From e81fb9947c6695c753166caf737e0ad325e073a1 Mon Sep 17 00:00:00 2001
From: Dominique Quatravaux <dominique.quatravaux@epfl.ch>
Date: Fri, 22 Jan 2021 19:39:16 +0100
Subject: [PATCH 1/3] [feature] In case of /fetchattributes failure, dump
 response lines

---
 lib/omniauth/strategies/tequila.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/omniauth/strategies/tequila.rb b/lib/omniauth/strategies/tequila.rb
index 8d6b69d..6c1469d 100644
--- a/lib/omniauth/strategies/tequila.rb
+++ b/lib/omniauth/strategies/tequila.rb
@@ -55,7 +55,7 @@ def callback_phase
 
         missing_info = @options[:request_info].values.reject { |k| raw_info.include?(k) }
         if !missing_info.empty?
-          log :error, 'Missing attributes in Tequila server response: ' + missing_info.join(', ')
+          log :error, 'Missing attributes in Tequila server response: ' + missing_info.join(', ') + ', found instead: ' + raw_info.to_s
           return fail!(:invalid_info, TequilaFail.new('Invalid info from Tequila'))
         end
 

From 665bcdb4dc3b17ba7209ba01e58a83b0bde90d13 Mon Sep 17 00:00:00 2001
From: Dominique Quatravaux <dominique.quatravaux@epfl.ch>
Date: Sat, 23 Jan 2021 10:29:32 +0100
Subject: [PATCH 2/3] [refactor] Split `fetch_attributes` into re-useable
 pieces

- `encode_request_body` speaks a key part of the Tequila protocol
in a way that we can re-use later
- Encapsulate access to @options[:additional_parameters] in
a new `additional_requestauth_parameters` method
---
 lib/omniauth/strategies/tequila.rb | 29 +++++++++++++++++++++++------
 1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/lib/omniauth/strategies/tequila.rb b/lib/omniauth/strategies/tequila.rb
index 6c1469d..48e3dce 100644
--- a/lib/omniauth/strategies/tequila.rb
+++ b/lib/omniauth/strategies/tequila.rb
@@ -102,19 +102,36 @@ def fetch_attributes( request_key )
       def get_request_key
         # NB: You might want to set the service and required group yourself.
         request_fields = @options[:request_info].values << @options[:uid_field]
-        body = 'urlaccess=' + callback_url + "\nservice=" + @options[:service_name] + "\n" +
-          'request=' + request_fields.join(',')
+        body_fields = [
+          "urlaccess" => callback_url,
+          "service"   => @options[:service_name],
+          "request"   => request_fields.join(',')
+        ]
+
         if @options[:require_group]
-          body += "\nrequire=group=" + @options[:require_group]
+          body_fields.push ["require" => "group=" + @options[:require_group]]
         end
 
         if @options[:switchaai]
-          body += "\nallows=categorie=shibboleth"
+          body_fields.push ["allows" => "categorie=shibboleth"]
         end
 
-        @options[:additional_parameters].each { |param, value| body += "\n" + param + "=" + value}
+        body_fields.push additional_requestauth_parameters
         
-        tequila_post '/createrequest', body
+        tequila_post '/createrequest', encode_request_body(body_fields)
+      end
+
+      def encode_request_body( body_fields )
+        if (body_fields.kind_of?(Array))
+          return body_fields.map { |fields| encode_request_body(fields) }.join('')
+        end
+        body = ""
+        body_fields.each { |param, value| body += param + "=" + value + "\n" }
+        body
+      end
+
+      def additional_requestauth_parameters
+        @options[:additional_parameters]
       end
 
       # Build a Tequila host with protocol and port

From 352ecf437fa7a82feadcc077e39ea0d9d3bfabb1 Mon Sep 17 00:00:00 2001
From: Dominique Quatravaux <dominique.quatravaux@epfl.ch>
Date: Sat, 23 Jan 2021 10:34:49 +0100
Subject: [PATCH 3/3] [feature] Ability to pass additional fetchattributes
 parameters

- Obsolete `:additional_parameters` option; replace with
`:additional_requestauth_parameters`
- Add `:additional_fetchattributes_parameters` based on the same idea
---
 lib/omniauth/strategies/tequila.rb | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/lib/omniauth/strategies/tequila.rb b/lib/omniauth/strategies/tequila.rb
index 48e3dce..cfd5df5 100644
--- a/lib/omniauth/strategies/tequila.rb
+++ b/lib/omniauth/strategies/tequila.rb
@@ -23,7 +23,9 @@ class TequilaFail < StandardError; end
       option :uid_field, :uniqueid
       option :request_info, { :name => 'displayname' }
       option :switchaai, false
-      option :additional_parameters, {}
+      option :additional_parameters, {}  ## OBSOLETE, please use the next one
+      option :additional_requestauth_parameters, {}
+      option :additional_fetchattributes_parameters, {}
 
       # As required by https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema
       info do
@@ -95,7 +97,11 @@ def request_phase
 
       # retrieves user attributes from the Tequila server
       def fetch_attributes( request_key )
-        tequila_post '/fetchattributes', "key=" + request_key
+        body = encode_request_body([
+                                     {"key" => request_key},
+                                     additional_fetchattributes_parameters
+                                   ])
+        tequila_post '/fetchattributes', body
       end
 
       # retrieves the request key from the Tequila server
@@ -131,7 +137,13 @@ def encode_request_body( body_fields )
       end
 
       def additional_requestauth_parameters
-        @options[:additional_parameters]
+        @options[:additional_requestauth_parameters].empty? ?
+          @options[:additional_parameters]                  :
+          @options[:additional_requestauth_parameters]
+      end
+
+      def additional_fetchattributes_parameters
+        @options[:additional_fetchattributes_parameters]
       end
 
       # Build a Tequila host with protocol and port