We have a service that requires uid, but for reasons I can't fathom, our IDP intermittently quits sending it causing service disruptions.
However, they send mail reliably in the form uid@instution.edu
I mapped mail onto uid, but I need to strip @institution.edu from uid for the app to work properly. How can this be done?
You can use a Transform type of <AttributeResolver>. Here is an example from the "TransformAttributeResolver" page of the official documentation that splits apart an attribute into two new attributes:
<AttributeResolver type="Transform" source="displayName">
<Regex match="^(.+) (.+)$" dest="givenName">$1</Regex>
<Regex match="^(.+) (.+)$" dest="sn">$2</Regex>
<Regex match="^(.+) (.+)$">$2, $1</Regex>
</AttributeResolver>
This would go in shibboleth2.xml. In your case you could use something like
<AttributeResolver type="Transform" source="mail">
<Regex match="^(.+)@mydomain.com$" dest="uidunscoped">$1</Regex>
</AttributeResolver>