4:52 p.m.
Hi,
I have updated metadata_tostring_fix function in metadata.py. It's ugly but
it gets the job done:
```python
def metadata_tostring_fix(desc, nspair, xmlstring=""):
if not xmlstring:
xmlstring = desc.to_string(nspair)
try:
if "\"xs:string\"" in xmlstring and XMLNSXS not in xmlstring:
xmlstring = xmlstring.replace(MDNS, MDNS + XMLNSXS)
except TypeError:
if b"\"xs:string\"" in xmlstring and bXMLNSXS not in
xmlstring:
xmlstring = xmlstring.replace(bMDNS, bMDNS + bXMLNSXS)
xmlstring_decoded = xmlstring.decode("utf-8") #JN
xmlstring = re.sub(r'(<\/ns0:ContactPerson>)',
r'\1<md:ContactPerson
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" contactType="other"
remd:contactType="http://refeds.org/metadata/contactType/security"
xmlns:remd="http://refeds.org/metadata"><md:GivenName>Se…
Response
Team</md:GivenName><md:EmailAddress>mailto:security at
xxxxxxxxxxxxxxx</md:EmailAddress></md:ContactPerson>',
xmlstring_decoded) #JN
xmlstring = bytes(xmlstring, 'utf-8') #JN
return xmlstring
```
czw., 2 wrz 2021 o 16:05 Jakub Niezabitowski <kuba.michal.n at gmail.com>
napisał(a):
Hello Ivan,
thank you for your quick response. Adding assurance_certification works
great!
czw., 2 wrz 2021 o 15:55 Ivan Kanakarakis <ivan.kanak at gmail.com>
napisał(a):
hello Jakub,
## refeds metadata
the refeds metadata is not known to pysaml2, and thus there is no way
to do this.
We can look into adding support and exposing that as part of the
configuration.
Until that is in place, you can add a post processing rule on your
deployment proceed to inject the namespace and element as needed.
## assurance certification
To add an assurance certification you can add the following in your
saml frontend configuration:
```yaml
module: ...
name: ...
config:
idp_config:
...
assurance_certification:
- https://refeds.org/sirtfi
...
```
On Thu, 2 Sept 2021 at 15:25, Jakub Niezabitowski
<kuba.michal.n at gmail.com> wrote:
Hello,
does anybody know how to specify remd:contactType for Satosa front-end?
It is
necessary for Refeds. Example:
<md:ContactPerson contactType="other" remd:contactType="
http://refeds.org/metadata/contactType/security">
<md:Company>XYZ</md:Company>
<md:GivenName>ABC</md:GivenName>
<md:SurName>Security</md:SurName>
<md:EmailAddress>mailto:security at example.com</md:EmailAddress>
</md:ContactPerson>
I would be also very thankful for help in adding this static string to
metadata:
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
...>
<md:Extensions>
<mdattr:EntityAttributes
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oasis:names:tc:SAML:attribute:assurance-certification">
<saml:AttributeValue>https://refeds.org/sirtfi
</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
</md:EntityDescriptor>
Thank you in advance for any help
Jakub
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users
--
Ivan c00kiemon5ter Kanakarakis >:3
12:37 a.m.
Hi Jakub,
there come the times where we have to go off-road to draw new roads :)
https://github.com/italia/Satosa-Saml2Spid/blob/0ccc57f3c99172c8e567cac9c3e…
it was a so huge and specialized metadata that I inherited the method and
wrote another backend, without any configuration compromise. I needed a
thing there, well, I put that thing there!
Il giorno gio 2 set 2021 alle ore 16:53 Jakub Niezabitowski <
kuba.michal.n at gmail.com> ha scritto:
Hi,
I have updated metadata_tostring_fix function in metadata.py. It's ugly
but it gets the job done:
```python
def metadata_tostring_fix(desc, nspair, xmlstring=""):
if not xmlstring:
xmlstring = desc.to_string(nspair)
try:
if "\"xs:string\"" in xmlstring and XMLNSXS not in
xmlstring:
xmlstring = xmlstring.replace(MDNS, MDNS + XMLNSXS)
except TypeError:
if b"\"xs:string\"" in xmlstring and bXMLNSXS not in
xmlstring:
xmlstring = xmlstring.replace(bMDNS, bMDNS + bXMLNSXS)
xmlstring_decoded = xmlstring.decode("utf-8") #JN
xmlstring = re.sub(r'(<\/ns0:ContactPerson>)',
r'\1<md:ContactPerson
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" contactType="other"
remd:contactType="http://refeds.org/metadata/contactType/security"
xmlns:remd="http://refeds.org/metadata"><md:GivenName>Se…
Response
Team</md:GivenName><md:EmailAddress>mailto:security at
xxxxxxxxxxxxxxx</md:EmailAddress></md:ContactPerson>',
xmlstring_decoded) #JN
xmlstring = bytes(xmlstring, 'utf-8') #JN
return xmlstring
```
czw., 2 wrz 2021 o 16:05 Jakub Niezabitowski <kuba.michal.n at gmail.com>
napisał(a):
--
____________________
Giuseppe De Marco
Centro ICT d'Ateneo
Università della Calabria
87036 Rende (CS) - Italy
Phone: +39 0984 496961
e-mail: giuseppe.demarco at unical.it
--
------------------------------------------------------------------------------------------------------------------
Il banner è generato automaticamente dal servizio di posta elettronica
dell'Università della Calabria
<http://www.unical.it/5x1000>
Hello Ivan,
thank you for your quick response. Adding assurance_certification works
great!
czw., 2 wrz 2021 o 15:55 Ivan Kanakarakis <ivan.kanak at gmail.com>
napisał(a):
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users
hello Jakub,
## refeds metadata
the refeds metadata is not known to pysaml2, and thus there is no way
to do this.
We can look into adding support and exposing that as part of the
configuration.
Until that is in place, you can add a post processing rule on your
deployment proceed to inject the namespace and element as needed.
## assurance certification
To add an assurance certification you can add the following in your
saml frontend configuration:
```yaml
module: ...
name: ...
config:
idp_config:
...
assurance_certification:
- https://refeds.org/sirtfi
...
```
On Thu, 2 Sept 2021 at 15:25, Jakub Niezabitowski
<kuba.michal.n at gmail.com> wrote:
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oasis:names:tc:SAML:attribute:assurance-certification">
> Thank you in advance for any help
> Jakub
> _______________________________________________
> satosa-users mailing list
> satosa-users at lists.sunet.se
> https://lists.sunet.se/listinfo/satosa-users
--
Ivan c00kiemon5ter Kanakarakis >:3
_______________________________________________
Hello,
does anybody know how to specify remd:contactType for Satosa
front-end? It is
necessary for Refeds. Example:
<md:ContactPerson contactType="other" remd:contactType="
http://refeds.org/metadata/contactType/security">
<md:Company>XYZ</md:Company>
<md:GivenName>ABC</md:GivenName>
<md:SurName>Security</md:SurName>
<md:EmailAddress>mailto:security at example.com</md:EmailAddress>
</md:ContactPerson>
I would be also very thankful for help in adding this static string to
metadata:
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
...>
<md:Extensions>
<mdattr:EntityAttributes
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
<saml:AttributeValue>https://refeds.org/sirtfi
</saml:AttributeValue>
> </saml:Attribute>
> </mdattr:EntityAttributes>
> </md:Extensions>
> </md:EntityDescriptor>
1163
days inactive
1163
days old
1 comments
2 participants
participants (2)
-
giuseppe.demarco@unical.it -
kuba.michal.n@gmail.com