Fixes and improvements for satosa-saml-metadata #429
Merged
Commits on Mar 21, 2023
-
fix: metadata_creation: for SAML backend, use sp.config to render met…
…adata ... because SAMLBackend modifies the config (adding encryption_keypairs to config) and this modified config is stored under sp.config. Otherwise, metadata created via the metadata-creation scripts (satosa-saml-metadata) would be missing encryption keys (KeyDescriptor use="encryption").
-
new: satosa-saml-metadata: make signing optional
Allow skipping signing with --no-sign - and in that case, do not require key+cert. Default to signing enabled (keep existing behaviour). Mark key and cert args as optional in Click and instead check them explicitly when signing is enabled. Add new method create_entity_descriptor_metadata as counterpart to create_signed_entity_descriptor to also apply `valid` option to EntityDescriptor but avoid signing.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.