ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Static Private Member Functions | Private Attributes
sspmod_core_Auth_Process_TargetedID Class Reference
+ Inheritance diagram for sspmod_core_Auth_Process_TargetedID:
+ Collaboration diagram for sspmod_core_Auth_Process_TargetedID:

Public Member Functions

 __construct ($config, $reserved)
 Initialize this filter. More...
 
 process (&$state)
 Apply filter to add the targeted ID. More...
 
- Public Member Functions inherited from SimpleSAML_Auth_ProcessingFilter
 __construct (&$config, $reserved)
 Constructor for a processing filter. More...
 
 process (&$request)
 Process a request. More...
 

Static Private Member Functions

static getEntityId ($metadata)
 Generate ID from entity metadata. More...
 

Private Attributes

 $attribute = NULL
 The attribute we should generate the targeted id from, or NULL if we should use the UserID. More...
 
 $generateNameId = FALSE
 

Additional Inherited Members

- Data Fields inherited from SimpleSAML_Auth_ProcessingFilter
 $priority = 50
 Priority of this filter. More...
 

Detailed Description

Definition at line 31 of file TargetedID.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_core_Auth_Process_TargetedID::__construct (   $config,
  $reserved 
)

Initialize this filter.

Parameters
array$configConfiguration information about this filter.
mixed$reservedFor future use.

Definition at line 55 of file TargetedID.php.

55 {
56 parent::__construct($config, $reserved);
57
58 assert(is_array($config));
59
60 if (array_key_exists('attributename', $config)) {
61 $this->attribute = $config['attributename'];
62 if (!is_string($this->attribute)) {
63 throw new Exception('Invalid attribute name given to core:TargetedID filter.');
64 }
65 }
66
67 if (array_key_exists('nameId', $config)) {
68 $this->generateNameId = $config['nameId'];
69 if (!is_bool($this->generateNameId)) {
70 throw new Exception('Invalid value of \'nameId\'-option to core:TargetedID filter.');
71 }
72 }
73 }
$config
$config
Definition: bootstrap.php:15

References $config.

Member Function Documentation

◆ getEntityId()

static sspmod_core_Auth_Process_TargetedID::getEntityId (   $metadata)
staticprivate

Generate ID from entity metadata.

This function takes in the metadata of an entity, and attempts to generate an unique identifier based on that.

Parameters
array$metadataThe metadata of the entity.
Returns
string The unique identifier for the entity.

Definition at line 154 of file TargetedID.php.

154 {
155 assert(is_array($metadata));
156
157 $id = '';
158
159 if (array_key_exists('metadata-set', $metadata)) {
160 $set = $metadata['metadata-set'];
161 $id .= 'set' . strlen($set) . ':' . $set;
162 }
163
164 if (array_key_exists('entityid', $metadata)) {
165 $entityid = $metadata['entityid'];
166 $id .= 'set' . strlen($entityid) . ':' . $entityid;
167 }
168
169 return $id;
170 }
$metadata
$metadata['__DYNAMIC:1__']
Definition: adfs-idp-hosted.php:3
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14

◆ process()

sspmod_core_Auth_Process_TargetedID::process ( $state)

Apply filter to add the targeted ID.

Parameters
array&$stateThe current state.

Reimplemented from SimpleSAML_Auth_ProcessingFilter.

Definition at line 81 of file TargetedID.php.

81 {
82 assert(is_array($state));
83 assert(array_key_exists('Attributes', $state));
84
85 if ($this->attribute === NULL) {
86 if (!array_key_exists('UserID', $state)) {
87 throw new Exception('core:TargetedID: Missing UserID for this user. Please' .
88 ' check the \'userid.attribute\' option in the metadata against the' .
89 ' attributes provided by the authentication source.');
90 }
91
92 $userID = $state['UserID'];
93 } else {
94 if (!array_key_exists($this->attribute, $state['Attributes'])) {
95 throw new Exception('core:TargetedID: Missing attribute \'' . $this->attribute .
96 '\', which is needed to generate the targeted ID.');
97 }
98
99 $userID = $state['Attributes'][$this->attribute][0];
100 }
101
102
103 $secretSalt = SimpleSAML\Utils\Config::getSecretSalt();
104
105 if (array_key_exists('Source', $state)) {
106 $srcID = self::getEntityId($state['Source']);
107 } else {
108 $srcID = '';
109 }
110
111 if (array_key_exists('Destination', $state)) {
112 $dstID = self::getEntityId($state['Destination']);
113 } else {
114 $dstID = '';
115 }
116
117 $uidData = 'uidhashbase' . $secretSalt;
118 $uidData .= strlen($srcID) . ':' . $srcID;
119 $uidData .= strlen($dstID) . ':' . $dstID;
120 $uidData .= strlen($userID) . ':' . $userID;
121 $uidData .= $secretSalt;
122
123 $uid = hash('sha1', $uidData);
124
125 if ($this->generateNameId) {
126 // Convert the targeted ID to a SAML 2.0 name identifier element
127 $nameId = new \SAML2\XML\saml\NameID();
128 $nameId->value = $uid;
129 $nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;
130
131 if (isset($state['Source']['entityid'])) {
132 $nameId->NameQualifier = $state['Source']['entityid'];
133 }
134 if (isset($state['Destination']['entityid'])) {
135 $nameId->SPNameQualifier = $state['Destination']['entityid'];
136 }
137 } else {
138 $nameId = $uid;
139 }
140
141 $state['Attributes']['eduPersonTargetedID'] = array($nameId);
142 }
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10

References $state.

Field Documentation

◆ $attribute

sspmod_core_Auth_Process_TargetedID::$attribute = NULL
private

The attribute we should generate the targeted id from, or NULL if we should use the UserID.

Definition at line 38 of file TargetedID.php.

◆ $generateNameId

sspmod_core_Auth_Process_TargetedID::$generateNameId = FALSE
private

Definition at line 46 of file TargetedID.php.

The documentation for this class was generated from the following file: