Into your core/config.php HOSTS array, there is a list of settings pertaining to your LiveWhale installation (HTTP_HOST, DATABASE_HOST, etc.). You can add AUTH_ATTRIBUTES to that list to save login attributes to cookies.

'AUTH_ATTRIBUTES'=>[
        [
                'name'=>'urn:oid:0.9.2342.19200300.100.1.3', // email
                'encrypt'=>false
        ],
        [
                'name'=>'urn:oid:2.16.840.1.113730.3.1.241', // name
                'encrypt'=>false
        ]
],

For each value you want to save, the “name” must match exactly with attribute name as sent by your single-sign-on server (for SAML, check the SAML debug page).

Accessing via JavaScript

After logging in, you can see the encoded name of the cookie in the inspector. To access it, use the livewhale.cookie_prefix variable to fill in the “lw_XXXXX_” portion of the cookie name. For example,

var sso_email = livewhale.cookie_prefix + 'auth_urn:oid:0_9_2342_19200300_100_1_3';

Accessing via PHP

For logged-in users, you can use $_LW->AUTH_ATTRIBUTES to access the attribute data in custom PHP code.

If you set encrypt=true in your configuration array, the human-readable version saved to the cookie will be obfuscated (so it won’t be understandable from the inspector, say), but you can still access a decrypted version using the $_LW->AUTH_ATTRIBUTES.

For example, this code can be used in an onLoad handler in a custom module to map the above values to XPHP variables:

$GLOBALS['sso_email']=rawurldecode(@$_LW->AUTH_ATTRIBUTES['lw_auth_urn:oid:0_9_2342_19200300_100_1_3']); // expose SSO email to template
$GLOBALS['sso_name']=rawurldecode(@$_LW->AUTH_ATTRIBUTES['lw_auth_urn:oid:2_16_840_1_113730_3_1_241']); // expose SSO name to template