Skip to content
Snippets Groups Projects
Commit 20902edc authored by Olav Morken's avatar Olav Morken
Browse files

Utilities::generateUserIdentifier: Require UserID to be set in $state. 

If UserID isn't set in $state, it means that we were unable to retrieve
it previously. Trying again isn't likely to succeed.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2377 44740490-163a-0410-bde0-09ae8108e29a
parent df4a362b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Utilities.php
+ 3
31
View file @ 20902edc
...@@ -1107,39 +1107,11 @@ class SimpleSAML_Utilities { ...@@ -1107,39 +1107,11 @@ class SimpleSAML_Utilities {
* @return A non-reversible unique identifier for the user. * @return A non-reversible unique identifier for the user.
*/ */
public static function generateUserIdentifier($idpEntityId, $spEntityId, array &$state, $idpset = 'saml20-idp-hosted', $spset = 'saml20-sp-remote') { public static function generateUserIdentifier($idpEntityId, $spEntityId, array &$state, $idpset = 'saml20-idp-hosted', $spset = 'saml20-sp-remote') {
$metadataHandler = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpMetadata = $metadataHandler->getMetaData($idpEntityId, $idpset);
$spMetadata = $metadataHandler->getMetaData($spEntityId, $spset);
if (isset($state['UserID'])) {
$attributeValue = $state['UserID'];
} else {
if(array_key_exists('userid.attribute', $spMetadata)) {
$attributeName = $spMetadata['userid.attribute'];
} elseif(array_key_exists('userid.attribute', $idpMetadata)) {
$attributeName = $idpMetadata['userid.attribute'];
} else {
$attributeName = 'eduPersonPrincipalName';
}
if(!array_key_exists($attributeName, $attributes)) { if (!isset($state['UserID'])) {
throw new Exception('Missing attribute "' . $attributeName . '" for user. Cannot' . throw new SimpleSAML_Error_Exception('Missing UserID. Please set the userid.attribute metadata option.');
' generate user id.');
}
$attributeValue = $attributes[$attributeName];
if(count($attributeValue) !== 1) {
throw new Exception('Attribute "' . $attributeName . '" for user did not contain exactly' .
' one value. Cannot generate user id.');
}
$attributeValue = $attributeValue[0];
if(empty($attributeValue)) {
throw new Exception('Attribute "' . $attributeName . '" for user was empty. Cannot' .
' generate user id.');
}
} }
$attributeValue = $state['UserID'];
$secretSalt = self::getSecretSalt(); $secretSalt = self::getSecretSalt();
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment