Normalize attributes before validating them

This provides more accurate validation results, otherwise an IdP
sending only OID will fail all checks. The minor drawback is that
the debug page will show the already normalized names of the
attributes. This is not a big problem per se I think, because
in the end EB will work with this set, to what you send needs
to be normalizable to this.

Closes: #45

Author: thijskh

library/EngineBlock/Corto/Module/Service/SingleSignOn.php

@@ -554,6 +554,8 @@ protected function _sendDebugMail(EngineBlock_Saml2_ResponseAnnotationDecorator
         $identityProvider = $this->_server->getRepository()->fetchIdentityProviderByEntityId($response->getIssuer()->getValue());
 
         $attributes = $response->getAssertion()->getAttributes();
+        $normalizer = new EngineBlock_Attributes_Normalizer($attributes);
+        $attributes = $normalizer->normalize();
 
         $validationResult = EngineBlock_ApplicationSingleton::getInstance()
             ->getDiContainer()
@@ -708,6 +710,8 @@ private function _displayDebugResponse($serviceName)
         }
 
         $attributes = $response->getAssertion()->getAttributes();
+        $normalizer = new EngineBlock_Attributes_Normalizer($attributes);
+        $attributes = $normalizer->normalize();
 
         $validationResult = EngineBlock_ApplicationSingleton::getInstance()
             ->getDiContainer()