Merge pull request #346 from silinternational/feature/add-displayname

Add displayName attribute to SAML response

Author: jason-jackson

features/bootstrap/LoginContext.php

@@ -74,6 +74,7 @@ public function __construct()
         $this->request = new Request();
 
         $this->resetDatabase();
+        parent::__construct();
     }
 
     protected function addXFailedLoginUsernames(int $number, $username)
@@ -276,6 +277,32 @@ public function iShouldBeAllowedThrough()
         Assert::notEmpty($userInfo);
     }
 
+    /**
+     * @Then I should have the correct attributes
+     */
+    public function iShouldHaveTheCorrectAttributes()
+    {
+        Assert::true(
+            $this->authenticator->isAuthenticated()
+        );
+        $userInfo = $this->authenticator->getUserAttributes();
+        Assert::keyExists($userInfo, "eduPersonPrincipalName");
+        Assert::keyExists($userInfo, "eduPersonUniqueId");
+        Assert::keyExists($userInfo, "sn");
+        Assert::keyExists($userInfo, "givenName");
+        Assert::keyExists($userInfo, "displayName");
+        Assert::keyExists($userInfo, "mail");
+        Assert::keyExists($userInfo, "employeeNumber");
+        Assert::keyExists($userInfo, "cn");
+        Assert::keyExists($userInfo, "schacExpiryDate");
+        Assert::keyExists($userInfo, "mfa");
+        Assert::keyExists($userInfo, "method");
+        Assert::keyExists($userInfo, "uuid");
+        Assert::keyExists($userInfo, "manager_email");
+        Assert::keyExists($userInfo, "profile_review");
+        Assert::keyExists($userInfo, "member");
+    }
+
     /**
      * @When I try to log in enough times to trigger the rate limit
      */

features/login.feature

@@ -85,6 +85,7 @@ Feature: User login
     When I try to log in
     Then I should not see an error message
     And I should be allowed through
+    And I should have the correct attributes
 
   Scenario: Providing too many incorrect username-password combinations
     Given I provide a username

modules/silauth/src/Auth/Source/auth/IdBroker.php

@@ -94,7 +94,8 @@ public function getAuthenticatedUser(string $username, string $password): ?array
             $userInfo['method'],
             $userInfo['manager_email'] ?? null,
             $userInfo['profile_review'] ?? 'no',
-            $userInfo['member'] ?? []
+            $userInfo['member'] ?? [],
+            $userInfo['display_name'],
         );
     }
 }

modules/silauth/src/Auth/Source/saml/User.php

@@ -17,7 +17,8 @@ public static function convertToSamlFieldNames(
         array   $method,
         ?string $managerEmail,
         string  $profileReview,
-        array   $member
+        array   $member,
+        string  $displayName
     ): array {
 
         // eduPersonUniqueId (only alphanumeric allowed)
@@ -47,6 +48,7 @@ public static function convertToSamlFieldNames(
 
             'sn' => (array)$lastName,
             'givenName' => (array)$firstName,
+            'displayName' => (array)$displayName,
             'mail' => (array)$email,
             'employeeNumber' => (array)$employeeId,
             'cn' => (array)$username,