Added new Auth proccessing filter that sets the realm (last part of...

Added new Auth proccessing filter that sets the realm (last part of edupersonprincipalname) as a separate attribute git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1108 44740490-163a-0410-bde0-09ae8108e29a

Added new Auth proccessing filter that sets the realm (last part of...
Added new Auth proccessing filter that sets the realm (last part of edupersonprincipalname) as a separate attribute git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1108 44740490-163a-0410-bde0-09ae8108e29a
5ea3b39c · Andreas Åkre Solberg · a772f3f1 · 5ea3b39c · 5ea3b39c
Commit 5ea3b39c authored 16 years ago by Andreas Åkre Solberg
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -235,6 +235,10 @@ $config = array (
 		20 => 'core:TargetedID',
 		*/

+		/* Add a realm attribute from edupersonprincipalname
+		40 => 'core:AttributeRealm',
+		 */
+
 		/* When called without parameters, it will fallback to filter attributes ‹the old way›
 		 * by checking the 'attributes' parameter in metadata on IdP hosted and SP remote.
 		 */

--- a/modules/core/lib/Auth/Process/AttributeRealm.php
+++ b/modules/core/lib/Auth/Process/AttributeRealm.php
+<?php
+
+/**
+ * Filter that will take the user ID on the format 'andreas@uninett.no'
+ * and create a new attribute 'realm' that includes the value after the '@' sign.
+ *
+ * @author Andreas Åkre Solberg, UNINETT AS.
+ * @package simpleSAMLphp
+ * @version $Id$
+ */
+class sspmod_core_Auth_Process_AttributeRealm extends SimpleSAML_Auth_ProcessingFilter {
+
+	private $attributename = 'realm';
+
+	/**
+	 * Initialize this filter.
+	 *
+	 * @param array $config  Configuration information about this filter.
+	 * @param mixed $reserved  For future use.
+	 */
+	public function __construct($config, $reserved) {
+		parent::__construct($config, $reserved);
+		assert('is_array($config)');
+		
+		if (array_key_exists('attributename', $config))
+			$this->attributename = $config['attributename'];
+
+	}
+
+
+	/**
+	 * Apply filter to add or replace attributes.
+	 *
+	 * Add or replace existing attributes with the configured values.
+	 *
+	 * @param array &$request  The current request
+	 */
+	public function process(&$request) {
+		assert('is_array($request)');
+		assert('array_key_exists("Attributes", $request)');
+
+		$attributes =& $request['Attributes'];
+
+		if (!array_key_exists('UserID', $request)) {
+			throw new Exception('core:AttributeRealm: Missing UserID for this user. Please' .
+				' check the \'userid.attribute\' option in the metadata against the' .
+				' attributes provided by the authentication source.');
+		}
+		$userID = $request['UserID'];
+		$decomposed = explode('@', $userID);
+		if (count($decomposed) !== 2) return;
+		$request['Attributes'][$this->attributename] = array($decomposed[1]);
+	}
+
+}
+
+?>
\ No newline at end of file