[#171467326] Fix minimum level and Response-issuer-format validation #18
Conversation
| () => right(_), | ||
| _1 => | ||
| fromPredicate( | ||
| FormatValue => !FormatValue || FormatValue === ISSUER_FORMAT, |
There was a problem hiding this comment.
this test pass if FormatValue is an empty string (!"" === true), I guess that we should compare it with undefined / null
There was a problem hiding this comment.
Yes, but for some reason, if the Format attribute is missing the method getAttribute returns an empty string instead of null.
Into the SPID Validator rules the are only two tests for Format attribute of Issuer into the Response element, which are missing Format and Invalid Format, so the preValidate works as expected into the tests.
| AuthnContextClassRef.textContent === | ||
| requestAuthnContextClassRef | ||
| ); | ||
| return requestAuthnContextClassRef === |
There was a problem hiding this comment.
since it looks like we are forcing a comparison for "minimum" here we should hardcode
optionsRACComparison = "minimum" into the strategy instead of accepting it as an option
There was a problem hiding this comment.
Forcing RACComparison = "minimum" imho will be less transparent and limits the library use context. We can instead extend the preValidator to support all possible comparison method (exact, minimum, maximum, better). Anyway, this code inside the preValidate never will throw an error with all the possible RACComparison's option provided (maybe only with maximum if the Response use RAC lower than the Request).
No description provided.