Fix handling of static CO attribute values

SATOSA internal attribute values are of type list because some
attributes can have multiple values.

Author: skoranda

src/satosa/frontends/saml2.py

@@ -14,6 +14,7 @@
 from urllib.parse import unquote_plus
 from urllib.parse import urlparse
 from http.cookies import SimpleCookie
+from typing import Iterable
 
 from saml2 import SAMLError, xmldsig
 from saml2.config import IdPConfig
@@ -742,7 +743,12 @@ def _handle_authn_response(self, context, internal_response):
         if self.KEY_CO_ATTRIBUTES in co_config:
             attributes = internal_response.attributes
             for attribute, value in co_config[self.KEY_CO_ATTRIBUTES].items():
-                attributes[attribute] = value
+                attributes[attribute] = (
+                    value                           # keep the value as is
+                    if isinstance(value, Iterable)  # if it is already a list
+                    and not isinstance(value, str)  # and not a string
+                    else [value]                    # otherwise wrap in a list
+                )
 
         # Handle the authentication response.
         return super()._handle_authn_response(context, internal_response, idp)

tests/satosa/frontends/test_saml2.py

@@ -413,9 +413,9 @@ class TestSAMLVirtualCoFrontend(TestSAMLFrontend):
     CO_CO = "friendlycountryname"
     CO_NOREDUORGACRONYM = "noreduorgacronym"
     CO_STATIC_SAML_ATTRIBUTES = {
-        CO_O: "Medium Energy Synchrotron Source",
-        CO_C: "US",
-        CO_CO: "United States",
+        CO_O: ["Medium Energy Synchrotron Source"],
+        CO_C: ["US"],
+        CO_CO: ["United States"],
         CO_NOREDUORGACRONYM: ["MESS"]
         }
     KEY_SSO = "single_sign_on_service"