saml: Add NameIDPolicy option which replaces the NameIDFormat option.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1797 44740490-163a-0410-bde0-09ae8108e29a

saml: Add NameIDPolicy option which replaces the NameIDFormat option.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1797 44740490-163a-0410-bde0-09ae8108e29a
80b8a827 · Olav Morken · c311e37e · 80b8a827
Commit 80b8a827 authored 15 years ago by Olav Morken
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -347,10 +347,18 @@ class sspmod_saml2_Message {

 		$ar = new SAML2_AuthnRequest();

-		$ar->setNameIdPolicy(array(
-			'Format' => $spMetadata->getString('NameIDFormat', SAML2_Const::NAMEID_TRANSIENT),
-			'AllowCreate' => TRUE,
+		if ($spMetadata->hasValue('NameIDPolicy')) {
+			$nameIdPolicy = $spMetadata->getString('NameIDPolicy', NULL);
+		} else {
+			$nameIdPolicy = $spMetadata->getString('NameIDFormat', SAML2_Const::NAMEID_TRANSIENT);
+		}
+
+		if ($nameIdPolicy !== NULL) {
+			$ar->setNameIdPolicy(array(
+				'Format' => $nameIdPolicy,
+				'AllowCreate' => TRUE,
 			));
+		}

 		$ar->setIssuer($spMetadata->getString('entityid'));
 		$ar->setDestination($idpMetadata->getString('SingleSignOnService'));