Skip to content

h/DKW-370-19748 adding os2faktor OIO-SAML-3.0 support #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

h/DKW-370-19748 adding os2faktor OIO-SAML-3.0 support #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 55 additions & 13 deletions src/Plugin/os2web/NemloginAuthProvider/SimpleSaml.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@
use Drupal\os2web_nemlogin\Plugin\AuthProviderBase;
use SimpleSAML\Auth\Simple;

define('OS2WEB_NEMLOGIN_SIMPLESAML_AUTH_METHOD', 'default-sp');

/**
* Defines a plugin for Nemlogin auth via SimpleSAML.
*
Expand All @@ -21,9 +19,24 @@
class SimpleSaml extends AuthProviderBase {

/**
* Authorization values array.
* Default SP.
*/
const DEFAULT_SP = 'default-sp';

/**
* Spec version: DK-SAML-2.0.
*/
const SPEC_VERSION_DK_SAML_2_0 = 'DK-SAML-2.0';

/**
* Spec version: OIO-SAML-3.0.
*/
const SPEC_VERSION_OIO_SAML_3_0 = 'OIO-SAML-3.0';

/**
* SimpleSAML object.
*
* @var SimpleSAML_Auth_Simple
* @var \SimpleSAML\Auth\Simple
*/
private $as;

Expand Down Expand Up @@ -142,28 +155,44 @@ public function fetchValue($key) {
return NULL;
}

// Make first char uppercase and suffixing with NumberIdentifier.
$key = ucfirst(strtolower($key));
$key .= 'NumberIdentifier';
$configuration = $this->getConfiguration();

if ($configuration['nemlogin_simplesaml_spec_version'] == self::SPEC_VERSION_DK_SAML_2_0) {
// Make first char uppercase and suffixing with NumberIdentifier.
// Expected key = dk:gov:saml:attribute:CprNumberIdentifier.
$key = 'dk:gov:saml:attribute:' . ucfirst(strtolower($key)) . 'NumberIdentifier';
}
elseif ($configuration['nemlogin_simplesaml_spec_version'] == self::SPEC_VERSION_OIO_SAML_3_0) {
// Expected key = https://data.gov.dk/model/core/eid/cprNumber.
$key = 'https://data.gov.dk/model/core/eid/' . strtolower($key) . 'Number';
}

$attrs = $this->as->getAttributes();
$value = NULL;

if (is_array($attrs) && isset($attrs["dk:gov:saml:attribute:$key"])) {
if (is_array($attrs["dk:gov:saml:attribute:$key"]) && isset($attrs["dk:gov:saml:attribute:$key"][0])) {
$value = $attrs["dk:gov:saml:attribute:$key"][0];
if (is_array($attrs) && isset($attrs[$key])) {
if (is_array($attrs[$key]) && isset($attrs[$key][0])) {
$value = $attrs[$key][0];
}
}

return $value;
}

/**
* {@inheritdoc}
*/
public function fetchAllValues() {
return $this->as->getAttributes();
}

/**
* {@inheritdoc}
*/
public function defaultConfiguration() {
return parent::defaultConfiguration() + [
'nemlogin_simplesaml_default_auth' => OS2WEB_NEMLOGIN_SIMPLESAML_AUTH_METHOD,
'nemlogin_simplesaml_default_auth' => self::DEFAULT_SP,
'nemlogin_simplesaml_spec_version' => self::SPEC_VERSION_DK_SAML_2_0,
];
}

Expand All @@ -173,12 +202,24 @@ public function defaultConfiguration() {
public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
$form['nemlogin_simplesaml_default_auth'] = [
'#type' => 'textfield',
'#title' => $this->t('Simplesaml default auth method'),
'#description' => $this->t('Default auth method for simplesaml. Example: default-sp'),
'#title' => $this->t('SimpleSAML default auth method'),
'#description' => $this->t('Default auth method for SimpleSAML. Example: default-sp'),
'#default_value' => $this->configuration['nemlogin_simplesaml_default_auth'],
'#required' => TRUE,
];

$form['nemlogin_simplesaml_spec_version'] = [
'#type' => 'select',
'#title' => $this->t('SimpleSAML Spec Version'),
'#options' => [
self::SPEC_VERSION_DK_SAML_2_0 => 'Default (DK-SAML-2.0)',
self::SPEC_VERSION_OIO_SAML_3_0 => 'OS2faktor (OIO-SAML-3.0)',
],
'#description' => $this->t('SimpleSAML specification version'),
'#default_value' => $this->configuration['nemlogin_simplesaml_spec_version'],
'#required' => TRUE,
];

return $form;
}

Expand All @@ -189,6 +230,7 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s
$configuration = $this->getConfiguration();

$configuration['nemlogin_simplesaml_default_auth'] = $form_state->getValue('nemlogin_simplesaml_default_auth');
$configuration['nemlogin_simplesaml_spec_version'] = $form_state->getValue('nemlogin_simplesaml_spec_version');

$this->setConfiguration($configuration);
}
Expand Down