README.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135

# PySAML2 - SAML2 for Python

[![Version](https://img.shields.io/pypi/v/pysaml2)](https://pypi.org/project/pysaml2/)
[![Supported Python versions](https://img.shields.io/pypi/pyversions/pysaml2)](https://pypi.org/project/pysaml2/)
[![Total downloads](https://pepy.tech/badge/pysaml2)](https://pepy.tech/project/pysaml2)
[![Weekly downloads](https://pepy.tech/badge/pysaml2/week)](https://pepy.tech/project/pysaml2)
[![License](https://img.shields.io/github/license/IdentityPython/pysaml2)](https://github.com/IdentityPython/pysaml2/blob/master/LICENSE)

PySAML2 is a pure python implementation of SAML Version 2 Standard.
It contains all necessary pieces for building a SAML2 service provider
or an identity provider. The distribution contains examples of both.
Originally written to work in a WSGI environment
there are extensions that allow you to use it with other frameworks.

**Website**: https://idpy.org/

**Documentation**: https://pysaml2.readthedocs.io/

**Contribution guidelines**: [CONTRIBUTING.md][contributing]

**Security policies**: [SECURITY.md][sec]

**Source code**: https://github.com/IdentityPython/pysaml2/

**Developer guidelines**: [DEVELOPERS.md][dev]

**PyPI project**: https://pypi.org/project/pysaml2/

**License**: [LICENSE][license]


## Specifications

Retrieved from https://wiki.oasis-open.org/security/FrontPage

#### SAML V2.0 Standard

- SAML2 Core (aka Assertions and Protocols): http://www.oasis-open.org/committees/download.php/56776/sstc-saml-core-errata-2.0-wd-07.pdf
  - Assertion schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd
  - Protocols schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd
- Bindings: http://www.oasis-open.org/committees/download.php/56779/sstc-saml-bindings-errata-2.0-wd-06.pdf
- Profiles: http://www.oasis-open.org/committees/download.php/56782/sstc-saml-profiles-errata-2.0-wd-07.pdf
- Metadata: http://www.oasis-open.org/committees/download.php/56785/sstc-saml-metadata-errata-2.0-wd-05.pdf
  - Metadata schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
- Authentication Context: http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf
- Conformance Requirements: https://docs.oasis-open.org/security/saml/v2.0/saml-conformance-2.0-os.pdf
- Security and Privacy Considerations: http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf
- Glossary: http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf

#### Profiles and extensions

- Metadata Extension for SAML V2.0 and V1.x Query Requesters: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ext-query-os.pdf
- SAML V2.0 Metadata Interoperability Profile: https://docs.oasis-open.org/security/saml/Post2.0/sstc-metadata-iop-os.pdf
- SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0: https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ui/v1.0/os/sstc-saml-metadata-ui-v1.0-os.pdf
- SAML V2.0 LDAP/X.500 Attribute Profile: http://www.oasis-open.org/committees/download.php/28042/sstc-saml-attribute-x500-cs-01.pdf
- SAML V2.0 Enhanced Client or Proxy Profile Version 2.0: https://docs.oasis-open.org/security/saml/Post2.0/saml-ecp/v2.0/cs01/saml-ecp-v2.0-cs01.pdf

#### Committee Specifications

- SAML V2.0 Subject Identifier Attributes Profile Version 1.0: https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml-subject-id-attr-v1.0-cs01.pdf


## Installation

You can install PySAML2 through pip:

```shell
pip install pysaml2
```

### External dependencies

PySAML2 works with the [`xmlsec`][xmlsec] binary.
This should be readily available in most Linux distributions:

```shell
$ apt-get install xmlsec1
$ dnf install xmlsec1-openssl
$ yum install xmlsec1-openssl
$ pacman -S xmlsec
...
```

and on MacOS through [`homebrew`][brew]

```shell
$ brew install libxmlsec1
```


## Changelog

See the [CHANGELOG][clog] to learn about the latest developments.


## Contributing

We've set up a separate document for our [contribution guidelines][contributing].


## Community

[IdentityPython][idpy] is a community around
a collection of libraries and tools to manage identity related concepts with Python code.
You can interact with the community though the [mailing list](https://lists.sunet.se/postorius/lists/idpy-discuss.lists.sunet.se/)
or on the [Slack workspace](https://identity-python.slack.com/) ([invitation](https://join.slack.com/t/identity-python/shared_invite/enQtNzEyNjU1NDI1MjUyLTM2MWI5ZGNhMTk1ZThiOTIxNWY2OTY1ODVmMWNjMzUzMTYxNTY5MzE5N2RlYjExZTIyM2MwYjBjZGE4MGVlMTM)).


## Development

We've set up a separate document for [developers][dev].


### Releasing

We've set up a separate document for our [release process][rel].


### Pre-commit

(TODO)


  [idpy]: https://idpy.org/
  [docs]: https://pysaml2.readthedocs.io/
  [contributing]: https://github.com/IdentityPython/pysaml2/blob/master/CONTRIBUTING.md
  [sec]: https://github.com/IdentityPython/pysaml2/blob/master/SECURITY.md
  [repo]: https://github.com/IdentityPython/pysaml2/
  [dev]: https://github.com/IdentityPython/pysaml2/blob/master/DEVELOPERS.md
  [pypi]: https://pypi.org/project/pysaml2/
  [license]: https://github.com/IdentityPython/pysaml2/blob/master/LICENSE
  [clog]: https://github.com/IdentityPython/pysaml2/blob/master/CHANGELOG.md
  [rel]: https://github.com/IdentityPython/pysaml2/blob/master/RELEASE.md
  [xmlsec]: http://www.aleksey.com/xmlsec/
  [brew]: https://brew.sh/