New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KEYCLOAK-12732 Improve SAMLAttribute parsing of unknown attributes #6681
KEYCLOAK-12732 Improve SAMLAttribute parsing of unknown attributes #6681
Conversation
Is the Java update needed? saml-core is used in adapters and I believe we still support 1.7 in some cases :/ |
I updated the Java Version to be able to use the Stream API. Of course I could rework that again, but I thought the upgrade would be fine, since most of the other Keycloak modules on the server-side are also using Java 8 API. |
66e60c8
to
6bc31c1
Compare
I downgraded the PR to be compatible with Java 7 API. |
6bc31c1
to
e1101ae
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your PR. I believe once the attributes would use qualified names instead of local names, and fixing the static initialization (please see inline), this would be a do contribution.
.../main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeParser.java
Outdated
Show resolved
Hide resolved
.../main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeParser.java
Outdated
Show resolved
Hide resolved
.../main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeParser.java
Outdated
Show resolved
Hide resolved
.../main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeParser.java
Show resolved
Hide resolved
.../main/java/org/keycloak/saml/processing/core/parsers/saml/assertion/SAMLAttributeParser.java
Outdated
Show resolved
Hide resolved
We now store all unknown attributes present on a SAMLAttribute element in the "otherAttributes" map associated with the element. Previously only the x500:encoding attribute was handled while parsing attribute elements.
e1101ae
to
abd5ef1
Compare
@hmlnarik thanks for the review! I just applied the requested changes, except for the logging, please see comments for rationale. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good now, thanks @thomasdarimont !
We now store all unknown attributes present on a SAMLAttribute element
in the "otherAttributes" map associated with the element.
Previously only the x500:encoding attribute was handled while parsing
attribute elements.
Note that I updated the allowed Java version in the maven pom from 1.7 to 1.8 since the rest of Keycloak also uses Java 8 "already".