (default 0) rather than a boolean flag. With the current if ($this->option('overwrite')) check, running --overwrite without a value will not necessarily skip the prompt, and non-empty strings like --overwrite=false will evaluate truthy and overwrite anyway. Consider making this a real boolean flag ({--overwrite : ...}) or performing a strict check against expected values (e.g., 1/true).

Suggested change

	{--overwrite=0 : Overwrite existing PEM files without asking}
	{--overwrite : Overwrite existing PEM files without asking}

[Copilot]

Building the OpenSSL command by string concatenation with a user-provided --subject and then passing it to exec() is vulnerable to shell injection and also breaks if the subject contains quotes/spaces. Use proper escaping (escapeshellarg) for all dynamic parts (days/key/cert/subject) or switch to Symfony\Component\Process\Process with an argument array to avoid invoking a shell.