ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Static Private Member Functions | Private Attributes
sspmod_core_Auth_Process_TargetedID Class Reference
+ Inheritance diagram for sspmod_core_Auth_Process_TargetedID:
+ Collaboration diagram for sspmod_core_Auth_Process_TargetedID:

Public Member Functions

 __construct ($config, $reserved)
 Initialize this filter. More...
 
 process (&$state)
 Apply filter to add the targeted ID. More...
 
- Public Member Functions inherited from SimpleSAML_Auth_ProcessingFilter
 __construct (&$config, $reserved)
 Constructor for a processing filter. More...
 
 process (&$request)
 Process a request. More...
 

Static Private Member Functions

static getEntityId ($metadata)
 Generate ID from entity metadata. More...
 

Private Attributes

 $attribute = NULL
 The attribute we should generate the targeted id from, or NULL if we should use the UserID. More...
 
 $generateNameId = FALSE
 

Additional Inherited Members

- Data Fields inherited from SimpleSAML_Auth_ProcessingFilter
 $priority = 50
 Priority of this filter. More...
 

Detailed Description

Definition at line 31 of file TargetedID.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_core_Auth_Process_TargetedID::__construct (   $config,
  $reserved 
)

Initialize this filter.

Parameters
array$configConfiguration information about this filter.
mixed$reservedFor future use.

Definition at line 55 of file TargetedID.php.

References $config.

55  {
56  parent::__construct($config, $reserved);
57 
58  assert('is_array($config)');
59 
60  if (array_key_exists('attributename', $config)) {
61  $this->attribute = $config['attributename'];
62  if (!is_string($this->attribute)) {
63  throw new Exception('Invalid attribute name given to core:TargetedID filter.');
64  }
65  }
66 
67  if (array_key_exists('nameId', $config)) {
68  $this->generateNameId = $config['nameId'];
69  if (!is_bool($this->generateNameId)) {
70  throw new Exception('Invalid value of \'nameId\'-option to core:TargetedID filter.');
71  }
72  }
73  }

Member Function Documentation

◆ getEntityId()

static sspmod_core_Auth_Process_TargetedID::getEntityId (   $metadata)
staticprivate

Generate ID from entity metadata.

This function takes in the metadata of an entity, and attempts to generate an unique identifier based on that.

Parameters
array$metadataThe metadata of the entity.
Returns
string The unique identifier for the entity.

Definition at line 154 of file TargetedID.php.

154  {
155  assert('is_array($metadata)');
156 
157  $id = '';
158 
159  if (array_key_exists('metadata-set', $metadata)) {
160  $set = $metadata['metadata-set'];
161  $id .= 'set' . strlen($set) . ':' . $set;
162  }
163 
164  if (array_key_exists('entityid', $metadata)) {
165  $entityid = $metadata['entityid'];
166  $id .= 'set' . strlen($entityid) . ':' . $entityid;
167  }
168 
169  return $id;
170  }
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$metadata
$metadata['__DYNAMIC:1__']
Definition: adfs-idp-hosted.php:3

◆ process()

sspmod_core_Auth_Process_TargetedID::process ( $state)

Apply filter to add the targeted ID.

Parameters
array&$stateThe current state.

Definition at line 81 of file TargetedID.php.

References $state, is, and to.

81  {
82  assert('is_array($state)');
83  assert('array_key_exists("Attributes", $state)');
84 
85  if ($this->attribute === NULL) {
86  if (!array_key_exists('UserID', $state)) {
87  throw new Exception('core:TargetedID: Missing UserID for this user. Please' .
88  ' check the \'userid.attribute\' option in the metadata against the' .
89  ' attributes provided by the authentication source.');
90  }
91 
92  $userID = $state['UserID'];
93  } else {
94  if (!array_key_exists($this->attribute, $state['Attributes'])) {
95  throw new Exception('core:TargetedID: Missing attribute \'' . $this->attribute .
96  '\', which is needed to generate the targeted ID.');
97  }
98 
99  $userID = $state['Attributes'][$this->attribute][0];
100  }
101 
102 
103  $secretSalt = SimpleSAML\Utils\Config::getSecretSalt();
104 
105  if (array_key_exists('Source', $state)) {
106  $srcID = self::getEntityId($state['Source']);
107  } else {
108  $srcID = '';
109  }
110 
111  if (array_key_exists('Destination', $state)) {
112  $dstID = self::getEntityId($state['Destination']);
113  } else {
114  $dstID = '';
115  }
116 
117  $uidData = 'uidhashbase' . $secretSalt;
118  $uidData .= strlen($srcID) . ':' . $srcID;
119  $uidData .= strlen($dstID) . ':' . $dstID;
120  $uidData .= strlen($userID) . ':' . $userID;
121  $uidData .= $secretSalt;
122 
123  $uid = hash('sha1', $uidData);
124 
125  if ($this->generateNameId) {
126  // Convert the targeted ID to a SAML 2.0 name identifier element
127  $nameId = new \SAML2\XML\saml\NameID();
128  $nameId->value = $uid;
129  $nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;
130 
131  if (isset($state['Source']['entityid'])) {
132  $nameId->NameQualifier = $state['Source']['entityid'];
133  }
134  if (isset($state['Destination']['entityid'])) {
135  $nameId->SPNameQualifier = $state['Destination']['entityid'];
136  }
137  } else {
138  $nameId = $uid;
139  }
140 
141  $state['Attributes']['eduPersonTargetedID'] = array($nameId);
142  }
to
File written to
Definition: 01pharSimple.php:86
is
Sum of both Ranges is
Definition: 03formulas.php:77
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10

Field Documentation

◆ $attribute

sspmod_core_Auth_Process_TargetedID::$attribute = NULL
private

The attribute we should generate the targeted id from, or NULL if we should use the UserID.

Definition at line 38 of file TargetedID.php.

◆ $generateNameId

sspmod_core_Auth_Process_TargetedID::$generateNameId = FALSE
private

Definition at line 46 of file TargetedID.php.

The documentation for this class was generated from the following file: