Modify the core:AttributeMap authentication processing filter to allow...

Modify the core:AttributeMap authentication processing filter to allow fetching mapping files from modules, not only from the 'attributemap' directory in the root of SSP's installation.

Modify the core:AttributeMap authentication processing filter to allow...
f0d848d7 · Jaime Perez Crespo · af096f06 · f0d848d7 · f0d848d7
Commit f0d848d7 authored 9 years ago by Jaime Perez Crespo
--- a/modules/core/docs/authproc_attributemap.txt
+++ b/modules/core/docs/authproc_attributemap.txt
@@ -4,7 +4,9 @@
 Filter to change attribute names.

 This filter can either contain the name of a map file or a set of name => value pairs describing the transformation.
-If configuration references a map file, the file must be located in the `attributemap/`-directory.
+If configuration references a map file, the file must be located in the `attributemap/` directory in the root of
+SimpleSAMLphp's installation. Attribute map files located in the `attributemap/` directory in the root of a module can
+also be used by specifying the file with the `module:file` syntax.

 It can also create multiple attributes from a single attribute by specifying multiple target attributes as an array.

@@ -31,7 +33,18 @@ Attribute map in separate file:
        ),
    ),

-This filter will use the map file from `simpesamlphp/attributemap/name2oid.php`.
+This filter will use the map file from `simplesamlphp/attributemap/name2oid.php`.
+
+Attribute map in a file contained in a module:
+
+    'authproc' => array(
+        50 => array(
+            'class' => 'core:AttributeMap',
+            'module:src2dst'
+        ),
+    ),
+
+This filter will use the map file from `simplesamlphp/modules/module/attributemap/src2dst.php`.

 Duplicate attributes based on a map file:


--- a/modules/core/lib/Auth/Process/AttributeMap.php
+++ b/modules/core/lib/Auth/Process/AttributeMap.php
@@ -68,14 +68,24 @@ class sspmod_core_Auth_Process_AttributeMap extends SimpleSAML_Auth_ProcessingFi
    /**
     * Loads and merges in a file with a attribute map.
     *
-     * @param string $fileName Name of attribute map file. Expected to be in the attribute map dir.
+     * @param string $fileName Name of attribute map file. Expected to be in the attributemap directory in the root
+     * of the SimpleSAMLphp installation, or in the root of a module.
     *
     * @throws Exception If the filter could not load the requested attribute map file.
     */
    private function loadMapFile($fileName)
    {
        $config = SimpleSAML_Configuration::getInstance();
-        $filePath = $config->getPathValue('attributenamemapdir', 'attributemap/').$fileName.'.php';
+
+        $m = explode(':', $fileName);
+        if (count($m) === 2) { // we are asked for a file in a module
+            if (!SimpleSAML\Module::isModuleEnabled($m[0])) {
+                throw new Exception("Module '$m[0]' is not enabled.");
+            }
+            $filePath = SimpleSAML\Module::getModuleDir($m[0]).'/attributemap/'.$m[1].'.php';
+        } else {
+            $filePath = $config->getPathValue('attributenamemapdir', 'attributemap/').$fileName.'.php';
+        }

        if (!file_exists($filePath)) {
            throw new Exception('Could not find attribute map file: '.$filePath);