Merge remote-tracking branch 'upstream/master'

4 files changed, 35 insertions, 8 deletions

diff --git a/example/idp2/idp.py b/example/idp2/idp.py
index e4f239a2..f3db83e6 100755
--- a/example/idp2/idp.py
+++ b/example/idp2/idp.py
@@ -7,10 +7,13 @@ import os
 import re
 import socket
 import time
+import ssl
 
 from Cookie import SimpleCookie
 from hashlib import sha1
 from urlparse import parse_qs
+from cherrypy import wsgiserver
+from cherrypy.wsgiserver import ssl_pyopenssl
 
 from saml2 import BINDING_HTTP_ARTIFACT
 from saml2 import BINDING_URI
@@ -1044,13 +1047,15 @@ if __name__ == '__main__':
     parser.add_argument(dest="config")
     args = parser.parse_args()
 
+    CONFIG = importlib.import_module(args.config)
+
     AUTHN_BROKER = AuthnBroker()
     AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                      username_password_authn, 10,
-                     "http://%s" % socket.gethostname())
+                     CONFIG.BASE)
     AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
-                     "", 0, "http://%s" % socket.gethostname())
-    CONFIG = importlib.import_module(args.config)
+                     "", 0, CONFIG.BASE)
+
     IDP = server.Server(args.config, cache=Cache())
     IDP.ticket = {}
 
@@ -1062,6 +1067,17 @@ if __name__ == '__main__':
     HOST = CONFIG.HOST
     PORT = CONFIG.PORT
 
-    SRV = make_server(HOST, PORT, application)
-    print("IdP listening on %s:%s" % (HOST, PORT))
-    SRV.serve_forever()
+    SRV = wsgiserver.CherryPyWSGIServer((HOST, PORT), application)
+
+    _https = ""
+    if CONFIG.HTTPS:
+        SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(CONFIG.SERVER_CERT,
+                                                         CONFIG.SERVER_KEY, CONFIG.CERT_CHAIN)
+        _https = " using SSL/TLS"
+    logger.info("Server starting")
+    print("IDP listening on %s:%s%s" % (HOST, PORT, _https))
+    try:
+        SRV.start()
+    except KeyboardInterrupt:
+        SRV.stop()
+
diff --git a/example/idp2/idp_conf.py.example b/example/idp2/idp_conf.py.example
index 6928b1ed..1a2e4ec8 100644
--- a/example/idp2/idp_conf.py.example
+++ b/example/idp2/idp_conf.py.example
@@ -28,7 +28,17 @@ def full_path(local_file):
 HOST = 'localhost'
 PORT = 8088
 
-BASE = "http://%s:%s" % (HOST, PORT)
+HTTPS = True
+
+if HTTPS:
+    BASE = "https://%s:%s" % (HOST, PORT)
+else:
+    BASE = "http://%s:%s" % (HOST, PORT)
+
+# HTTPS cert information
+SERVER_CERT = "pki/mycert.pem"
+SERVER_KEY = "pki/mykey.pem"
+CERT_CHAIN = ""
 
 CONFIG = {
     "entityid": "%s/idp.xml" % BASE,
diff --git a/example/requirements.txt b/example/requirements.txt
new file mode 100644
index 00000000..588621c9
--- /dev/null
+++ b/example/requirements.txt
@@ -0,0 +1,2 @@
+mako
+cherrypy
\ No newline at end of file
diff --git a/example/sp-wsgi/sp.py b/example/sp-wsgi/sp.py
index b5e6bcdd..94615750 100755
--- a/example/sp-wsgi/sp.py
+++ b/example/sp-wsgi/sp.py
@@ -379,7 +379,6 @@ class ACS(Service):
         cookie = self.cache.set_cookie(user)
 
         resp = Redirect("/", headers=[
-            ("Location", "/"),
             cookie,
         ])
         return resp(self.environ, self.start_response)