Notes: idpy developers meeting, 11 December 2018
by hlflanagan@sphericalcowgroup.com
Attending:
Ivan, Heather, Roland, Rainer, Johan L, Scott, Martin
Regrets:
Christos
Notes:
0. Agenda bash
1. Governance update
Board meeting tomorrow, December 12. Main topic = IPR
2. PR review
- Satosa (Satosa PRs - https://github.com/IdentityPython/SATOSA)
Ivan merged the nameID PR submitted by Scott today. Ivan is also
planning to do some more work on deprecating the internal hashing as
discussed on the last call. Will work on it today, and cut a release
that people can test.
Ivan met with Roland and discussed the new OIDC libraries. Ivan will be
working on a new pyOIDC frontend, which will be based on the OIDC
endpoint library that Roland developed. This should be fairly
straightforward. Will work on the backend at some future date.
Ivan met with Johan and Frederik around how we should evolve pySAML and
how we should integrate the new microservices style into Satosa. Ivan
will work on the plugin loader module, simplify it, and use that as a
custom solution to hook in the micro services. Will try to have this
before the TIIME meeting, and at the TIIME meeting we can package some
of the micro services.
- pySAML (https://github.com/IdentityPython/pysaml2)
Ivan spoke with Frederik and Johan about pySAML, how to refactor. Will
trace the big function calls and see what makes sense, then move the
lower functions into new modules and build up on them. Have functions do
one thing only, do that one thing well, then use them to build more
complex functions. There will be a transition period. Example: XML
signing of objects. (Every XML operation will be in its own module. )
See PR 498.
PR 483 - MDQ verification. Ivan did some small changes today and then
merged it. It may still needs tests; Scott to follow up.
Also fixed: a deprecation warning.
PR 577 - being able to return error codes not listed in the spec; they
should be implementation defined, but we weren’t following the spec.
Next items of work: PR 518 (day/times) and 498 (XML handling)
Next week, Ivan will be in Amsterdam to meet about eduTEAMS.
- pyFF (https://github.com/IdentityPython/pyFF)
Leif still working on this; summary of work is splitting the discovery
service from the persistence service. Is going ahead with the flask
redesign. Also looking at pyramid (another python framework). There will
be an API to talk to the backend persistence service, which can be
hosted separately from the front end discovery service. Will continue to
offer the MDQ service.
Scott is using multiple discovery services and thinks that the discrete
list of possible IdPs should be handled in the backend, not the front
end. Scott and Leif need to talk about this; Scott will send email and
cc the list. Rainer has a similar use case, where certain services have
additional IdPs that need to be shown to a certain number of users.
3. AOB
TIIME meeting - Monday, 11 February 2018 @ 11:00-17:30; will have a room
for 10 people
Next call, 8 January 2019
