Include Extensions in AuthnRequest

[tyctor]

hi

i cannot find documentation/example how to include <samlp:Extensions> in <samlp:AuthnRequest>
is it possible to do it?
could you please point me to some example?

[peppelinux]

We don't have support for this but I can show you how you can contribute to this project and have another release with your desidered feature

here https://github.com/IdentityPython/djangosaml2/blob/master/djangosaml2/views.py#L331C58-L331C58
we should add the extentions optional attribute or, better, add in the sso_args dictionary the key extensions with your desidered ones

this will pass the desidered extentions here: https://github.com/IdentityPython/pysaml2/blob/a9fe345ba1bb4ef516673b1acbd01db80ccdf658/src/saml2/client.py#L39

[tyctor]

i found, that this can be put into sp settings as list of dicts in key requested_attributes, for example:

"requested_attributes": [
    {
        "name": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
        "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
        "required": "true",
    },
]

will create:

<samlp:Extensions>
  <ns3:RequestedAttributes>
    <ns3:RequestedAttribute Name="http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
  </ns3:RequestedAttributes>
</samlp:Extensions>