From 36ec1fc2401022c8d06c81f45d8495bbf4d93f74 Mon Sep 17 00:00:00 2001
From: Bertrand Gauthier <bertrand.gauthier@unicaen.fr>
Date: Tue, 28 Aug 2018 09:47:53 +0200
Subject: [PATCH] =?UTF-8?q?Shib:=20v=C3=A9rification=20que=20l'eppn=20usur?=
 =?UTF-8?q?p=C3=A9=20contient=20bien=20un=20domaine?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/UnicaenAuth/Service/ShibService.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/UnicaenAuth/Service/ShibService.php b/src/UnicaenAuth/Service/ShibService.php
index 4704959..96fe081 100644
--- a/src/UnicaenAuth/Service/ShibService.php
+++ b/src/UnicaenAuth/Service/ShibService.php
@@ -142,6 +142,8 @@ EOS;
         try {
             Assertion::keyIsset($simulate, 'eppn',
                 "Clé 'eppn' introuvable ou sans valeur dans l'option 'unicaen-auth.shibboleth.simulate'");
+            Assertion::contains($simulate['eppn'], '@',
+                "L'eppn '" . $simulate['eppn'] . "' n'est pas de la forme 'id@domaine' attendue (ex: 'tartempion@unicaen.fr')");
             Assertion::eq(count(array_intersect($keys = ['supannEmpId', 'supannEtuId'], array_keys($simulate))), 1,
                 "L'une ou l'autre de ces clés doit être présente dans l'option 'unicaen-auth.shibboleth.simulate': " .
                 implode(', ', $keys));
-- 
GitLab