From 8e065b62d0a6e4bb67c06e57efd9647a73b78baa Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 4 Aug 2009 11:05:41 +0000
Subject: [PATCH] saml2_Message: Support attribute encodings.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1626 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml2/lib/Message.php | 55 +++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php
index a28f11c6f..dc11c24a7 100644
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -424,6 +424,60 @@ class sspmod_saml2_Message {
 	}
 
 
+	/**
+	 * Helper function for encoding attributes.
+	 *
+	 * @param SimpleSAML_Configuration $srcMetadata  The metadata of the sender (IdP).
+	 * @param SimpleSAML_Configuration $dstMetadata  The metadata of the recipient (SP).
+	 * @param array $attributes  The attributes of the user
+	 * @return array  The encoded attributes.
+	 */
+	private static function encodeAttributes(SimpleSAML_Configuration $srcMetadata,
+		SimpleSAML_Configuration $dstMetadata, array $attributes) {
+
+		$base64Attributes = $dstMetadata->getBoolean('base64attributes', FALSE);
+		if ($base64Attributes) {
+			$defaultEncoding = 'base64';
+		} else {
+			$defaultEncoding = 'string';
+		}
+
+		$encodings = $dstMetadata->getArray('attributeencodings', array());
+
+		$ret = array();
+		foreach ($attributes as $name => $values) {
+			$ret[$name] = array();
+			if (array_key_exists($name, $encodings)) {
+				$encoding = $encodings[$name];
+			} else {
+				$encoding = $defaultEncoding;
+			}
+
+			foreach ($values as $value) {
+				switch ($encoding) {
+				case 'string':
+					$value = (string)$value;
+					break;
+				case 'base64':
+					$value = base64_encode($value);
+					break;
+				case 'raw':
+					$doc = new DOMDocument();
+					$doc->loadXML('<root>' . $value . '</root>');
+					$value = $doc->firstChild->childNodes;
+					break;
+				default:
+					throw new SimpleSAML_Error_Exception('Invalid encoding for attribute ' .
+						var_export($name, TRUE) . ': ' . var_export($encoding, TRUE));
+				}
+				$ret[$name][] = $value;
+			}
+		}
+
+		return $ret;
+	}
+
+
 	/**
 	 * Build an assertion based on information in the metadata.
 	 *
@@ -468,6 +522,7 @@ class sspmod_saml2_Message {
 					'urn:oasis:names:tc:SAML:2.0:attrname-format:basic');
 			}
 			$a->setAttributeNameFormat($attributeNameFormat);
+			$attributes = self::encodeAttributes($srcMetadata, $dstMetadata, $attributes);
 			$a->setAttributes($attributes);
 		}
 
-- 
GitLab