merge with Damien && add a public function lassospkit_redirect_federate

0001-01-01 00:00:00 +00:00 · 0001-01-01 00:00:00 +00:00 · 9d94b1cec5
parent 1340292949 976ccd50a4
commit 9d94b1cec5
6 changed files with 40 additions and 11 deletions
--- a/include/lassospkit_configgen.inc.php
+++ b/include/lassospkit_configgen.inc.php
@ -211,7 +211,7 @@ class LassoSPKitConfigUIGen
 	$base = LassoSPKitConfig::get('baseUrl');
        switch ($conformance) {
            case LASSO_PROTOCOL_SAML_2_0:
-                $meta = LassoSPKitMetadataSAML2::generateMetadata($base, $organization, $publickey);
+                $meta = LassoSPKitMetadataSAML2::generateMetadata($base, $organization, array('publickey' => $publickey));
                LassoSPKitConfig::set('conformance', 'saml2');
                break;
            case LASSO_PROTOCOL_LIBERTY_1_0:
--- a/include/lassospkit_generic_session.inc.php
+++ b/include/lassospkit_generic_session.inc.php
@ -9,6 +9,7 @@ class LassoSPKitGenericSession {
    public $exception;
    private $session_dump;
    private $identity_dump;
+    private $attributes;

    function processAttributes(array $attributes) {
    }
@ -57,7 +58,8 @@ class LassoSPKitGenericSession {
            return array(
                'identity'=> $this->getIdentityDump(), 
                'session' => $this->getSessionDump(), 
-                'userid'=>$userid);
+                'userid'=>$userid,
+            );
    }
    function explodeFederationBlob($blob) {
        $federation = @unserialize($blob);
--- a/include/lassospkit_helper.inc.php
+++ b/include/lassospkit_helper.inc.php
@ -48,10 +48,10 @@ class LassoSPKitHelper {
        return $ok;
    }
    /** Extract attributes values and keys from an assertion,
-      and copy them into array $arr. */
-    static function assertionExtractAttributes(LassoAssertion $assertion, &$attributes) {
-        foreach ($assertion->attributeStatement[0]->attribute 
-                as $attribute) {
+      and copy them into array $attributes. */
+    static function assertionExtractAttributes($assertion) {
+        $attributes = array();
+        foreach ($assertion->attributeStatement[0]->attribute as $attribute) {
            if ($attribute->name == LASSO_SAML2_ATTRIBUTE_NAME_EPR) {
                continue;
            }
@ -61,6 +61,7 @@ class LassoSPKitHelper {
            }
            $attributes[$attribute->name] = $arr;
        }
+        return $attributes;
    }
    /** Return the NameID found in profile->nameIdentifier. If throw is TRUE
     * and we cannot find a nameIdentifier then throws IDENTIFIER_NOT_FOUND. */
--- a/include/lassospkit_public_api.inc.php
+++ b/include/lassospkit_public_api.inc.php
@ -146,6 +146,19 @@ function lassospkit_redirect_login($relayState = null,$isPassive = false) {
    $saml2->ssoInit(array('relayState' => $relayState, 'allowCreate'=>FALSE, 'isPassive' => $isPassive));
 }

+function lassospkit_redirect_federate($relayState = null,$isPassive = false) {
+    $session_class = "LassoSPKit" . LassoSPKitConfig::get('session');
+    $session = new $session_class();
+    $saml2 = new LassoSPKitSAML2($session);
+    $saml2->ssoInit(array('relayState' => $relayState, 'allowCreate'=>TRUE, 'isPassive' => $isPassive));
+}
+
+function lassospkit_get_assertion_attributes() {
+    $session = LassoSPKitUtilsSession::getSingleton();
+    $attributes = $session->getAssertionAttributes();
+    return $attributes;
+}
+
 function lassospkit_soap_logout() {
    $session_class = "LassoSPKit" . LassoSPKitConfig::get('session');
    $session = new $session_class();
@ -153,3 +166,4 @@ function lassospkit_soap_logout() {
    $ret = $saml2->initiateSLO(LASSO_HTTP_METHOD_SOAP);
    return $ret;
 }
+
--- a/include/lassospkit_saml_common.inc.php
+++ b/include/lassospkit_saml_common.inc.php
@ -3,6 +3,8 @@ require_once('lassospkit_config.inc.php');
 require_once('lassospkit_debug.inc.php');
 require_once('lassospkit_lib.inc.php');
 require_once('lassospkit_generic_session.inc.php');
+require_once('lassospkit_utils_session.inc.php');
+
 /**
 * TODO: initServer();
 */
@ -225,11 +227,12 @@ class LassoSPKitSAMLCommon {
                lassospkit_errlog("ssoConsumer, retASSO: $retASSO retFF: $retFF");
            }
        }
-        $this->saveFederation($login);
-        if ($login->assertion) {
-            LassoSPKitHelper::assertionExtractAttributes($login->assertion, $attributes);
-            $this->session->processAttributes($attributes);
+        if ($login->response->assertion) {
+            $attributes = LassoSPKitHelper::assertionExtractAttributes($login->response->assertion[0]);
+            $utils_session = LassoSPKitUtilsSession::getSingleton();
+            $utils_session->setAssertionAttributes($attributes);
        }
+        $this->saveFederation($login);
        $this->checkXmlErrors("AssertionConsumer");
        if ($retAR) {
            return $retAR;
--- a/include/lassospkit_utils_session.inc.php
+++ b/include/lassospkit_utils_session.inc.php
@ -48,7 +48,8 @@ class LassoSPKitUtilsSession {
            'federateParams'=>0,
            'sloParams'=>0,
            'defederationParams'=>0,
-            'LogoutMethod'=>0);
+            'LogoutMethod'=>0,
+            'assertionAttributes'=>0);
    /** The keys that must not survive one communication (one set followed by one get). */
    static $keysToClearAfterGet = array(
            'LastError'=>0,
@ -226,4 +227,12 @@ class LassoSPKitUtilsSession {
        $athis = self::getSingleton();
        $athis->set($profile ."Params", $Params);
    }
+    static function setAssertionAttributes($attributes) {
+        $athis = self::getSingleton();
+        $athis->set('assertionAttributes', $attributes);
+    }
+    static function getAssertionAttributes() {
+        $athis = self::getSingleton();
+        return $athis->get('assertionAttributes');
+    }
 }