Response#attributes now returns Attributes collection instead of Hash.

borgand · borgand · commit 5168a3437b36 · 2014-06-27T17:20:36.000+03:00
This collection can be queried for both the default first value or
all values of the attribute.
diff --git a/lib/onelogin/ruby-saml/attribute_value.rb b/lib/onelogin/ruby-saml/attribute_value.rb
diff --git a/lib/onelogin/ruby-saml/attributes.rb b/lib/onelogin/ruby-saml/attributes.rb
@@ -0,0 +1,109 @@
+module OneLogin
+  module RubySaml
+    # Wraps all attributes and provides means to query them for single or multiple values.
+    # 
+    # For backwards compatibility Attributes#[] returns *first* value for the attribute.
+    # Turn off compatibility to make it return all values as an array:
+    #    Attributes.single_value_compatibility = false
+    class Attributes
+      include Enumerable
+
+      # By default Attributes#[] is backwards compatible and
+      # returns only the first value for the attribute
+      # Setting this to `false` returns all values for an attribute
+      @@single_value_compatibility = true
+
+      # Get current status of backwards compatibility mode.
+      def self.single_value_compatibility
+        @@single_value_compatibility
+      end
+
+      # Sets the backwards compatibility mode on/off.
+      def self.single_value_compatibility=(value)
+        @@single_value_compatibility = value
+      end
+
+      # Initialize Attributes collection, optionally taking a Hash of attribute names and values.
+      #
+      # The +attrs+ must be a Hash with attribute names as keys and **arrays** as values:
+      #    Attributes.new({
+      #      'name' => ['value1', 'value2'],
+      #      'mail' => ['value1'],
+      #    })
+      def initialize(attrs = {})
+        @attributes = attrs
+      end
+
+
+      # Iterate over all attributes
+      def each
+        attributes.each{|name, values| yield name, values}
+      end
+
+      # Test attribute presence by name
+      def include?(name)
+        attributes.has_key?(canonize_name(name))
+      end
+      
+      # Return first value for an attribute
+      def single(name)
+        attributes[canonize_name(name)].first
+      end
+
+      # Return all values for an attribute
+      def multi(name)
+        attributes[canonize_name(name)]
+      end
+
+      # By default returns first value for an attribute.
+      #
+      # Depending on the single value compatibility status this returns first value
+      #    Attributes.single_value_compatibility = true # Default
+      #    response.attributes['mail']  # => 'user@example.com'
+      #
+      # Or all values:
+      #    Attributes.single_value_compatibility = false
+      #    response.attributes['mail']  # => ['user@example.com','user@example.net']
+      def [](name)
+        self.class.single_value_compatibility ? single(canonize_name(name)) : multi(canonize_name(name))
+      end
+
+      # Return all attributes as an array
+      def all
+        attributes
+      end
+
+      # Set values for an attribute, overwriting all existing values
+      def set(name, values)
+        attributes[canonize_name(name)] = values
+      end
+      alias_method :[]=, :set
+
+      # Add new attribute or new value(s) to an existing attribute
+      def add(name, values = [])
+        attributes[canonize_name(name)] ||= []
+        attributes[canonize_name(name)] += Array(values)
+      end
+
+      # Make comparable to another Attributes collection based on attributes
+      def ==(other)
+        if other.is_a?(Attributes)
+          all == other.all
+        else
+          super
+        end
+      end
+
+      protected
+
+      # stringifies all names so both 'email' and :email return the same result
+      def canonize_name(name)
+        name.to_s
+      end
+
+      def attributes
+        @attributes
+      end
+    end
+  end
+end
diff --git a/lib/onelogin/ruby-saml/response.rb b/lib/onelogin/ruby-saml/response.rb
@@ -48,15 +48,23 @@ def sessionindex
         end
       end
 
-      # A hash of all the attributes with the response.
-      # Multiple values will be returned in the AttributeValue#values array
-      # in reverse order, when compared to XML
+      # Returns OneLogin::RubySaml::Attributes enumerable collection.
+      # All attributes can be iterated over +attributes.each+ or returned as array by +attributes.all+
+      #
+      # For backwards compatibility ruby-saml returns by default only the first value for a given attribute with
+      #    attributes['name']
+      # To get all of the attributes, use:
+      #    attributes.multi('name')
+      # Or turn off the compatibility:
+      #    OneLogin::RubySaml::Attributes.single_value_compatibility = false
+      # Now this will return an array:
+      #    attributes['name']
       def attributes
         @attr_statements ||= begin
-          result = {}
+          attributes = Attributes.new
 
           stmt_element = xpath_first_from_signed_assertion('/a:AttributeStatement')
-          return {} if stmt_element.nil?
+          return attributes if stmt_element.nil?
 
           stmt_element.elements.each do |attr_element|
             name  = attr_element.attributes["Name"]
@@ -66,24 +74,10 @@ def attributes
               ["true", "1"].include?(e.attributes['xsi:nil']) ? nil : e.text.to_s
             }
 
-            # Monkey-patch first value to contain all values (so that the type is retained)
-            attr_value = values.first
-            attr_value.extend AttributeValue
-            attr_value.values = values.reverse # retain XML order
-
-            # Merge values if the Attribute has already been seen
-            if result[name]
-              attr_value.values += result[name].values
-            end
-
-            result[name] = attr_value
-          end
-
-          result.keys.each do |key|
-            result[key.intern] = result[key]
+            attributes.add(name, values)
           end
 
-          result
+          attributes
         end
       end
 
diff --git a/lib/ruby-saml.rb b/lib/ruby-saml.rb
@@ -2,7 +2,7 @@
 require 'onelogin/ruby-saml/authrequest'
 require 'onelogin/ruby-saml/logoutrequest'
 require 'onelogin/ruby-saml/logoutresponse'
-require 'onelogin/ruby-saml/attribute_value'
+require 'onelogin/ruby-saml/attributes'
 require 'onelogin/ruby-saml/response'
 require 'onelogin/ruby-saml/settings'
 require 'onelogin/ruby-saml/validation_error'
diff --git a/test/response_test.rb b/test/response_test.rb
@@ -221,7 +221,7 @@ class RubySamlTest < Test::Unit::TestCase
 
       should "not raise on responses without attributes" do
         response = OneLogin::RubySaml::Response.new(response_document_4)
-        assert_equal Hash.new, response.attributes
+        assert_equal OneLogin::RubySaml::Attributes.new, response.attributes
       end
 
       context "#multiple values" do
@@ -235,19 +235,19 @@ class RubySamlTest < Test::Unit::TestCase
           assert_equal 'value1', response.attributes[:another_value]
         end
 
-        should "return array with all attributes when asked" do
+        should "return array with all attributes when asked in XML order" do
           response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
-          assert_equal ['value2', 'value1'], response.attributes[:another_value].values
+          assert_equal ['value1', 'value2'], response.attributes.multi(:another_value)
         end
 
-        should "return last of multiple values when multiple Attribute tags in XML" do
+        should "return first of multiple values when multiple Attribute tags in XML" do
           response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
-          assert_equal 'role2', response.attributes[:role]
+          assert_equal 'role1', response.attributes[:role]
         end
 
         should "return all of multiple values in reverse order when multiple Attribute tags in XML" do
           response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
-          assert_equal ['role2', 'role1'], response.attributes[:role].values
+          assert_equal ['role1', 'role2', 'role3'], response.attributes.multi(:role)
         end
 
         should "return nil value correctly" do
@@ -257,7 +257,15 @@ class RubySamlTest < Test::Unit::TestCase
 
         should "return multiple values including nil and empty string" do
           response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
-          assert_equal [nil, nil, "valuePresent", ""], response.attributes[:attribute_with_nils_and_empty_strings].values
+          assert_equal ["", "valuePresent", nil, nil], response.attributes.multi(:attribute_with_nils_and_empty_strings)
+        end
+
+        should "return multiple values from [] when not in compatibility mode" do
+          response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
+          OneLogin::RubySaml::Attributes.single_value_compatibility = false
+          assert_equal ["", "valuePresent", nil, nil], response.attributes[:attribute_with_nils_and_empty_strings]
+          # classes are not reloaded between tests so restore default
+          OneLogin::RubySaml::Attributes.single_value_compatibility = true
         end
       end
     end
diff --git a/test/responses/response_with_multiple_attribute_values.xml b/test/responses/response_with_multiple_attribute_values.xml
@@ -51,6 +51,7 @@
       </saml:Attribute>
       <saml:Attribute Name="role">
         <saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">role2</saml:AttributeValue>
+        <saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">role3</saml:AttributeValue>
       </saml:Attribute>
       <saml:Attribute Name="attribute_with_nil_value">
         <saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
