From 8952dfae7193604baa8211c30fb3b0556638e76d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Thu, 8 Jan 2009 16:17:36 +0000
Subject: [PATCH] Adding backward compability to AttributeLimit proc filter in
 core module. It nows can filter on the attributes parameter of config...

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1101 44740490-163a-0410-bde0-09ae8108e29a
---
 .../core/lib/Auth/Process/AttributeLimit.php    | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/modules/core/lib/Auth/Process/AttributeLimit.php b/modules/core/lib/Auth/Process/AttributeLimit.php
index 23313b1fd..c7b805b34 100644
--- a/modules/core/lib/Auth/Process/AttributeLimit.php
+++ b/modules/core/lib/Auth/Process/AttributeLimit.php
@@ -32,15 +32,16 @@ class sspmod_core_Auth_Process_AttributeLimit extends SimpleSAML_Auth_Processing
 		parent::__construct($config, $reserved);
 
 		assert('is_array($config)');
+		
 
 		foreach($config as $name) {
-
 			if(!is_string($name)) {
 				throw new Exception('Invalid attribute name: ' . var_export($name, TRUE));
 			}
-
 			$this->allowedAttributes[] = $name;
 		}
+		
+		
 	}
 
 
@@ -55,6 +56,18 @@ class sspmod_core_Auth_Process_AttributeLimit extends SimpleSAML_Auth_Processing
 		assert('is_array($request)');
 		assert('array_key_exists("Attributes", $request)');
 
+		if (empty($this->allowedAttributes)) {
+			if (array_key_exists('attributes', $request['Source'])) {
+				if (array_key_exists('attributes', $request['Destination'])) {
+					$this->allowedAttributes = array_intersect($request['Source']['attributes'], $request['Destination']['attributes']);
+				} else {
+					$this->allowedAttributes = $request['Source']['attributes'];
+				}
+			} else {
+				$this->allowedAttributes = $request['Destination']['attributes'];
+			}
+		}
+		
 		$attributes =& $request['Attributes'];
 
 		foreach($attributes as $name => $values) {
-- 
GitLab