summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOlav Morken <olav.morken@uninett.no>2011-03-07 13:24:52 +0000
committerOlav Morken <olav.morken@uninett.no>2011-03-07 13:24:52 +0000
commitbfdbb6da9d51130bc6cf72d11cbffc7292192733 (patch)
treec19636d07dfb736f88a644ada129ff86cc0475d1
parent5e92f288f9e25b711a5d5820ae5e7e27271391ea (diff)
downloadsimplesamlphp-bfdbb6da9d51130bc6cf72d11cbffc7292192733.zip
simplesamlphp-bfdbb6da9d51130bc6cf72d11cbffc7292192733.tar.gz
simplesamlphp-bfdbb6da9d51130bc6cf72d11cbffc7292192733.tar.bz2
SAML:IdP: Encrypt NameID in Assertion.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2749 44740490-163a-0410-bde0-09ae8108e29a
Diffstat
-rw-r--r--modules/saml/lib/IdP/SAML2.php12
1 files changed, 11 insertions, 1 deletions
diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index 60fc77f..4602657 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -48,7 +48,7 @@ class sspmod_saml_IdP_SAML2 {
'Handler' => 'sspmod_saml_IdP_SAML2',
'Expires' => $assertion->getSessionNotOnOrAfter(),
'saml:entityID' => $spEntityId,
- 'saml:NameID' => $assertion->getNameId(),
+ 'saml:NameID' => $state['saml:idp:NameID'],
'saml:SessionIndex' => $assertion->getSessionIndex(),
);
@@ -658,8 +658,18 @@ class sspmod_saml_IdP_SAML2 {
);
}
+ $state['saml:idp:NameID'] = $nameId;
+
$a->setNameId($nameId);
+ $encryptNameId = $spMetadata->getBoolean('nameid.encryption', NULL);
+ if ($encryptNameId === NULL) {
+ $encryptNameId = $idpMetadata->getBoolean('nameid.encryption', FALSE);
+ }
+ if ($encryptNameId) {
+ $a->encryptNameId(sspmod_saml_Message::getEncryptionKey($spMetadata));
+ }
+
return $a;
}
generated by cgit v1.1 at 2025-05-29 12:04:20 +0000