File: ScopeAttribute.php

package info (click to toggle)
simplesamlphp 1.16.3-1%2Bdeb10u2
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 21,036 kB
  • sloc: php: 73,175; ansic: 875; sh: 83; perl: 82; xml: 52; makefile: 46
file content (107 lines) | stat: -rw-r--r-- 2,325 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
<?php

/**
 * Add a scoped variant of an attribute.
 *
 * @package SimpleSAMLphp
 */
class sspmod_core_Auth_Process_ScopeAttribute extends SimpleSAML_Auth_ProcessingFilter
{
	/**
	 * The attribute we extract the scope from.
	 *
	 * @var string
	 */
	private $scopeAttribute;


	/**
	 * The attribute we want to add scope to.
	 *
	 * @var string
	 */
	private $sourceAttribute;


	/**
	 * The attribute we want to add the scoped attributes to.
	 *
	 * @var string
	 */
	private $targetAttribute;

	/**
	 * Only modify targetAttribute if it doesn't already exist.
	 *
	 * @var bool
	 */
	private $onlyIfEmpty = false;


	/**
	 * Initialize this filter, parse configuration
	 *
	 * @param array $config  Configuration information about this filter.
	 * @param mixed $reserved  For future use.
	 */
	public function __construct($config, $reserved)
    {
		parent::__construct($config, $reserved);
		assert(is_array($config));

		$config = SimpleSAML_Configuration::loadFromArray($config, 'ScopeAttribute');

		$this->scopeAttribute = $config->getString('scopeAttribute');
		$this->sourceAttribute = $config->getString('sourceAttribute');
		$this->targetAttribute = $config->getString('targetAttribute');
		$this->onlyIfEmpty = $config->getBoolean('onlyIfEmpty', false);
	}


	/**
	 * Apply this filter to the request.
	 *
	 * @param array &$request  The current request
	 */
	public function process(&$request)
    {
		assert(is_array($request));
		assert(array_key_exists('Attributes', $request));

		$attributes =& $request['Attributes'];

		if (!isset($attributes[$this->scopeAttribute])) {
			return;
		}

		if (!isset($attributes[$this->sourceAttribute])) {
			return;
		}

		if (!isset($attributes[$this->targetAttribute])) {
			$attributes[$this->targetAttribute] = array();
		}

		if ($this->onlyIfEmpty && count($attributes[$this->targetAttribute]) > 0) {
			return;
		}

		foreach ($attributes[$this->scopeAttribute] as $scope) {
			if (strpos($scope, '@') !== false) {
				$scope = explode('@', $scope, 2);
				$scope = $scope[1];
			}

			foreach ($attributes[$this->sourceAttribute] as $value) {
				$value = $value . '@' . $scope;

				if (in_array($value, $attributes[$this->targetAttribute], true)) {
					// Already present
					continue;
				}

				$attributes[$this->targetAttribute][] = $value;
			}
		}
	}
}