Skip to content
Snippets Groups Projects
Commit 82e58db7 authored by Pieter van der Meulen's avatar Pieter van der Meulen
Browse files

Allow the optional Subject NameID to be set in a SAML AuthnRequest through "saml:NameID"

parent 2428e8f4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/saml/docs/sp.md
+ 7
0
View file @ 82e58db7
......@@ -52,6 +52,13 @@ All these parameters override the equivalent option from the configuration.
: *Note*: SAML 2 specific.
`saml:NameID`
: Add a Subject element with a NameID to the SAML AuthnRequest for the IdP.
This is an associative array with the fields for the NameID.
Example: `array('Value' => 'user@example.org', 'Format' => SAML2_Const::NAMEID_UNSPECIFIED)`
: *Note*: SAML 2 specific.
Authentication data
-------------------
......
modules/saml/lib/Auth/Source/SP.php
+ 7
0
View file @ 82e58db7
......@@ -205,6 +205,13 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
$ar->setIsPassive((bool)$state['isPassive']);
}
if (isset($state['saml:NameID'])) {
if (!is_array($state['saml:NameID'])) {
throw new SimpleSAML_Error_Exception('Invalid value of $state[\'saml:NameID\'].');
}
$ar->setNameId($state['saml:NameID']);
}
if (isset($state['saml:NameIDPolicy'])) {
if (is_string($state['saml:NameIDPolicy'])) {
$policy = array(
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment