ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
PersistentNameID.php
Go to the documentation of this file.
1<?php
2
3
9class sspmod_saml_Auth_Process_PersistentNameID extends sspmod_saml_BaseNameIDGenerator
10{
11
17 private $attribute;
18
19
28 public function __construct($config, $reserved)
29 {
30 parent::__construct($config, $reserved);
31 assert('is_array($config)');
32
33 $this->format = \SAML2\Constants::NAMEID_PERSISTENT;
34
35 if (!isset($config['attribute'])) {
36 throw new SimpleSAML_Error_Exception("PersistentNameID: Missing required option 'attribute'.");
37 }
38 $this->attribute = $config['attribute'];
39 }
40
41
48 protected function getValue(array &$state)
49 {
50
51 if (!isset($state['Destination']['entityid'])) {
52 SimpleSAML\Logger::warning('No SP entity ID - not generating persistent NameID.');
53 return null;
54 }
55 $spEntityId = $state['Destination']['entityid'];
56
57 if (!isset($state['Source']['entityid'])) {
58 SimpleSAML\Logger::warning('No IdP entity ID - not generating persistent NameID.');
59 return null;
60 }
61 $idpEntityId = $state['Source']['entityid'];
62
63 if (!isset($state['Attributes'][$this->attribute]) || count($state['Attributes'][$this->attribute]) === 0) {
64 SimpleSAML\Logger::warning(
65 'Missing attribute '.var_export($this->attribute, true).
66 ' on user - not generating persistent NameID.'
67 );
68 return null;
69 }
70 if (count($state['Attributes'][$this->attribute]) > 1) {
71 SimpleSAML\Logger::warning(
72 'More than one value in attribute '.var_export($this->attribute, true).
73 ' on user - not generating persistent NameID.'
74 );
75 return null;
76 }
77 $uid = array_values($state['Attributes'][$this->attribute]); // just in case the first index is no longer 0
78 $uid = $uid[0];
79
80 if (empty($uid)) {
81 SimpleSAML\Logger::warning(
82 'Empty value in attribute '.var_export($this->attribute, true).
83 ' on user - not generating persistent NameID.'
84 );
85 return null;
86 }
87
88 $secretSalt = SimpleSAML\Utils\Config::getSecretSalt();
89
90 $uidData = 'uidhashbase'.$secretSalt;
91 $uidData .= strlen($idpEntityId).':'.$idpEntityId;
92 $uidData .= strlen($spEntityId).':'.$spEntityId;
93 $uidData .= strlen($uid).':'.$uid;
94 $uidData .= $secretSalt;
95
96 return sha1($uidData);
97 }
98}
$spEntityId
$spEntityId
Definition: attributeserver.php:14
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
php
An exception for terminatinating execution or to throw for unit testing.
SAML2\Constants\NAMEID_PERSISTENT
const NAMEID_PERSISTENT
Persistent NameID format.
Definition: Constants.php:190
SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:179
SimpleSAML\Utils\Config\getSecretSalt
static getSecretSalt()
Retrieve the secret salt.
Definition: Config.php:49
SimpleSAML_Error_Exception
Definition: Exception.php:13
sspmod_saml_Auth_Process_PersistentNameID
Definition: PersistentNameID.php:10
sspmod_saml_Auth_Process_PersistentNameID\__construct
__construct($config, $reserved)
Initialize this filter, parse configuration.
Definition: PersistentNameID.php:28
sspmod_saml_Auth_Process_PersistentNameID\getValue
getValue(array &$state)
Get the NameID value.
Definition: PersistentNameID.php:48
sspmod_saml_Auth_Process_PersistentNameID\$attribute
$attribute
Definition: PersistentNameID.php:17
sspmod_saml_BaseNameIDGenerator
Definition: BaseNameIDGenerator.php:8
$idpEntityId
$idpEntityId
Definition: prp.php:12