Support multiple settings.auth_context

**Why**: SAML supports multiple AuthnContextClassRef elements in an Authn request.
pkarman · Jul 28, 2016 · 7bbef08 · 7bbef08
1 parent 7d48ca8
commit 7bbef08
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/lib/onelogin/ruby-saml/authrequest.rb b/lib/onelogin/ruby-saml/authrequest.rb
@@ -136,8 +136,11 @@ def create_xml_document(settings)
           }
 
           if settings.authn_context != nil
-            class_ref = requested_context.add_element "saml:AuthnContextClassRef"
-            class_ref.text = settings.authn_context
+            authn_contexts = settings.authn_context.is_a?(Array) ? settings.authn_context : [settings.authn_context]
+            authn_contexts.each do |authn_context|
+              class_ref = requested_context.add_element "saml:AuthnContextClassRef"
+              class_ref.text = authn_context
+            end
           end
           # add saml:AuthnContextDeclRef element
           if settings.authn_context_decl_ref != nil

diff --git a/test/request_test.rb b/test/request_test.rb
@@ -152,6 +152,13 @@ class RequestTest < Minitest::Test
       assert_match /<saml:AuthnContextClassRef>secure\/name\/password\/uri<\/saml:AuthnContextClassRef>/, auth_doc.to_s
     end
 
+    it "create multiple saml:AuthnContextClassRef elements correctly" do
+      settings.authn_context = ['foo', 'bar']
+      auth_doc = OneLogin::RubySaml::Authrequest.new.create_authentication_xml_doc(settings)
+      assert_match /<saml:AuthnContextClassRef>foo<\/saml:AuthnContextClassRef>/, auth_doc.to_s
+      assert_match /<saml:AuthnContextClassRef>bar<\/saml:AuthnContextClassRef>/, auth_doc.to_s
+    end
+
     it "create the saml:AuthnContextClassRef with comparison exact" do
       settings.authn_context = 'secure/name/password/uri'
       auth_doc = OneLogin::RubySaml::Authrequest.new.create_authentication_xml_doc(settings)