Added support for attribute injection and attribute convertion by the...

Added support for attribute injection and attribute convertion by the attribute attributealter. Will be documented in the advanced feature user guide git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@284 44740490-163a-0410-bde0-09ae8108e29a

Added support for attribute injection and attribute convertion by the...
99f23849 · Andreas Åkre Solberg · 5aa5f3bb · 99f23849 · 99f23849 · 99f23849
Commit 99f23849 authored 17 years ago by Andreas Åkre Solberg
--- a/docs/source/simplesamlphp-sp.xml
+++ b/docs/source/simplesamlphp-sp.xml
@@ -7,7 +7,7 @@
  <articleinfo>
    <date>2007-10-15</date>
-    <pubdate>Fri Feb 1 08:44:40 2008</pubdate>
+    <pubdate>Wed Feb 13 07:57:11 2008</pubdate>
    <author>
      <firstname>Andreas Åkre</firstname>

--- a/lib/SimpleSAML/XML/AttributeFilter.php
+++ b/lib/SimpleSAML/XML/AttributeFilter.php
@@ -38,6 +38,34 @@ class SimpleSAML_XML_AttributeFilter {
 	}
+	/**
+	 * This function will call custom alter plugins.
+	 */
+	public function alter($rule, $spentityid = null, $idpentityid = null) {
+		$alterfile = $this->configuration->getBaseDir() . 'attributealter/alterfunctions.php';
+		if (!file_exists($alterfile)) throw new Exception('Could not find attributemap file: ' . $alterfile);
+		include_once($alterfile);
+		$function = 'attributealter_' . $rule;
+		if (function_exists($function)) {
+			$function($this->attributes, $spentityid, $idpentityid);
+		} else {
+			throw new Exception('Could not find attribute alter fucntion: ' . $function);
+		}
+	}
+	private function addValue($name, $value) {
+		if (array_key_exists($name, $this->attributes)) {
+			$this->attributes[$name][] = $value;
+		} else {
+			$this->attributes[$name] = array($value);
+		}
+	}
 	public function filter($allowedattributes) {
 		$newattributes = array();
 		foreach($this->attributes AS $key => $value) {

--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -186,16 +186,34 @@ if (!isset($session) || !$session->isValid($authority) ) {
 		/*
 		 * Filtering attributes.
 		 */
+#		print_r($session->getAttributes());
 		$ar = new SimpleSAML_XML_SAML20_AuthnResponse($config, $metadata);
 		$afilter = new SimpleSAML_XML_AttributeFilter($config, $session->getAttributes());
 		if (isset($spmetadata['attributemap'])) {
 			$afilter->namemap($spmetadata['attributemap']);
 		}
+		if (isset($idpmetadata['attributealter'])) {
+			if (!is_array($idpmetadata['attributealter']))
+				$afilter->alter($idpmetadata['attributealter']);
+			else
+				foreach($idpmetadata['attributealter'] AS $alterfunc) 
+					$afilter->alter($alterfunc);
+		}
+		if (isset($spmetadata['attributealter'])) {
+			if (!is_array($spmetadata['attributealter']))
+				$afilter->alter($spmetadata['attributealter']);
+			else
+				foreach($spmetadata['attributealter'] AS $alterfunc) 
+					$afilter->alter($alterfunc);
+		}
 		if (isset($spmetadata['attributes'])) {
 			$afilter->filter($spmetadata['attributes']);
 		}
 		$filteredattributes = $afilter->getAttributes();
+#		print_r($filteredattributes);
 		//echo '<pre>before filter:' ; print_r($session->getAttributes()); echo "\n\n"; print_r($filteredattributes); echo '</pre>'; exit;

--- a/www/shib13/idp/SSOService.php
+++ b/www/shib13/idp/SSOService.php
@@ -30,7 +30,7 @@ $session = SimpleSAML_Session::getInstance(true);
 $logger = new SimpleSAML_Logger();
 $idpentityid = $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
-$idpmeta = $metadata->getMetaDataCurrent('shib13-idp-hosted');
+$idpmetadata = $metadata->getMetaDataCurrent('shib13-idp-hosted');
 $requestid = null;
@@ -102,7 +102,7 @@ if (isset($_GET['shire'])) {
 	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'SSOSERVICEPARAMS');
 }
-$authority = isset($idpmeta['authority']) ? $idpmeta['authority'] : null;
+$authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : null;
 /*
 * As we have passed the code above, we have an accociated request that is already processed.
@@ -116,7 +116,7 @@ $authority = isset($idpmeta['authority']) ? $idpmeta['authority'] : null;
 if (!$session->isAuthenticated($authority) ) {
 	$relaystate = SimpleSAML_Utilities::selfURLNoQuery() . '?RequestID=' . urlencode($requestid);
-	$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getValue('baseurlpath') . $idpmeta['auth'], 
+	$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getValue('baseurlpath') . $idpmetadata['auth'], 
 		'RelayState=' . urlencode($relaystate));
 	SimpleSAML_Utilities::redirect($authurl);
@@ -141,14 +141,30 @@ if (!$session->isAuthenticated($authority) ) {
 		 * Filtering attributes.
 		 */
 		$afilter = new SimpleSAML_XML_AttributeFilter($config, $session->getAttributes());
 		if (isset($spmetadata['attributemap'])) {
 			$afilter->namemap($spmetadata['attributemap']);
 		}
+		if (isset($idpmetadata['attributealter'])) {
+			if (!is_array($idpmetadata['attributealter']))
+				$afilter->alter($idpmetadata['attributealter']);
+			else
+				foreach($idpmetadata['attributealter'] AS $alterfunc) 
+					$afilter->alter($alterfunc);
+		}
+		if (isset($spmetadata['attributealter'])) {
+			if (!is_array($spmetadata['attributealter']))
+				$afilter->alter($spmetadata['attributealter']);
+			else
+				foreach($spmetadata['attributealter'] AS $alterfunc) 
+					$afilter->alter($alterfunc);
+		}
 		if (isset($spmetadata['attributes'])) {
 			$afilter->filter($spmetadata['attributes']);
 		}
 		$filteredattributes = $afilter->getAttributes();