SAML2 library does not support Consent attribute for messages

[GoogleCodeExporter]

SAML2 library does not support reading or writing of the Consent attribute on 
SAML2 messages.

Original issue reported on code.google.com by boy@ibuildings.nl on 1 Nov 2013 at 9:49

Attachments:

• consent-at-r3288.diff

[GoogleCodeExporter]

Now patch with actual accessors.

Original comment by boy@ibuildings.nl on 1 Nov 2013 at 9:56

Attachments:

• consent-at-r3288-1.diff

[GoogleCodeExporter]

Hi,

sorry for taking so long to get back to you on this patch. There are a couple 
of changes I'd like to see:

- As far as I understand the specification, the consent attribute isn't 
required to be one of the URIs listed in section 8.4 of the specification. I 
therefore do not think you should check that when setting the value.

- Your editor apparently adds a linefeed after "?>" in the end of the file. If 
your patch is going to modify that line in any case, you may as well delete it.

Original comment by olavmrk@gmail.com on 5 Nov 2013 at 9:53

[GoogleCodeExporter]

Hi Olav, good catch! I'll have to check our SAML2 proxy to see what it even 
does with non-SAML2 values for Consent. But if it's allowed by the spec, it 
should be allowed by the lib.

I'll fix this in the newly released simplesamlphp/saml2 library.

Original comment by boy@ibuildings.nl on 6 Nov 2013 at 10:00

[GoogleCodeExporter]

Fixed in https://github.com/simplesamlphp/saml2/pull/2

Original comment by boy@ibuildings.nl on 6 Nov 2013 at 12:41

[GoogleCodeExporter]

Original comment by jaim...@gmail.com on 26 Feb 2014 at 2:25

• Changed state: Fixed
• Added labels: Type-Enhancement