From baba857afb874d8d6cac0fd8e976ff2859a6cd60 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no>
Date: Mon, 12 Dec 2016 12:17:26 +0100
Subject: [PATCH] bugfix: Make sure empty strings are not acceptable as a
 UserID.

---
 lib/SimpleSAML/Auth/ProcessingChain.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/SimpleSAML/Auth/ProcessingChain.php b/lib/SimpleSAML/Auth/ProcessingChain.php
index 228274220..361d81f9d 100644
--- a/lib/SimpleSAML/Auth/ProcessingChain.php
+++ b/lib/SimpleSAML/Auth/ProcessingChain.php
@@ -347,7 +347,13 @@ class SimpleSAML_Auth_ProcessingChain {
 			return;
 		}
 
+		// TODO: the attribute value should be trimmed
 		$uid = $uid[0];
+
+		if (empty($uid)) {
+			SimpleSAML\Logger::warning('Empty value in attribute '.$attributeName.". on user. Cannot set UserID.");
+			return;
+		}
 		$state['UserID'] = $uid;
 	}
 
-- 
GitLab