implements getting attributes from assertion

2008-04-21 12:23:28 +02:00 · 2008-04-21 12:23:28 +02:00 · a13c938256
parent 3b026c8610
commit a13c938256
3 changed files with 19 additions and 9 deletions
--- a/include/lassospkit_generic_session.inc.php
+++ b/include/lassospkit_generic_session.inc.php
@ -9,6 +9,7 @@ class LassoSPKitGenericSession {
    public $exception;
    private $session_dump;
    private $identity_dump;
+    private $attributes;

    function processAttributes(array $attributes) {
    }
@ -42,12 +43,18 @@ class LassoSPKitGenericSession {
    function setIdentityDump($dump) {
        $this->identity_dump = $dump;
    }
+    function setAssertionAttributes($attributes) {
+        $this->attributes = $attributes;
+    }
    function getSessionDump() {
        return $this->session_dump;
    }
    function getIdentityDump() {
        return $this->identity_dump;
    }
+    function getAssertionAttributes() {
+        return $this->attributes;
+    }
    function getNameIDs() {
        $identity_dump = $this->getIdentityDump();
        return LassoSPKitHelper::getNameIDsFromDump($identity_dump);
@ -57,7 +64,8 @@ class LassoSPKitGenericSession {
            return array(
                'identity'=> $this->getIdentityDump(), 
                'session' => $this->getSessionDump(), 
-                'userid'=>$userid);
+                'userid'=>$userid,
+                'attributes' => $this->getAssertionAttributes());
    }
    function explodeFederationBlob($blob) {
        $federation = @unserialize($blob);
@ -73,6 +81,7 @@ class LassoSPKitGenericSession {
        if ($federation['userid'] && ! LassoSPKitUtilsSession::getUserID()) {
            LassoSPKitUtilsSession::setUserID($federation['userid']);
        }
+        $this->setAssertionAttributes($federation['attributes']);
        return 1;
    }
 }
--- a/include/lassospkit_helper.inc.php
+++ b/include/lassospkit_helper.inc.php
@ -49,10 +49,10 @@ class LassoSPKitHelper {
        return $ok;
    }
    /** Extract attributes values and keys from an assertion,
-      and copy them into array $arr. */
-    static function assertionExtractAttributes(LassoAssertion $assertion, &$attributes) {
-        foreach ($assertion->attributeStatement[0]->attribute 
-                as $attribute) {
+      and copy them into array $attributes. */
+    static function assertionExtractAttributes($assertion) {
+        $attributes = array();
+        foreach ($assertion->attributeStatement[0]->attribute as $attribute) {
            if ($attribute->name == LASSO_SAML2_ATTRIBUTE_NAME_EPR) {
                continue;
            }
@ -62,6 +62,7 @@ class LassoSPKitHelper {
            }
            $attributes[$attribute->name] = $arr;
        }
+        return $attributes;
    }
    /** Return the NameID found in profile->nameIdentifier. If throw is TRUE
     * and we cannot find a nameIdentifier then throws IDENTIFIER_NOT_FOUND. */
--- a/include/lassospkit_saml_common.inc.php
+++ b/include/lassospkit_saml_common.inc.php
@ -203,16 +203,16 @@ class LassoSPKitSAMLCommon {
        if ($ok) {
            try {
                $this->findFederation($login);
-            } catch (LassoProfileFederationNotFoundError $error) {   
+            } catch (LassoProfileFederationNotFoundError $error) {
            } catch (LassoProfileNameIdentifierNotFoundError $error) {
                $ok = 0;
                $ret = LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
            }
        }
        $ok = $ok && ! $ret = $login->acceptSso();
-        if ($login->assertion) {
-            LassoSPKitHelper::assertionExtractAttributes($login->assertion, $attributes);
-            $this->session->processAttributes($attributes);
+        if ($login->response->assertion) {
+            $attributes = LassoSPKitHelper::assertionExtractAttributes($login->response->assertion[0]);
+            $this->session->setAssertionAttributes($attributes);
        }

        if ($ok) {