Proper attributeConsumingService usage?
nbyloff opened this issue · 1 comments
I have authentication setup with my company Azure AD, however I cannot tell AD to return user data in the 'FriendlyName' format. All attribute keys look like this:
# this method returns an empty array
$userData = $auth->getAttributesWithFriendlyName();
#so I have to call this method to get the raw data with URLs listed below as attribute keys
$userData = $auth->getAttributes();
https://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
https://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
https://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
attributeConsumingService
is used in my XML to give AD instructions on how to return user data, correct? If so I am obviously using it incorrectly. How do I alter the settings config object below to tell AD to stop returning the full URLs as keys and just give me, emailaddress
, givenname
and surname
as the keys? I am struggling to find something that outlines this for me.
'attributeConsumingService' => [
'serviceName' => 'Company SSO',
'serviceDescription' => 'SSO authentication for use with Company web applications',
'requestedAttributes' => [
[
'nameFormat' => Constants::ATTRNAME_FORMAT_URI,
'isRequired' => true,
'name' => 'emailaddress',
'friendlyName' => 'Email'
],
[
'nameFormat' => Constants::ATTRNAME_FORMAT_URI,
'isRequired' => true,
'name' => 'givenname',
'friendlyName' => 'FirstName'
],
[
'nameFormat' => Constants::ATTRNAME_FORMAT_URI,
'isRequired' => true,
'name' => 'surname',
'friendlyName' => 'LastName'
],
]
],
You need to configure Azure AD properly.
The attributeConsumingService is used to specify what atributes are expected by the Service Provider and how to name them,
but as you don't setup Azure based on the SP metadata, and instead, you need to configure Azure AD manually and specify the attributes that gonna be released and its names, what you define on attributeConsumingService is not used at all.