From 8498e8023468f415472a121f5121376bccc0a2af Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 1 Jun 2010 12:33:22 +0000
Subject: [PATCH] saml2:buildAssertion: Change to use the state array directly.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2335 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml/lib/IdP/SAML2.php |  3 +--
 modules/saml2/lib/Message.php  | 12 +++++++-----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index e5951696c..23696bf28 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -27,7 +27,6 @@ class sspmod_saml_IdP_SAML2 {
 
 		SimpleSAML_Logger::info('Sending SAML 2.0 Response to ' . var_export($spEntityId, TRUE));
 
-		$attributes = $state['Attributes'];
 		$requestId = $state['saml:RequestId'];
 		$relayState = $state['saml:RelayState'];
 		$consumerURL = $state['saml:ConsumerURL'];
@@ -46,7 +45,7 @@ class sspmod_saml_IdP_SAML2 {
 
 		$idpMetadata = $idp->getConfig();
 
-		$assertion = sspmod_saml2_Message::buildAssertion($idpMetadata, $spMetadata, $attributes, $consumerURL);
+		$assertion = sspmod_saml2_Message::buildAssertion($idpMetadata, $spMetadata, $state);
 		$assertion->setInResponseTo($requestId);
 		
 		if (isset($state['saml:AuthenticatingAuthority'])) {
diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php
index 38de9951f..8e453037d 100644
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -558,11 +558,13 @@ class sspmod_saml2_Message {
 	 *
 	 * @param SimpleSAML_Configuration $srcMetadata  The metadata of the sender (IdP).
 	 * @param SimpleSAML_Configuration $dstMetadata  The metadata of the recipient (SP).
-	 * @param array $attributes  The attributes of the user
+	 * @param array &$state  The state array with information about the request.
 	 * @return SAML2_Assertion  The assertion.
 	 */
 	public static function buildAssertion(SimpleSAML_Configuration $srcMetadata,
-		SimpleSAML_Configuration $dstMetadata, array $attributes, $consumerURL) {
+		SimpleSAML_Configuration $dstMetadata, array &$state) {
+		assert('isset($state["Attributes"])');
+		assert('isset($state["saml:ConsumerURL"])');
 
 		$signAssertion = $dstMetadata->getBoolean('saml20.sign.assertion', NULL);
 		if ($signAssertion === NULL) {
@@ -577,7 +579,7 @@ class sspmod_saml2_Message {
 		}
 
 		$a->setIssuer($srcMetadata->getString('entityid'));
-		$a->setDestination($consumerURL);
+		$a->setDestination($state['saml:ConsumerURL']);
 		$a->setValidAudiences(array($dstMetadata->getString('entityid')));
 
 		$a->setNotBefore(time() - 30);
@@ -608,7 +610,7 @@ class sspmod_saml2_Message {
 					'urn:oasis:names:tc:SAML:2.0:attrname-format:basic');
 			}
 			$a->setAttributeNameFormat($attributeNameFormat);
-			$attributes = self::encodeAttributes($srcMetadata, $dstMetadata, $attributes);
+			$attributes = self::encodeAttributes($srcMetadata, $dstMetadata, $state['Attributes']);
 			$a->setAttributes($attributes);
 		}
 
@@ -628,7 +630,7 @@ class sspmod_saml2_Message {
 		} else {
 		        /* this code will end up generating either a fixed assigned id (via nameid.attribute)
 			   or random id if not assigned/configured */
-			$nameIdValue = self::generateNameIdValue($srcMetadata, $dstMetadata, $attributes);
+			$nameIdValue = self::generateNameIdValue($srcMetadata, $dstMetadata, $state['Attributes']);
 		}
 
 		$a->setNameId(array(
-- 
GitLab