Auth Proc Filter Hooks -

[Baku305]

What happened?

• stacktrace of the error

---

"Exception - syntax error, unexpected end of file

More information about this error

×Debug info:
Error code: generalexceptionmessage
×Stack trace:
line 1 of /auth/saml2/.extlib/simplesamlphp/modules/core/lib/Auth/Process/PHP.php(65) : eval()'d code: ParseError thrown
line 67 of /auth/saml2/.extlib/simplesamlphp/modules/core/lib/Auth/Process/PHP.php: call to SimpleSAML\Module\core\Auth\Process\PHP->SimpleSAML\Module\core\Auth\Process{closure}()
line 215 of /auth/saml2/.extlib/simplesamlphp/lib/SimpleSAML/Auth/ProcessingChain.php: call to SimpleSAML\Module\core\Auth\Process\PHP->process()
line 1170 of /auth/saml2/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php: call to SimpleSAML\Auth\ProcessingChain->processState()
line 268 of /auth/saml2/.extlib/simplesamlphp/modules/saml/www/sp/saml2-acs.php: call to SimpleSAML\Module\saml\Auth\Source\SP->handleResponse()
line 34 of /auth/saml2/sp/saml2-acs.php: call to require()"

---

What you expected:

Attribute ex:

<Attribute Name="http://schemas.xmlsoap.org/claims/Group" a:OriginalIssuer="urn:federation:feddippp" xmlns:a="http://schemas.xmlsoap.org/ws/2009/09/identity/claims"> <AttributeValue>grp-spi,grp-sau,grp-smacc</AttributeValue> </Attribute>

I need to create a hook that filters the Group attribute which currently comes to me as a unique string within the attribute value. For example "grp-a,grp-b,grp-viceversa". to then be able to manage accesses in the screenshot mask in the way you can see. I created this as per the documentation, but running it I get this error. Thanks so much for the support

this is the code in the lib.php file

<?php

defined('MOODLE_INTERNAL') || die();


function local_customsamlhook_extend_auth_saml2_proc()
{
    return [
        51 => array(
            'class' => 'core:PHP',
            'code' => '$attributes = update_attributes($attributes);' 
        )
    ];
}

function update_attributes($attributes)
{
    if (isset($attributes["Group"])) {
        $attributeValue = $attributes["Group"];
        $groups = explode(",", $attributeValue);
        if (in_array("grp-viceversa", $groups)) {
            $newGroups = ["grp-viceversa"];
            $attributes["Group"] = $newGroups[0];
        } else {
            $newGroups = ["no-grp-viceversa"];
            $attributes["Group"] = $newGroups[0];
        }
    } else {
        $logMessage = "no Group attributes";
        error_log($logMessage);
    }


    return $attributes;
}

++++ in 'code' => '$attributes = update_attributes($attributes);' the semicolon is not present in the sample documentation, I tried adding it thinking that the lack could cause the problem, but without solving the error+++

[sumaiyamannan]

Hi,

I had the same issue and I overcame it by not using the function at all. I know it is not the ideal solution but something like below is what i got working:

<?php

defined('MOODLE_INTERNAL') || die();


function local_customsamlhook_extend_auth_saml2_proc()
{
    return [
        51 => array(
            'class' => 'core:PHP',
            'code' => '
		        if (isset($attributes["Group"])) {
			$attributeValue = $attributes["Group"];
			$groups = explode(",", $attributeValue);
			if (in_array("grp-viceversa", $groups)) {
			    $newGroups = ["grp-viceversa"];
			    $attributes["Group"] = $newGroups[0];
			} else {
			    $newGroups = ["no-grp-viceversa"];
			    $attributes["Group"] = $newGroups[0];
			}
		    } else {
			$logMessage = "no Group attributes";
			error_log($logMessage);
		    }
            ' 
        )
    ];
}