| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
| |
| |
| |
| |
| |
| | |
All callers set it to false, but one which calls the validation method itself
after the call to _run_xmlsec (which means that validation is done twice).
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|/
|
|
|
|
|
|
| |
_run_xmlsec function allowed to pass the kind of exception that would be raised
in case of error. This was parameter was ignored. As such, it is not needed and
is removed completely.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The application should control whether warnings should be visible or not. By
hardcoding the simplefilter we turn on warnings' visibility for all modules
that follow. Removing this allows the application code to decide if warnings
should be shown.
To enable warnings through the command line pass -Wd to the python interpreter.
Quoting the python warnings module documentation[0]:
> You can do this from the command-line by passing -Wd to the interpreter (this
> is shorthand for -W default). This enables default handling for all warnings,
> including those that are ignored by default. To change what action is taken
> for encountered warnings you simply change what argument is passed to -W,
> e.g. -W error. See the -W flag for more details on what is possible.
[0]: https://docs.python.org/2/library/warnings.html#updating-code-for-new-versions-of-python
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|\
| |
| | |
Enable signature verification for MDQ
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Add functionality to allow configuration of signature verification for
metadata obtained using the MDQ protocol. Support is limited to checking
the signature of a response containing a single entity and not multiple
entities.
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
The html module is only available for python3. The cgi module provides almost
identical functionality and is present for both python2 and python3.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|\ \
| |/
|/| |
Handle non standard response error status codes
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|/ |
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|\
| |
| | |
Raise status exception when parsing an error status response
|
| |
| |
| | |
Fixes IdentityPython/pysaml2#571
|
|/
|
|
|
| |
status response.
This test passes in v4.6.3 but is failing in v4.6.4 due to IdentityPython/pysaml2#571
|
|\
| |
| | |
Add metadata attribute for entity_category_support
|
|/ |
|
|
|
|
|
|
|
| |
Assurance-certification and entity-category should be under the same
EntityAttributes elements.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
|
|
|
|
| |
metadata.do_contact_person_info does not need to reimplement loading of the
data given, as this is already implemented and more complete through
SamlBase::loadd
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|\
| |
| | |
Add want_assertions_or_response_signed functionality
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| |
| |
| | |
Add logic to test client configuration options
want_response_signed, want_assertions_signed, and
want_assertions_or_response_signed.
|
|/
|
|
|
|
|
| |
Add the ability to configure an SP to require either a signed response
or signed assertions.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|\
| |
| | |
Fix example IdP and SP to work with python 3
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|/ |
|
|\
| |
| | |
Fix return format of Response._response
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix AuthnResponse.condition_ok to not require conditions
## 2.3.3 Element <Assertion>
The <Assertion> element is of the `AssertionType` complex type. This type specifies the basic
information that is common to all assertions, including the following elements and attributes:
### <Conditions> [Optional]
Conditions that MUST be evaluated when assessing the validity of and/or when using the assertion.
See _Section 2.5_ for additional information on how to evaluate conditions
|
| |/
| |
| |
| |
| | |
As we can see in specs, Conditions are not required, so we should not to
check assertion on its existence.
|
|\ \
| | |
| | | |
Make config_factory to be more universal method
|
| |/ |
|
|\ \
| | |
| | | |
Small updates in docs
|