From b6e1cb7a3c34ee15edf283ac758b8ad518f05b46 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 14 Oct 2013 08:53:01 +0000
Subject: [PATCH] AttributeMap: Add %duplicate flag, to leave original names in
 place when using map file.

Thanks to Brook Schofield for providing this patch!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3280 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/core/docs/authproc_attributemap.txt   | 10 +++++++
 .../core/lib/Auth/Process/AttributeMap.php    | 30 +++++++++++++++----
 2 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/modules/core/docs/authproc_attributemap.txt b/modules/core/docs/authproc_attributemap.txt
index ebd60a1e3..c9daa0b0b 100644
--- a/modules/core/docs/authproc_attributemap.txt
+++ b/modules/core/docs/authproc_attributemap.txt
@@ -32,3 +32,13 @@ Attribute map in separate file:
     ),
 
 This filter will use the map file from `simpesamlphp/attributemap/name2oid.php`.
+
+Duplicate attributes based on a map file:
+
+    'authproc' => array(
+        50 => array(
+            'class' => 'core:AttributeMap',
+            'name2urn', 'name2oid',
+            '%duplicate',
+        ),
+    ),
diff --git a/modules/core/lib/Auth/Process/AttributeMap.php b/modules/core/lib/Auth/Process/AttributeMap.php
index 4193f9521..d628054ac 100644
--- a/modules/core/lib/Auth/Process/AttributeMap.php
+++ b/modules/core/lib/Auth/Process/AttributeMap.php
@@ -14,6 +14,10 @@ class sspmod_core_Auth_Process_AttributeMap extends SimpleSAML_Auth_ProcessingFi
 	 */
 	private $map = array();
 
+	/**
+	 * Should attributes be duplicated or renamed.
+	 */
+	private $duplicate = FALSE;
 
 	/**
 	 * Initialize this filter, parse configuration
@@ -25,11 +29,16 @@ class sspmod_core_Auth_Process_AttributeMap extends SimpleSAML_Auth_ProcessingFi
 		parent::__construct($config, $reserved);
 
 		assert('is_array($config)');
+		$mapFiles = array();
 
 		foreach($config as $origName => $newName) {
 			if(is_int($origName)) {
-				/* No index given - this is a map file. */
-				$this->loadMapFile($newName);
+				if($newName === '%duplicate') {
+					$this->duplicate = TRUE;
+				} else {
+					/* No index given - this is a map file. */
+					$mapFiles[] = $newName;
+				}
 				continue;
 			}
 
@@ -43,6 +52,11 @@ class sspmod_core_Auth_Process_AttributeMap extends SimpleSAML_Auth_ProcessingFi
 
 			$this->map[$origName] = $newName;
 		}
+
+		// Load map files after we determine dupilicate or rename
+		foreach($mapFiles as &$file) {
+			$this->loadMapFile($file);
+		}
 	}
 
 
@@ -65,7 +79,11 @@ class sspmod_core_Auth_Process_AttributeMap extends SimpleSAML_Auth_ProcessingFi
 			throw new Exception('Attribute map file "' . $filePath . '" didn\'t define an attribute map.');
 		}
 
-		$this->map = array_merge($this->map, $attributemap);
+		if ($this->duplicate) {
+			$this->map = array_merge_recursive($this->map, $attributemap);
+		} else {
+			$this->map = array_merge($this->map, $attributemap);
+		}
 	}
 
 
@@ -83,13 +101,15 @@ class sspmod_core_Auth_Process_AttributeMap extends SimpleSAML_Auth_ProcessingFi
 		foreach($attributes as $name => $values) {
 			if(array_key_exists($name, $this->map)) {
 				if(!is_array($this->map[$name])) {
-					unset($attributes[$name]);
+					if (!$this->duplicate) {
+						unset($attributes[$name]);
+					}
 					$attributes[$this->map[$name]] = $values;
 				} else {
 					foreach($this->map[$name] as $to_map) {
 						$attributes[$to_map] = $values;
 					}
-					if (!in_array($name, $this->map[$name])) {
+					if (!$this->duplicate && !in_array($name, $this->map[$name], TRUE)) {
 						unset($attributes[$name]);
 					}
 				}
-- 
GitLab