diff options
| author | Pieter van der Meulen <pieter.vanderMeulen@surfnet.nl> | 2016-05-31 22:46:21 +0200 |
|---|---|---|
| committer | Pieter van der Meulen <pieter.vanderMeulen@surfnet.nl> | 2016-07-13 16:16:18 +0200 |
| commit | 82e58db7db36e4938d68b51d28325c25123eebb4 (patch) | |
| tree | 3e448b8c9b195a241a4516902e28c2c7a6e7cfd8 /modules | |
| parent | 2428e8f45bad5b704f2f7e289d0ed7ffd39c83e5 (diff) | |
| download | simplesamlphp-82e58db7db36e4938d68b51d28325c25123eebb4.zip simplesamlphp-82e58db7db36e4938d68b51d28325c25123eebb4.tar.gz simplesamlphp-82e58db7db36e4938d68b51d28325c25123eebb4.tar.bz2 | |
Allow the optional Subject NameID to be set in a SAML AuthnRequest through "saml:NameID"
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/saml/docs/sp.md | 7 | ||||
| -rw-r--r-- | modules/saml/lib/Auth/Source/SP.php | 7 |
2 files changed, 14 insertions, 0 deletions
diff --git a/modules/saml/docs/sp.md b/modules/saml/docs/sp.md index 6d40464..d1a3178 100644 --- a/modules/saml/docs/sp.md +++ b/modules/saml/docs/sp.md @@ -52,6 +52,13 @@ All these parameters override the equivalent option from the configuration. : *Note*: SAML 2 specific. +`saml:NameID` +: Add a Subject element with a NameID to the SAML AuthnRequest for the IdP. + This is an associative array with the fields for the NameID. + Example: `array('Value' => 'user@example.org', 'Format' => SAML2_Const::NAMEID_UNSPECIFIED)` + +: *Note*: SAML 2 specific. + Authentication data ------------------- diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php index 1460940..0d6b509 100644 --- a/modules/saml/lib/Auth/Source/SP.php +++ b/modules/saml/lib/Auth/Source/SP.php @@ -205,6 +205,13 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source { $ar->setIsPassive((bool)$state['isPassive']); } + if (isset($state['saml:NameID'])) { + if (!is_array($state['saml:NameID'])) { + throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameID\'].'); + } + $ar->setNameId($state['saml:NameID']); + } + if (isset($state['saml:NameIDPolicy'])) { if (is_string($state['saml:NameIDPolicy'])) { $policy = array( |