...
Code Block |
---|
<resolver:AttributeDefinition id="norEduPersonNIN" xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad" sourceAttributeID="mittPersonnummer"> <resolver:Dependency ref="myLDAP" /> <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:mace:dir:attribute-def:norEduPersonNIN" /> <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.2428.90.1.5" friendlyName="norEduPersonNIN" /> <Script> <![CDATA[ // Script to handle ten position wide national identity numbers // The script is supplied by SU // import needed packages importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider); importPackage(Packages.org.slf4j); // Setup a logger importPackage(Packages.org.slf4j); logger = LoggerFactory.getLogger("se.su.it.shibboleth.idp.ninDecorator"); // the attribute which is to be populated norEduPersonNIN = new BasicAttribute("norEduPersonNIN"); try { // Get a ref to the SSN received from ldap ssn=mittPersonnummersocialSecurityNumber.getValues().get(0); logger.debug("Doing decoration of ssn " + ssn); // Only do decoration of SSNs which are on the format YYMMDDxxxx if(ssn.length() == 10) { // Create the two alternative return strings we have to choose between pnr19 = "19" + ssn; pnr20 = "20" + ssn; // Extract year/month/day from the SSN string m_y = ssn.substring(0,2); m_m = ssn.substring(2,4); m_d = ssn.substring(4,6); // Create a Date object for the 20xx case datePnr = new Date("20" + m_y, m_m-1, m_d); // Create a Date object for the current date dateCur = new Date(); // Some debug logging logger.debug("pnr19: " + pnr19); logger.debug("pnr20: " + pnr20); logger.debug("datePnr: " + datePnr); logger.debug("dateCur: " + dateCur); // Verify the value of datePnr before proceeding if(isNaN(datePnr.valueOf())) { throw("Failed to parse the SSN into a Date object"); } // If the 20xx case is in the future we assume 19xx for the NIN attribute if(datePnr>dateCur) { logger.info("Returning 19xx pnr since the 20xx case is in the future"); norEduPersonNIN.getValues().add(pnr19); } else { logger.info("Returning 20xx pnr since it is closer to morecurrent presentdate than the 19xx one."); norEduPersonNIN.getValues().add(pnr20); } } else if(ssn.length() == 12) { logger.info("Returning pnr as-is since it contains 12 chars"); norEduPersonNIN.getValues().add(ssn); } else { logger.errorthrow("Not setting any norEduPersonNIN since it is bogus (length=" + ssn.length() + "): " + ssn); } } catch(err) { logger.error("Not setting any norEduPersonNIN due to exception: " + err); } ]]> </Script> </resolver:AttributeDefinition> |