if (count($values) === 0) {
/* Return all attributes. */
$returnAttributes[$name] = $attributes[$name];
continue;
}
/* Filter which attribute values we should return. */
$returnAttributes[$name] = array_intersect($values, $attributes[$name]);
}
}
/* $returnAttributes contains the attributes we should return. Send them. */
$assertion = new SAML2_Assertion();
$assertion->setDestination($endpoint);
$assertion->setIssuer($idpEntityId);
$assertion->setNameId($query->getNameId());
$assertion->setNotBefore(time());
$assertion->setNotOnOrAfter(time() + 5 * 60);
$assertion->setInResponseTo($query->getId());
$assertion->setValidAudiences(array($spEntityId));
$assertion->setAttributes($returnAttributes);
$assertion->setAttributeNameFormat($attributeNameFormat);
sspmod_saml2_Message::addSign($idpMetadata, $spMetadata, $assertion);
$response = new SAML2_Response();
$response->setRelayState($query->getRelayState());
$response->setDestination($endpoint);
$response->setIssuer($idpEntityId);
$response->setInResponseTo($query->getId());
$response->setAssertions(array($assertion));
sspmod_saml2_Message::addSign($idpMetadata, $spMetadata, $response);
$binding = new SAML2_HTTPPost();
$binding->setDestination(sspmod_saml2_Message::getDebugDestination());
$binding->send($response);
