diff --git a/lib/SimpleSAML/XML/SAML20/AuthnRequest.php b/lib/SimpleSAML/XML/SAML20/AuthnRequest.php
index d1168881568d817e94803168f688abddf0eb5322..bbef2dd6f93e1e3d526b7fc6c4592622d65e69f2 100644
--- a/lib/SimpleSAML/XML/SAML20/AuthnRequest.php
+++ b/lib/SimpleSAML/XML/SAML20/AuthnRequest.php
@@ -138,13 +138,13 @@ class SimpleSAML_XML_SAML20_AuthnRequest {
return FALSE;
}
- $fa = $root->getAttribute('IsPassive');
- if($fa === 'true') {
- return TRUE;
- } elseif($fa === 'false') {
+ $ispas = $root->getAttribute('IsPassive');
+ try{
+ return $this->isSamlBoolTrue($ispas);
+ }catch(Exception $e){
+ // ... I don't understand, default to false
return FALSE;
- } else {
- throw new Exception('Invalid value of IsPassive attribute in SAML2 AuthnRequest.');
+ // throw new Exception('Invalid value of IsPassive attribute in SAML2 AuthnRequest.');
}
}
@@ -168,12 +168,12 @@ class SimpleSAML_XML_SAML20_AuthnRequest {
}
$fa = $root->getAttribute('ForceAuthn');
- if($fa === 'true') {
- return TRUE;
- } elseif($fa === 'false') {
+ try{
+ return $this->isSamlBoolTrue($fa);
+ } catch(Exception $e){
+ // ... I don't understand, default to false
return FALSE;
- } else {
- throw new Exception('Invalid value of ForceAuthn attribute in SAML2 AuthnRequest.');
+ // throw new Exception('Invalid value of ForceAuthn attribute in SAML2 AuthnRequest.');
}
}
@@ -297,6 +297,25 @@ class SimpleSAML_XML_SAML20_AuthnRequest {
public function getGeneratedID() {
return $this->id;
}
+
+
+ /**
+ * Check if a saml attribute value is a legal bool and if it is true or false.
+ * SAML legal bool values is true/false or 1/0.
+ *
+ * @throws Exception when no legal bool value is found
+ * @param string $boolSaml
+ * @return bool TRUE or FALSE
+ */
+ private function isSamlBoolTrue($boolSaml){
+ if($boolSaml === 'true' || $boolSaml === '1') {
+ return TRUE;
+ } elseif($boolSaml === 'false' || $boolSaml === '0') {
+ return FALSE;
+ } else {
+ throw new Exception('Invalid bool value of attribute in SAML2 AuthnRequest.');
+ }
+ }
}