diff options
| author | Guy Halse <guy@tenet.ac.za> | 2016-07-01 09:51:45 +0200 |
|---|---|---|
| committer | Guy Halse <guy@tenet.ac.za> | 2016-07-01 09:51:45 +0200 |
| commit | 2de293efb3e82752f99746862b30be25ebdfd6d3 (patch) | |
| tree | 08cbfc8e6b125614b8f45758cd04421c5865bb2a /modules | |
| parent | 918dcd1630438d1ae72e4f284faaff166359ec5f (diff) | |
| download | simplesamlphp-2de293efb3e82752f99746862b30be25ebdfd6d3.zip simplesamlphp-2de293efb3e82752f99746862b30be25ebdfd6d3.tar.gz simplesamlphp-2de293efb3e82752f99746862b30be25ebdfd6d3.tar.bz2 | |
Add an onlyIfEmpty option to core:ScopeAttribute.
This makes the filter a little more useful for people who want to generate default values from another attribute only if none alreay exist.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/core/docs/authproc_scopeattribute.md | 6 | ||||
| -rw-r--r-- | modules/core/lib/Auth/Process/ScopeAttribute.php | 14 |
2 files changed, 19 insertions, 1 deletions
diff --git a/modules/core/docs/authproc_scopeattribute.md b/modules/core/docs/authproc_scopeattribute.md index 6930149..5861587 100644 --- a/modules/core/docs/authproc_scopeattribute.md +++ b/modules/core/docs/authproc_scopeattribute.md @@ -26,6 +26,12 @@ Parameters : If the attribute already exists, the new values will be merged into the existing attribute. +`onlyIfEmpty` +: Only replace the targetAttribute if it is empty to begin with. + +: If `true`, then the targetAttribute will only be created if it didn't already contain values. Defaults to `false`. + +: This is useful if, for instance, you want to create eduPersonScopedAffiliation from eduPersonAffiliation _only_ if eduPersonScopedAffiliation was not returned by the authenticaton source. Example ------- diff --git a/modules/core/lib/Auth/Process/ScopeAttribute.php b/modules/core/lib/Auth/Process/ScopeAttribute.php index 9c8c571..6c2c03a 100644 --- a/modules/core/lib/Auth/Process/ScopeAttribute.php +++ b/modules/core/lib/Auth/Process/ScopeAttribute.php @@ -30,6 +30,13 @@ class sspmod_core_Auth_Process_ScopeAttribute extends SimpleSAML_Auth_Processing */ private $targetAttribute; + /** + * Only modify targetAttribute if it doesn't already exist. + * + * @var bool + */ + private $onlyIfEmpty = false; + /** * Initialize this filter, parse configuration @@ -46,6 +53,7 @@ class sspmod_core_Auth_Process_ScopeAttribute extends SimpleSAML_Auth_Processing $this->scopeAttribute = $config->getString('scopeAttribute'); $this->sourceAttribute = $config->getString('sourceAttribute'); $this->targetAttribute = $config->getString('targetAttribute'); + $this->onlyIfEmpty = $config->getBoolean('onlyIfEmpty', false); } @@ -72,6 +80,10 @@ class sspmod_core_Auth_Process_ScopeAttribute extends SimpleSAML_Auth_Processing $attributes[$this->targetAttribute] = array(); } + if ($this->onlyIfEmpty and count($attributes[$this->targetAttribute]) > 0) { + return; + } + foreach ($attributes[$this->scopeAttribute] as $scope) { if (strpos($scope, '@') !== FALSE) { @@ -93,4 +105,4 @@ class sspmod_core_Auth_Process_ScopeAttribute extends SimpleSAML_Auth_Processing } -}
\ No newline at end of file +} |