Leave out empty attributes

mujina-common/pom.xml

@@ -20,7 +20,7 @@
   <parent>
     <groupId>org.openconext</groupId>
     <artifactId>mujina</artifactId>
-    <version>7.0.5</version>
+    <version>7.0.6</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 

mujina-idp/pom.xml

@@ -20,7 +20,7 @@
   <parent>
     <groupId>org.openconext</groupId>
     <artifactId>mujina</artifactId>
-    <version>7.0.5</version>
+    <version>7.0.6</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 

mujina-idp/src/main/java/mujina/idp/SAMLAttributeAuthenticationFilter.java

@@ -13,7 +13,7 @@ public class SAMLAttributeAuthenticationFilter extends UsernamePasswordAuthentic
   protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
     Map<String, String[]> parameterMap = request.getParameterMap().entrySet().stream()
       .filter(e -> !getPasswordParameter().equals(e.getKey()) && !getUsernameParameter().equals(e.getKey()))
-      .collect(Collectors.toMap(e -> e.getKey(), e -> e.getValue()));
+      .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
     authRequest.setDetails(parameterMap);
   }
 }

mujina-idp/src/main/java/mujina/idp/SsoController.java

@@ -16,6 +16,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Controller;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 
@@ -64,7 +65,7 @@ private void doSSO(HttpServletRequest request, HttpServletResponse response, Aut
     SAMLPrincipal principal = new SAMLPrincipal(
       authentication.getName(),
       attributes.stream().filter(attr -> "urn:oasis:names:tc:SAML:1.1:nameid-format".equals(attr.getName()))
-          .findFirst().map(attr -> attr.getValue()).orElse(NameIDType.UNSPECIFIED),
+        .findFirst().map(attr -> attr.getValue()).orElse(NameIDType.UNSPECIFIED),
       attributes,
       authnRequest.getIssuer().getValue(),
       authnRequest.getID(),
@@ -88,11 +89,13 @@ private List<SAMLAttribute> attributes(Authentication authentication) {
     //See SAMLAttributeAuthenticationFilter#setDetails
     Map<String, String[]> parameterMap = (Map<String, String[]>) authentication.getDetails();
     parameterMap.forEach((key, values) -> {
-      result.put(key,Arrays.asList(values));
+      result.put(key, Arrays.asList(values));
     });
 
+    //Provide the ability to limit the list attributes returned to the SP
     return result.entrySet().stream()
-      .map(entry ->  entry.getKey().equals("urn:mace:dir:attribute-def:uid") ?
+      .filter(entry -> !entry.getValue().stream().allMatch(StringUtils::isEmpty))
+      .map(entry -> entry.getKey().equals("urn:mace:dir:attribute-def:uid") ?
         new SAMLAttribute(entry.getKey(), singletonList(uid)) :
         new SAMLAttribute(entry.getKey(), entry.getValue()))
       .collect(toList());

mujina-sp/pom.xml

@@ -20,7 +20,7 @@
   <parent>
     <groupId>org.openconext</groupId>
     <artifactId>mujina</artifactId>
-    <version>7.0.5</version>
+    <version>7.0.6</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 

pom.xml

@@ -20,7 +20,7 @@
 
   <groupId>org.openconext</groupId>
   <artifactId>mujina</artifactId>
-  <version>7.0.5</version>
+  <version>7.0.6</version>
   <packaging>pom</packaging>
 
   <properties>