/** * Calculate the NameID value that should be used. * * @param SimpleSAML_Configuration $srcMetadata The metadata of the sender (IdP). * @param SimpleSAML_Configuration $dstMetadata The metadata of the recipient (SP). * @param array $attributes The attributes of the user * @return string The NameID value. */ private static function generateNameIdValue(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, array &$state) { $attribute = $dstMetadata->getString('simplesaml.nameidattribute', NULL); if ($attribute === NULL) { $attribute = $srcMetadata->getString('simplesaml.nameidattribute', NULL); if ($attribute === NULL) { /* generate a stable id */ try { return SimpleSAML_Utilities::generateUserIdentifier($srcMetadata->getString('entityid'), $dstMetadata->getString('entityid'), $state); } catch (Exception $e) { SimpleSAML_Logger::error('Unable to generate NameID: ' . $e->getMessage()); return NULL; } } } $attributes = $state['Attributes']; if (!array_key_exists($attribute, $attributes)) { SimpleSAML_Logger::error('Unable to add NameID: Missing ' . var_export($attribute, TRUE) . ' in the attributes of the user.'); return NULL; } return $attributes[$attribute][0]; }