implements getting attributes from assertion
This commit is contained in:
parent
3b026c8610
commit
a13c938256
|
@ -9,6 +9,7 @@ class LassoSPKitGenericSession {
|
|||
public $exception;
|
||||
private $session_dump;
|
||||
private $identity_dump;
|
||||
private $attributes;
|
||||
|
||||
function processAttributes(array $attributes) {
|
||||
}
|
||||
|
@ -42,12 +43,18 @@ class LassoSPKitGenericSession {
|
|||
function setIdentityDump($dump) {
|
||||
$this->identity_dump = $dump;
|
||||
}
|
||||
function setAssertionAttributes($attributes) {
|
||||
$this->attributes = $attributes;
|
||||
}
|
||||
function getSessionDump() {
|
||||
return $this->session_dump;
|
||||
}
|
||||
function getIdentityDump() {
|
||||
return $this->identity_dump;
|
||||
}
|
||||
function getAssertionAttributes() {
|
||||
return $this->attributes;
|
||||
}
|
||||
function getNameIDs() {
|
||||
$identity_dump = $this->getIdentityDump();
|
||||
return LassoSPKitHelper::getNameIDsFromDump($identity_dump);
|
||||
|
@ -57,7 +64,8 @@ class LassoSPKitGenericSession {
|
|||
return array(
|
||||
'identity'=> $this->getIdentityDump(),
|
||||
'session' => $this->getSessionDump(),
|
||||
'userid'=>$userid);
|
||||
'userid'=>$userid,
|
||||
'attributes' => $this->getAssertionAttributes());
|
||||
}
|
||||
function explodeFederationBlob($blob) {
|
||||
$federation = @unserialize($blob);
|
||||
|
@ -73,6 +81,7 @@ class LassoSPKitGenericSession {
|
|||
if ($federation['userid'] && ! LassoSPKitUtilsSession::getUserID()) {
|
||||
LassoSPKitUtilsSession::setUserID($federation['userid']);
|
||||
}
|
||||
$this->setAssertionAttributes($federation['attributes']);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -49,10 +49,10 @@ class LassoSPKitHelper {
|
|||
return $ok;
|
||||
}
|
||||
/** Extract attributes values and keys from an assertion,
|
||||
and copy them into array $arr. */
|
||||
static function assertionExtractAttributes(LassoAssertion $assertion, &$attributes) {
|
||||
foreach ($assertion->attributeStatement[0]->attribute
|
||||
as $attribute) {
|
||||
and copy them into array $attributes. */
|
||||
static function assertionExtractAttributes($assertion) {
|
||||
$attributes = array();
|
||||
foreach ($assertion->attributeStatement[0]->attribute as $attribute) {
|
||||
if ($attribute->name == LASSO_SAML2_ATTRIBUTE_NAME_EPR) {
|
||||
continue;
|
||||
}
|
||||
|
@ -62,6 +62,7 @@ class LassoSPKitHelper {
|
|||
}
|
||||
$attributes[$attribute->name] = $arr;
|
||||
}
|
||||
return $attributes;
|
||||
}
|
||||
/** Return the NameID found in profile->nameIdentifier. If throw is TRUE
|
||||
* and we cannot find a nameIdentifier then throws IDENTIFIER_NOT_FOUND. */
|
||||
|
|
|
@ -203,16 +203,16 @@ class LassoSPKitSAMLCommon {
|
|||
if ($ok) {
|
||||
try {
|
||||
$this->findFederation($login);
|
||||
} catch (LassoProfileFederationNotFoundError $error) {
|
||||
} catch (LassoProfileFederationNotFoundError $error) {
|
||||
} catch (LassoProfileNameIdentifierNotFoundError $error) {
|
||||
$ok = 0;
|
||||
$ret = LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
|
||||
}
|
||||
}
|
||||
$ok = $ok && ! $ret = $login->acceptSso();
|
||||
if ($login->assertion) {
|
||||
LassoSPKitHelper::assertionExtractAttributes($login->assertion, $attributes);
|
||||
$this->session->processAttributes($attributes);
|
||||
if ($login->response->assertion) {
|
||||
$attributes = LassoSPKitHelper::assertionExtractAttributes($login->response->assertion[0]);
|
||||
$this->session->setAssertionAttributes($attributes);
|
||||
}
|
||||
|
||||
if ($ok) {
|
||||
|
|
Reference in New Issue