From 8028f78307c4b47d020e917a64fd54410c13b176 Mon Sep 17 00:00:00 2001
From: Vittorio Palmisano <vpalmisano@gmail.com>
Date: Mon, 30 Oct 2017 16:29:38 +0100
Subject: [PATCH 1/5] Fixing NameID value mapping

---
 lib/passport-saml/saml.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
index 99b90e2f..bb6d4b90 100644
--- a/lib/passport-saml/saml.js
+++ b/lib/passport-saml/saml.js
@@ -780,7 +780,15 @@ SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callb
       }));
 
       var attrValueMapper = function(value) {
-        return typeof value === 'string' ? value : value._;
+        if (typeof value === 'string') {
+          return value;
+        }
+        else if(value.NameID && value.NameID.length === 1) {
+          return value.NameID[0]._
+        }
+        else {
+          return value._;
+        }
       };
 
       if (attributes) {

From 76c334c2a08151c1391cfb4df0a0819aa264fa56 Mon Sep 17 00:00:00 2001
From: Vittorio Palmisano <vpalmisano@gmail.com>
Date: Mon, 20 Apr 2020 17:19:00 +0200
Subject: [PATCH 2/5] making attrValueMapper optional

---
 lib/passport-saml/saml.js | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
index 63cb7322..db3fe66d 100644
--- a/lib/passport-saml/saml.js
+++ b/lib/passport-saml/saml.js
@@ -80,6 +80,12 @@ SAML.prototype.initialize = function (options) {
     options.signatureAlgorithm = 'sha1';
   }
 
+  if(!options.attrValueMapper) {
+    attrValueMapper = function (value) {
+      return typeof value === 'string' ? value : value._;
+    }
+  }
+
   /**
    * List of possible values:
    * - exact : Assertion context must exactly match a context in the list
@@ -1008,17 +1014,7 @@ SAML.prototype.processValidlySignedAssertion = function(xml, samlResponseXml, in
                                                   .map(attr => attr.Attribute)
                                );
 
-      var attrValueMapper = function(value) {
-        if (typeof value === 'string') {
-          return value;
-        }
-        else if(value.NameID && value.NameID.length === 1) {
-          return value.NameID[0]._
-        }
-        else {
-          return value._;
-        }
-      };
+      var attrValueMapper = this.options.attrValueMapper;
 
       if (attributes) {
         attributes.forEach(attribute => {

From c771333b8e61fbe87fee7b83e1f15bc18314d416 Mon Sep 17 00:00:00 2001
From: Vittorio Palmisano <vpalmisano@gmail.com>
Date: Mon, 20 Apr 2020 17:25:43 +0200
Subject: [PATCH 3/5] fixed previous commit

---
 lib/passport-saml/saml.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
index db3fe66d..7c7c30a2 100644
--- a/lib/passport-saml/saml.js
+++ b/lib/passport-saml/saml.js
@@ -81,9 +81,9 @@ SAML.prototype.initialize = function (options) {
   }
 
   if(!options.attrValueMapper) {
-    attrValueMapper = function (value) {
+    options.attrValueMapper = function (value) {
       return typeof value === 'string' ? value : value._;
-    }
+    };
   }
 
   /**

From 810be8b554eed41572fd6ce268e730b056e6d69a Mon Sep 17 00:00:00 2001
From: Vittorio Palmisano <vpalmisano@gmail.com>
Date: Mon, 20 Apr 2020 17:33:28 +0200
Subject: [PATCH 4/5] added attrValueMapper documentation

---
 README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 649cf5b8..458419d8 100644
--- a/README.md
+++ b/README.md
@@ -117,7 +117,14 @@ type Profile = {
   * `decryptionPvk`: optional private key that will be used to attempt to decrypt any encrypted assertions that are received
   * `signatureAlgorithm`: optionally set the signature algorithm for signing requests, valid values are 'sha1' (default), 'sha256', or 'sha512'
   * `digestAlgorithm`: optionally set the digest algorithm used to provide a digest for the signed data object, valid values are 'sha1' (default), 'sha256', or 'sha512'
-  * `xmlSignatureTransforms`: optionally set an array of signature transforms to be used in HTTP-POST signatures. By default this is `[ 'http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#' ]`
+  * `xmlSignatureTransforms`: optionally set an array of signature transforms to be used in HTTP-POST signatures. By 
+  * `attrValueMapper`: optionally set a function that maps attributes values into plain strings. By default this is:
+    ```js
+    attrValueMapper = function (value) {
+      return typeof value === 'string' ? value : value._;
+    };
+     ```
+  default this is `[ 'http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#' ]`
  * **Additional SAML behaviors**
   * `additionalParams`: dictionary of additional query params to add to all requests; if an object with this key is passed to `authenticate`, the dictionary of additional query params will be appended to those present on the returned URL, overriding any specified by initialization options' additional parameters (`additionalParams`, `additionalAuthorizeParams`, and `additionalLogoutParams`)
   * `additionalAuthorizeParams`: dictionary of additional query params to add to 'authorize' requests

From fcb88ca4fbe8920dc27b026f74761ce6db12bd7d Mon Sep 17 00:00:00 2001
From: Vittorio Palmisano <vpalmisano@gmail.com>
Date: Mon, 20 Apr 2020 17:49:30 +0200
Subject: [PATCH 5/5] fixed typo in documentation

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 458419d8..bad57d54 100644
--- a/README.md
+++ b/README.md
@@ -118,13 +118,13 @@ type Profile = {
   * `signatureAlgorithm`: optionally set the signature algorithm for signing requests, valid values are 'sha1' (default), 'sha256', or 'sha512'
   * `digestAlgorithm`: optionally set the digest algorithm used to provide a digest for the signed data object, valid values are 'sha1' (default), 'sha256', or 'sha512'
   * `xmlSignatureTransforms`: optionally set an array of signature transforms to be used in HTTP-POST signatures. By 
+  default this is `[ 'http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#' ]`
   * `attrValueMapper`: optionally set a function that maps attributes values into plain strings. By default this is:
     ```js
     attrValueMapper = function (value) {
       return typeof value === 'string' ? value : value._;
     };
      ```
-  default this is `[ 'http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#' ]`
  * **Additional SAML behaviors**
   * `additionalParams`: dictionary of additional query params to add to all requests; if an object with this key is passed to `authenticate`, the dictionary of additional query params will be appended to those present on the returned URL, overriding any specified by initialization options' additional parameters (`additionalParams`, `additionalAuthorizeParams`, and `additionalLogoutParams`)
   * `additionalAuthorizeParams`: dictionary of additional query params to add to 'authorize' requests