Open clegaspi opened 2 years ago
If we have something like this:
<saml2:Attribute Name="firstName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">First</saml2:AttributeValue> <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">First</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="lastName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Last</saml2:AttributeValue> <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Last</saml2:AttributeValue> </saml2:Attribute>
This will fail regex validation, because the regex comparison gets a list rather than a string. We should have a check to make sure the firstName and lastName attributes are not multi-valued.
If we have something like this:
This will fail regex validation, because the regex comparison gets a list rather than a string. We should have a check to make sure the firstName and lastName attributes are not multi-valued.