saml2: Generate stable persistent NameID values.

Patch by jon.prettyman <http://code.google.com/u/jon.prettyman/>. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2238 44740490-163a-0410-bde0-09ae8108e29a

saml2: Generate stable persistent NameID values.
Patch by jon.prettyman <http://code.google.com/u/jon.prettyman/>. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2238 44740490-163a-0410-bde0-09ae8108e29a
53c02b61 · Olav Morken · bc16ada5 · 53c02b61
Commit 53c02b61 authored 15 years ago by Olav Morken
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -461,8 +461,10 @@ class sspmod_saml2_Message {
 		if ($attribute === NULL) {
 			$attribute = $srcMetadata->getString('simplesaml.nameidattribute', NULL);
 			if ($attribute === NULL) {
-				SimpleSAML_Logger::error('simplesaml.nameidattribute not set in either SP metadata or IdP metadata');
+	                       /* generate a stable id */
-				return SimpleSAML_Utilities::generateID();
+	                       return SimpleSAML_Utilities::generateUserIdentifier($srcMetadata->getString( 'entityid' ),
+			               $dstMetadata->getString( 'entityid' ),
+			               $attributes );
 			}
 		}
@@ -614,8 +616,11 @@ class sspmod_saml2_Message {
 		}
 		if ($nameIdFormat === SAML2_Const::NAMEID_TRANSIENT) {
+		        /* generate a random id */
 			$nameIdValue = SimpleSAML_Utilities::generateID();
 		} else {
+		        /* this code will end up generating either a fixed assigned id (via nameid.attribute)
+			   or random id if not assigned/configured */
 			$nameIdValue = self::generateNameIdValue($srcMetadata, $dstMetadata, $attributes);
 		}