Skip to content

Commit

Permalink
Fix multi-predicate support in check_hoksso ruleset for binding
Browse files Browse the repository at this point in the history 
From commit hash ukf/ukf-testbed/a9bcb9ed4ad54f3cf08caa20e4d595624462d1ba

See ukf/ukf-meta#416 for details
  • Loading branch information
Phil Smart committed Apr 16, 2024
1 parent 33a1a25 commit 18aae5c
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions mdx/_rules/check_hoksso.xsl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,8 +138,8 @@
-->

<xsl:template match="md:IDPSSODescriptor
[not(contains(@protocolSupportEnumeration, 'urn:oasis:names:tc:SAML:2.0:protocol'))]
[md:*/@Binding = 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser']">
[not(contains(@protocolSupportEnumeration, 'urn:oasis:names:tc:SAML:2.0:protocol')) and
md:*/@Binding = 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser']">
<xsl:call-template name="error">
<xsl:with-param name="m">
<xsl:text>holder of key binding requires SAML 2.0 token in AttributeAuthorityDescriptor/@protocolSupportEnumeration</xsl:text>
Expand All @@ -148,8 +148,8 @@
</xsl:template>

<xsl:template match="md:SPSSODescriptor
[not(contains(@protocolSupportEnumeration, 'urn:oasis:names:tc:SAML:2.0:protocol'))]
[md:*/@Binding = 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser']">
[not(contains(@protocolSupportEnumeration, 'urn:oasis:names:tc:SAML:2.0:protocol')) and
md:*/@Binding = 'urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser']">
<xsl:call-template name="error">
<xsl:with-param name="m">
<xsl:text>holder of key binding requires SAML 2.0 token in SPSSODescriptor/@protocolSupportEnumeration</xsl:text>
Expand Down

0 comments on commit 18aae5c

Please sign in to comment.