From 4b88ee0a2012a75e67a6b175a8cdfa779e7da7ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Wed, 13 Feb 2008 12:04:15 +0000
Subject: [PATCH] Adding namequalifier in the shibboleth 1.3 idp

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@289 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/XML/Shib13/AuthnResponse.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
index 9186ad580..03073ef71 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
@@ -277,13 +277,15 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
 		$audience = isset($spmd['audience']) ? $spmd['audience'] : $spentityid;
 		$base64 = isset($spmd['base64attributes']) ? $spmd['base64attributes'] : false;
 		
+		$namequalifier = isset($spmd['NameQualifier']) ? $spmd['NameQualifier'] : $spmd['entityid'];
+		
 		$encodedattributes = '';
 		
 		if (is_array($attributes)) {
 
 			$encodedattributes .= '<AttributeStatement>
 				<Subject>
-					<NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier">' . htmlspecialchars($nameid) . '</NameIdentifier>
+					<NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier" NameQualifier="' . htmlspecialchars($namequalifier) . '">' . htmlspecialchars($nameid) . '</NameIdentifier>
 				</Subject>';
 				
 			foreach ($attributes AS $name => $value) {
@@ -321,14 +323,13 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
         <AuthenticationStatement AuthenticationInstant="' . $issueInstant. '"
             AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">
             <Subject>
-                <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier">' . htmlspecialchars($nameid) . '</NameIdentifier>
+                <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier" NameQualifier="' . htmlspecialchars($namequalifier) . '">' . htmlspecialchars($nameid) . '</NameIdentifier>
                 <SubjectConfirmation>
                     <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod>
                 </SubjectConfirmation>
             </Subject>
         </AuthenticationStatement>
-        
-                ' . $encodedattributes . '
+        ' . $encodedattributes . '
     </Assertion>
 </Response>';
 		  
-- 
GitLab