fix: attrValueMapper fails to parse complex AttributeValue tags (#245) #1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
This fixes an issue where the
attrValueMapper
would fail to properly map the value for complexAttributeValue
tags. This handles the case where theAttributeValue
contains a nestedNameID
tag.One such example is the
eduPersonTargetedID
that is used as an identifier in eduGAIN which can return an Attribute of the formLimitations
Note that in reality, the
AttributeValue
tags can be much more complex. The Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 uses the following schema for theAttribute
tag:and the following schema for the
AttributeValue
:which means it can take any type.
As pointed out in this issue, it is customary to use
NameQualifier
and theSPNameQualifier
in addition to the actual value to create a unique identifier for the platform. That is why theAttributeValue
is mapped to an object containing the attribute of theNameID
tag as well as the string value foreduPersonTargetedID
that is stored in theValue
property.Additional information regarding the fix
attrValueMapper
is extracted to the SAML prototype to make it easier to test and it is renamed toattributeValueMapper
to make it more explicit.attrValueMapper
would returnundefined
for this use case. Now, it returns an object whereValue
is the nested string value and the tag attributes are properties of that object.Related PRs and issues
This should close the following PRs (although the mapping is different):
This should close the following issue: