Commit 6c60fe02 authored by Piers Harding's avatar Piers Harding
Browse files

auth/saml: Added check to ensure that mandatory fields are present


when auto-creating users.
Signed-off-by: default avatarPiers Harding <piers@catalyst.net.nz>
parent 6a77b85f
......@@ -89,10 +89,10 @@ class AuthSaml extends Auth {
throw new AccessDeniedException();
}
$remoteuser = $attributes[$this->config['user_attribute']][0];
$firstname = $attributes[$this->config['firstnamefield']][0];
$lastname = $attributes[$this->config['surnamefield']][0];
$email = $attributes[$this->config['emailfield']][0];
$remoteuser = $attributes[$this->config['user_attribute']][0];
$firstname = $attributes[$this->config['firstnamefield']][0];
$lastname = $attributes[$this->config['surnamefield']][0];
$email = $attributes[$this->config['emailfield']][0];
$institutionname = $this->institution;
$virgin = false;
......@@ -179,6 +179,11 @@ class AuthSaml extends Auth {
$user->lastname = $lastname;
$user->email = $email;
// must have these values
if (empty($firstname) || empty($lastname) || empty($email)) {
throw new AccessDeniedException();
}
$user->authinstance = empty($this->config['parent']) ? $this->instanceid : $this->parent;
db_begin();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment