Organizational Identity Source Plugins

Plugin Requirements

The name of the Plugin should match the format FooSource.
The Plugin should implement a FooSource model and a corresponding controller (FoosController).
1. This model should belongTo OrgIdentitySource.
2. The controller should extend SOISController.
3. When a new Org Identity Source is created, a skeletal row in the corresponding foo_sources table will be created. There is no add operation or view required. The skeletal row will point to the parent Org Identity Source.
4. When an Org Identity Source is edited, the entry point to the Plugin will be foo_source/foo_sources/edit/#. This will be called immediately after the parent Org Identity Source is created.
5. Note OrgIdentitySource has a hasOne (ie: 1 to 1) relationship with FooSource.
6. The table foo_sources should include a foreign key to org_identity_sources:id.
  1. Other tables used by the plugin should reference foo_source:id.
The Plugin should also implement a model named FooSourceBackend.
1. The backend is responsible for the implementation of the backend search and retrieval capabilities.
  1. The raw record returned by the retrieve() function should not change if the underlying backend record has not changed. Registry uses the raw record to determine when the related Org Identity record must be updated.
  2. The Plugin should support mail (email address) as a searchable attribute. This capability is used by Enrollment Flows in Org Identity Source mode operating in a self service configuration.
  3. See also Supported Attributes, below.
2. This model should extend OrgIdentitySourceBackend, and implement the abstract functions defined in the parent model (see app/Model/OrgIdentitySourceBackend.php).
3. Note that the Plugin configuration for FooSource will be available to the backend in $this->pluginCfg.
Registry will automatically track the current backend data via the org_identity_source_records table.

Supported Attributes

The Org Identity Source Backend is expected to return both a raw record (directly representing the backend datasource), and a formatted record. The formatted record is expected to represent an OrgIdentity, in typical Cake array format, along with its associated Models. The Backend may return the following supported attributes:

Attribute	Multi-valued?	Required?	Notes
Address	Yes	No	See note below.
EmailAddress	Yes	No	See note below.
Identifier	Yes	No	Does not automatically include the unique key (SORID). See note below.
Name	Yes	No	Do not include Primary Name. See note below.
OrgIdentity.affiliation	No	No	Possible values may vary by CO; see `CoExtendedType::definedTypes`
OrgIdentity.title	No	No
OrgIdentity.o	No	No
OrgIdentity.ou	No	No
PrimaryName	No	Yes	This Name should not also be included in the Names array.
TelephoneNumber	Yes	No	See note below.

For multi-valued attributes, only one attribute of a given type is currently supported. For example, there can only be one official EmailAddress, though a second EmailAddress may be provided if (eg) of type personal.

Possible types may vary by CO, see CoExtendedType::definedTypes for valid types.

Example

$myData = array(
  'OrgIdentity' => array(
    'title' => 'Researcher',
    'o' => 'University of Impossible Equations',
    'ou' => 'Department of Timey Wimey Stuff'
  ),
  'PrimaryName' => array(
    'given' => 'Pat',
    'family' => 'Lee',
    'type' => 'official',
    'primary_name' => true
  ),
  // Note below here are multi-valued arrays
  'Identifier' => array(
    array(
      'identifier' => 'plee@university.edu',
      'type' => 'eppn',
      'login' => true
    )
  ),
  'EmailAddress' => array(
    array(
      'mail' => 'plee@university.edu',
      'type' => 'official',
      'verified' => true
    ),
    array(
      'mail' => 'plee@socialemail.com',
      'type' => 'personal',
      'verified' => false
    )
  )
);

Space shortcuts

Page tree

Plugin Requirements

Supported Attributes

Example