From 35e86bed1e284075fdf2b322d542d4e354a52141 Mon Sep 17 00:00:00 2001
From: Andjelko Horvat <comel@vingd.com>
Date: Tue, 5 Jul 2011 13:24:26 +0000
Subject: [PATCH] saml/SP: support for samlp:Extensions.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2868 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SAML2/AuthnRequest.php          |  3 +++
 modules/saml/docs/sp.txt            | 16 ++++++++++++++++
 modules/saml/lib/Auth/Source/SP.php |  4 ++++
 3 files changed, 23 insertions(+)

diff --git a/lib/SAML2/AuthnRequest.php b/lib/SAML2/AuthnRequest.php
index 2e2134f5f..f945cddda 100644
--- a/lib/SAML2/AuthnRequest.php
+++ b/lib/SAML2/AuthnRequest.php
@@ -461,6 +461,9 @@ class SAML2_AuthnRequest extends SAML2_Request {
 			}
 		}
 
+		if (!empty($this->extensions)) {
+			SAML2_XML_samlp_Extensions::addList($root, $this->extensions);
+		}
 
 		if ($this->ProxyCount !== null || count($this->IDPList) > 0 || count($this->RequesterID) > 0) {
 			$scoping = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'Scoping');
diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt
index f3c94092c..4c95f5165 100644
--- a/modules/saml/docs/sp.txt
+++ b/modules/saml/docs/sp.txt
@@ -41,6 +41,11 @@ All these parameters override the equivalent option from the configuration.
 
 :   *Note*: SAML 2 specific.
 
+`saml:Extensions`
+:   The samlp:Extensions that will be sent in the login request.
+
+:   *Note*: SAML 2 specific.
+
 
 Authentication data
 -------------------
@@ -107,6 +112,17 @@ Here we will list some examples for this authentication source.
         'saml:AuthnContextClassRef' => 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password',
     ));
 
+### Using samlp:Extensions
+
+    $dom = new DOMDocument();
+    $ce = $dom->createElementNS('http://www.example.com/XFoo', 'xfoo:test', 'Test data!');
+    ext[] = new SAML2_XML_Chunk($ce);
+
+    $auth = new SimpleSAML_Auth_Simple('default-sp');
+    $auth->login(array(
+        'saml:Extensions' => $ext,
+    ));
+
 
 Options
 -------
diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index eaf676534..fd2536f83 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -248,6 +248,10 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		
 		$ar->setRequesterID($requesterID);
 		
+		if (isset($state['saml:Extensions'])) {
+			$ar->setExtensions($state['saml:Extensions']);
+		}
+
 		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso', TRUE);
 		$ar->setId($id);
 
-- 
GitLab