From fa915600c63ab8b978173d4f43d3c0c01cdd8309 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 12 Aug 2009 14:21:33 +0000
Subject: [PATCH] Upgrade NameId array format.

Change all users of the nameId arrays to use 'Value' instead of
'value'. 'value' was the old name, but this is changed to 'Value' in
order to be consistent with other attributes.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1654 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Session.php                    | 27 ++++++++++++++++++-
 lib/SimpleSAML/XML/Shib13/AuthnResponse.php   |  2 +-
 modules/adfs/www/idp/prp.php                  |  2 +-
 modules/saml2/lib/Auth/Source/SP.php          | 11 ++++++++
 www/example-simple/attributequery.php         |  7 +----
 www/saml2/idp/SSOService.php                  |  1 -
 www/saml2/idp/SingleLogoutService.php         |  4 ---
 www/saml2/idp/SingleLogoutServiceiFrame.php   |  4 ---
 .../idp/idpInitSingleLogoutServiceiFrame.php  |  5 ----
 www/saml2/sp/AssertionConsumerService.php     |  3 ---
 www/saml2/sp/initSLO.php                      |  3 ---
 11 files changed, 40 insertions(+), 29 deletions(-)

diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index 808cb8b7a..025a9d6ec 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -318,6 +318,19 @@ class SimpleSAML_Session {
 		$this->nameid = $nameid;
 	}
 	public function getNameID() {
+		if (array_key_exists('value', $this->nameid)) {
+			/*
+			 * This session was saved by an old version of simpleSAMLphp.
+			 * Convert to the new NameId format.
+			 *
+			 * TODO: Remove this conversion once every session uses the new format.
+			 */
+			$this->nameid['Value'] = $this->nameid['value'];
+			unset($this->nameid['value']);
+
+			$this->dirty = TRUE;
+		}
+
 		return $this->nameid;
 	}
 
@@ -369,7 +382,19 @@ class SimpleSAML_Session {
 			return NULL;
 		}
 
-		return $this->sessionNameId[$entityType][$entityId];
+		$nameId = $this->sessionNameId[$entityType][$entityId];
+		if (array_key_exists('value', $nameId)) {
+			/*
+			 * This session was saved by an old version of simpleSAMLphp.
+			 * Convert to the new NameId format.
+			 *
+			 * TODO: Remove this conversion once every session should use the new format.
+			 */
+			$nameId['Value'] = $nameId['value'];
+			unset($nameId['value']);
+		}
+
+		return $nameId;
 	}
 
 
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
index 1f5bef1ea..bac77ac1e 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
@@ -227,7 +227,7 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
 			$query = '/mysamlp:Response/mysaml:Assertion/mysaml:AuthenticationStatement/mysaml:Subject/mysaml:NameIdentifier';
 			$nodelist = $xPath->query($query);
 			if ($node = $nodelist->item(0)) {
-				$nameID["value"] = $node->nodeValue;
+				$nameID["Value"] = $node->nodeValue;
 				$nameID["Format"] = $node->getAttribute('Format');
 				//$nameID["NameQualifier"] = $node->getAttribute('NameQualifier');
 			}
diff --git a/modules/adfs/www/idp/prp.php b/modules/adfs/www/idp/prp.php
index d26d74054..4bdf238f2 100644
--- a/modules/adfs/www/idp/prp.php
+++ b/modules/adfs/www/idp/prp.php
@@ -248,7 +248,7 @@ if (!$session->isValid($authority) ) {
 		if (array_key_exists('RelayState', $requestcache)) $relayState = $requestcache['RelayState'];
 
 		$nameid = $session->getNameID();
-		$nameid = $nameid['value'];
+		$nameid = $nameid['Value'];
 		
 		$nameidattribute = $spmetadata->getValue('simplesaml.nameidattribute');
 		if (isset($nameidattribute)) {
diff --git a/modules/saml2/lib/Auth/Source/SP.php b/modules/saml2/lib/Auth/Source/SP.php
index 3f1726229..ae762f993 100644
--- a/modules/saml2/lib/Auth/Source/SP.php
+++ b/modules/saml2/lib/Auth/Source/SP.php
@@ -244,6 +244,17 @@ class sspmod_saml2_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$nameId = $state[self::LOGOUT_NAMEID];
 		$sessionIndex = $state[self::LOGOUT_SESSIONINDEX];
 
+		if (array_key_exists('value', $nameId)) {
+			/*
+			 * This session was saved by an old version of simpleSAMLphp.
+			 * Convert to the new NameId format.
+			 *
+			 * TODO: Remove this conversion once every session should use the new format.
+			 */
+			$nameId['Value'] = $nameId['value'];
+			unset($nameId['value']);
+		}
+
 		$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
 		$spMetadata = $metadata->getMetaDataConfig($this->getEntityId(), 'saml20-sp-hosted');
 		$idpMetadata = $metadata->getMetaDataConfig($idp, 'saml20-idp-remote');
diff --git a/www/example-simple/attributequery.php b/www/example-simple/attributequery.php
index a81ab6a8b..94e6a9d7b 100644
--- a/www/example-simple/attributequery.php
+++ b/www/example-simple/attributequery.php
@@ -69,12 +69,7 @@ if (empty($defNameId)) {
 	$defNameId = array();
 }
 if (!array_key_exists('Value', $defNameId)) {
-	if (array_key_exists('value', $defNameId)) {
-		/* For backwards compatibility. */
-		$defNameId['Value'] = $defNameId['value'];
-	} else {
-		$defNameId['Value'] = SimpleSAML_Utilities::generateID();
-	}
+	$defNameId['Value'] = SimpleSAML_Utilities::generateID();
 }
 if (!array_key_exists('Format', $defNameId)) {
 	$defNameId['Format'] = SAML2_Const::NAMEID_TRANSIENT;
diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index 31b140780..3560c3a27 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -426,7 +426,6 @@ if($needAuth && !$isPassive) {
 		$assertion->setInResponseTo($requestID);
 
 		$nameId = $assertion->getNameId();
-		$nameId['value'] = $nameId['Value'];
 		$session->setSessionNameId('saml20-sp-remote', $spentityid, $nameId);
 
 		/* Maybe encrypt the assertion. */
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index 6b55c7cad..764f8b063 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -234,10 +234,6 @@ if ($spEntityId) {
 			$nameId = $session->getNameID();
 		}
 
-		/* Convert to new-style NameId format. */
-		$nameId['Value'] = $nameId['value'];
-		unset($nameId['value']);
-
 		$lr = sspmod_saml2_Message::buildLogoutRequest($idpMetadata, $spMetadata);
 		$lr->setSessionIndex($session->getSessionIndex());
 		$lr->setNameId($nameId);
diff --git a/www/saml2/idp/SingleLogoutServiceiFrame.php b/www/saml2/idp/SingleLogoutServiceiFrame.php
index efc36156a..144bf4329 100644
--- a/www/saml2/idp/SingleLogoutServiceiFrame.php
+++ b/www/saml2/idp/SingleLogoutServiceiFrame.php
@@ -265,10 +265,6 @@ foreach ($listofsps AS $spentityid) {
 		$nameId = $session->getNameID();
 	}
 
-	/* Convert to new-style NameId format. */
-	$nameId['Value'] = $nameId['value'];
-	unset($nameId['value']);
-
 	$spMetadata = $metadata->getMetaDataConfig($spentityid, 'saml20-sp-remote');
 	$name = $spMetadata->getValue('name', $spentityid);
 
diff --git a/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php b/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
index dd47a81cc..b57d11d1d 100644
--- a/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
+++ b/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
@@ -191,11 +191,6 @@ foreach ($listofsps AS $spentityid) {
 		$nameId = $session->getNameID();
 	}
 
-	/* Convert to new-style NameId format. */
-	$nameId['Value'] = $nameId['value'];
-	unset($nameId['value']);
-
-
 	$spMetadata = $metadata->getMetaDataConfig($spentityid, 'saml20-sp-remote');
 	$name = $spMetadata->getValue('name', $spentityid);
 
diff --git a/www/saml2/sp/AssertionConsumerService.php b/www/saml2/sp/AssertionConsumerService.php
index 2d4c61cee..f23b23139 100644
--- a/www/saml2/sp/AssertionConsumerService.php
+++ b/www/saml2/sp/AssertionConsumerService.php
@@ -145,10 +145,7 @@ try {
 	SimpleSAML_Logger::stats('saml20-sp-SSO ' . $metadataHandler->getMetaDataCurrentEntityID() . ' ' . $idp . ' NA');
 	
 
-	/* Convert the NameId array to the old style. */
 	$nameId = $assertion->getNameId();
-	$nameId['value'] = $nameId['Value'];
-	unset($nameId['Value']);
 
 	/* Begin module attribute processing */
 
diff --git a/www/saml2/sp/initSLO.php b/www/saml2/sp/initSLO.php
index 78dc8b760..b7256406e 100644
--- a/www/saml2/sp/initSLO.php
+++ b/www/saml2/sp/initSLO.php
@@ -36,10 +36,7 @@ try {
 	$spEntityId = isset($_GET['spentityid']) ? $_GET['spentityid'] : $metadata->getMetaDataCurrentEntityID();
 	$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-hosted');
 
-	/* Convert NameId to new style. */
 	$nameId = $session->getNameId();
-	$nameId['Value'] = $nameId['value'];
-	unset($nameId['value']);
 
 	$lr = sspmod_saml2_Message::buildLogoutRequest($spMetadata, $idpMetadata);
 	$lr->setNameId($nameId);
-- 
GitLab