From efbee639ea826ef8f168bbd747d013fa29a808e7 Mon Sep 17 00:00:00 2001
From: Andrea Biancini <andrea.biancini@gmail.com>
Date: Fri, 14 Mar 2014 16:10:13 +0100
Subject: [PATCH] Modification to permit the automatic metadata creation of an
 SP to produce a friendlyName for RequestedAttributes. The current code works
 as follows. If authsources.php contains the following configuration:

'attributes' => array(
  'eppn' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
  'mail' => 'urn:oid:0.9.2342.19200300.100.1.3',
  'o' => 'urn:oid:2.5.4.10',
  'cn' => 'urn:oid:2.5.4.3',
  'givenName' => 'urn:oid:2.5.4.42',
),

the metadata generator will produce the XML Metadata as follows:

  <md:RequestedAttribute FriendlyName="eppn" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
  <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
  <md:RequestedAttribute FriendlyName="o" Name="urn:oid:2.5.4.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
  <md:RequestedAttribute FriendlyName="cn" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
  <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
---
 config-templates/authsources.php        | 14 ++++++++++++++
 lib/SimpleSAML/Metadata/SAMLBuilder.php |  5 ++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/config-templates/authsources.php b/config-templates/authsources.php
index 95376b17b..ccf224cd4 100644
--- a/config-templates/authsources.php
+++ b/config-templates/authsources.php
@@ -47,6 +47,20 @@ $config = array(
 		 * Please refer to the hosted SP configuration reference for more information.
 	 	 */
 		//'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
+
+		/*
+		// The attributes parameter must contain an array of desired attributes by the SP.
+		// The attributes can be expresed as an array of names or as an associative array
+		// in the form of 'friendlyName' => 'name'.
+		// The metadata will then be created as follows:
+		// <md:RequestedAttribute FriendlyName="friendlyName" Name="name" />
+		'attributes' => array(
+                     'attrname' => 'urn:oid:x.x.x.x',
+                 ),
+		 'attributes.required' => array (
+                     'urn:oid:x.x.x.x',
+                 ),
+		 */
 	),
 
 
diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index 33cd9bd0e..88219a387 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -370,9 +370,12 @@ class SimpleSAML_Metadata_SAMLBuilder {
 		$attributeconsumer->ServiceDescription = $metadata->getLocalizedString('description', array());
 
 		$nameFormat = $metadata->getString('attributes.NameFormat', SAML2_Const::NAMEFORMAT_UNSPECIFIED);
-		foreach ($attributes as $attribute) {
+		foreach ($attributes as $friendlyName => $attribute) {
 			$t = new SAML2_XML_md_RequestedAttribute();
 			$t->Name = $attribute;
+			if (!is_int($friendlyName)) {
+				$t->FriendlyName = $friendlyName;
+			}
 			if ($nameFormat !== SAML2_Const::NAMEFORMAT_UNSPECIFIED) {
 				$t->NameFormat = $nameFormat;
 			}
-- 
GitLab