Customize AttributeStatement

[fmarco]

Is it possible to configure a response (via create_authn_response on Server class) containing an Attributestatement containing Attribute elements with no familyName attribute at all and having AttributeType elements with xsi:type attributes containing custom type? (e.g. xs:date)

Code Version

4.5.0

Expected Behavior

            <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="SomeAttribute">
                <saml:AttributeValue xsi:type="xs:date">1900-01-01</saml:AttributeValue>
            </saml:Attribute>

Current Behavior

            <saml:Attribute FriendlyName="SomeAttribute" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="SomeAttribute">
                <saml:AttributeValue xsi:type="xs:string">1900-01-01</saml:AttributeValue>
            </saml:Attribute>

Possible Solution

To handle custom xsi:type maybe we could extend AttributeValueBase (?), while i've no idea about how to bypass FriendlyName (except for some monkeypatching...).

Steps to Reproduce

Configure an idp server.

[bjm88]

@peppelinux @fmarco can someone share the code sample and relevant config that even creates saml:AttributeStatements and saml:Attribute ?? I'm unable to have my create_authn_response wrapper method set this up. ?? the example/idp code does not do this or make it clear, thanks!

[peppelinux]

Ciao,

As spid SP i fixed the xsd:date with my fork and with the RP you find in the open PRs

As idp I use uniauth
https://github.com/UniversitaDellaCalabria/uniAuth