Make Name ID and attribute value trimming an opt-in feature

Name IDs (including issuers) are by default left untouched, as well as
attribute values, like it was before. However two new settings have
been introduced (whose default value is false) which allow to enable
trimming for such values, which is probably the desired behaviour in
practice, although SAML specification says that no whitespace processing
should be performed on strings.
Another place where trimming may be desirable is in SessionIndex
extraction from LogoutRequests: this is not performed at any point of
the LogoutRequest processing, but an overloading has been provided so
that the API consumer may still request trimming.
AuthnResponseTest.testGetIssuersTrimming() is disabled by now because it
fails due to a bug in SamlResponse.getIssuers() which is addressed by
another PR.

Author: mauromol

README.md

@@ -362,6 +362,15 @@ onelogin.saml2.security.digest_algorithm = http://www.w3.org/2001/04/xmlenc#sha2
 # Reject Signatures with deprecated algorithms (sha1)
 onelogin.saml2.security.reject_deprecated_alg = true
 
+# Enable trimming of parsed Name IDs and attribute values
+# SAML specification states that no trimming for string elements should be performed, so no trimming will be
+# performed by default on extracted Name IDs and attribute values. However, some SAML implementations may add
+# undesirable surrounding whitespace when outputting XML (possibly due to formatting/pretty-printing).
+# These two options allow to optionally enable value trimming on extracted Name IDs (including issuers) and 
+# attribute values.
+onelogin.saml2.parsing.trim_name_ids = false
+onelogin.saml2.parsing.trim_attribute_values = false
+
 # Organization
 onelogin.saml2.organization.name = SP Java 
 onelogin.saml2.organization.displayname = SP Java Example

core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java

@@ -471,7 +471,7 @@ public Map<String,String> getNameIdData() throws Exception {
 
 			if (nameIdElem != null) {
 				String value = nameIdElem.getTextContent();
-				if(value != null) {
+				if(value != null && settings.isTrimNameIds()) {
 					value = value.trim();
 				}
 				if (settings.isStrict() && StringUtils.isEmpty(value)) {
@@ -602,8 +602,8 @@ public HashMap<String, List<String>> getAttributes() throws XPathExpressionExcep
 				for (int j = 0; j < childrens.getLength(); j++) {
 					if ("AttributeValue".equals(childrens.item(j).getLocalName())) {
 						String attrValue = childrens.item(j).getTextContent();
-						if(attrValue != null) {
-							attrValue = attrValue.toString();
+						if(attrValue != null && settings.isTrimAttributeValues()) {
+							attrValue = attrValue.trim();
 						}
 						attrValues.add(attrValue);
 					}
@@ -735,7 +735,7 @@ public String getResponseIssuer() throws XPathExpressionException, ValidationErr
 		if (responseIssuer.getLength() > 0) {
 			if (responseIssuer.getLength() == 1) {
 				String value = responseIssuer.item(0).getTextContent();
-				if(value != null) {
+				if(value != null && settings.isTrimNameIds()) {
 					value = value.trim();
 				}
 				return value;
@@ -762,7 +762,7 @@ public String getAssertionIssuer() throws XPathExpressionException, ValidationEr
 		NodeList assertionIssuer = this.queryAssertion("/saml:Issuer");
 		if (assertionIssuer.getLength() == 1) {
 			String value = assertionIssuer.item(0).getTextContent();
-			if(value != null) {
+			if(value != null && settings.isTrimNameIds()) {
 				value = value.trim();
 			}
 			return value;