Hi Valerie
We have exactly the same requirement for "dynamically" obtaining information from an IdP with user consent at the IdP here in New Zealand. Our requirement comes from New Zealand privacy law and is an area we have been trying to address with SAML 2 for the last 18 months.
I believe that submissions are currently in progress to the SAML 2 technical expert committee for a mechanism within the specification to permit the dynamic requesting of information within the <AuthnRequest>. I am not aware of any timeframe or the whether the submissions will be accepted, but I hope this helps.
As a temporary solution we may use a preconfigured set of attributes within each circle of trust as an approach.
Other potential options (but not really recommended) could involve specifying the required attributes as a String in the <RequestedAuthnContext>. The AttributeConsumerServiceIndex is another option, but is a fairly indirect mechanism. As a last resort you could consider the use of SAML <Extensions> in the <AuthnRequest>, but I don't know if that would suit your model either?
Kind Regards
Ben Yeoman