From 214c920d0c06ce18e3136f025a1c1806b4aebdb7 Mon Sep 17 00:00:00 2001
From: Thijs Kinkhorst <thijs@kinkhorst.com>
Date: Tue, 21 Oct 2014 14:44:48 +0000
Subject: [PATCH] Show NameId on attribute status page.

Only show it if this was a SAML authentication. Shown below the attributes
because the user is most likely more interested in those than in the NameId.
Reuses the present_attributes() function from the attributes table.
---
 dictionaries/status.definition.json |  9 +++++++++
 modules/core/www/authenticate.php   |  2 ++
 templates/status.php                | 14 ++++++++++++++
 3 files changed, 25 insertions(+)

diff --git a/dictionaries/status.definition.json b/dictionaries/status.definition.json
index 492f754c5..57030aaab 100644
--- a/dictionaries/status.definition.json
+++ b/dictionaries/status.definition.json
@@ -23,6 +23,15 @@
 	"sessionsize": {
 		"en": "Session size: %SIZE%"
 	},
+	"subject_header": {
+		"en": "SAML Subject"
+	},
+	"subject_notset": {
+		"en": "not set"
+	},
+	"subject_format": {
+		"en": "Format"
+	},
 	"attributes_header": {
 		"en": "Your attributes"
 	},
diff --git a/modules/core/www/authenticate.php b/modules/core/www/authenticate.php
index 50fda636c..0e23193c1 100644
--- a/modules/core/www/authenticate.php
+++ b/modules/core/www/authenticate.php
@@ -51,6 +51,8 @@ $t = new SimpleSAML_XHTML_Template($config, 'status.php', 'attributes');
 
 $t->data['header'] = '{status:header_saml20_sp}';
 $t->data['attributes'] = $attributes;
+// if saml:sp:IdP is set, this is SAML auth so we can pass a NameId
+$t->data['nameid'] = !is_null( $as->getAuthData('saml:sp:IdP') ) ? $as->getAuthData('saml:sp:NameID') : FALSE;
 $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?as=' . urlencode($asId) . '&logout';
 $t->show();
 
diff --git a/templates/status.php b/templates/status.php
index 2fee75ff9..edd554639 100644
--- a/templates/status.php
+++ b/templates/status.php
@@ -30,6 +30,20 @@ if(isset($this->data['sessionsize'])) {
 $attributes = $this->data['attributes'];
 echo(present_attributes($this, $attributes, ''));
 
+$nameid = $this->data['nameid'];
+if ( $nameid !== FALSE ) {
+	echo "<h2>" .$this->t('{status:subject_header}') . "</h2>";
+	if ( !isset($nameid['Value']) ) {
+		$list = array("NameID" => array($this->t('{status:subject_notset}')));
+		echo "<p>NameID: <span class=\"notset\">" . $this->t('{status:subject_notset}') . "</span></p>";
+	} else {
+		$list = array(
+			"NameId" => array($nameid['Value']),
+			$this->t('{status:subject_format}') => array($nameid['Format']) );
+	}
+	echo(present_attributes($this, $list, ''));
+}
+
 if (isset($this->data['logout'])) {
 	echo('<h2>' . $this->t('{status:logout}') . '</h2>');
 	echo('<p>' . $this->data['logout'] . '</p>');
-- 
GitLab