diff --git a/modules/smartattributes/lib/Auth/Process/SmartID.php b/modules/smartattributes/lib/Auth/Process/SmartID.php
index 01bd727fb54d9e93f8f68fac0ad357618f82904a..6c9e30a9ba96a5849540c25ff59a71bc6e0d3cbc 100644
--- a/modules/smartattributes/lib/Auth/Process/SmartID.php
+++ b/modules/smartattributes/lib/Auth/Process/SmartID.php
@@ -1,117 +1,120 @@
<?php
-class sspmod_smartattributes_Auth_Process_SmartID extends SimpleSAML_Auth_ProcessingFilter {
-
- /**
- * Which attributes to use as identifiers?
- *
- * IMPORTANT: If you use the (default) attributemaps (twitter2name, facebook2name,
- * etc., be sure to comment out the entries that map xxx_targetedID to
- * eduPersonTargetedID, or there will be no way to see its origin any more.
- */
- private $_candidates = array(
- 'eduPersonTargetedID',
- 'eduPersonPrincipalName',
- 'openid',
- 'facebook_targetedID',
- 'twitter_targetedID',
- 'windowslive_targetedID',
- 'linkedin_targetedID',
- );
-
- /**
- * The name of the generated ID attribute.
- */
- private $_id_attribute = 'smart_id';
-
- /**
- * Whether to append the AuthenticatingAuthority, separated by '!'
- * This only works when SSP is used as a gateway.
- */
- private $_add_authority = true;
-
- /**
- * Whether to prepend the CandidateID, separated by ':'
- */
- private $_add_candidate = true;
-
- /**
- * Attributes which should be added/appended.
- *
- * Associative array of arrays.
- */
- private $attributes = array();
-
-
- public function __construct($config, $reserved) {
- parent::__construct($config, $reserved);
-
- assert(is_array($config));
-
- if (array_key_exists('candidates', $config)) {
- $this->_candidates = $config['candidates'];
- if (!is_array($this->_candidates)) {
- throw new Exception('SmartID authproc configuration error: \'candidates\' should be an array.');
- }
- }
-
- if (array_key_exists('id_attribute', $config)) {
- $this->_id_attribute = $config['id_attribute'];
- if (!is_string($this->_id_attribute)) {
- throw new Exception('SmartID authproc configuration error: \'id_attribute\' should be a string.');
- }
- }
-
- if (array_key_exists('add_authority', $config)) {
- $this->_add_authority = $config['add_authority'];
- if (!is_bool($this->_add_authority)) {
- throw new Exception('SmartID authproc configuration error: \'add_authority\' should be a boolean.');
- }
- }
-
- if (array_key_exists('add_candidate', $config)) {
- $this->_add_candidate = $config['add_candidate'];
- if (!is_bool($this->_add_candidate)) {
- throw new Exception('SmartID authproc configuration error: \'add_candidate\' should be a boolean.');
- }
- }
-
- }
-
- private function addID($attributes, $request) {
+class sspmod_smartattributes_Auth_Process_SmartID extends SimpleSAML_Auth_ProcessingFilter
+{
+ /**
+ * Which attributes to use as identifiers?
+ *
+ * IMPORTANT: If you use the (default) attributemaps (twitter2name, facebook2name,
+ * etc., be sure to comment out the entries that map xxx_targetedID to
+ * eduPersonTargetedID, or there will be no way to see its origin any more.
+ */
+ private $_candidates = array(
+ 'eduPersonTargetedID',
+ 'eduPersonPrincipalName',
+ 'openid',
+ 'facebook_targetedID',
+ 'twitter_targetedID',
+ 'windowslive_targetedID',
+ 'linkedin_targetedID',
+ );
+
+ /**
+ * The name of the generated ID attribute.
+ */
+ private $_id_attribute = 'smart_id';
+
+ /**
+ * Whether to append the AuthenticatingAuthority, separated by '!'
+ * This only works when SSP is used as a gateway.
+ */
+ private $_add_authority = true;
+
+ /**
+ * Whether to prepend the CandidateID, separated by ':'
+ */
+ private $_add_candidate = true;
+
+ /**
+ * Attributes which should be added/appended.
+ *
+ * Associative array of arrays.
+ */
+ private $attributes = array();
+
+
+ public function __construct($config, $reserved)
+ {
+ parent::__construct($config, $reserved);
+
+ assert(is_array($config));
+
+ if (array_key_exists('candidates', $config)) {
+ $this->_candidates = $config['candidates'];
+ if (!is_array($this->_candidates)) {
+ throw new Exception('SmartID authproc configuration error: \'candidates\' should be an array.');
+ }
+ }
+
+ if (array_key_exists('id_attribute', $config)) {
+ $this->_id_attribute = $config['id_attribute'];
+ if (!is_string($this->_id_attribute)) {
+ throw new Exception('SmartID authproc configuration error: \'id_attribute\' should be a string.');
+ }
+ }
+
+ if (array_key_exists('add_authority', $config)) {
+ $this->_add_authority = $config['add_authority'];
+ if (!is_bool($this->_add_authority)) {
+ throw new Exception('SmartID authproc configuration error: \'add_authority\' should be a boolean.');
+ }
+ }
+
+ if (array_key_exists('add_candidate', $config)) {
+ $this->_add_candidate = $config['add_candidate'];
+ if (!is_bool($this->_add_candidate)) {
+ throw new Exception('SmartID authproc configuration error: \'add_candidate\' should be a boolean.');
+ }
+ }
+ }
+
+ private function addID($attributes, $request)
+ {
$state = $request['saml:sp:State'];
- foreach ($this->_candidates as $idCandidate) {
- if (isset($attributes[$idCandidate][0])) {
- if(($this->_add_authority) && (isset($state['saml:AuthenticatingAuthority'][0]))) {
- return ($this->_add_candidate ? $idCandidate.':' : '').$attributes[$idCandidate][0] . '!' . $state['saml:AuthenticatingAuthority'][0];
- } else {
- return ($this->_add_candidate ? $idCandidate.':' : '').$attributes[$idCandidate][0];
- }
- }
- }
- /*
- * At this stage no usable id_candidate has been detected.
- */
- throw new SimpleSAML_Error_Exception('This service needs at least one of the following
- attributes to identity users: '.implode(', ', $this->_candidates).'. Unfortunately not
- one of them was detected. Please ask your institution administrator to release one of
- them, or try using another identity provider.');
- }
-
-
- /**
- * Apply filter to add or replace attributes.
- *
- * Add or replace existing attributes with the configured values.
- *
- * @param array &$request The current request
- */
- public function process(&$request) {
- assert(is_array($request));
- assert(array_key_exists('Attributes', $request));
-
- $ID = $this->addID($request['Attributes'], $request);
-
- if(isset($ID)) $request['Attributes'][$this->_id_attribute] = array($ID);
- }
+ foreach ($this->_candidates as $idCandidate) {
+ if (isset($attributes[$idCandidate][0])) {
+ if (($this->_add_authority) && (isset($state['saml:AuthenticatingAuthority'][0]))) {
+ return ($this->_add_candidate ? $idCandidate.':' : '').$attributes[$idCandidate][0].'!'.$state['saml:AuthenticatingAuthority'][0];
+ } else {
+ return ($this->_add_candidate ? $idCandidate.':' : '').$attributes[$idCandidate][0];
+ }
+ }
+ }
+ /*
+ * At this stage no usable id_candidate has been detected.
+ */
+ throw new SimpleSAML_Error_Exception('This service needs at least one of the following
+ attributes to identity users: '.implode(', ', $this->_candidates).'. Unfortunately not
+ one of them was detected. Please ask your institution administrator to release one of
+ them, or try using another identity provider.');
+ }
+
+ /**
+ * Apply filter to add or replace attributes.
+ *
+ * Add or replace existing attributes with the configured values.
+ *
+ * @param array &$request The current request
+ */
+ public function process(&$request)
+ {
+ assert(is_array($request));
+ assert(array_key_exists('Attributes', $request));
+
+ $id = $this->addID($request['Attributes'], $request);
+
+ if (isset($id)) {
+ $request['Attributes'][$this->_id_attribute] = array($id);
+ }
+ }
}
diff --git a/modules/smartattributes/lib/Auth/Process/SmartName.php b/modules/smartattributes/lib/Auth/Process/SmartName.php
index 44323f9196a22ab4ae2597eb76a117e95c493162..23e71fd851d5bb09a3e78bc3433540af40b051c4 100644
--- a/modules/smartattributes/lib/Auth/Process/SmartName.php
+++ b/modules/smartattributes/lib/Auth/Process/SmartName.php
@@ -6,71 +6,84 @@
* @author Andreas Ă…kre Solberg, UNINETT AS.
* @package SimpleSAMLphp
*/
-class sspmod_smartattributes_Auth_Process_SmartName extends SimpleSAML_Auth_ProcessingFilter {
+class sspmod_smartattributes_Auth_Process_SmartName extends SimpleSAML_Auth_ProcessingFilter
+{
+ /**
+ * Attributes which should be added/appended.
+ *
+ * Assiciative array of arrays.
+ */
+ private $attributes = array();
- /**
- * Attributes which should be added/appended.
- *
- * Assiciative array of arrays.
- */
- private $attributes = array();
+ private function getFullName($attributes)
+ {
+ if (isset($attributes['displayName'])) {
+ return $attributes['displayName'][0];
+ }
- private function getFullName($attributes) {
- if (isset($attributes['displayName']))
- return $attributes['displayName'][0];
-
- if (isset($attributes['cn'])) {
- if (count(explode(' ', $attributes['cn'][0])) > 1)
- return $attributes['cn'][0];
- }
-
- if (isset($attributes['sn']) && isset($attributes['givenName']))
- return $attributes['givenName'][0] . ' ' . $attributes['sn'][0];
+ if (isset($attributes['cn'])) {
+ if (count(explode(' ', $attributes['cn'][0])) > 1) {
+ return $attributes['cn'][0];
+ }
+ }
- if (isset($attributes['cn']))
- return $attributes['cn'][0];
+ if (isset($attributes['sn']) && isset($attributes['givenName'])) {
+ return $attributes['givenName'][0].' '.$attributes['sn'][0];
+ }
- if (isset($attributes['sn']))
- return $attributes['sn'][0];
+ if (isset($attributes['cn'])) {
+ return $attributes['cn'][0];
+ }
- if (isset($attributes['givenName']))
- return $attributes['givenName'][0];
-
- if (isset($attributes['eduPersonPrincipalName'])) {
- $localname = $this->getLocalUser($attributes['eduPersonPrincipalName'][0]);
- if (isset($localname)) return $localname;
- }
-
- return NULL;
- }
-
- private function getLocalUser($userid) {
- if (strpos($userid, '@') === FALSE) return NULL;
- $decomposed = explode('@', $userid);
- if(count($decomposed) === 2) {
- return $decomposed[0];
- }
- return NULL;
- }
+ if (isset($attributes['sn'])) {
+ return $attributes['sn'][0];
+ }
- /**
- * Apply filter to add or replace attributes.
- *
- * Add or replace existing attributes with the configured values.
- *
- * @param array &$request The current request
- */
- public function process(&$request) {
- assert(is_array($request));
- assert(array_key_exists('Attributes', $request));
+ if (isset($attributes['givenName'])) {
+ return $attributes['givenName'][0];
+ }
- $attributes =& $request['Attributes'];
-
- $fullname = $this->getFullName($attributes);
-
- if(isset($fullname)) $request['Attributes']['smartname-fullname'] = array($fullname);
-
- }
+ if (isset($attributes['eduPersonPrincipalName'])) {
+ $localname = $this->getLocalUser($attributes['eduPersonPrincipalName'][0]);
+ if (isset($localname)) {
+ return $localname;
+ }
+ }
+ return null;
+ }
+
+ private function getLocalUser($userid)
+ {
+ if (strpos($userid, '@') === false) {
+ return null;
+ }
+ $decomposed = explode('@', $userid);
+ if (count($decomposed) === 2) {
+ return $decomposed[0];
+ }
+ return null;
+ }
+
+ /**
+ * Apply filter to add or replace attributes.
+ *
+ * Add or replace existing attributes with the configured values.
+ *
+ * @param array &$request The current request
+ */
+ public function process(&$request)
+ {
+ assert(is_array($request));
+ assert(array_key_exists('Attributes', $request));
+
+ $attributes =& $request['Attributes'];
+
+ $fullname = $this->getFullName($attributes);
+
+ if (isset($fullname)) {
+ $request['Attributes']['smartname-fullname'] = array($fullname);
+ }
+ }
}