env IDP_PROVIDED_USER_IDENTIFIER_NAME

lucidprogrammer · lucidprogrammer · commit aedbcf0adf4d · 2018-03-01T13:01:27.000Z
diff --git a/src/SamlIdentity.php b/src/SamlIdentity.php
@@ -43,7 +43,11 @@ public static function findIdentity($id)
     {
       $attributes = Yii::$container->get('saml')->getAttributes();
       if(sizeof($attributes) > 0){
-        $id = $attributes['username'][0];
+        $id = mt_rand();
+        $uniqueIdentifierFromIdp = getenv('IDP_PROVIDED_USER_IDENTIFIER_NAME') ? getenv('IDP_PROVIDED_USER_IDENTIFIER_NAME') : '';
+        if($uniqueIdentifierFromIdp){
+          $id = $attributes[$uniqueIdentifierFromIdp] && count($attributes[$uniqueIdentifierFromIdp])>0 ? $attributes[$uniqueIdentifierFromIdp][0] : $id;
+        }
         return new SamlIdentity($id,$attributes);
       }
       return null;
diff --git a/src/_SamlController.php b/src/_SamlController.php
@@ -22,7 +22,12 @@ public function actionLogin(){
       Yii::$container->get('saml')->requireAuth();
     } else {
       $attributes = Yii::$container->get('saml')->getAttributes();
-      $id = $attributes['username'][0];
+      $id = mt_rand();
+      $uniqueIdentifierFromIdp = getenv('IDP_PROVIDED_USER_IDENTIFIER_NAME') ? getenv('IDP_PROVIDED_USER_IDENTIFIER_NAME') : '';
+      if($uniqueIdentifierFromIdp){
+        $id = $attributes[$uniqueIdentifierFromIdp] && count($attributes[$uniqueIdentifierFromIdp])>0 ? $attributes[$uniqueIdentifierFromIdp][0] : $id;
+      }
+
       Yii::$app->user->login(new SamlIdentity($id,$attributes), 0);
       $this->goBack();
     }

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,11 @@ public static function findIdentity($id)`
`43`	`43`	`{`
`44`	`44`	`$attributes = Yii::$container->get('saml')->getAttributes();`
`45`	`45`	`if(sizeof($attributes) > 0){`
`46`		`- $id = $attributes['username'][0];`
	`46`	`+ $id = mt_rand();`
	`47`	`+ $uniqueIdentifierFromIdp = getenv('IDP_PROVIDED_USER_IDENTIFIER_NAME') ? getenv('IDP_PROVIDED_USER_IDENTIFIER_NAME') : '';`
	`48`	`+ if($uniqueIdentifierFromIdp){`
	`49`	`+ $id = $attributes[$uniqueIdentifierFromIdp] && count($attributes[$uniqueIdentifierFromIdp])>0 ? $attributes[$uniqueIdentifierFromIdp][0] : $id;`
	`50`	`+ }`
`47`	`51`	`return new SamlIdentity($id,$attributes);`
`48`	`52`	`}`
`49`	`53`	`return null;`