summaryrefslogtreecommitdiffstats
path: root/ipsilon/tools/saml2metadata.py
Commit message (Collapse)AuthorAgeFilesLines
* Set the value of WantAuthnRequestsSigned to TrueRob Crittenden2015-07-271-0/+2
| | | | | | | | | | | The spec says the default should be False if not specified but lasso sets it to true unless it is explicitly set to False. So let's be explicit and set it to True. https://fedorahosted.org/ipsilon/ticket/136 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Include timezone in metadata validUntil value and use UTC timeRob Crittenden2015-07-171-2/+2
| | | | | | | | | | | | The python datetime module doesn't append the timezone in its isoformat() output, so add a Z indicating that the time is UTC time. Also generate the output using utcnow() rather than now() so the times line up. https://fedorahosted.org/ipsilon/ticket/137 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add support for logout over SOAPRob Crittenden2015-07-161-0/+2
| | | | | | | | | | | | | | As each login session comes in, store the supported logout mechanisms in the SP metadata. Upon a logout request, loop through all of those SP's that support SOAP and log those out first, then log out any remaining sessions using HTTP Redirect. https://fedorahosted.org/ipsilon/ticket/59 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Implement ECP in IpsilonJohn Dennis2015-05-081-0/+2
| | | | | | | | | | | | | | | | * add saml2/SSO/SOAP endpoint. * add check for lasso version, ECP endpoint only exposed in metadata if lasso has full ECP support. * add SSO_SOAP soap authentication handler (used for ECP). * add SAML binding to transaction so we can determine if cookies and other HTTP concepts are expected. Each handler is responsible for setting the binding. * add some constants needed for ECP https://fedorahosted.org/ipsilon/ticket/4 Signed-off-by: John Dennis <jdennis@redhat.com> Reviewed-by: Rob Crittenden <rcritten@redhat.com>
* Update Copyright header point to COPYING fileRob Crittenden2015-05-081-16/+1
| | | | | | | | | | | | Point to a file containing the license rather than including it in every single source file. This will make it easier to manage the license in the future without another humongous commit. https://fedorahosted.org/ipsilon/ticket/126 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add support for expiration in MetadataSimo Sorce2015-01-291-4/+28
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow to set additional custom keys on servicesSimo Sorce2014-04-111-1/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Simplify metadata add_service signatureSimo Sorce2014-04-111-11/+17
| | | | | | Add a map that takes care of the lower level lasso-related details Signed-off-by: Simo Sorce <simo@redhat.com>
* Move accessory functions to a generic tools moduleSimo Sorce2014-04-111-0/+171
This will allow to easly share the module with install tools, without the need to install server side modules in clients Signed-off-by: Simo Sorce <simo@redhat.com>
generated by cgit (git 2.34.1) at 2026-01-08 12:27:30 +0000