support multiple authnContext

node-saml · Sep 11, 2018 · 9820e32 · 9820e32
1 parent f8140aa
commit 9820e32
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 4 deletions.
diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
@@ -44,6 +44,10 @@ SAML.prototype.initialize = function (options) {
     options.authnContext = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
   }
 
+  if (!Array.isArray(options.authnContext)) {
+    options.authnContext = [options.authnContext];
+  }
+
   if (!options.acceptedClockSkewMs) {
     // default to no skew
     options.acceptedClockSkewMs = 0;
@@ -181,13 +185,18 @@ SAML.prototype.generateAuthorizeRequest = function (req, isPassive, callback) {
     }
 
     if (!self.options.disableRequestedAuthnContext) {
+      var authnContextClassRefs = [];
+      self.options.authnContext.forEach(function(value) {
+        authnContextClassRefs.push({
+            '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
+            '#text': value
+        });        
+      });
+
       request['samlp:AuthnRequest']['samlp:RequestedAuthnContext'] = {
         '@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
         '@Comparison': 'exact',
-        'saml:AuthnContextClassRef': {
-          '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
-          '#text': self.options.authnContext
-        }
+        'saml:AuthnContextClassRef': authnContextClassRefs
       };
     }
 

diff --git a/test/tests.js b/test/tests.js