From ba1fb05c2eb355d52494ff1102ac711e6c7ee47b Mon Sep 17 00:00:00 2001
From: Hicham Dachir <dachirhicham@gmail.com>
Date: Mon, 10 Mar 2025 11:09:58 +0100
Subject: [PATCH 1/2] Update authn_request.py

Values can be 0,1 empty string etc when stored in the database or in data conversion it's not required to be  True/False specifically
---
 src/onelogin/saml2/authn_request.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/onelogin/saml2/authn_request.py b/src/onelogin/saml2/authn_request.py
index 42585e8b..ce5afadb 100644
--- a/src/onelogin/saml2/authn_request.py
+++ b/src/onelogin/saml2/authn_request.py
@@ -97,10 +97,10 @@ def __init__(self, settings, force_authn=False, is_passive=False, set_nameid_pol
             )
 
         requested_authn_context_str = ""
-        if security["requestedAuthnContext"] is not False:
+        if not security["requestedAuthnContext"]:
             authn_comparison = security["requestedAuthnContextComparison"]
 
-            if security["requestedAuthnContext"] is True:
+            if security["requestedAuthnContext"]:
                 requested_authn_context_str = (
                     """    <samlp:RequestedAuthnContext Comparison="%s">
         <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>

From ff278e2f03a70939393accd4eea1c3dc4859e666 Mon Sep 17 00:00:00 2001
From: Hicham Dachir <dachirhicham@gmail.com>
Date: Tue, 11 Mar 2025 03:34:18 +0100
Subject: [PATCH 2/2] Update authn_request.py

fix conditions
---
 src/onelogin/saml2/authn_request.py | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/onelogin/saml2/authn_request.py b/src/onelogin/saml2/authn_request.py
index ce5afadb..d2ed96d7 100644
--- a/src/onelogin/saml2/authn_request.py
+++ b/src/onelogin/saml2/authn_request.py
@@ -100,18 +100,20 @@ def __init__(self, settings, force_authn=False, is_passive=False, set_nameid_pol
         if not security["requestedAuthnContext"]:
             authn_comparison = security["requestedAuthnContextComparison"]
 
-            if security["requestedAuthnContext"]:
+            if isinstance(security["requestedAuthnContext"], list):
+                requested_authn_context_str = '     <samlp:RequestedAuthnContext Comparison="%s">' % authn_comparison
+                for authn_context in security["requestedAuthnContext"]:
+                    requested_authn_context_str += "<saml:AuthnContextClassRef>%s</saml:AuthnContextClassRef>" % authn_context
+                requested_authn_context_str += "    </samlp:RequestedAuthnContext>"
+
+            else:
                 requested_authn_context_str = (
                     """    <samlp:RequestedAuthnContext Comparison="%s">
         <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
     </samlp:RequestedAuthnContext>"""
                     % authn_comparison
                 )
-            else:
-                requested_authn_context_str = '     <samlp:RequestedAuthnContext Comparison="%s">' % authn_comparison
-                for authn_context in security["requestedAuthnContext"]:
-                    requested_authn_context_str += "<saml:AuthnContextClassRef>%s</saml:AuthnContextClassRef>" % authn_context
-                requested_authn_context_str += "    </samlp:RequestedAuthnContext>"
+               
 
         attr_consuming_service_str = ""
         if "attributeConsumingService" in sp_data and sp_data["attributeConsumingService"]: