New AA to deliver manage content as an attribute

[phavekes]

This issue is imported from pivotal - Originaly created at Oct 28, 2019 by Thijs Kinkhorst

We want to provide the CRM GUID of a SURF customer to SURF\'s own SP\'s.

This value is always available in Manage for an IdP in the coin:institution_guid field. Its value is a (MS) format GUID.

Create an aggregator that produces the attribute urn:mace:surf.nl:attribute-def:surf-crm-id with the value that the user\'s IdP has in Manage. If there\'s no value, provide no attribute.

The value does not change often/at all, so some amount of caching is not a problem.

[phavekes]

@thijskh Is there an urn:oid alias for the new attribute? (Okke Harsta - Oct 28, 2019)

[phavekes]

1.3.6.1.4.1.1076.20.100.10.50.2 (Thijs Kinkhorst - Oct 28, 2019)

[phavekes]

1.3.6.1.4.1.1076.20.100.10.50.2 (Thijs Kinkhorst - Oct 28, 2019)

[phavekes]

Implemented and deployed: https://aa.test2.surfconext.nl/playground# (Okke Harsta - Oct 28, 2019)

[phavekes]

Works on the playground, but EB does not provide the IDPentityID attribute. Pull request https://github.com/OpenConext/OpenConext-engineblock/pull/799 is added as blocker (Okke Harsta - Oct 28, 2019)

[phavekes]

Looks good! FInal test to be done when EB supports this (Thijs Kinkhorst - Oct 29, 2019)