Hi Juan,
On 22-08-17 01:44, Juan Manuel Palacios wrote:
> I'm about to perform an integration with an IdP that will be sending me
> the 'eduPersonUniqueId' attribute, which maps to
> urn:oid:1.3.6.1.4.1.5923.1.1.1.13. My problem is that, if I'm not
> mistaken, support for that attribute/urn was introduced into the
> SimpleSAMLphp code base in commit
> f2644710d848d7ebc3ed3b5ae0e86d734af98b5d
> <
https://github.com/simplesamlphp/simplesamlphp/commit/f2644710d848d7ebc3ed3b5ae0e86d734af98b5d>,
> which only exists in the master branch and not in simplesamlphp-1.14
> from which releases are currently being cut (I'm on the latest 1.14.15).
>
> So my question is whether my SimpleSAMLphp deployment will be able to
> transform that attribute even if it's not in its
> attributemap/name2oid.php file... or are the contents there being used
> only for documentation purposes? And if I indeed have to patch my
> deployment to support transforming that attribute, do I only have to
> back port commit f2644710d848d7ebc3ed3b5ae0e86d734af98b5d? Or do I also
> have to do something else?
The shipped attribute maps are just defaults and I would consider them
configuration files that you can change. You can apply the mappings via
the core:AttributeMap authentication processing filter.
See:
https://simplesamlphp.org/docs/stable/core:authproc_attributemap
The second example uses the shipped name2oid map. You can change that
map to add the new attribute, or you can specify any name there of a
separate file that contains your own mappings.
Cheers,
Thijs