From 5bd9ec44e7fbfd7017ac9762b2e97d1e31db9368 Mon Sep 17 00:00:00 2001
From: Johan Lundberg <lundberg@sunet.se>
Date: Fri, 9 Dec 2022 11:38:15 +0100
Subject: do not add a duplicate attribute request for subject id

---
 src/saml2/assertion.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/saml2/assertion.py b/src/saml2/assertion.py
index 4df0cf3c..46733f93 100644
--- a/src/saml2/assertion.py
+++ b/src/saml2/assertion.py
@@ -559,7 +559,7 @@ class Policy:
         required_attributes = spec.get("required", [])
         optional_attributes = spec.get("optional", [])
         required_subject_id = metadata_store.subject_id_requirement(sp_entity_id) if metadata_store else None
-        if required_subject_id:
+        if required_subject_id and required_subject_id not in required_attributes:
             required_attributes.append(required_subject_id)
         return self.filter(
             ava,
-- 
cgit v1.2.1