Why doesn't the package support multiple NameFormat attributes for the <saml:Attribute> element?

[khan-zia]

Description of the problem

I came across this situation today where I need to be able allow users to add multiple Attribute Statements to their custom SAML integration with our IDP. For each additional attribute statement, I need to allow the user to be able to set the following:

• Name (that will be the Name attribute)
• NameFormat (That will be the NameFormat attribute)
• Value (That will be the value that goes in to the <saml:AttributeValue> element)

When I took a look at how I could construct the SAMLResponse message for the user's custom SAML integration, I could see no (at least apparent) way to be able to set the NameFormat INDIVIDUALLY on each user defined Attribute Statement.
I see a setter method on the SAML2\Assertion class that looks like this

$this->assertion->setAttributeNameFormat('');

But that method clearly says that it will set the NameFormat for ALL attribute statements. (Those that are all set via an associative array at once). This is not the desired functionality. I dug out the following code block from the SAML2\Assertion class which confirms it. Take a look at this screenshot.

It clearly sets the same NameFormat inside the foreach loop for all statements.

Desired result (solution)

Take a look at the following XML that was generated via a tool which shows the output that I also want.

    <saml2:AttributeStatement>
        <saml2:Attribute Name="first" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
            <saml2:AttributeValue
                xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value1
            </saml2:AttributeValue>
        </saml2:Attribute>
        <saml2:Attribute Name="second" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <saml2:AttributeValue
                xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value2
            </saml2:AttributeValue>
        </saml2:Attribute>
        <saml2:Attribute Name="third" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
            <saml2:AttributeValue
                xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value3
            </saml2:AttributeValue>
        </saml2:Attribute>
    </saml2:AttributeStatement>

As you can see, the NameFormats for all 3 statements are different. How could I achieve this desired XML output (SAMLResponse message) ? Any help will be greatly appreciated.

[tvdijen]

Hi @khan-zia ! We are aware of this issue and have fixed this in the master-branch.. It's not ready for release yet though..

[khan-zia]

Thanks @tvdijen for the quick response. Will it be included in the next version? when can we expect the release?

[tvdijen]

Yes, it wil be included.. We don't have a date yet.. Probably early next year