Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Trust and Identity Incubator
Test_IdP
Commits
3c5bc3ef
Commit
3c5bc3ef
authored
Aug 30, 2021
by
Martin van Es
Browse files
Add subject and pairwise-id
parent
a90fd3d6
Changes
3
Show whitespace changes
Inline
Side-by-side
config/logins.json
View file @
3c5bc3ef
...
...
@@ -8,6 +8,8 @@
"uid"
:
[
"jstiglitz"
],
"pairwise-id"
:
"jstiglitz"
,
"subject-id"
:
"jstiglitz"
,
"eduPersonTargetedID"
:
"bd0916qef0c2e675b2def4ahe6w50b7d4bb4aae"
,
"schacHomeOrganization"
:
"harvard-example.edu"
,
"eduPersonPrincipalName"
:
"stiglitz@harvard-example.edu"
,
...
...
metadata/saml20-idp-hosted.php
View file @
3c5bc3ef
...
...
@@ -95,13 +95,26 @@ $metadata['__DYNAMIC:1__'] = [
'nameId'
=>
TRUE
,
],
8
=>
[
'class'
=>
'subjectidattrs:PairwiseID'
,
'identifyingAttribute'
=>
'pairwise-id'
,
'scopeAttribute'
=>
'scope'
,
],
9
=>
[
'class'
=>
'subjectidattrs:SubjectID'
,
'identifyingAttribute'
=>
'subject-id'
,
'scopeAttribute'
=>
'scope'
,
],
15
=>
[
'class'
=>
'core:PHP'
,
'code'
=>
'
unset($attributes["eduPersonTargetedId"]);
unset($attributes["pairwise-id"]);
unset($attributes["subject-id"]);
unset($attributes["scope"]);
'
,
],
// Convert LDAP names to urn.
1
0
=>
[
2
0
=>
[
'class'
=>
'core:AttributeMap'
,
'name2oid'
],
...
...
modules/customauth/www/authpage.php
View file @
3c5bc3ef
...
...
@@ -68,6 +68,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$attributes
=
@
$_POST
[
'keys'
]
or
[];
// Fix subject scope
$scope
=
"dummy.org"
;
if
(
isset
(
$attributes
[
'schacHomeOrganization'
]))
{
$scope
=
$attributes
[
'schacHomeOrganization'
];
}
elseif
(
isset
(
$attributes
[
'eduPersonScopedAffiliation'
]))
{
$scope
=
explode
(
"@"
,
explode
(
","
,
$attributes
[
'eduPersonScopedAffiliation'
])[
0
])[
1
];
}
elseif
(
isset
(
$attributes
[
'eduPersonPrincipalName'
]))
{
$scope
=
explode
(
"@"
,
$attributes
[
'eduPersonPrincipalName'
])[
1
];
}
$attributes
[
'scope'
]
=
$scope
;
//SimpleSAML\Logger::warning("Attributes: " . print_r($attributes, true));
foreach
(
$attributes
as
$key
=>
$value
)
{
$_SESSION
[
'attributes'
][
$key
]
=
$value
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment