diff --git a/app/Libraries/EarcUtils.php b/app/Libraries/EarcUtils.php
index e414af0951800c707b6bf6d2b0d778e139e0024c..65a9178b3e3d8526735283c1d404ae12818ac239 100755
--- a/app/Libraries/EarcUtils.php
+++ b/app/Libraries/EarcUtils.php
@@ -84,7 +84,7 @@ class EarcUtils
}
/**
- * Parse attribute OID to hunam readable attributes
+ * Parse attribute OID to human readable attributes
*
* @return array
*/
@@ -470,4 +470,111 @@ class EarcUtils
return array('mark' => 'A'.self::getExtraPoints('A', $sp_metadata, $released_attributes, $superfluous_attributes, $idp_metadata, $non_personal_attributes), 'text' => 'Great! IdP sends all necessary information', 'additional_information' => $additional_information);
}
}
+
+ /**
+ * Check attributes for Anonymous Access Entity Category and its version
+ * v1 must contain [eduPersonScopedAffiliation, schacHomeOrganization, eduPersonEntitlement, eduPersonOrgDN]
+ * v2 must contain [eduPersonScopedAffiliation, schacHomeOrganization]
+ *
+ * @param mixed $idp_metadata
+ *
+ * @return array
+ */
+ public static function isAnonymous($idp_metadata)
+ {
+ $attributesV1 = ["eduPersonScopedAffiliation", "schacHomeOrganization", "eduPersonEntitlement", "eduPersonOrgDN"];
+ $attributesV2 = ["eduPersonScopedAffiliation", "schacHomeOrganization"];
+ $flag = false;
+
+ if (array_key_exists('EntityAttributes', $idp_metadata)
+ && array_key_exists('http://macedir.org/entity-category-support', $idp_metadata['EntityAttributes'])
+ && is_array($idp_metadata['EntityAttributes']['http://macedir.org/entity-category-support'])) {
+
+ foreach ($idp_metadata['EntityAttributes']['http://macedir.org/entity-category-support'] as $encat) {
+ if ($encat === 'http://refeds.org/category/anonymous') {
+ $flag = true;
+ break;
+ }
+ }
+
+ if($flag) {
+ if (count(array_intersect($attributesV1, array_keys($idp_metadata))) == count($attributesV1)) {
+ return ['compliant' => true, 'version' => 1];
+ }
+
+ if (count(array_intersect($attributesV2, array_keys($idp_metadata))) == count($attributesV2)) {
+ return ['compliant' => true, 'version' => 2];
+ }
+ }
+ }
+
+ return ['compliant' => false, 'version' => false];
+ }
+
+ /**
+ * Check attributes for Pseudonymous Access Entity Category and its version
+ * v1 must contain [eduPersonScopedAffiliation, schacHomeOrganization, pairwise-id, eduPersonAssurance, eduPersonOrgDN, eduPersonEntitlement ]
+ * v2 must contain [eduPersonScopedAffiliation, schacHomeOrganization, pairwise-id, eduPersonAssurance ]
+ *
+ * @param mixed $idp_metadata
+ *
+ * @return array
+ */
+ public function isPseudonymous($idp_metadata)
+ {
+ $attributesV1 = ["eduPersonScopedAffiliation", "schacHomeOrganization", "pairwise-id", "eduPersonAssurance", "eduPersonOrgDN", "eduPersonEntitlement"];
+ $attributesV2 = ["eduPersonScopedAffiliation", "schacHomeOrganization", "pairwise-id", "eduPersonAssurance"];
+
+ $flag = false;
+
+ if (array_key_exists('EntityAttributes', $idp_metadata)
+ && array_key_exists('http://macedir.org/entity-category-support', $idp_metadata['EntityAttributes'])
+ && is_array($idp_metadata['EntityAttributes']['http://macedir.org/entity-category-support'])) {
+
+ foreach ($idp_metadata['EntityAttributes']['http://macedir.org/entity-category-support'] as $encat) {
+ if ($encat === 'https://refeds.org/category/pseudonymous') {
+ $flag = true;
+ }
+ }
+
+ if($flag) {
+ if (count(array_intersect($attributesV1, array_keys($idp_metadata))) == count($attributesV1)) {
+ return ['compliant' => true, 'version' => 1];
+ }
+
+ if (count(array_intersect($attributesV2, array_keys($idp_metadata))) == count($attributesV2)) {
+ return ['compliant' => true, 'version' => 2];
+ }
+ }
+ }
+
+ return ['compliant' => false, 'version' => false];
+ }
+
+ /**
+ * Check attributes for Personalized Access Entity Category and its version
+ * must contain [eduPersonScopedAffiliation, schacHomeOrganization, eduPersonAssurance, mail, sn, givenName, displayName, subject-id ]
+ *
+ * @param mixed $idp_metadata
+ *
+ * @return bool
+ */
+ public function isPersonalized($idp_metadata)
+ {
+ $attributes = ["eduPersonScopedAffiliation", "schacHomeOrganization", "eduPersonAssurance", "mail", "sn", "givenName", "displayName", "subject-id"];
+
+ if (array_key_exists('EntityAttributes', $idp_metadata)
+ && array_key_exists('http://macedir.org/entity-category-support', $idp_metadata['EntityAttributes'])
+ && is_array($idp_metadata['EntityAttributes']['http://macedir.org/entity-category-support'])) {
+
+ foreach ($idp_metadata['EntityAttributes']['http://macedir.org/entity-category-support'] as $encat) {
+ if ($encat === 'https://refeds.org/category/personalized'
+ && count(array_intersect($attributes, array_keys($idp_metadata))) == count($attributes)) {
+ return true;
+ }
+ }
+ }
+
+ return false;
+ }
}