Response.php always finding duplicates if an attribute name is a "0"

[bljohnsondev]

I have an issue where the SAML payload has an attribute that actually has the name of "0". I have no control over what is in the payload. I don't care about this particular attribute at all BUT because of how the code is working in Saml2/Response.php it's causing breaking issues.

In the function _getAttributesByKeyName at line 803 it is looping through the attributes and adding them to an associative array $attributes. On every loop it is using in_array to check for duplicate attribute names. The problem is, the attribute name "0" gets coerced to an integer 0 when array_keys is used (on lines 817 and 833).

It turns out that PHP in_array will always return true for a string type "needle" if ANY value in the array is 0.

in_array('uid', [ 'a', 'b', 0 ]) == true

I had to add a "true" for the strict setting to in_array to fix the issue.

Response.php:817

            if (in_array($attributeKeyName, array_keys($attributes), true)) {
                if (!$allowRepeatAttributeName) {
                    throw new ValidationError(
                        "Found an Attribute element with duplicated ".$keyName,
                        ValidationError::DUPLICATED_ATTRIBUTE_NAME_FOUND
                    );
                }
            }

Response.php:833

            if (in_array($attributeKeyName, array_keys($attributes), true)) {
                $attributes[$attributeKeyName] = array_merge($attributes[$attributeKeyName], $attributeValues);
            } else {
                $attributes[$attributeKeyName] = $attributeValues;
            }