From 3cb02900c721dd540d62ca66700d1bdd14cb2939 Mon Sep 17 00:00:00 2001
From: Heikki Hakkala <heikki.hakkala@supercell.com>
Date: Mon, 23 Jun 2014 10:22:58 +0300
Subject: [PATCH 1/2] Support adding AttributeConsumingServiceIndex attribute
 in AuthnRequest

---
 lib/passport-saml/saml.js | 4 ++++
 test/tests.js             | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
index ee7fc1e2..6028ffa4 100644
--- a/lib/passport-saml/saml.js
+++ b/lib/passport-saml/saml.js
@@ -128,6 +128,10 @@ SAML.prototype.generateAuthorizeRequest = function (req, isPassive) {
     };
   }
 
+  if (this.options.attributeConsumingServiceIndex) {
+    request['samlp:AuthnRequest']['@AttributeConsumingServiceIndex'] = this.options.attributeConsumingServiceIndex;
+  }
+
   return xmlbuilder.create(request).end();
 };
 
diff --git a/test/tests.js b/test/tests.js
index ab7208eb..6c7f8059 100644
--- a/test/tests.js
+++ b/test/tests.js
@@ -168,7 +168,8 @@ describe( 'passport-saml /', function() {
         config: {
           issuer: 'http://exampleSp.com/saml',
           identifierFormat: 'alternateIdentifier',
-          passive: true
+          passive: true,
+          attributeConsumingServiceIndex: 123
         },
         result: { 
           'samlp:AuthnRequest': 
@@ -177,6 +178,7 @@ describe( 'passport-saml /', function() {
                 Version: '2.0',
                 ProtocolBinding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
                 AssertionConsumerServiceURL: 'http://localhost:3033/login',
+                AttributeConsumingServiceIndex: '123',
                 Destination: 'https://wwwexampleIdp.com/saml',
                 IsPassive: 'true' },
              'saml:Issuer': 

From c43fb25cb20929b639b5315ac6b401030eb16ba3 Mon Sep 17 00:00:00 2001
From: Heikki Hakkala <heikki.hakkala@supercell.com>
Date: Wed, 25 Jun 2014 10:11:37 +0300
Subject: [PATCH 2/2] Add documentation for attributeConsumingServiceIndex
 option

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 7d1a0792..436cf5ad 100644
--- a/README.md
+++ b/README.md
@@ -41,6 +41,7 @@ Config parameter details:
 * `path`: path to callback; will be combined with protocol and server host information to construct callback url if `callbackUrl` is not specified (default: `/saml/consume`)
 * `protocol`: protocol for callback; will be combined with path and server host information to construct callback url if `callbackUrl` is not specified (default: `https://`)
 * `callbackUrl`: full callbackUrl (overrides path if supplied)
+* `attributeConsumingServiceIndex`: optional `AttributeConsumingServiceIndex` attribute to add to AuthnRequest
 * `entryPoint`: identity provider entrypoint
 * `issuer`: issuer string to supply to identity provider
 * `cert`: see 'security and signatures'