Commit 3c5bc3ef authored by Martin van Es's avatar Martin van Es
Browse files

Add subject and pairwise-id

parent a90fd3d6
......@@ -8,6 +8,8 @@
"uid": [
"jstiglitz"
],
"pairwise-id": "jstiglitz",
"subject-id": "jstiglitz",
"eduPersonTargetedID": "bd0916qef0c2e675b2def4ahe6w50b7d4bb4aae",
"schacHomeOrganization": "harvard-example.edu",
"eduPersonPrincipalName": "stiglitz@harvard-example.edu",
......
......@@ -95,13 +95,26 @@ $metadata['__DYNAMIC:1__'] = [
'nameId' => TRUE,
],
8 => [
'class' => 'subjectidattrs:PairwiseID',
'identifyingAttribute' => 'pairwise-id',
'scopeAttribute' => 'scope',
],
9 => [
'class' => 'subjectidattrs:SubjectID',
'identifyingAttribute' => 'subject-id',
'scopeAttribute' => 'scope',
],
15 => [
'class' => 'core:PHP',
'code' => '
unset($attributes["eduPersonTargetedId"]);
unset($attributes["pairwise-id"]);
unset($attributes["subject-id"]);
unset($attributes["scope"]);
',
],
// Convert LDAP names to urn.
10 => [
20 => [
'class' => 'core:AttributeMap',
'name2oid'
],
......
......@@ -68,6 +68,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$attributes = @$_POST['keys'] or [];
// Fix subject scope
$scope = "dummy.org";
if (isset($attributes['schacHomeOrganization'])) {
$scope = $attributes['schacHomeOrganization'];
} elseif (isset($attributes['eduPersonScopedAffiliation'])) {
$scope = explode("@", explode(",", $attributes['eduPersonScopedAffiliation'])[0])[1];
} elseif (isset($attributes['eduPersonPrincipalName'])) {
$scope = explode("@", $attributes['eduPersonPrincipalName'])[1];
}
$attributes['scope'] = $scope;
//SimpleSAML\Logger::warning("Attributes: " . print_r($attributes, true));
foreach ($attributes as $key => $value) {
$_SESSION['attributes'][$key] = $value;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment