Skip to content

Commit 53a0228

Browse files
pitbulkpitbulk
committed
Add documentation related to attributes
1 parent 7f0b3c2 commit 53a0228

1 file changed

Lines changed: 101 additions & 2 deletions

File tree

README.md

Lines changed: 101 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -127,8 +127,7 @@ class SamlController < ApplicationController
127127
end
128128
```
129129

130-
If are using saml:AttributeStatement to transfer metadata, like the user name, you can access all the attributes through response.attributes. It
131-
contains all the saml:AttributeStatement with its 'Name' as a indifferent key and the one saml:AttributeValue as value.
130+
If are using saml:AttributeStatement to transfer metadata, like the user name, you can access all the attributes through response.attributes. It contains all the saml:AttributeStatement with its 'Name' as a indifferent key and the one saml:AttributeValue as value.
132131

133132
```ruby
134133
response = OneLogin::RubySaml::Response.new(params[:SAMLResponse])
@@ -137,6 +136,106 @@ response.settings = saml_settings
137136
response.attributes[:username]
138137
```
139138

139+
Imagine this saml:AttributeStatement
140+
141+
```xml
142+
<saml:AttributeStatement>
143+
<saml:Attribute Name="uid">
144+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">demo</saml:AttributeValue>
145+
</saml:Attribute>
146+
<saml:Attribute Name="another_value">
147+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value1</saml:AttributeValue>
148+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value2</saml:AttributeValue>
149+
</saml:Attribute>
150+
<saml:Attribute Name="role">
151+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">role1</saml:AttributeValue>
152+
</saml:Attribute>
153+
<saml:Attribute Name="role">
154+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">role2</saml:AttributeValue>
155+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">role3</saml:AttributeValue>
156+
</saml:Attribute>
157+
<saml:Attribute Name="attribute_with_nil_value">
158+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
159+
</saml:Attribute>
160+
<saml:Attribute Name="attribute_with_nils_and_empty_strings">
161+
<saml:AttributeValue/>
162+
<saml:AttributeValue>valuePresent</saml:AttributeValue>
163+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
164+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="1"/>
165+
</saml:Attribute>
166+
</saml:AttributeStatement>
167+
```
168+
169+
```ruby
170+
pp(response.attributes) # is an OneLogin::RubySaml::Attributes object
171+
# => @attributes=
172+
{"uid"=>["demo"],
173+
"another_value"=>["value1", "value2"],
174+
"role"=>["role1", "role2", "role3"],
175+
"attribute_with_nil_value"=>[nil],
176+
"attribute_with_nils_and_empty_strings"=>["", "valuePresent", nil, nil]}>
177+
178+
# Active single_value_compatibility
179+
OneLogin::RubySaml::Attributes.single_value_compatibility = true
180+
181+
pp(response.attributes[:uid])
182+
# => "demo"
183+
184+
pp(response.attributes[:role])
185+
# => "role1"
186+
187+
pp(response.attributes.single(:role))
188+
# => "role1"
189+
190+
pp(response.attributes.multi(:role))
191+
# => ["role1", "role2", "role3"]
192+
193+
pp(response.attributes[:attribute_with_nil_value])
194+
# => nil
195+
196+
pp(response.attributes[:attribute_with_nils_and_empty_strings])
197+
# => ""
198+
199+
pp(response.attributes[:not_exists])
200+
# => nil
201+
202+
pp(response.attributes.single(:not_exists))
203+
# => nil
204+
205+
pp(response.attributes.multi(:not_exists))
206+
# => nil
207+
208+
# Deactive single_value_compatibility
209+
OneLogin::RubySaml::Attributes.single_value_compatibility = false
210+
211+
pp(response.attributes[:uid])
212+
# => ["demo"]
213+
214+
pp(response.attributes[:role])
215+
# => ["role1", "role2", "role3"]
216+
217+
pp(response.attributes.single(:role))
218+
# => "role1"
219+
220+
pp(response.attributes.multi(:role))
221+
# => ["role1", "role2", "role3"]
222+
223+
pp(response.attributes[:attribute_with_nil_value])
224+
# => [nil]
225+
226+
pp(response.attributes[:attribute_with_nils_and_empty_strings])
227+
# => ["", "valuePresent", nil, nil]
228+
229+
pp(response.attributes[:not_exists])
230+
# => nil
231+
232+
pp(response.attributes.single(:not_exists))
233+
# => nil
234+
235+
pp(response.attributes.multi(:not_exists))
236+
# => nil
237+
```
238+
140239
## Service Provider Metadata
141240

142241
To form a trusted pair relationship with the IdP, the SP (you) need to provide metadata XML

0 commit comments

Comments
 (0)