diff --git a/config-templates/config.php b/config-templates/config.php index f42786c70a786208f736951c239614d809267636..0312deb0997bdaf02239f583138fb98e45a7f063 100644 --- a/config-templates/config.php +++ b/config-templates/config.php @@ -243,6 +243,11 @@ $config = array ( /* Add a realm attribute from edupersonprincipalname 40 => 'core:AttributeRealm', */ + 45 => array( + 'class' => 'core:StatisticsWithAttribute', + 'attributename' => 'realm', + 'type' => 'saml20-idp-SSO', + ), /* When called without parameters, it will fallback to filter attributes ‹the old way› * by checking the 'attributes' parameter in metadata on IdP hosted and SP remote. diff --git a/modules/core/lib/Auth/Process/StatisticsWithAttribute.php b/modules/core/lib/Auth/Process/StatisticsWithAttribute.php new file mode 100644 index 0000000000000000000000000000000000000000..49cc61b8789efd8942b8562fbc25cdc762511f3c --- /dev/null +++ b/modules/core/lib/Auth/Process/StatisticsWithAttribute.php @@ -0,0 +1,70 @@ +<?php + +/** + * Log a line in the STAT log with one attribute. + * + * @author Andreas Åkre Solberg, UNINETT AS. + * @package simpleSAMLphp + * @version $Id$ + */ +class sspmod_core_Auth_Process_StatisticsWithAttribute extends SimpleSAML_Auth_ProcessingFilter { + + + /** + * The attribute to log + */ + private $attribute = NULL; + + private $typeTag = 'saml20-idp-SSO'; + + + /** + * Initialize this filter. + * + * @param array $config Configuration information about this filter. + * @param mixed $reserved For future use. + */ + public function __construct($config, $reserved) { + parent::__construct($config, $reserved); + + assert('is_array($config)'); + + if (array_key_exists('attributename', $config)) { + $this->attribute = $config['attributename']; + if (!is_string($this->attribute)) { + throw new Exception('Invalid attribute name given to core:StatisticsWithAttribute filter.'); + } + } + + if (array_key_exists('type', $config)) { + $this->typeTag = $config['type']; + if (!is_string($this->attribute)) { + throw new Exception('Invalid typeTag given to core:StatisticsWithAttribute filter.'); + } + } + } + + + /** + * Log line. + * + * @param array &$state The current state. + */ + public function process(&$state) { + assert('is_array($state)'); + assert('array_key_exists("Attributes", $state)'); + + $logAttribute = 'NA'; + $source = 'NA'; + $dest = 'NA'; + + if (array_key_exists($this->attribute, $state['Attributes'])) $logAttribute = $state['Attributes'][$this->attribute][0]; + if (array_key_exists('Source', $state)) $source = $state['Source']['entityid']; + if (array_key_exists('Destination', $state)) $dest = $state['Destination']['entityid']; + + + SimpleSAML_Logger::stats($this->typeTag . ' ' . $dest . ' ' . $source . ' ' . $logAttribute); + + } + +}