Skip to content

Commit bced37f

Browse files
jzheauxjzheaux
committed
Merge Same-named Attribute Elements
Closes gh-11042
1 parent fbc5839 commit bced37f

File tree

4 files changed

+18
-3
lines changed

4 files changed

+18
-3
lines changed

saml2/saml2-service-provider/src/opensaml3Test/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProviderTests.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -244,6 +244,7 @@ public void authenticateWhenAssertionContainsAttributesThenItSucceeds() {
244244
expected.put("age", Collections.singletonList(21));
245245
expected.put("website", Collections.singletonList("https://johndoe.com/"));
246246
expected.put("registered", Collections.singletonList(true));
247+
expected.put("role", Arrays.asList("RoleTwo"));
247248
Instant registeredDate = Instant.ofEpochMilli(DateTime.parse("1970-01-01T00:00:00Z").getMillis());
248249
expected.put("registeredDate", Collections.singletonList(registeredDate));
249250
assertThat((String) principal.getFirstAttribute("name")).isEqualTo("John Doe");

saml2/saml2-service-provider/src/opensaml4Main/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProvider.java

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,6 @@
2323
import java.util.Collection;
2424
import java.util.Collections;
2525
import java.util.HashMap;
26-
import java.util.LinkedHashMap;
2726
import java.util.List;
2827
import java.util.Map;
2928
import java.util.function.Consumer;
@@ -92,6 +91,8 @@
9291
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
9392
import org.springframework.util.Assert;
9493
import org.springframework.util.CollectionUtils;
94+
import org.springframework.util.LinkedMultiValueMap;
95+
import org.springframework.util.MultiValueMap;
9596
import org.springframework.util.StringUtils;
9697

9798
/**
@@ -645,7 +646,7 @@ private boolean hasName(Assertion assertion) {
645646
}
646647

647648
private static Map<String, List<Object>> getAssertionAttributes(Assertion assertion) {
648-
Map<String, List<Object>> attributeMap = new LinkedHashMap<>();
649+
MultiValueMap<String, Object> attributeMap = new LinkedMultiValueMap<>();
649650
for (AttributeStatement attributeStatement : assertion.getAttributeStatements()) {
650651
for (Attribute attribute : attributeStatement.getAttributes()) {
651652
List<Object> attributeValues = new ArrayList<>();
@@ -655,7 +656,7 @@ private static Map<String, List<Object>> getAssertionAttributes(Assertion assert
655656
attributeValues.add(attributeValue);
656657
}
657658
}
658-
attributeMap.put(attribute.getName(), attributeValues);
659+
attributeMap.addAll(attribute.getName(), attributeValues);
659660
}
660661
}
661662
return attributeMap;

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProviderTests.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -343,6 +343,7 @@ public void authenticateWhenAssertionContainsAttributesThenItSucceeds() {
343343
expected.put("registered", Collections.singletonList(true));
344344
Instant registeredDate = Instant.parse("1970-01-01T00:00:00Z");
345345
expected.put("registeredDate", Collections.singletonList(registeredDate));
346+
expected.put("role", Arrays.asList("RoleOne", "RoleTwo")); // gh-11042
346347
assertThat((String) principal.getFirstAttribute("name")).isEqualTo("John Doe");
347348
assertThat(principal.getAttributes()).isEqualTo(expected);
348349
assertThat(principal.getSessionIndexes()).contains("session-index");

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestOpenSamlObjects.java

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -327,6 +327,18 @@ static List<AttributeStatement> attributeStatements() {
327327
name.setValue("John Doe");
328328
nameAttr.getAttributeValues().add(name);
329329
attrStmt1.getAttributes().add(nameAttr);
330+
Attribute roleOneAttr = attributeBuilder.buildObject(); // gh-11042
331+
roleOneAttr.setName("role");
332+
XSString roleOne = new XSStringBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
333+
roleOne.setValue("RoleOne");
334+
roleOneAttr.getAttributeValues().add(roleOne);
335+
attrStmt1.getAttributes().add(roleOneAttr);
336+
Attribute roleTwoAttr = attributeBuilder.buildObject(); // gh-11042
337+
roleTwoAttr.setName("role");
338+
XSString roleTwo = new XSStringBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
339+
roleTwo.setValue("RoleTwo");
340+
roleTwoAttr.getAttributeValues().add(roleTwo);
341+
attrStmt1.getAttributes().add(roleTwoAttr);
330342
Attribute ageAttr = attributeBuilder.buildObject();
331343
ageAttr.setName("age");
332344
XSInteger age = new XSIntegerBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);

0 commit comments

Comments
 (0)