From 8e065b62d0a6e4bb67c06e57efd9647a73b78baa Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Tue, 4 Aug 2009 11:05:41 +0000 Subject: [PATCH] saml2_Message: Support attribute encodings. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1626 44740490-163a-0410-bde0-09ae8108e29a --- modules/saml2/lib/Message.php | 55 +++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php index a28f11c6f..dc11c24a7 100644 --- a/modules/saml2/lib/Message.php +++ b/modules/saml2/lib/Message.php @@ -424,6 +424,60 @@ class sspmod_saml2_Message { } + /** + * Helper function for encoding attributes. + * + * @param SimpleSAML_Configuration $srcMetadata The metadata of the sender (IdP). + * @param SimpleSAML_Configuration $dstMetadata The metadata of the recipient (SP). + * @param array $attributes The attributes of the user + * @return array The encoded attributes. + */ + private static function encodeAttributes(SimpleSAML_Configuration $srcMetadata, + SimpleSAML_Configuration $dstMetadata, array $attributes) { + + $base64Attributes = $dstMetadata->getBoolean('base64attributes', FALSE); + if ($base64Attributes) { + $defaultEncoding = 'base64'; + } else { + $defaultEncoding = 'string'; + } + + $encodings = $dstMetadata->getArray('attributeencodings', array()); + + $ret = array(); + foreach ($attributes as $name => $values) { + $ret[$name] = array(); + if (array_key_exists($name, $encodings)) { + $encoding = $encodings[$name]; + } else { + $encoding = $defaultEncoding; + } + + foreach ($values as $value) { + switch ($encoding) { + case 'string': + $value = (string)$value; + break; + case 'base64': + $value = base64_encode($value); + break; + case 'raw': + $doc = new DOMDocument(); + $doc->loadXML('<root>' . $value . '</root>'); + $value = $doc->firstChild->childNodes; + break; + default: + throw new SimpleSAML_Error_Exception('Invalid encoding for attribute ' . + var_export($name, TRUE) . ': ' . var_export($encoding, TRUE)); + } + $ret[$name][] = $value; + } + } + + return $ret; + } + + /** * Build an assertion based on information in the metadata. * @@ -468,6 +522,7 @@ class sspmod_saml2_Message { 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'); } $a->setAttributeNameFormat($attributeNameFormat); + $attributes = self::encodeAttributes($srcMetadata, $dstMetadata, $attributes); $a->setAttributes($attributes); } -- GitLab