Commit 3c5bc3ef authored by Martin van Es's avatar Martin van Es
Browse files

Add subject and pairwise-id

parent a90fd3d6
...@@ -8,6 +8,8 @@ ...@@ -8,6 +8,8 @@
"uid": [ "uid": [
"jstiglitz" "jstiglitz"
], ],
"pairwise-id": "jstiglitz",
"subject-id": "jstiglitz",
"eduPersonTargetedID": "bd0916qef0c2e675b2def4ahe6w50b7d4bb4aae", "eduPersonTargetedID": "bd0916qef0c2e675b2def4ahe6w50b7d4bb4aae",
"schacHomeOrganization": "harvard-example.edu", "schacHomeOrganization": "harvard-example.edu",
"eduPersonPrincipalName": "stiglitz@harvard-example.edu", "eduPersonPrincipalName": "stiglitz@harvard-example.edu",
......
...@@ -94,14 +94,27 @@ $metadata['__DYNAMIC:1__'] = [ ...@@ -94,14 +94,27 @@ $metadata['__DYNAMIC:1__'] = [
'identifyingAttribute' => 'eduPersonTargetedId', 'identifyingAttribute' => 'eduPersonTargetedId',
'nameId' => TRUE, 'nameId' => TRUE,
], ],
8 => [ 8 => [
'class' => 'subjectidattrs:PairwiseID',
'identifyingAttribute' => 'pairwise-id',
'scopeAttribute' => 'scope',
],
9 => [
'class' => 'subjectidattrs:SubjectID',
'identifyingAttribute' => 'subject-id',
'scopeAttribute' => 'scope',
],
15 => [
'class' => 'core:PHP', 'class' => 'core:PHP',
'code' => ' 'code' => '
unset($attributes["eduPersonTargetedId"]); unset($attributes["eduPersonTargetedId"]);
unset($attributes["pairwise-id"]);
unset($attributes["subject-id"]);
unset($attributes["scope"]);
', ',
], ],
// Convert LDAP names to urn. // Convert LDAP names to urn.
10 => [ 20 => [
'class' => 'core:AttributeMap', 'class' => 'core:AttributeMap',
'name2oid' 'name2oid'
], ],
......
...@@ -68,6 +68,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { ...@@ -68,6 +68,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$attributes = @$_POST['keys'] or []; $attributes = @$_POST['keys'] or [];
// Fix subject scope
$scope = "dummy.org";
if (isset($attributes['schacHomeOrganization'])) {
$scope = $attributes['schacHomeOrganization'];
} elseif (isset($attributes['eduPersonScopedAffiliation'])) {
$scope = explode("@", explode(",", $attributes['eduPersonScopedAffiliation'])[0])[1];
} elseif (isset($attributes['eduPersonPrincipalName'])) {
$scope = explode("@", $attributes['eduPersonPrincipalName'])[1];
}
$attributes['scope'] = $scope;
//SimpleSAML\Logger::warning("Attributes: " . print_r($attributes, true));
foreach ($attributes as $key => $value) { foreach ($attributes as $key => $value) {
$_SESSION['attributes'][$key] = $value; $_SESSION['attributes'][$key] = $value;
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment