From b9ff7d4a4e6ba37524f60d59ebc9b26069c24c99 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 5 Nov 2009 11:27:13 +0000
Subject: [PATCH] SAMLParser: Add support for extracting
 AttributeAuthorityDescriptor elements.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1960 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Metadata/SAMLParser.php | 53 ++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)

diff --git a/lib/SimpleSAML/Metadata/SAMLParser.php b/lib/SimpleSAML/Metadata/SAMLParser.php
index 1d0805094..85e43d400 100644
--- a/lib/SimpleSAML/Metadata/SAMLParser.php
+++ b/lib/SimpleSAML/Metadata/SAMLParser.php
@@ -84,6 +84,14 @@ class SimpleSAML_Metadata_SAMLParser {
 	private $idpDescriptors;
 
 
+	/**
+	 * List of attribute authorities we have found.
+	 *
+	 * @var array
+	 */
+	private $attributeAuthorityDescriptors = array();
+
+
 	/**
 	 * This is an associative array with the organization name for this entity. The key of
 	 * the associative array is the language code, while the value is a string with the
@@ -187,6 +195,10 @@ class SimpleSAML_Metadata_SAMLParser {
 				$this->processIDPSSODescriptor($child, $expireTime);
 			}
 
+			if(SimpleSAML_Utilities::isDOMElementOfType($child, 'AttributeAuthorityDescriptor', '@md') === TRUE) {
+				$this->processAttributeAuthorityDescriptor($child, $expireTime);
+			}
+
 			if(SimpleSAML_Utilities::isDOMElementOfType($child, 'Organization', '@md') === TRUE) {
 				$this->processOrganization($child);
 			}
@@ -722,6 +734,17 @@ class SimpleSAML_Metadata_SAMLParser {
 	}
 
 
+	/**
+	 * Retrieve AttributeAuthorities from the metadata.
+	 *
+	 * @return array  Array of AttributeAuthorityDescriptor entries.
+	 */
+	public function getAttributeAuthorities() {
+
+		return $this->attributeAuthorityDescriptors;
+	}
+
+
 	/**
 	 * Parse a RoleDescriptorType element.
 	 *
@@ -870,6 +893,36 @@ class SimpleSAML_Metadata_SAMLParser {
 	}
 
 
+	/**
+	 * This function extracts metadata from a AttributeAuthorityDescriptor element.
+	 *
+	 * @param DOMElement $element The element which should be parsed.
+	 * @param int|NULL $expireTime  The unix timestamp for when this element should expire, or
+	 *                              NULL if unknwon.
+	 */
+	private function processAttributeAuthorityDescriptor(DOMElement $element, $expireTime) {
+		assert('is_null($expireTime) || is_int($expireTime)');
+
+		$aad = self::parseRoleDescriptorType($element, $expireTime);
+		$aad['metadata-set'] = 'attributeauthority-remote';
+
+		$extensions = SimpleSAML_Utilities::getDOMChildren($element, 'Extensions', '@md');
+		if (!empty($extensions))
+			$this->processExtensions($extensions[0]);
+
+		if (!empty($this->scopes)) $aad['scopes'] = $this->scopes;
+
+		$aad['AttributeService'] = self::extractEndpoints($element, 'AttributeService', FALSE);
+		$aad['AssertionIDRequestService'] = self::extractEndpoints($element, 'AssertionIDRequestService', FALSE);
+		$aad['NameIDFormat'] = array_map(
+			array('SimpleSAML_Utilities', 'getDOMText'),
+			SimpleSAML_Utilities::getDOMChildren($element, 'NameIDFormat', '@md')
+		);
+
+		$this->attributeAuthorityDescriptors[] = $aad;
+	}
+
+
 	/**
 	 * Parse and process a Extensions element.
 	 *
-- 
GitLab