From bc38cac6d15d38d6ed2d2952e3b1a2354a1c2f76 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 5 Nov 2009 07:31:13 +0000
Subject: [PATCH] SSOService: Provide backwardscompatibility with unset
 authority.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1957 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Utilities.php  | 34 ++++++++++++++++++++++++++++++++++
 www/saml2/idp/SSOService.php  |  2 +-
 www/shib13/idp/SSOService.php |  2 +-
 3 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 4de7246ee..ce173e73c 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -2164,6 +2164,40 @@ class SimpleSAML_Utilities {
 		return $firstAllowed;
 	}
 
+
+	/**
+	 * Retrieve the authority for the given IdP metadata.
+	 *
+	 * This function provides backwards-compatibility with
+	 * previous versions of simpleSAMLphp.
+	 *
+	 * @param array $idpmetadata  The IdP metadata.
+	 * @return string  The authority that should be used to validate the session.
+	 */
+	public static function getAuthority(array $idpmetadata) {
+
+		if (isset($idpmetadata['authority'])) {
+			return $idpmetadata['authority'];
+		}
+
+		$candidates = array(
+			'auth/login-admin.php' => 'login-admin',
+			'auth/login-auto.php' => 'login-auto',
+			'auth/login-cas-ldap' => 'login-cas-ldap',
+			'auth/login-feide.php' => 'login-feide',
+			'auth/login-ldapmulti.php' => 'login-ldapmulti',
+			'auth/login-radius.php' => 'login-radius',
+			'auth/login-tlsclient.php' => 'tlsclient',
+			'auth/login-wayf-ldap' => 'login-wayf-ldap',
+			'auth/login.php' => 'login',
+		);
+		if (isset($candidates[$idpmetadata['auth']])) {
+			return $candidates[$idpmetadata['auth']];
+		}
+		throw new SimpleSAML_Error_Exception('You need to set \'authority\' in the metadata for ' .
+			var_export($idpmetadata['entityid'], TRUE) . '.');
+	}
+
 }
 
 ?>
\ No newline at end of file
diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index 9f6e6d315..cad872e75 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -296,7 +296,7 @@ if(SimpleSAML_Auth_Source::getById($idpmetadata['auth']) !== NULL) {
 	$authority = $idpmetadata['auth'];
 } else {
 	$authSource = FALSE;
-	$authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : NULL;
+	$authority = SimpleSAML_Utilities::getAuthority($idpmetadata);
 }
 
 
diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php
index 704b22786..c56835413 100644
--- a/www/shib13/idp/SSOService.php
+++ b/www/shib13/idp/SSOService.php
@@ -118,7 +118,7 @@ if(SimpleSAML_Auth_Source::getById($idpmetadata['auth']) !== NULL) {
 	$authority = $idpmetadata['auth'];
 } else {
 	$authSource = FALSE;
-	$authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : NULL;
+	$authority = SimpleSAML_Utilities::getAuthority($idpmetadata);
 }
 
 /*
-- 
GitLab