fix for issue where if there were multiple signing certs and no encryption certs, only the first signing cert is returned

bmorgan21 · bmorgan21 · commit 362e2cb5c944 · 2017-09-07T13:29:51.000-04:00
diff --git a/src/onelogin/saml2/idp_metadata_parser.py b/src/onelogin/saml2/idp_metadata_parser.py
@@ -200,7 +200,9 @@ def parse(
                     data['sp']['NameIDFormat'] = idp_name_id_format
 
                 if certs is not None:
-                    if len(certs) == 1 or \
+                    if (len(certs) == 1 and \
+                        (('signing' in certs and len(certs['signing']) == 1) or
+                         ('encryption' in certs and len(certs['encryption']) == 1))) or \
                         (('signing' in certs and len(certs['signing']) == 1) and
                          ('encryption' in certs and len(certs['encryption']) == 1 and
                          certs['signing'][0] == certs['encryption'][0])):
