Skip to content

[Documentation] Additional paramenters #715

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
c00kiemon5ter merged 3 commits into from
Sep 12, 2020
Merged

[Documentation] Additional paramenters #715

c00kiemon5ter merged 3 commits into from
Sep 12, 2020

Conversation

@peppelinux
Copy link
Member

@peppelinux peppelinux commented Sep 6, 2020

fixes #710
minor change that hopefully make everyone happy ;)

@peppelinux peppelinux mentioned this pull request Sep 6, 2020
Closed
@codecov-commenter
Copy link

codecov-commenter commented Sep 6, 2020

Codecov Report

Merging #715 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #715   +/-   ##
=======================================
  Coverage   65.46%   65.46%           
=======================================
  Files         102      102           
  Lines       25501    25501           
=======================================
  Hits        16695    16695           
  Misses       8806     8806

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1aeae3a...4883d00. Read the comment docs.

@peppelinux peppelinux mentioned this pull request Sep 6, 2020
Closed
@peppelinux
Copy link
Member Author

peppelinux commented Sep 6, 2020

In the second commit I added all the things I learned in the past two years of pysaml2 usage.

  • Metadata MDQ/Remote disable_ssl_certificate_validation
  • allow_unknown_attributes
  • want_authn_requests_only_with_valid_cert
  • only_use_keys_in_metadata
  • validate_certificate
  • encryption_keypairs
  • a more detailed section, with examples, for Entity Categories

This commit also close this:
#706

@peppelinux peppelinux changed the title [Documentation] nameid_format example [Documentation] Additional paramenters Sep 6, 2020
@peppelinux peppelinux force-pushed the nameid_format_example branch 5 times, most recently from 8984de7 to 62f88d7 Compare September 7, 2020 09:06
c00kiemon5ter
c00kiemon5ter reviewed Sep 12, 2020
View reviewed changes
docs/howto/config.rst
""""""""""""""""""""""""""""""""""""""""

When verifying a signed AuthnRequest ignore the signature and verify the
certificate.
Copy link
Member

@c00kiemon5ter c00kiemon5ter Sep 12, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this configuration option should be removed in the future. We should always be verifying the signature.

c00kiemon5ter
c00kiemon5ter reviewed Sep 12, 2020
View reviewed changes
docs/howto/config.rst

If set to False, the certificate contained in a SAML message will be used for
signature verification.
Default True.
Copy link
Member

@c00kiemon5ter c00kiemon5ter Sep 12, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this configuration option should be removed in the future. We should not be using anything but the certificates we know about.

c00kiemon5ter
c00kiemon5ter reviewed Sep 12, 2020
View reviewed changes
docs/howto/config.rst
""""""""""""""""""""

Indicates that the certificate used in sign SAML messages must be valid.
Default to False.
Copy link
Member

@c00kiemon5ter c00kiemon5ter Sep 12, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this configuration option should change to be True by default.

@c00kiemon5ter c00kiemon5ter merged commit ecc690e into IdentityPython:master Sep 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@c00kiemon5ter c00kiemon5ter c00kiemon5ter left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

documented name_id_format example for SP is part of IDP configuation

3 participants

@peppelinux @codecov-commenter @c00kiemon5ter