Merge pull request #331 from mauromol/preserve-returned-attribute-order

Make the SamlResponse returned attribute map preserve attribute order
SAML-Toolkits · Jun 24, 2021 · 8aaef77 · 8aaef77
2 parents 6233278 + 1fba07d
commit 8aaef77
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 4 deletions.
diff --git a/core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java b/core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java
@@ -6,6 +6,7 @@
 import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.HashMap;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
@@ -573,7 +574,7 @@ public String getNameIdSPNameQualifier() throws Exception {
      *
      */
 	public HashMap<String, List<String>> getAttributes() throws XPathExpressionException, ValidationError {
-		HashMap<String, List<String>> attributes = new HashMap<String, List<String>>();
+		HashMap<String, List<String>> attributes = new LinkedHashMap<String, List<String>>();
 
 		NodeList nodes = this.queryAssertion("/saml:AttributeStatement/saml:Attribute");
 

diff --git a/toolkit/src/main/java/com/onelogin/saml2/Auth.java b/toolkit/src/main/java/com/onelogin/saml2/Auth.java
@@ -121,7 +121,7 @@ public class Auth {
 	/**
 	 * User attributes data.
 	 */
-	private Map<String, List<String>> attributes = new HashMap<String, List<String>>();
+	private Map<String, List<String>> attributes = new LinkedHashMap<String, List<String>>();
 
 	/**
 	 * If user is authenticated.

diff --git a/toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java b/toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java
@@ -31,6 +31,7 @@
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 
@@ -524,7 +525,7 @@ public void testProcessResponse() throws Exception {
 		when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded}));
 		Auth auth2 = new Auth(settings, request, response);
 
-		HashMap<String, List<String>> expectedAttributes = new HashMap<String, List<String>>();
+		HashMap<String, List<String>> expectedAttributes = new LinkedHashMap<String, List<String>>();
 		List<String> attrValues = new ArrayList<String>();
 		attrValues.add("smartin");
 		List<String> attrValues2 = new ArrayList<String>();
@@ -538,9 +539,9 @@ public void testProcessResponse() throws Exception {
 		attrValues5.add("Martin2");
 		expectedAttributes.put("uid", attrValues);
 		expectedAttributes.put("mail", attrValues2);
-		expectedAttributes.put("eduPersonAffiliation", attrValues3);
 		expectedAttributes.put("cn", attrValues4);
 		expectedAttributes.put("sn", attrValues5);
+		expectedAttributes.put("eduPersonAffiliation", attrValues3);
 		List<String> keys = new ArrayList<String>(expectedAttributes.keySet());
 
 		assertFalse(auth2.isAuthenticated());