25 parent::__construct(
$config, $reserved);
31 $this->generateGroupsFrom = array(
32 'eduPersonAffiliation',
34 'eduPersonEntitlement',
39 foreach (
$config as $attributeName) {
40 if (!is_string($attributeName)) {
41 throw new Exception(
'Invalid attribute name for core:GenerateGroups filter: ' .
42 var_export($attributeName, TRUE));
46 $this->generateGroupsFrom =
$config;
58 assert(array_key_exists(
'Attributes',
$request));
64 if ($realm !== NULL) {
65 $groups[] =
'realm-' . $realm;
69 foreach ($this->generateGroupsFrom as
$name) {
72 /* Attribute not present. */
76 foreach ($attributes[$name] as $value) {
77 $value = self::escapeIllegalChars($value);
78 $groups[] = $name . '-
' . $value;
79 if ($realm !== NULL) {
80 $groups[] = $name . '-
' . $realm . '-
' . $value;
85 if (count($groups) > 0) {
86 $attributes['groups
'] = $groups;
101 private static function getRealm($attributes) {
102 assert(is_array($attributes));
104 if (!array_key_exists('eduPersonPrincipalName
', $attributes)) {
107 $eppn = $attributes['eduPersonPrincipalName
'];
109 if (count($eppn) < 1) {
114 $realm = explode('@
', $eppn, 2);
115 if (count($realm) < 2) {
120 return self::escapeIllegalChars($realm);
134 private static function escapeIllegalChars($string) {
135 assert(is_string($string));
137 return preg_replace_callback('/([^a-zA-Z0-9_@=.])/
',
138 function ($m) { return sprintf("%%%02x", ord($m[1])); },
foreach($paths as $path) $request
An exception for terminatinating execution or to throw for unit testing.
process(&$request)
Apply filter to add groups attribute.
$generateGroupsFrom
The attributes we should generate groups from.
static getRealm($attributes)
Determine which realm the user belongs to.
__construct($config, $reserved)
Initialize this filter.
if(array_key_exists('yes', $_REQUEST)) $attributes