Skip to content

Add ability to define additional attributes on ContactPerson element #509

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jaimeperez merged 7 commits into from
Jan 23, 2017
+53 −0
Merged

Add ability to define additional attributes on ContactPerson element #509

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
32063a8
Add ability to define additional attributes on ContactPerson element
Nov 9, 2016
6e33222
Address issues from unit tests
Nov 9, 2016
1ce9a0c
Use count() instead of empty().
Nov 9, 2016
62b0871
Added documentation for contactPerson attributes
Nov 15, 2016
e142bd0
Fixed errors in documentation
Jan 13, 2017
404f208
Split condition on multiple lines and added strict comparison
Jan 20, 2017
a28b760
Removed changes to composer.json
Jan 20, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions docs/simplesamlphp-reference-idp-hosted.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,37 @@ Common options
any value in the SP-remote metadata overrides the one configured
in the IdP metadata.

`contacts`
: Specify contacts in addition to the technical contact configured through config/config.php.
For example, specifying a support contact:

'contacts' => array(
array(
'contactType' => 'support',
'emailAddress' => 'support@example.org',
'givenName' => 'John',
'surName' => 'Doe',
'telephoneNumber' => '+31(0)12345678',
'company' => 'Example Inc.',
),
),

: If you have support for a trust framework that requires extra attributes on the contact person element in your IdP metadata (for example, SIRTFI), you can specify an array of attributes on a contact.

'contacts' => array(
array(
'contactType' => 'other',
'emailAddress' => 'mailto:abuse@example.org',
'givenName' => 'John',
'surName' => 'Doe',
'telephoneNumber' => '+31(0)12345678',
'company' => 'Example Inc.',
'attributes' => array(
'xmlns:remd' => 'http://refeds.org/metadata',
'remd:contactType' => 'http://refeds.org/metadata/contactType/security',
),
),
),

SAML 2.0 options
----------------
Expand Down
4 changes: 4 additions & 0 deletions lib/SimpleSAML/Metadata/SAMLBuilder.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -688,6 +688,10 @@ public function addContact($type, $details)
$e = new \SAML2\XML\md\ContactPerson();
$e->contactType = $type;

if (!empty($details['attributes'])) {
$e->ContactPersonAttributes = $details['attributes'];
}

if (isset($details['company'])) {
$e->Company = $details['company'];
}
Expand Down
17 changes: 17 additions & 0 deletions lib/SimpleSAML/Utils/Config/Metadata.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,12 @@ class Metadata


/**
* Valid options for the ContactPerson element
*
* The 'attributes' option isn't defined in section 2.3.2.2 of the OASIS document, but
* it is required to allow additons to the main contact person element for trust
* frameworks.
*
* @var array The valid configuration options for a contact configuration array.
* @see "Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0", section 2.3.2.2.
*/
Expand All @@ -37,6 +43,7 @@ class Metadata
'surName',
'telephoneNumber',
'company',
'attributes',
);


Expand Down Expand Up @@ -108,6 +115,16 @@ function ($t) {
throw new \InvalidArgumentException('"contactType" is mandatory and must be one of '.$types.".");
}

// check attributes is an associative array
if (isset($contact['attributes'])) {
if (empty($contact['attributes'])
|| !is_array($contact['attributes'])
|| count(array_filter(array_keys($contact['attributes']), 'is_string')) === 0
) {
throw new \InvalidArgumentException('"attributes" must be an array and cannot be empty.');
}
}

// try to fill in givenName and surName from name
if (isset($contact['name']) && !isset($contact['givenName']) && !isset($contact['surName'])) {
// first check if it's comma separated
Expand Down
1 change: 1 addition & 0 deletions tests/lib/SimpleSAML/Utils/Config/MetadataTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,7 @@ public function testGetContact()
}
$contact['contactType'] = 'technical';
$contact['name'] = 'to_be_removed';
$contact['attributes'] = array('test' => 'testval');
$parsed = Metadata::getContact($contact);
foreach (array_keys($parsed) as $key) {
$this->assertEquals($parsed[$key], $contact[$key]);
Expand Down