From 32063a86a57888a44fd4c0f915a9045b3d0cc4b5 Mon Sep 17 00:00:00 2001
From: Tyler Antonio <tantonio@ualberta.ca>
Date: Wed, 9 Nov 2016 11:28:01 -0700
Subject: [PATCH] Add ability to define additional attributes on ContactPerson
 element

---
 composer.json                            |  2 +-
 lib/SimpleSAML/Metadata/SAMLBuilder.php  |  4 ++++
 lib/SimpleSAML/Utils/Config/Metadata.php | 14 ++++++++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index fbe519d12..ee3202e08 100644
--- a/composer.json
+++ b/composer.json
@@ -35,7 +35,7 @@
 		"ext-date": "*",
 		"ext-hash": "*",
 		"ext-json": "*",
-        "simplesamlphp/saml2": "dev-master#00e38f85b417be1e10a2d738dd2f5ea82edb472c as 2.2",
+        "simplesamlphp/saml2": "dev-master#a94403bfe5627c90fe3764e0ada5a44841a11e80 as 2.3.3",
         "robrichards/xmlseclibs": "~2.0",
         "whitehat101/apr1-md5": "~1.0",
         "twig/twig": "~1.0",
diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index 35156f7db..90451b713 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -688,6 +688,10 @@ class SimpleSAML_Metadata_SAMLBuilder
         $e = new \SAML2\XML\md\ContactPerson();
         $e->contactType = $type;
 
+        if (!empty($details['attributes'])) {
+            $e->ContactPersonAttributes = $details['attributes'];
+        }
+
         if (isset($details['company'])) {
             $e->Company = $details['company'];
         }
diff --git a/lib/SimpleSAML/Utils/Config/Metadata.php b/lib/SimpleSAML/Utils/Config/Metadata.php
index d9f932835..8232e2d3f 100644
--- a/lib/SimpleSAML/Utils/Config/Metadata.php
+++ b/lib/SimpleSAML/Utils/Config/Metadata.php
@@ -27,6 +27,12 @@ class Metadata
 
 
     /**
+     * Valid options for the ContactPerson element
+     *
+     * The 'attributes' option isn't defined in section 2.3.2.2 of the OASIS document, but
+     * it is required to allow additons to the main contact person element for trust
+     * frameworks.
+     *
      * @var array The valid configuration options for a contact configuration array.
      * @see "Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0", section 2.3.2.2.
      */
@@ -37,6 +43,7 @@ class Metadata
         'surName',
         'telephoneNumber',
         'company',
+        'attributes',
     );
 
 
@@ -108,6 +115,13 @@ class Metadata
             throw new \InvalidArgumentException('"contactType" is mandatory and must be one of '.$types.".");
         }
 
+        // check attributes is an associative array
+        if (isset($contact['attributes'])) {
+            if (empty($contact['attributes']) || empty(array_filter(array_keys($contact['attributes']), 'is_string'))) {
+                throw new \InvalidArgumentException('"attributes" must be an array and cannot be empty.');
+            }
+        }
+
         // try to fill in givenName and surName from name
         if (isset($contact['name']) && !isset($contact['givenName']) && !isset($contact['surName'])) {
             // first check if it's comma separated
-- 
GitLab