function hook_simplesamlphp_auth_user_roles_alter in simpleSAMLphp Authentication 8.3
Same name and namespace in other branches
- 7.3 simplesamlphp_auth.api.php \hook_simplesamlphp_auth_user_roles_alter()
Hook to alter the roles assigned to a SAML-authenticated user.
Whenever a user's roles are evaluated this hook will be called, allowing custom logic to be used to alter or even completely replace the roles evaluated.
Parameters
array &$roles: The roles that have been selected for the current user by the role evaluation process.
array $attributes: The SimpleSAMLphp attributes for this user.
1 invocation of hook_simplesamlphp_auth_user_roles_alter()
- SimplesamlphpDrupalAuth::getMatchingRoles in src/
Service/ SimplesamlphpDrupalAuth.php - Get matching user roles to assign to user.
File
- ./
simplesamlphp_auth.api.php, line 21 - Hooks for simpleSAMLphp Authentication module.
Code
function hook_simplesamlphp_auth_user_roles_alter(&$roles, $attributes) {
if (isset($attributes['roles'])) {
// The roles provided by the IdP.
$sso_roles = $attributes['roles'];
// Match role names in the saml attributes to local role names.
$user_roles = array_intersect(user_roles(), $sso_roles);
foreach (array_keys($user_roles) as $rid) {
$roles[$rid] = $rid;
}
}
}