Store essential SAML attrs by default

Signed-off-by: Rick Elrod <[email protected]>

ansible_base/authentication/authenticator_plugins/saml.py

@@ -296,6 +296,15 @@ def extra_data(self, user, backend, response, *args, **kwargs):
         if "Group" in attrs:
             response["Group"] = attrs["Group"]
         data = super().extra_data(user, backend, response, *args, **kwargs)
+
+        excluded_fields = ('IDP_URL', 'IDP_X509_CERT', 'IDP_ENTITY_ID')
+        for field, attr_name in SAMLConfiguration.settings_to_enabled_idps_fields.items():
+            if field in excluded_fields:
+                continue
+            field_name = self.database_instance.configuration['ENABLED_IDPS'][idp_string][attr_name]
+            if field_name in attrs:
+                data[field_name] = attrs[field_name]
+
         return data
 
     def get_user_groups(self, extra_groups=[]):