From 53c02b61411a133d3c49dd5352970670916a4ef9 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 26 Mar 2010 10:14:48 +0000
Subject: [PATCH] saml2: Generate stable persistent NameID values.

Patch by jon.prettyman <http://code.google.com/u/jon.prettyman/>.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2238 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml2/lib/Message.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php
index 6a5b54418..2f5884273 100644
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -461,8 +461,10 @@ class sspmod_saml2_Message {
 		if ($attribute === NULL) {
 			$attribute = $srcMetadata->getString('simplesaml.nameidattribute', NULL);
 			if ($attribute === NULL) {
-				SimpleSAML_Logger::error('simplesaml.nameidattribute not set in either SP metadata or IdP metadata');
-				return SimpleSAML_Utilities::generateID();
+	                       /* generate a stable id */
+	                       return SimpleSAML_Utilities::generateUserIdentifier($srcMetadata->getString( 'entityid' ),
+			               $dstMetadata->getString( 'entityid' ),
+			               $attributes );
 			}
 		}
 
@@ -614,8 +616,11 @@ class sspmod_saml2_Message {
 		}
 
 		if ($nameIdFormat === SAML2_Const::NAMEID_TRANSIENT) {
+		        /* generate a random id */
 			$nameIdValue = SimpleSAML_Utilities::generateID();
 		} else {
+		        /* this code will end up generating either a fixed assigned id (via nameid.attribute)
+			   or random id if not assigned/configured */
 			$nameIdValue = self::generateNameIdValue($srcMetadata, $dstMetadata, $attributes);
 		}
 
-- 
GitLab