Specifying multiple attributes

[td512]

Is there any way to specify multiple attributes in respond_to?

I'd like to be passing on in an email and first name, but at the moment I've only been able to do that with the email, my code's below for reference

      response = SAML2::Response.respond_to(authn_request,
                                            SAML2::NameID.new(self.class.entity_id(@sp)),
                                            self.class.idp_name_email(@user), @sp.redirect_uri)

[td512]

@ccutrer?

[ccutrer]

response = SAML2::Response.respond_to(authn_request,
                                              issuer, subject, attributes)

is working just fine for us. I'm not sure why we're passing in the redirect uri there, but the fourth argument is an attributes hash that is passed to AttributeConsumingService#create_statement. Note that in order for it to work, you need to have previously called AuthnRequest#resolve on the authn_request, and that the ServiceProvider object passed in to that call has to have an attribute consuming service with the attributes defined that should be sent to this ServiceProvider. It's designed this way so that you can pass a big hash of all attributes you support to respond_to, and then if you integrate with multiple SPs the code will automatically only send the attributes this particular provider wants. The values of the attribute hash can be Procs as well, so that they're only evaluated if they're actually needed.