From 2fe02c14b1c08ff7981c878f3360fe5beacdebb2 Mon Sep 17 00:00:00 2001
From: Vlad Mencl <vladimir.mencl@reannz.co.nz>
Date: Mon, 16 Jan 2023 17:12:01 +1300
Subject: fix: metadata: process extensions also for idp_sso_descriptor

---
 src/saml2/metadata.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/saml2/metadata.py b/src/saml2/metadata.py
index d926345e..ff4450a8 100644
--- a/src/saml2/metadata.py
+++ b/src/saml2/metadata.py
@@ -533,6 +533,17 @@ def do_idpsso_descriptor(conf, cert=None, enc_cert=None):
     idpsso = md.IDPSSODescriptor()
     idpsso.protocol_support_enumeration = samlp.NAMESPACE
 
+    exts = conf.getattr("extensions", "idp")
+    if exts:
+        if idpsso.extensions is None:
+            idpsso.extensions = md.Extensions()
+
+        for key, val in exts.items():
+            _ext = do_extensions(key, val)
+            if _ext:
+                for _e in _ext:
+                    idpsso.extensions.add_extension_element(_e)
+
     endps = conf.getattr("endpoints", "idp")
     if endps:
         for (endpoint, instlist) in do_endpoints(endps, ENDPOINTS["idp"]).items():
-- 
cgit v1.2.1