warn when trust info has profiles with same name. Also allow extra metadata in trust info in entity attribute.

enriquepablo · enriquepablo · commit b39220353b3b · 2025-01-13T11:51:36.000+01:00
diff --git a/src/pyff/samlmd.py b/src/pyff/samlmd.py
@@ -1048,18 +1048,27 @@ def discojson_sp_attr(e):
         return None
 
     entityID = e.get('entityID', None)
-    if entityID is None:
-        return None
-
     sp = {}
     sp['entityID'] = entityID
     sp['profiles'] = {}
+    sp['extra_md'] = {}
 
     for b64_trustinfo in b64_trustinfos:
         try:
             str_trustinfo = b64decode(b64_trustinfo.encode('ascii'))
             trustinfo = json.loads(str_trustinfo.decode('utf8'))
-            sp['profiles'].update(trustinfo['profiles'])
+            for profile in trustinfo['profiles']:
+                if profile in sp['profiles']:
+                    log.warning(f"SP Entity {entityID} has a duplicate trust profile {profile}")
+                else:
+                    sp['profiles'][profile] = trustinfo['profiles'][profile]
+
+            if 'extra_md' in trustinfo:
+                for extra_id in trustinfo['extra_md']:
+                    if extra_id in sp['extra_md']:
+                        log.warning(f"SP Entity {entityID} has a duplicate extra IdP metadata {extra_id}")
+                    else:
+                        sp['extra_md'][extra_id] = trustinfo['extra_md'][extra_id]
 
         except Exception as e:
             log.warning(f"Invalid entity-selection-profile attribute for {entityID}: {e}")
