Fix 157. Support multiple attributeValues on RequestedAttribute

pitbulk · pitbulk · commit 9289d2632dbc · 2016-09-20T12:14:04.000+02:00
diff --git a/README.md b/README.md
@@ -251,7 +251,7 @@ This is the settings.json file:
                         "isRequired": false,
                         "nameFormat": "",
                         "friendlyName": "",
-                        "attributeValue": ""
+                        "attributeValue": []
                     }
                 ]
         },
diff --git a/src/onelogin/saml2/metadata.py b/src/onelogin/saml2/metadata.py
@@ -77,7 +77,6 @@ def builder(sp, authnsign=False, wsign=False, valid_until=None, cache_duration=N
             organization = {}
 
         str_attribute_consuming_service = ''
-
         if 'attributeConsumingService' in sp and len(sp['attributeConsumingService']):
             attr_cs_desc_str = ''
             if "serviceDescription" in sp['attributeConsumingService']:
@@ -94,16 +93,22 @@ def builder(sp, authnsign=False, wsign=False, valid_until=None, cache_duration=N
                 if 'friendlyName' in req_attribs.keys() and req_attribs['friendlyName']:
                     req_attr_nameformat_str = " FriendlyName=\"%s\"" % req_attribs['friendlyName']
                 if 'isRequired' in req_attribs.keys() and req_attribs['isRequired']:
-                    req_attr_isrequired_str = " isRequired=\"%s\"" % 'true' if req_attribs['isRequired'] else 'false'
+                    req_attr_isrequired_str = " isRequired=\"%s\"" % req_attribs['isRequired']
+
                 if 'attributeValue' in req_attribs.keys() and req_attribs['attributeValue']:
-                    req_attr_aux_str = """ >
-            <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion>%(attributeValue)</saml:AttributeValue>
-</md:RequestedAttribute>""" % \
-                        {
-                            'attributeValue': req_attribs['attributeValue']
-                        }
-
-                requested_attribute = """            <md:RequestedAttribute Name="%(req_attr_name)s"%(req_attr_nameformat_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s""" % \
+                    req_attr_aux_str = ""
+                    if isinstance(req_attribs['attributeValue'], basestring):
+                        req_attribs['attributeValue'] = [req_attribs['attributeValue']]
+                    for attrValue in req_attribs['attributeValue']:
+                        req_attr_aux_str += """
+                <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion>%(attributeValue)s</saml:AttributeValue>""" % \
+                          {
+                            'attributeValue': attrValue
+                          }
+                    req_attr_aux_str += """
+            </md:RequestedAttribute>"""
+
+                requested_attribute = """            <md:RequestedAttribute Name="%(req_attr_name)s"%(req_attr_nameformat_str)s%(req_attr_friendlyname_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s""" % \
                     {
                         'req_attr_name': req_attribs['name'],
                         'req_attr_nameformat_str': req_attr_nameformat_str,
diff --git a/tests/src/OneLogin/saml2_tests/metadata_test.py b/tests/src/OneLogin/saml2_tests/metadata_test.py
@@ -165,6 +165,28 @@ def testBuilderAttributeConsumingService(self):
             <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.1" FriendlyName="uid" />
         </md:AttributeConsumingService>""", metadata)
 
+    def testBuilderAttributeConsumingServiceWithMultipleAttributeValue(self):
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings5.json'))
+        sp_data = settings.get_sp_data()
+        security = settings.get_security_data()
+        organization = settings.get_organization()
+        contacts = settings.get_contacts()
+
+        metadata = OneLogin_Saml2_Metadata.builder(
+            sp_data, security['authnRequestsSigned'],
+            security['wantAssertionsSigned'], None, None, contacts,
+            organization
+        )
+        self.assertIn("""        <md:AttributeConsumingService index="1">
+            <md:ServiceName xml:lang="en">Test Service</md:ServiceName>
+            <md:ServiceDescription xml:lang="en">Test Service</md:ServiceDescription>
+            <md:RequestedAttribute Name="userType" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+                <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion>userType</saml:AttributeValue>
+                <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion>admin</saml:AttributeValue>
+            </md:RequestedAttribute>
+            <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.1" FriendlyName="uid" />
+        </md:AttributeConsumingService>""", metadata)
+
     def testSignMetadata(self):
         """
         Tests the signMetadata method of the OneLogin_Saml2_Metadata

Original file line number	Diff line number	Diff line change
`@@ -251,7 +251,7 @@ This is the settings.json file:`
`251`	`251`	`"isRequired": false,`
`252`	`252`	`"nameFormat": "",`
`253`	`253`	`"friendlyName": "",`
`254`		`- "attributeValue": ""`
	`254`	`+ "attributeValue": []`
`255`	`255`	`}`
`256`	`256`	`]`
`257`	`257`	`},`