From 989ff1f731291e91113f166b5481c887b387e9b3 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 9 Dec 2009 07:45:18 +0000
Subject: [PATCH] core:PHP: New authproc filter to run arbitrary PHP code.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2051 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/core/docs/authproc_php.txt    | 46 ++++++++++++++++++++++++
 modules/core/lib/Auth/Process/PHP.php | 51 +++++++++++++++++++++++++++
 2 files changed, 97 insertions(+)
 create mode 100644 modules/core/docs/authproc_php.txt
 create mode 100644 modules/core/lib/Auth/Process/PHP.php

diff --git a/modules/core/docs/authproc_php.txt b/modules/core/docs/authproc_php.txt
new file mode 100644
index 000000000..4f0133ea6
--- /dev/null
+++ b/modules/core/docs/authproc_php.txt
@@ -0,0 +1,46 @@
+`core:PHP`
+==========
+
+This is a filter which makes it possible to run arbitrary PHP code to motidy the attributes of an user.
+
+Parameters
+----------
+
+`class`
+:   This is the name of the filter.
+    It must be `'core:PHP'`.
+
+`code`
+:   The PHP code that should be run.
+    This PHP code will have one variable available - `$attributes`.
+    This is an associative array of attributes, and can be modified to add or remove attributes.
+
+Examples
+--------
+
+Add the `mail` attribute based on the user's `uid` attribute:
+
+    10 => array(
+        'class' => 'core:PHP',
+        'code' => '
+            if (empty($attributes["uid"])) {
+                throw new Exception("Missing uid attribute.");
+            }
+
+            $uid = $attributes["uid"][0];
+            $mail = $uid . "@example.net";
+            $attributes["mail"] = array($mail);
+        ',
+    ),
+
+
+Create a random number variable:
+
+    10 => array(
+        'class' => 'core:PHP',
+        'code' => '
+            $attributes["random"] = array(
+                (string)rand(),
+            );
+        ',
+    ),
diff --git a/modules/core/lib/Auth/Process/PHP.php b/modules/core/lib/Auth/Process/PHP.php
new file mode 100644
index 000000000..4de73e531
--- /dev/null
+++ b/modules/core/lib/Auth/Process/PHP.php
@@ -0,0 +1,51 @@
+<?php
+
+/**
+ * Attribute filter for running arbitrary PHP code.
+ *
+ * @package simpleSAMLphp
+ * @version $Id$
+ */
+class sspmod_core_Auth_Process_PHP extends SimpleSAML_Auth_ProcessingFilter {
+
+	/**
+	 * The PHP code that should be run.
+	 *
+	 * @var string
+	 */
+	private $code;
+
+
+	/**
+	 * Initialize this filter, parse configuration
+	 *
+	 * @param array $config  Configuration information about this filter.
+	 * @param mixed $reserved  For future use.
+	 */
+	public function __construct($config, $reserved) {
+		parent::__construct($config, $reserved);
+
+		assert('is_array($config)');
+
+		if (!isset($config['code'])) {
+			throw new SimpleSAML_Error_Exception($this->authId . ': Missing required \'code\' option.');
+		}
+
+		$this->code = (string)$config['code'];
+	}
+
+
+	/**
+	 * Apply the PHP code to the attribtes.
+	 *
+	 * @param array &$request  The current request
+	 */
+	public function process(&$request) {
+		assert('is_array($request)');
+		assert('array_key_exists("Attributes", $request)');
+
+		$function = create_function('&$attributes', $this->code);
+		$function($request['Attributes']);
+	}
+
+}
-- 
GitLab