d3/d72/TargetedID_8php_source.html

<?php


class sspmod_core_Auth_Process_TargetedID extends SimpleSAML_Auth_ProcessingFilter {


        private $attribute = NULL;


        private $generateNameId = FALSE;


        public function __construct($config, $reserved) {

                parent::__construct($config, $reserved);


                assert('is_array($config)');


                if (array_key_exists('attributename', $config)) {

                        $this->attribute = $config['attributename'];

                        if (!is_string($this->attribute)) {

                                throw new Exception('Invalid attribute name given to core:TargetedID filter.');

                        }

                }


                if (array_key_exists('nameId', $config)) {

                        $this->generateNameId = $config['nameId'];

                        if (!is_bool($this->generateNameId)) {

                                throw new Exception('Invalid value of \'nameId\'-option to core:TargetedID filter.');

                        }

                }

        }


        public function process(&$state) {

                assert('is_array($state)');

                assert('array_key_exists("Attributes", $state)');


                if ($this->attribute === NULL) {

                        if (!array_key_exists('UserID', $state)) {

                                throw new Exception('core:TargetedID: Missing UserID for this user. Please' .

                                        ' check the \'userid.attribute\' option in the metadata against the' .

                                        ' attributes provided by the authentication source.');

                        }


                        $userID = $state['UserID'];

                } else {

                        if (!array_key_exists($this->attribute, $state['Attributes'])) {

                                throw new Exception('core:TargetedID: Missing attribute \'' . $this->attribute .

                                        '\', which is needed to generate the targeted ID.');

                        }


                        $userID = $state['Attributes'][$this->attribute][0];

                }


                $secretSalt = SimpleSAML\Utils\Config::getSecretSalt();


                if (array_key_exists('Source', $state)) {

                        $srcID = self::getEntityId($state['Source']);

                } else {

                        $srcID = '';

                }


                if (array_key_exists('Destination', $state)) {

                        $dstID = self::getEntityId($state['Destination']);

                } else {

                        $dstID = '';

                }


                $uidData = 'uidhashbase' . $secretSalt;

                $uidData .= strlen($srcID) . ':' . $srcID;

                $uidData .= strlen($dstID) . ':' . $dstID;

                $uidData .= strlen($userID) . ':' . $userID;

                $uidData .= $secretSalt;


                $uid = hash('sha1', $uidData);


                if ($this->generateNameId) {

                        // Convert the targeted ID to a SAML 2.0 name identifier element

                        $nameId = new \SAML2\XML\saml\NameID();

                        $nameId->value = $uid;

                        $nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;


                        if (isset($state['Source']['entityid'])) {

                                $nameId->NameQualifier = $state['Source']['entityid'];

                        }

                        if (isset($state['Destination']['entityid'])) {

                                $nameId->SPNameQualifier = $state['Destination']['entityid'];

                        }

                } else {

                        $nameId = $uid;

                }


                $state['Attributes']['eduPersonTargetedID'] = array($nameId);

        }


        private static function getEntityId($metadata) {

                assert('is_array($metadata)');


                $id = '';


                if (array_key_exists('metadata-set', $metadata)) {

                        $set = $metadata['metadata-set'];

                        $id .= 'set' . strlen($set) . ':' . $set;

                }


                if (array_key_exists('entityid', $metadata)) {

                        $entityid = $metadata['entityid'];

                        $id .= 'set' . strlen($entityid) . ':' . $entityid;

                }


                return $id;

        }


}

$metadata
$metadata['__DYNAMIC:1__']
Definition: adfs-idp-hosted.php:3

$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10

php
An exception for terminatinating execution or to throw for unit testing.

SimpleSAML_Auth_ProcessingFilter
Definition: ProcessingFilter.php:21

sspmod_core_Auth_Process_TargetedID
Definition: TargetedID.php:31

sspmod_core_Auth_Process_TargetedID\process
process(&$state)
Apply filter to add the targeted ID.
Definition: TargetedID.php:81

sspmod_core_Auth_Process_TargetedID\$generateNameId
$generateNameId
Definition: TargetedID.php:46

sspmod_core_Auth_Process_TargetedID\$attribute
$attribute
The attribute we should generate the targeted id from, or NULL if we should use the UserID.
Definition: TargetedID.php:38

sspmod_core_Auth_Process_TargetedID\__construct
__construct($config, $reserved)
Initialize this filter.
Definition: TargetedID.php:55

$config
$config
Definition: flush-definition-cache.php:23