diff options
| author | Jaime Perez Crespo <jaime.perez@uninett.no> | 2015-08-30 18:56:38 +0200 |
|---|---|---|
| committer | Jaime Perez Crespo <jaime.perez@uninett.no> | 2015-08-30 18:57:16 +0200 |
| commit | 985b155e9d5df863502b64946f3c4027e17fc70a (patch) | |
| tree | 9e7908ab4df23c610d2ca6e2efb8198f25cae77f | |
| parent | 1550fe1a561fe9b8396403556e1a9bdf0395548f (diff) | |
| download | simplesamlphp-985b155e9d5df863502b64946f3c4027e17fc70a.zip simplesamlphp-985b155e9d5df863502b64946f3c4027e17fc70a.tar.gz simplesamlphp-985b155e9d5df863502b64946f3c4027e17fc70a.tar.bz2 | |
Reformat sspmod_saml_Auth_Process_NameIDAttribute.
| -rw-r--r-- | modules/saml/lib/Auth/Process/NameIDAttribute.php | 268 |
1 files changed, 137 insertions, 131 deletions
diff --git a/modules/saml/lib/Auth/Process/NameIDAttribute.php b/modules/saml/lib/Auth/Process/NameIDAttribute.php index 450ba8b..ecb72bb 100644 --- a/modules/saml/lib/Auth/Process/NameIDAttribute.php +++ b/modules/saml/lib/Auth/Process/NameIDAttribute.php @@ -1,137 +1,143 @@ <?php + /** - * Authproc filter to create an attribute from a NameID. + * Authentication processing filter to create an attribute from a NameID. * - * @package simpleSAMLphp + * @package SimpleSAMLphp */ -class sspmod_saml_Auth_Process_NameIDAttribute extends SimpleSAML_Auth_ProcessingFilter { - - /** - * The attribute we should save the NameID in. - * - * @var string - */ - private $attribute; - - - /** - * The format of the NameID in the attribute. - * - * @var array - */ - private $format; - - - /** - * Initialize this filter, parse configuration. - * - * @param array $config Configuration information about this filter. - * @param mixed $reserved For future use. - */ - public function __construct($config, $reserved) { - parent::__construct($config, $reserved); - assert('is_array($config)'); - - if (isset($config['attribute'])) { - $this->attribute = (string)$config['attribute']; - } else { - $this->attribute = 'nameid'; - } - - if (isset($config['format'])) { - $format = (string)$config['format']; - } else { - $format = '%I!%S!%V'; - } - - $this->format = self::parseFormat($format); - } - - - /** - * Parse a NameID format string into an array. - * - * @param string $format The format string. - * @return array The format string broken into its individual components. - */ - private static function parseFormat($format) { - assert('is_string($format)'); - - $ret = array(); - $pos = 0; - while ( ($next = strpos($format, '%', $pos)) !== FALSE) { - $ret[] = substr($format, $pos, $next - $pos); - - $replacement = $format[$next + 1]; - switch ($replacement) { - case 'F': - $ret[] = 'Format'; - break; - case 'I': - $ret[] = 'NameQualifier'; - break; - case 'S': - $ret[] = 'SPNameQualifier'; - break; - case 'V': - $ret[] = 'Value'; - break; - case '%': - $ret[] = '%'; - break; - default: - throw new SimpleSAML_Error_Exception('NameIDAttribute: Invalid replacement: "%' . $replacement . '"'); - } - - $pos = $next + 2; - } - $ret[] = substr($format, $pos); - - return $ret; - } - - - /** - * Convert NameID to attribute. - * - * @param array &$state The request state. - */ - public function process(&$state) { - assert('is_array($state)'); - assert('isset($state["Source"]["entityid"])'); - assert('isset($state["Destination"]["entityid"])'); - - if (!isset($state['saml:sp:NameID'])) { - return; - } - - $rep = $state['saml:sp:NameID']; - assert('isset($rep["Value"])'); - - $rep['%'] = '%'; - if (!isset($rep['Format'])) { - $rep['Format'] = SAML2_Const::NAMEID_UNSPECIFIED; - } - if (!isset($rep['NameQualifier'])) { - $rep['NameQualifier'] = $state['Source']['entityid']; - } - if (!isset($rep['SPNameQualifier'])) { - $rep['SPNameQualifier'] = $state['Destination']['entityid']; - } - - $value = ''; - $isString = TRUE; - foreach ($this->format as $element) { - if ($isString) { - $value .= $element; - } else { - $value .= $rep[$element]; - } - $isString = !$isString; - } - - $state['Attributes'][$this->attribute] = array($value); - } - +class sspmod_saml_Auth_Process_NameIDAttribute extends SimpleSAML_Auth_ProcessingFilter +{ + + /** + * The attribute we should save the NameID in. + * + * @var string + */ + private $attribute; + + + /** + * The format of the NameID in the attribute. + * + * @var array + */ + private $format; + + + /** + * Initialize this filter, parse configuration. + * + * @param array $config Configuration information about this filter. + * @param mixed $reserved For future use. + */ + public function __construct($config, $reserved) + { + parent::__construct($config, $reserved); + assert('is_array($config)'); + + if (isset($config['attribute'])) { + $this->attribute = (string) $config['attribute']; + } else { + $this->attribute = 'nameid'; + } + + if (isset($config['format'])) { + $format = (string) $config['format']; + } else { + $format = '%I!%S!%V'; + } + + $this->format = self::parseFormat($format); + } + + + /** + * Parse a NameID format string into an array. + * + * @param string $format The format string. + * @return array The format string broken into its individual components. + * + * @throws SimpleSAML_Error_Exception if the replacement is invalid. + */ + private static function parseFormat($format) + { + assert('is_string($format)'); + + $ret = array(); + $pos = 0; + while (($next = strpos($format, '%', $pos)) !== false) { + $ret[] = substr($format, $pos, $next - $pos); + + $replacement = $format[$next + 1]; + switch ($replacement) { + case 'F': + $ret[] = 'Format'; + break; + case 'I': + $ret[] = 'NameQualifier'; + break; + case 'S': + $ret[] = 'SPNameQualifier'; + break; + case 'V': + $ret[] = 'Value'; + break; + case '%': + $ret[] = '%'; + break; + default: + throw new SimpleSAML_Error_Exception('NameIDAttribute: Invalid replacement: "%'.$replacement.'"'); + } + + $pos = $next + 2; + } + $ret[] = substr($format, $pos); + + return $ret; + } + + + /** + * Convert NameID to attribute. + * + * @param array &$state The request state. + */ + public function process(&$state) + { + assert('is_array($state)'); + assert('isset($state["Source"]["entityid"])'); + assert('isset($state["Destination"]["entityid"])'); + + if (!isset($state['saml:sp:NameID'])) { + return; + } + + $rep = $state['saml:sp:NameID']; + assert('isset($rep["Value"])'); + + $rep['%'] = '%'; + if (!isset($rep['Format'])) { + $rep['Format'] = SAML2_Const::NAMEID_UNSPECIFIED; + } + if (!isset($rep['NameQualifier'])) { + $rep['NameQualifier'] = $state['Source']['entityid']; + } + if (!isset($rep['SPNameQualifier'])) { + $rep['SPNameQualifier'] = $state['Destination']['entityid']; + } + + $value = ''; + $isString = true; + foreach ($this->format as $element) { + if ($isString) { + $value .= $element; + } else { + $value .= $rep[$element]; + } + $isString = !$isString; + } + + $state['Attributes'][$this->attribute] = array($value); + } } |