SAML: do not send empty Attribute Statement (#109)
This commit is contained in:
parent
af0f4ef88e
commit
11761807f4
@ -825,9 +825,12 @@ sub issuerForUnAuthUser {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# Create attribute statement
|
# Create attribute statement
|
||||||
|
if ( scalar @returned_attributes ) {
|
||||||
my $attribute_statement;
|
my $attribute_statement;
|
||||||
|
|
||||||
eval { $attribute_statement = Lasso::Saml2AttributeStatement->new(); };
|
eval {
|
||||||
|
$attribute_statement = Lasso::Saml2AttributeStatement->new();
|
||||||
|
};
|
||||||
if ($@) {
|
if ($@) {
|
||||||
$self->checkLassoError($@);
|
$self->checkLassoError($@);
|
||||||
$self->returnSOAPMessage();
|
$self->returnSOAPMessage();
|
||||||
@ -851,6 +854,7 @@ sub issuerForUnAuthUser {
|
|||||||
|
|
||||||
# Set response assertion
|
# Set response assertion
|
||||||
$query->response->Assertion( ($assertion) );
|
$query->response->Assertion( ($assertion) );
|
||||||
|
}
|
||||||
|
|
||||||
# Build response
|
# Build response
|
||||||
$att_response = $self->buildAttributeResponse($query);
|
$att_response = $self->buildAttributeResponse($query);
|
||||||
@ -1304,20 +1308,6 @@ sub issuerForAuthUser {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create attribute statement
|
|
||||||
my $attribute_statement;
|
|
||||||
|
|
||||||
eval {
|
|
||||||
$attribute_statement = Lasso::Saml2AttributeStatement->new();
|
|
||||||
};
|
|
||||||
if ($@) {
|
|
||||||
$self->checkLassoError($@);
|
|
||||||
return PE_ERROR;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Register attributes in attribute statement
|
|
||||||
$attribute_statement->Attribute(@attributes);
|
|
||||||
|
|
||||||
# Get response assertion
|
# Get response assertion
|
||||||
my @response_assertions = $login->response->Assertion;
|
my @response_assertions = $login->response->Assertion;
|
||||||
|
|
||||||
@ -1330,9 +1320,28 @@ sub issuerForAuthUser {
|
|||||||
$response_assertions[0]
|
$response_assertions[0]
|
||||||
->set_subject_name_id( $login->nameIdentifier );
|
->set_subject_name_id( $login->nameIdentifier );
|
||||||
|
|
||||||
|
# Create attribute statement
|
||||||
|
if ( scalar @attributes ) {
|
||||||
|
|
||||||
|
my $attribute_statement;
|
||||||
|
|
||||||
|
eval {
|
||||||
|
$attribute_statement =
|
||||||
|
Lasso::Saml2AttributeStatement->new();
|
||||||
|
};
|
||||||
|
if ($@) {
|
||||||
|
$self->checkLassoError($@);
|
||||||
|
return PE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Register attributes in attribute statement
|
||||||
|
$attribute_statement->Attribute(@attributes);
|
||||||
|
|
||||||
# Add attribute statement in response assertion
|
# Add attribute statement in response assertion
|
||||||
my @attributes_statement = ($attribute_statement);
|
my @attributes_statement = ($attribute_statement);
|
||||||
$response_assertions[0]->AttributeStatement(@attributes_statement);
|
$response_assertions[0]
|
||||||
|
->AttributeStatement(@attributes_statement);
|
||||||
|
}
|
||||||
|
|
||||||
# Get AuthnStatement
|
# Get AuthnStatement
|
||||||
my @authn_statements = $response_assertions[0]->AuthnStatement();
|
my @authn_statements = $response_assertions[0]->AuthnStatement();
|
||||||
|
Loading…
Reference in New Issue
Block a user