Re: [xsl] XSLT to populate a SAML AttributeStatement from an XML

["Martin Honnen martin.honnen@xxxxxx" <xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx>]

Am 1/19/2023 um 4:58 AM schrieb ohaya ohaya@xxxxxxxxx:
> Hi All,
>
> Thanks for the help thus far... I was able to integrate the code I
> posted earlier today to construct a saml:AttributeStatement, and I was
> able to integrate that with the rest of what I'm doing (there were a
> lot more attributes, etc.
>
> So now, I think what I have left is to handle the multi-values.
>
> I think that Michael posted this (this also has his correction):
>
> <xsl:template match="personnel/*">
> <saml:Attribute Name="{name()}"
> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
> <xsl:for-each select="tokenize('.',':'.)">
> <saml:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xsi:type="xsd:string"><xsl:value-of select="."/></saml:AttributeValue>
>
> but I am confused.
>
> In the code I had posted (for 3 of the attribs), I had one
> <xsl:template match"> for each of the attribs.
>
> With the code above, are you all sayiI don't have to do that and just
> have a single <xsl:template match>?
>
>
If there were a one to one relation between input data values and result
names you could use a single template, it seems however that we didn't
notice that e.g.


<PN_ID>1111111</PN_ID>

is supposed to become saml:Attribute Name="MY_PN_ID" while e.g.

    <ADM_ORG_CD>urn:NORM:DEPT</ADM_ORG_CD>



is supposed to become e.g.

    saml:Attribute Name="MY_ORG_CD"

and not


     saml:Attribute Name="MY_ADM_ORG_CD"

Thus if you have to use a different approach for each name you might need more
templates than a single one that simply does e.g.

    <saml:Attribute Name="MY_{name()}">

As for the values, the suggested tokenize approach, as far as I see it
currently, would work, if there is no colon it creates a single
samlAttributeValue, if there are colons it creates several.

>
> On Wednesday, January 18, 2023, 04:08:40 PM EST, ohaya
> <ohaya@xxxxxxxxx> wrote:
>
>
> Hi,
>
> I originally thought that also but didn't know how to add the root to
> the XSLT (I tried just putting into the XSLT but it said that template
> had to be top-level).
>
> Anyway, so I was also guessing the problem was what you said, so I
> found a page the mentioned how to add the root and got this XSLT:
>
> <xsl:stylesheet version="1.0"
> xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> >
>
>
> <xsl:template match="/">
> <saml:AttributeStatement>
> <xsl:apply-templates select="/record/adrRecord/*"/>
> </saml:AttributeStatement>
> </xsl:template>
>
> <xsl:template match="/record/adrRecord/PN_ID">
> <saml:Attribute Name="MY_PN_ID"
> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
> <saml:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xsi:type="xsd:string"><xsl:value-of select="/record/adrRecord/PN_ID" />
> </saml:AttributeValue>
> </saml:Attribute>
> </xsl:template>
>
> <xsl:template match="/record/adrRecord/personnel/ADM_ORG_CD">
> <saml:Attribute Name="MY_ORG_CD"
> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
> <saml:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xsi:type="xsd:string"> <xsl:value-of
> select="/record/adrRecord/personnel/ADM_ORG_CD" />
> </saml:AttributeValue>
> </saml:Attribute>
> </xsl:template>
>
> <xsl:template match="/record/adrRecord/personnel/DOD_ASSOC_CD">
> <saml:Attribute Name="MY_ASSOC_CD"
> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
> <saml:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xsi:type="xsd:string"> <xsl:value-of
> select="/record/adrRecord/personnel/DOD_ASSOC_CD" />
> </saml:AttributeValue>
> </saml:Attribute>
>
> </xsl:template>
>
>
> </xsl:stylesheet>
>
>
> I