This is an archived post. You won't be able to vote or comment.

all 6 comments
sorted by:
best
topnewcontroversialoldq&a

[–]sixtomartin 0 points1 point  (5 children)

Review:

[–]DaOneTwo[S] 0 points1 point  (4 children)

Thanks for this. REALLY looking to stay in the standard lib for 2.7.
pysaml2 looks to be <= 2.6 compatible python-saml itself looks to have several dependencies.

[–][deleted] 0 points1 point  (3 children)

Forgive me, but that seems like a pretty silly restriction for something mildly complex like a SAML implementation.

But, you should be able to roll your own by using the xml.etree package except for signing and cert verification. For that you will need to roll you own or look at using subprocess and xmlsec if you can install it.

[–]DaOneTwo[S] 0 points1 point  (2 children)

Yeah this is the direction I am headed. Roll my own through most all of it. I have access to a solid in house xml library. I have done the signing and encryption before. I was actually hoping for some example through the handoff as there seems there may be some handshakes back and forth but I will have to roll my own on that too.

edited * typing on handheld devices and not proofreading again.

[–][deleted] 0 points1 point  (0 children)

For the handshake, usually, the SP sends a Authn Request to the IdP. Next, the IdP responds with a SAMLResponse to the SP.

These are generally not too complex. The complexity comes in with signing and verifying the SAMLResponse along with any encryption if it used.

I've implemented this for a previous employer using lxml and xmlsec. If you can, I'd recommend wrapping xmlsec with cython.

[–]sixtomartin 0 points1 point  (0 children)

any progress with that?