For example , consider if ADFS SSO giving additional parameters like first name, surname, job title, etc., so how we map these additional attributes?
The 'simplesamlphp_auth' module gives us the option to map username, email, etc., from its user sync configuration page, buts it's not sufficient to map all fields. So here I would like to mention a way to map the additional fields.
There is a hook available for this.
hook_simplesamlphp_auth_user_attributes
I have a module named general in my code path. So I will write the above hook like below.
<?php /** * Mapping of additional parameters/SAML attributes to Drupal user profile fields. * @param \Drupal\user\UserInterface $account * The Drupal account/user * @param array $attributes * The SimpleSAMLphp attributes for this account. */ function general_simplesamlphp_auth_user_attributes(\Drupal\user\UserInterface $account, $attributes) { $first_name = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name']; $sur_name = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname']; $job_title = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/jobtitle']; $account->set('field_first_name', $saml_first_name); $account->set('field_last_name', $sur_name); $account->set('field_job_title', $job_title); return $account; } ?>
No comments:
Post a Comment