How to get the saml2 attribute statement object with New York MultiSSOv2

Sebastian R_ · ‎12-06-2019

In the old version of SAML2 I could access the attribute statements with the method getAssertionAttrValueByNameOrFriendlyName in SAML2_update1. In New York they completely reworked the design. I have now the script include SAML2_internal which uses an internal class SNC.GlideSAML2 which probably stores the information.

Does anyone knows out to get the attribute statements from this class?

There was an old question which isn´t available anymore because I cannot access the following question anymore: https://community.servicenow.com/community?id=community_question&sys_id=c2a9b334db6c0894d82ffb2439961908

Sebastian R_ · ‎12-12-2019

Found the answer myself.

If you are working in the script include MultiSSOv2_SAML2_custom you can use the following to get a attribute/all attributes.

// implemented in parent class MultiSSOv2_SAML2_internal.getAttributesMap
// Returns a java hash map which can be iterated through
var oAttr = this.getAttributesMap();
// Get the auth level from SAML Response Attributes
var sLevel = oAttr.get("auth_level");

View solution in original post

Sebastian R_ · ‎12-12-2019

Found the answer myself.

If you are working in the script include MultiSSOv2_SAML2_custom you can use the following to get a attribute/all attributes.

// implemented in parent class MultiSSOv2_SAML2_internal.getAttributesMap
// Returns a java hash map which can be iterated through
var oAttr = this.getAttributesMap();
// Get the auth level from SAML Response Attributes
var sLevel = oAttr.get("auth_level");

Tushar Walveka2 · ‎06-22-2023

You can get the Attributes calling below function.

var attributes = new SNC.GlideSAML2().calculateResponseAttributes();

it will give you attribute object. I've tried this and it gives me all the attributes from the SAML Response

Dan Tolgyesi1 · ‎03-24-2020

Hi,

One of our customers previously had a custom update to the previous SSO script to collect attribute data from one of their SSO Claims.

I think the data is embedded in this getAttributesMap() funciton. Do you know if there is a way to print all attributes so I can see what is in it.

I have tried the auth_level get you tried and a few different ways, but it keeps looping on login.

Thanks

Dan

Sebastian R_ · ‎03-24-2020

I can´t test it right now.

Maybe you can try and log the following.

/* Overwrite a function e.g. loginUser in MultiSSOv2_SAML2_custom */

var map = this.getAttributesMap();

var iterator = map.keySet().iterator();
var key, value;

while (iterator.hasNext()) {
     key = iterator.next();
     value = map.get(value);
     gs.log(key + ': ' + value, 'SSO Attributes');
}