From 80b8a8274817e7be750e2a990e0b4a6a20c61ecc Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 29 Sep 2009 11:11:49 +0000
Subject: [PATCH] saml: Add NameIDPolicy option which replaces the NameIDFormat
 option.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1797 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml2/lib/Message.php | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php
index ed71237d1..15a4c2a04 100644
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -347,10 +347,18 @@ class sspmod_saml2_Message {
 
 		$ar = new SAML2_AuthnRequest();
 
-		$ar->setNameIdPolicy(array(
-			'Format' => $spMetadata->getString('NameIDFormat', SAML2_Const::NAMEID_TRANSIENT),
-			'AllowCreate' => TRUE,
+		if ($spMetadata->hasValue('NameIDPolicy')) {
+			$nameIdPolicy = $spMetadata->getString('NameIDPolicy', NULL);
+		} else {
+			$nameIdPolicy = $spMetadata->getString('NameIDFormat', SAML2_Const::NAMEID_TRANSIENT);
+		}
+
+		if ($nameIdPolicy !== NULL) {
+			$ar->setNameIdPolicy(array(
+				'Format' => $nameIdPolicy,
+				'AllowCreate' => TRUE,
 			));
+		}
 
 		$ar->setIssuer($spMetadata->getString('entityid'));
 		$ar->setDestination($idpMetadata->getString('SingleSignOnService'));
-- 
GitLab