Skip to content

Commit 1308714

Browse files
thijskhthijskh
authored
Merge pull request #735 from bynare/nameidattribute-filter-fix
NameIDAttribute filter: update to use SAML2\XML\saml\NameID
2 parents 96c54f0 + 807e1f3 commit 1308714

2 files changed

Lines changed: 151 additions & 10 deletions

File tree

modules/saml/lib/Auth/Process/NameIDAttribute.php

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ private static function parseFormat($format)
8181
$ret[] = 'SPNameQualifier';
8282
break;
8383
case 'V':
84-
$ret[] = 'Value';
84+
$ret[] = 'value';
8585
break;
8686
case '%':
8787
$ret[] = '%';
@@ -114,17 +114,17 @@ public function process(&$state)
114114
}
115115

116116
$rep = $state['saml:sp:NameID'];
117-
assert(isset($rep['Value']));
117+
assert(isset($rep->value));
118118

119-
$rep['%'] = '%';
120-
if (!isset($rep['Format'])) {
121-
$rep['Format'] = \SAML2\Constants::NAMEID_UNSPECIFIED;
119+
$rep->{'%'} = '%';
120+
if (!isset($rep->Format)) {
121+
$rep->Format = \SAML2\Constants::NAMEID_UNSPECIFIED;
122122
}
123-
if (!isset($rep['NameQualifier'])) {
124-
$rep['NameQualifier'] = $state['Source']['entityid'];
123+
if (!isset($rep->NameQualifier)) {
124+
$rep->NameQualifier = $state['Source']['entityid'];
125125
}
126-
if (!isset($rep['SPNameQualifier'])) {
127-
$rep['SPNameQualifier'] = $state['Destination']['entityid'];
126+
if (!isset($rep->SPNameQualifier)) {
127+
$rep->SPNameQualifier = $state['Destination']['entityid'];
128128
}
129129

130130
$value = '';
@@ -133,7 +133,7 @@ public function process(&$state)
133133
if ($isString) {
134134
$value .= $element;
135135
} else {
136-
$value .= $rep[$element];
136+
$value .= $rep->$element;
137137
}
138138
$isString = !$isString;
139139
}

tests/modules/saml/lib/Auth/Process/NameIDAttributeTest.php

Lines changed: 141 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,141 @@
1+
<?php
2+
/**
3+
* Test for the saml:NameIDAttribute filter.
4+
*
5+
* @author Eugene Venter <eugene@catalyst.net.nz>
6+
* @package SimpleSAMLphp
7+
*/
8+
9+
use PHPUnit\Framework\TestCase;
10+
11+
class NameIDAttributeTest extends TestCase
12+
{
13+
14+
/*
15+
* Helper function to run the filter with a given configuration.
16+
*
17+
* @param array $config The filter configuration.
18+
* @param array $request The request state.
19+
* @return array The state array after processing.
20+
*/
21+
private function processFilter(array $config, array $request)
22+
{
23+
$filter = new sspmod_saml_Auth_Process_NameIDAttribute($config, null);
24+
$filter->process($request);
25+
return $request;
26+
}
27+
28+
29+
/**
30+
* Test minimal configuration.
31+
*/
32+
public function testMinimalConfig()
33+
{
34+
$config = array();
35+
36+
$nameId = new \SAML2\XML\saml\NameID();
37+
$nameId->value = 'eugene@oombaas';
38+
$nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;
39+
40+
$spId = 'eugeneSP';
41+
$idpId = 'eugeneIdP';
42+
43+
$request = array(
44+
'Source' => array(
45+
'entityid' => $spId,
46+
),
47+
'Destination' => array(
48+
'entityid' => $idpId,
49+
),
50+
'saml:sp:NameID' => $nameId,
51+
);
52+
$result = $this->processFilter($config, $request);
53+
$this->assertEquals("{$spId}!{$idpId}!{$nameId->value}", $result['Attributes']['nameid'][0]);
54+
}
55+
56+
/**
57+
* Test custom attribute name.
58+
*/
59+
public function testCustomAttributeName()
60+
{
61+
$attributeName = 'eugeneNameIDAttribute';
62+
$config = array('attribute' => $attributeName);
63+
64+
$nameId = new \SAML2\XML\saml\NameID();
65+
$nameId->value = 'eugene@oombaas';
66+
$nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;
67+
68+
$spId = 'eugeneSP';
69+
$idpId = 'eugeneIdP';
70+
71+
$request = array(
72+
'Source' => array(
73+
'entityid' => $spId,
74+
),
75+
'Destination' => array(
76+
'entityid' => $idpId,
77+
),
78+
'saml:sp:NameID' => $nameId,
79+
);
80+
$result = $this->processFilter($config, $request);
81+
$this->assertTrue(isset($result['Attributes'][$attributeName]));
82+
$this->assertEquals("{$spId}!{$idpId}!{$nameId->value}", $result['Attributes'][$attributeName][0]);
83+
}
84+
85+
/**
86+
* Test custom format.
87+
*/
88+
public function testFormat()
89+
{
90+
$config = array('format' => '%V');
91+
92+
$nameId = new \SAML2\XML\saml\NameID();
93+
$nameId->value = 'eugene@oombaas';
94+
$nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;
95+
96+
$spId = 'eugeneSP';
97+
$idpId = 'eugeneIdP';
98+
99+
$request = array(
100+
'Source' => array(
101+
'entityid' => $spId,
102+
),
103+
'Destination' => array(
104+
'entityid' => $idpId,
105+
),
106+
'saml:sp:NameID' => $nameId,
107+
);
108+
$result = $this->processFilter($config, $request);
109+
$this->assertEquals("{$nameId->value}", $result['Attributes']['nameid'][0]);
110+
}
111+
112+
113+
/**
114+
* Test custom attribute name with format.
115+
*/
116+
public function testCustomAttributeNameAndFormat()
117+
{
118+
$attributeName = 'eugeneNameIDAttribute';
119+
$config = array('attribute' => $attributeName, 'format' => '%V');
120+
121+
$nameId = new \SAML2\XML\saml\NameID();
122+
$nameId->value = 'eugene@oombaas';
123+
$nameId->Format = \SAML2\Constants::NAMEID_PERSISTENT;
124+
125+
$spId = 'eugeneSP';
126+
$idpId = 'eugeneIdP';
127+
128+
$request = array(
129+
'Source' => array(
130+
'entityid' => $spId,
131+
),
132+
'Destination' => array(
133+
'entityid' => $idpId,
134+
),
135+
'saml:sp:NameID' => $nameId,
136+
);
137+
$result = $this->processFilter($config, $request);
138+
$this->assertTrue(isset($result['Attributes'][$attributeName]));
139+
$this->assertEquals("{$nameId->value}", $result['Attributes'][$attributeName][0]);
140+
}
141+
}

0 commit comments

Comments
 (0)