Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit 7e97dfe

Browse files
tauceti2tauceti2
authored
Merge pull request #28 from pajavyskocil/IdPAttribute
Added IdPAttribute ProcessingFilter
2 parents 346f825 + 744081b commit 7e97dfe

File tree

2 files changed

+73
-0
lines changed

2 files changed

+73
-0
lines changed

config-templates/processFilterConfigurations-example.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
## IdPAttribute
2+
3+
Example how to enable filter IdPAttribute:
4+
5+
```php
6+
29 => array(
7+
'class' => 'perun:IdPAttribute',
8+
'attrMap' => array(
9+
'OrganizationName:en' => 'idp_organizationName',
10+
),
11+
),
12+
```
13+
14+
'OrganizationName:en' => 'idp_organizationName' means that the $IdPMetadata['Organization']['en'] will be save into
15+
$request['Attributes']['idp_organizationName']

lib/Auth/Process/IdPAttribute.php

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
<?php
2+
/**
3+
* Class sspmod_perun_Auth_Process_IdPAttribute
4+
*
5+
* This class for each line in $attrMAp search the $key in IdP Metadata and save it to $request['Attributes'][$value]
6+
*
7+
* @author Pavel Vyskocil <[email protected]>
8+
*/
9+
class sspmod_perun_Auth_Process_IdPAttribute extends SimpleSAML_Auth_ProcessingFilter
10+
{
11+
private $attrMap;
12+
13+
public function __construct($config, $reserved)
14+
{
15+
parent::__construct($config, $reserved);
16+
17+
assert('is_array($config)');
18+
19+
if (!isset($config['attrMap'])) {
20+
throw new SimpleSAML_Error_Exception("perun:IdPAttribute: missing mandatory configuration option 'attrMap'.");
21+
}
22+
23+
$this->attrMap = (array) $config['attrMap'];
24+
}
25+
public function process(&$request)
26+
{
27+
assert('is_array($request)');
28+
29+
$metadataHandler = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
30+
$sourceIdpMeta = $metadataHandler->getMetaData( $request['saml:sp:IdP'], 'saml20-idp-remote');
31+
32+
foreach ($this->attrMap as $attributeKey => $attributeValue) {
33+
$attributeNames = preg_split('/:/', $attributeKey);
34+
$key = array_shift($attributeNames);
35+
36+
if (!isset($sourceIdpMeta[$key])) {
37+
continue;
38+
}
39+
$value = $sourceIdpMeta[$key];
40+
41+
foreach ($attributeNames as $attributeName) {
42+
if (!isset($value[$attributeName])){
43+
continue;
44+
}
45+
$value = $value[$attributeName];
46+
}
47+
48+
if (!is_array($value)) {
49+
$value = array($value);
50+
}
51+
52+
if (!empty($value)) {
53+
$request['Attributes'][$attributeValue] = $value;
54+
}
55+
}
56+
57+
}
58+
}

0 commit comments

Comments
 (0)