Closed robotdan closed 2 years ago
@voidmain want to take a look at this issue and fix?
From what I can tell, the xsi:nil
is more for the parser than the reader. So during our parsing of the response, I don't have an additional attribute to indicate null
is ok. But rather, it parses successfully and because xsi:nil
is present the value comes through as null
instead of ""
.
https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
2.7.3.1.1 Element
1250 If a SAML attribute includes a "null" value, the corresponding
element MUST be 1251 empty and MUST contain the reserved xsi:nil XML attribute with a value of "true" or "1".
So I'm accounting for a null
attribute, and preserving the null
value in the collection.
We could also omit the null
attribute by removing it from the collection.
I released for now since the fix alleviates the symptom. We can discuss if we want to keep this behavior or modify it.
When parsing a SAML response, if the attribute value specifies
xsi:nil
we still expect a value of nonnull
and then exception.Example attribute, notice
xsi:nil="true"
.