Allow gateway to pass though unknown attributes

OpenConext / Stepup-Gateway

Stepup Gateway

Apache License 2.0

6 stars 3 forks source link

Allow gateway to pass though unknown attributes #392

Closed phavekes closed 2 days ago

phavekes commented 2 days ago

This issue is imported from pivotal - Originaly created at Mar 26, 2018 by Pieter van der Meulen

phavekes commented 2 days ago

@pmeulen wouldn\'t it be better to always allow unknown attributes in the Stepup-saml-bundle? In other words shouldn\'t we remove the feature toggle and implement it\'s \'allow unknown attributes\' behaviour as the default?

Or can you think of situations where we want this strict whitelist behaviour that is the current default> (Michiel Kodde - Mar 29, 2018)

phavekes commented 2 days ago

I don\'t really see the value of the current default whitelist behaviour. It could be useful for an application, when it is has control over the attributes in the list. Providing a dictionary with internationally standardised attributes could also be useful for applictions

Some applications might depend on the current behaviour. Changing the default is a BC break. (Pieter van der Meulen - Mar 29, 2018)

phavekes commented 2 days ago

This is now also applied to SS and RA:

https://github.com/OpenConext/Stepup-SelfService/pull/145
https://github.com/OpenConext/Stepup-RA/pull/154 (Joris Steyn - Apr 12, 2018)