You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that since version 2.8.11, the AllowCreate attribute in the NameIDPolicy node in the SAMLRequest was not filled. When allowCreate on the ServiceProvider initialization is either not set (default value) or manually set to false, the field is empty. When it is set to true it throws an string.replace is not a function error.
Setting the allowCreate variable to "true" or "false" in the ServiceProvider initialization and ignoring the type definitions results in the attribute being properly filled.
I noticed that since version 2.8.11, the AllowCreate attribute in the NameIDPolicy node in the SAMLRequest was not filled. When
allowCreate
on the ServiceProvider initialization is either not set (default value) or manually set tofalse
, the field is empty. When it is set totrue
it throws anstring.replace is not a function
error.Digging deeper, I found out that 14055ff introduced a new bug where
escapeTag
(https://github.com/tngan/samlify/blob/master/src/libsaml.ts#L242) always expects a string for thetext
variable, while AllowCreate is a boolean.This results in
text || ''
(https://github.com/tngan/samlify/blob/master/src/libsaml.ts#L245) either resolving to''
for false, or totrue
for true.Setting the
allowCreate
variable to"true"
or"false"
in the ServiceProvider initialization and ignoring the type definitions results in the attribute being properly filled.The easiest fix for this would probably be to just call
toString()
on thet
in https://github.com/tngan/samlify/blob/master/src/libsaml.ts#L270, but I am not sure if this causes other issues.The text was updated successfully, but these errors were encountered: