From 773fa85a66e59ef7f56df0eff2264c88c8c584b9 Mon Sep 17 00:00:00 2001
From: Mads Freek Petersen <freek@wayf.dk>
Date: Thu, 16 Apr 2009 08:34:20 +0000
Subject: [PATCH] Added support for attributes in <cas:serviceResponse>:

Need to be enabled in config/module_casserver.php with:

'attributes' => TRUE,

The 'schema' is:

<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
  <cas:authenticationSuccess>
    <cas:user>xxx</cas:user>
    <cas:attributes>
      <cas:foo>bar</cas:foo>
      <cas:foo>baz</cas:foo>
    </cas:attributes>
  </cas:authenticationSuccess>
</cas:serviceResponse>

where foo is the attribute name and bar,baz are the values.


git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1464 44740490-163a-0410-bde0-09ae8108e29a
---
 .../config-templates/module_casserver.php      |  1 +
 modules/casserver/www/serviceValidate.php      | 18 ++++++++++++++----
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/modules/casserver/config-templates/module_casserver.php b/modules/casserver/config-templates/module_casserver.php
index a7097b786..007034f5c 100644
--- a/modules/casserver/config-templates/module_casserver.php
+++ b/modules/casserver/config-templates/module_casserver.php
@@ -18,6 +18,7 @@ $config = array (
 	'ticketcache' => 'ticketcache',
 
 	'attrname' => 'mail', // 'eduPersonPrincipalName',
+	#'attributes' => TRUE, // enable transfer of attributes
 	
 );
 
diff --git a/modules/casserver/www/serviceValidate.php b/modules/casserver/www/serviceValidate.php
index ab1073954..23df67a20 100644
--- a/modules/casserver/www/serviceValidate.php
+++ b/modules/casserver/www/serviceValidate.php
@@ -37,9 +37,10 @@ try {
 	$ticketcontent = retrieveTicket($ticket, $path);
 	
 	$usernamefield = $casconfig->getValue('attrname', 'eduPersonPrincipalName');
+	$dosendattributes = $casconfig->getValue('attributes', FALSE);;
 	
 	if (array_key_exists($usernamefield, $ticketcontent)) {
-		returnResponse('YES', $ticketcontent[$usernamefield][0]);
+		returnResponse('YES', $ticketcontent[$usernamefield][0], $dosendattributes ? $ticketcontent : array());
 	} else {
 		returnResponse('NO');
 	}
@@ -49,12 +50,21 @@ try {
 	returnResponse('NO', $e->getMessage());
 }
 
-function returnResponse($value, $content = '') {
+function returnResponse($value, $content = '', $attributes = array()) {
 	if ($value === 'YES') {
+		$attributesxml = "";
+		foreach ($attributes as $attributename => $attributelist) {
+			$attr = htmlentities($attributename);
+			foreach ($attributelist as $attributevalue) {
+				$attributesxml .= "<cas:$attr>" . htmlentities($attributevalue) . "</cas:$attr>";
+			}
+		}
+		if (sizeof($attributes)) $attributesxml = '<cas:attributes>' . $attributesxml . '</cas:attributes>';
 		echo '<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
     <cas:authenticationSuccess>
-	<cas:user>' . htmlentities($content) . '</cas:user>
-    </cas:authenticationSuccess>
+	<cas:user>' . htmlentities($content) . '</cas:user>' .
+	$attributesxml .
+    '</cas:authenticationSuccess>
 </cas:serviceResponse>';
 
 	} else {
-- 
GitLab