Addressing @c00kiemon5ter's comments

Author: Ioannis Kakavas

example/plugins/backends/saml2_backend.yaml.example

@@ -1,6 +1,7 @@
 module: satosa.backends.saml2.SAMLBackend
 name: Saml2
 config:
+  idp_blacklist_file: /path/to/blacklist.json
   sp_config:
     key_file: backend.key
     cert_file: backend.crt
@@ -13,8 +14,6 @@ config:
       local: [idp.xml]
 
     entityid: <base_url>/<name>/proxy_saml2_backend.xml
-    idp_blacklist_enabled: true
-    idp_blacklist_file: /path/to/blacklist.json
     service:
       sp:
         want_response_signed: true

src/satosa/backends/saml2.py

@@ -63,6 +63,7 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         self.discosrv = config.get(self.KEY_DISCO_SRV)
         self.encryption_keys = []
         self.outstanding_queries = {}
+        self.idp_blacklist_file = config.get('idp_blacklist_file', None)
 
         sp_keypairs = sp_config.getattr('encryption_keypairs', '')
         sp_key_file = sp_config.getattr('key_file', '')
@@ -152,8 +153,8 @@ def authn_request(self, context, entity_id):
 
         # If IDP blacklisting is enabled and the selected IDP is blacklisted,
         # stop here
-        if self.config["sp_config"].get("idp_blacklist_enabled", None):
-            with open(self.config["sp_config"]["idp_blacklist_file"]) as blacklist_file:
+        if self.idp_blacklist_file:
+            with open(self.idp_blacklist_file) as blacklist_file:
                 blacklist_array = json.load(blacklist_file)['blacklist']
                 if entity_id in blacklist_array:
                     satosa_logging(logger, logging.DEBUG, "IdP with EntityID {} is blacklisted".format(entity_id), context.state, exc_info=False)