Add: GUID Transformation

docs/en/developer.md

@@ -21,6 +21,7 @@ We assume ADFS 2.0 or greater is used as an IdP.
   - [Service Provider (SP)](#service-provider-sp)
   - [Identity Provider (IdP)](#identity-provider-idp)
   - [Additional configuration for Azure AD](#additional-configuration-for-azure-ad)
+  - [GUID Transformation](#guid-transformation)
 - [Establish trust](#establish-trust)
 - [Configure SilverStripe Authenticators](#configure-silverstripe-authenticators)
   - [Show the SAML Login button on login form](#show-the-saml-login-button-on-login-form)
@@ -149,6 +150,11 @@ SilverStripe\SAML\Extensions\SAMLMemberExtension:
     - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': 'Email'
 ```
 
+### GUID Transformation
+
+If you prefer to receive the GUID in lower-case or upper-case format you can use the 
+`updateGuid()` extension point on `\SilverStripe\SAML\Control\SAMLController`.
+
 ## Establish trust
 
 At this stage the SilverStripe site trusts the IdP, but the IdP does not have any way to establish the identity of the SilverStripe site.

src/Control/SAMLController.php

@@ -141,13 +141,15 @@ public function acs()
         }
 
         if (!$helper->validGuid($guid)) {
-            $errorMessage = "Not a valid GUID '{$guid}' recieved from server.";
+            $errorMessage = "Not a valid GUID '{$guid}' received from server.";
             $this->getLogger()->error($errorMessage);
             $this->getForm()->sessionMessage($errorMessage, ValidationResult::TYPE_ERROR);
             $this->getRequest()->getSession()->save($this->getRequest());
             return $this->getRedirect();
         }
 
+        $this->extend('updateGuid', $guid);
+
         $attributes = $auth->getAttributes();
 
         $fieldToClaimMap = array_flip(Member::config()->claims_field_mappings);