From b5e2407728be7adb30d016cfe6656cef4932dec7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= <clement@oodo.net>
Date: Mon, 1 Mar 2010 17:16:42 +0000
Subject: [PATCH] SAML: get mandatory attributes - work in progress

---
 .../lib/Lemonldap/NG/Portal/UserDBSAML.pm     | 50 ++++++++++++++++---
 1 file changed, 42 insertions(+), 8 deletions(-)

diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBSAML.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBSAML.pm
index 14c5f3d90..d2d262f10 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBSAML.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBSAML.pm
@@ -35,10 +35,45 @@ sub getUser {
 }
 
 ## @apmethod int setSessionInfo()
-# Does nothing
+# Get all required attributes
 # @return Lemonldap::NG::Portal error code
 sub setSessionInfo {
-    PE_OK;
+    my $self   = shift;
+    my $server = $self->{_lassoServer};
+    my $idp    = $self->{_idp};
+
+    my $exportedAttr;
+
+    # Get all required attributes, not already set
+    # in setAuthSessionInfo()
+    foreach ( keys %{ $self->{samlIDPMetaDataExportedAttributes}->{$idp} } ) {
+
+        # Extract fields from exportedAttr value
+        my ( $mandatory, $name, $format, $friendly_name ) =
+          split( /;/,
+            $self->{samlIDPMetaDataExportedAttributes}->{$idp}->{$_} );
+
+        # Keep mandatory attributes not sent in authentication response
+        if ( $mandatory and not defined $self->{sessionInfo}->{$_} ) {
+            $exportedAttr->{$_} =
+              $self->{samlIDPMetaDataExportedAttributes}->{$idp}->{$_};
+            $self->lmLog( "Attribute $_ will be requested to $idp", 'debug' );
+        }
+    }
+
+    unless ( keys %$exportedAttr ) {
+        $self->lmLog(
+            "All mandatory attributes were present in authentication response",
+            'debug'
+        );
+        return PE_OK;
+    }
+
+    # Build Attribute Request
+    #
+
+    return PE_OK;
+
 }
 
 ## @apmethod int setGroups()
@@ -47,6 +82,7 @@ sub setSessionInfo {
 sub setGroups {
     PE_OK;
 }
+
 1;
 __END__
 
@@ -54,24 +90,23 @@ __END__
 
 =encoding utf8
 
-Lemonldap::NG::Portal::UserDBSAML - TODO
+Lemonldap::NG::Portal::UserDBSAML - SAML User backend
 
 =head1 SYNOPSIS
 
   use Lemonldap::NG::Portal::UserDBSAML;
-  #TODO
 
 =head1 DESCRIPTION
 
-TODO
+Collect all required attributes trough SAML Attribute Requests
 
 =head1 SEE ALSO
 
-L<Lemonldap::NG::Portal>
+L<Lemonldap::NG::Portal>, L<Lemonldap::NG::Portal::AuthSAML>, L<Lemonldap::NG::Portal::_SAML>
 
 =head1 AUTHOR
 
-Xavier Guimard, E<lt>x.guimard@free.frE<gt>
+Xavier Guimard, E<lt>x.guimard@free.frE<gt>, Clement Oudot, E<lt>coudot@linagora.comE<gt>
 
 =head1 COPYRIGHT AND LICENSE
 
@@ -81,5 +116,4 @@ This library is free software; you can redistribute it and/or modify
 it under the same terms as Perl itself, either Perl version 5.10.0 or,
 at your option, any later version of Perl 5 you may have available.
 
-
 =cut