Skip to content

Commit 791066a

Browse files
author
Vitalii Shtykno
committed
Remove Comparison atribute for empty value
1 parent 2aaa5aa commit 791066a

File tree

2 files changed

+15
-2
lines changed

2 files changed

+15
-2
lines changed

lib/Saml2/AuthnRequest.php

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -111,15 +111,20 @@ public function __construct(OneLogin_Saml2_Settings $settings, $forceAuthn = fal
111111
$authnComparison = $security['requestedAuthnContextComparison'];
112112
}
113113

114+
$authnComparisonAttr = '';
115+
if (!empty($authnComparison)) {
116+
$authnComparisonAttr = sprintf('Comparison="%s"', $authnComparison);
117+
}
118+
114119
if ($security['requestedAuthnContext'] === true) {
115120
$requestedAuthnStr = <<<REQUESTEDAUTHN
116121
117-
<samlp:RequestedAuthnContext Comparison="$authnComparison">
122+
<samlp:RequestedAuthnContext $authnComparisonAttr>
118123
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
119124
</samlp:RequestedAuthnContext>
120125
REQUESTEDAUTHN;
121126
} else {
122-
$requestedAuthnStr .= " <samlp:RequestedAuthnContext Comparison=\"$authnComparison\">\n";
127+
$requestedAuthnStr .= " <samlp:RequestedAuthnContext $authnComparisonAttr>\n";
123128
foreach ($security['requestedAuthnContext'] as $contextValue) {
124129
$requestedAuthnStr .= " <saml:AuthnContextClassRef>".$contextValue."</saml:AuthnContextClassRef>\n";
125130
}

tests/src/OneLogin/Saml2/AuthnRequestTest.php

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,6 +94,14 @@ public function testAuthNContext()
9494
$decoded5 = base64_decode($encodedRequest5);
9595
$request5 = gzinflate($decoded5);
9696
$this->assertContains('<samlp:RequestedAuthnContext Comparison="minimum">', $request5);
97+
98+
$settingsInfo['security']['requestedAuthnContextComparison'] = '';
99+
$settings6 = new OneLogin_Saml2_Settings($settingsInfo);
100+
$authnRequest6 = new OneLogin_Saml2_AuthnRequest($settings6);
101+
$encodedRequest6 = $authnRequest6->getRequest();
102+
$decoded6 = base64_decode($encodedRequest6);
103+
$request6 = gzinflate($decoded6);
104+
$this->assertContains('<samlp:RequestedAuthnContext >', $request6);
97105
}
98106

99107
/**

0 commit comments

Comments
 (0)