From 5f46f4a74b1de0149baae8a51741e707fed5192e Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@surfnet.nl>
Date: Fri, 19 Jun 2009 15:31:11 +0000
Subject: [PATCH] implement nameid stuff and extra check on sp entityid setting

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1529 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/adfs/www/idp/prp.php | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/modules/adfs/www/idp/prp.php b/modules/adfs/www/idp/prp.php
index dd5155803..ddb61938c 100644
--- a/modules/adfs/www/idp/prp.php
+++ b/modules/adfs/www/idp/prp.php
@@ -190,7 +190,12 @@ if (!$session->isValid($authority) ) {
 	
 		$spentityid = $requestcache['Issuer'];
 		$spmetadata = SimpleSAML_Configuration::getConfig('adfs-sp-remote.php');
-		$spmetadata = SimpleSAML_Configuration::loadFromArray($spmetadata->getValue($spentityid));
+		
+		$arr = $spmetadata->getValue($spentityid);
+		if (!isset($arr)) {
+			throw new Exception('Metadata for ADFS SP "' . $spentityid . '" could not be found in adfs-sp-remote.php!');
+		}
+		$spmetadata = SimpleSAML_Configuration::loadFromArray($arr);
 
 		$sp_name = $spmetadata->getValue('name', $spentityid);
 
@@ -241,8 +246,17 @@ if (!$session->isValid($authority) ) {
 		if (array_key_exists('RelayState', $requestcache)) $relayState = $requestcache['RelayState'];
 
 		$nameid = $session->getNameID();
+		$nameid = $nameid['value'];
+		
+		$nameidattribute = $spmetadata->getValue('simplesaml.nameidattribute');
+		if (isset($nameidattribute)) {
+			if (!array_key_exists($nameidattribute, $attributes)) {
+				throw new Exception('simplesaml.nameidattribute does not exist in resulting attribute set');
+			}
+			$nameid = $attributes[$nameidattribute][0];
+		}
 
-		$response = ADFS_GenerateResponse($idpentityid, $spentityid, $nameid['value'], $attributes);
+		$response = ADFS_GenerateResponse($idpentityid, $spentityid, $nameid, $attributes);
 		$wresult = ADFS_SignResponse($response, $config->getPathValue('certdir') . $adfsconfig->getValue('key'), $config->getPathValue('certdir') . $adfsconfig->getValue('cert'));
 
 		ADFS_PostResponse($spmetadata->getValue('prp'), $wresult, $relayState);
-- 
GitLab