diff options
| -rw-r--r-- | src/saml2/assertion.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/saml2/assertion.py b/src/saml2/assertion.py index 53f917be..4df0cf3c 100644 --- a/src/saml2/assertion.py +++ b/src/saml2/assertion.py @@ -556,11 +556,16 @@ class Policy: metadata_store = metadata or self.metadata_store spec = metadata_store.attribute_requirement(sp_entity_id) or {} if metadata_store else {} + required_attributes = spec.get("required", []) + optional_attributes = spec.get("optional", []) + required_subject_id = metadata_store.subject_id_requirement(sp_entity_id) if metadata_store else None + if required_subject_id: + required_attributes.append(required_subject_id) return self.filter( ava, sp_entity_id, - required=spec.get("required"), - optional=spec.get("optional"), + required=required_attributes or None, + optional=optional_attributes or None, ) def conditions(self, sp_entity_id): |