Merge pull request #640 from kalevivt/master

Various typo fixes

Author: c00kiemon5ter

docs/howto/config.rst

@@ -4,7 +4,7 @@ Configuration of pySAML2 entities
 =================================
 
 Whether you plan to run a pySAML2 Service Provider, Identity Provider or an
-attribute authority you have to configure it. The format of the configuration
+attribute authority, you have to configure it. The format of the configuration
 file is the same regardless of which type of service you plan to run.
 What differs are some of the directives.
 Below you will find a list of all the used directives in alphabetical order.
@@ -42,7 +42,7 @@ The basic structure of the configuration file is therefore like this::
     }
 
 .. note:: You can build the metadata file for your services directly from the
-    configuration.The make_metadata.py script in the pySAML2 tools directory
+    configuration. The make_metadata.py script in the pySAML2 tools directory
     will do that for you.
 
 Configuration directives
@@ -81,7 +81,7 @@ Format::
     "attribute_map_dir": "attribute-maps"
 
 Points to a directory which has the attribute maps in Python modules.
-A typical map file will looks like this::
+A typical map file will look like this::
 
     MAP = {
         "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic",
@@ -111,7 +111,7 @@ As you see the format is again a python dictionary where the key is the
 name to convert from, and the value is the name to convert to.
 
 Since *to* in most cases is the inverse of the *fro* file, the
-software allows you to only specify one of them and it will
+software allows you only to specify one of them, and it will
 automatically create the other.
 
 cert_file
@@ -233,7 +233,7 @@ Where you describe the organization responsible for the service.::
 .. note:: You can specify the language of the name, or the language used on
     the webpage, by entering a tuple, instead of a simple string,
     where the second part is the language code. If you don't specify a
-    language the default is "en" (English).
+    language, the default is "en" (English).
 
 preferred_binding
 ^^^^^^^^^^^^^^^^^
@@ -294,7 +294,7 @@ could look something like this::
 
 There are two options common to all services: 'name' and 'endpoints'.
 The remaining options are specific to one or the other of the service types.
-Which one is specified along side the name of the option.
+Which one is specified alongside the name of the option.
 
 accepted_time_diff
 ^^^^^^^^^^^^^^^^^^
@@ -303,8 +303,8 @@ If your computer and another computer that you are communicating with are not
 in synch regarding the computer clock, then here you can state how big a
 difference you are prepared to accept.
 
-.. note:: This will indiscriminately effect all time comparisons.
-    Hence your server my accept a statement that in fact is to old.
+.. note:: This will indiscriminately affect all-time comparisons.
+    Hence your server my accept a statement that in fact is too old.
 
 xmlsec_binary
 ^^^^^^^^^^^^^
@@ -323,7 +323,7 @@ How many *hours* this configuration is expected to be accurate.::
 
     "valid_for": 24
 
-This of course is only used by *make_metadata.py*.
+This, of course, is only used by *make_metadata.py*.
 The server will not stop working when this amount of time has elapsed :-).
 
 Specific directives
@@ -352,12 +352,12 @@ True or False. Default is False.
 policy
 """"""
 
-If the server is an IdP and/or an AA then there might be reasons to do things
+If the server is an IdP and/or an AA, then there might be reasons to do things
 differently depending on who is asking; this is where that is specified.
 The keys are 'default' and SP entity identifiers.  Default is used whenever
 there is no entry for a specific SP. The reasoning is also that if there is
 no default and only SP entity identifiers as keys, then the server will only
-except connections from the specified SPs.
+accept connections from the specified SPs.
 An example might be::
 
     "service": {
@@ -381,24 +381,24 @@ An example might be::
 
 *lifetime*
     This is the maximum amount of time before the information should be
-    regarded as stale. In an Assertion this is represented in the NotOnOrAfter
+    regarded as stale. In an Assertion, this is represented in the NotOnOrAfter
     attribute.
 *attribute_restrictions*
-    By default there is no restrictions as to which attributes should be
-    return. Instead all the attributes and values that are gathered by the
+    By default, there are no restrictions as to which attributes should be
+    returned. Instead, all the attributes and values that are gathered by the
     database backends will be returned if nothing else is stated.
     In the example above the SP with the entity identifier
     "urn:mace:umu.se:saml:roland:sp"
     has an attribute restriction: only the attributes
-    'givenName' and 'surName' are to be returned. There is no limitations as to
+    'givenName' and 'surName' are to be returned. There are no limitations as to
     what values on these attributes that can be returned.
 *name_form*
     Which name-form that should be used when sending assertions.
-    Using this information the attribute name in the data source will be mapped to
+    Using this information, the attribute name in the data source will be mapped to
     the friendly name, and the saml attribute name will be taken from the uri/oid
     defined in the attribute map.
 
-If restrictions on values are deemed necessary those are represented by
+If restrictions on values are deemed necessary, those are represented by
 regular expressions.::
 
     "service": {
@@ -425,7 +425,7 @@ authn_requests_signed
 """""""""""""""""""""
 
 Indicates if the Authentication Requests sent by this SP should be signed
-by default. This can be overriden by application code for a specific call.
+by default. This can be overridden by application code for a specific call.
 
 This sets the AuthnRequestsSigned attribute of the SPSSODescriptor node
 of the metadata so the IdP will know this SP preference.
@@ -500,7 +500,7 @@ Example::
         }
     }
 
-This kind of functionality is required for the eIDAS SAML profile
+This kind of functionality is required for the eIDAS SAML profile.
 
 > eIDAS-Connectors SHOULD NOT provide AssertionConsumerServiceURL.
 
@@ -605,7 +605,7 @@ something like this::
         }
     }
 
-In this case the SP has only one IdP it can use.
+In this case, the SP has only one IdP it can use.
 
 optional_attributes
 """""""""""""""""""
@@ -620,7 +620,7 @@ Example::
         }
     }
 
-Since the attribute names used here are the user friendly ones an attribute map
+Since the attribute names used here are the user-friendly ones an attribute map
 must exist, so that the server can use the full name when communicating
 with other servers.
 
@@ -638,7 +638,7 @@ Example::
     }
 
 Again as for *optional_attributes* the names given are expected to be
-the user friendly names.
+the user-friendly names.
 
 want_assertions_signed
 """"""""""""""""""""""
@@ -689,7 +689,7 @@ idp/aa/sp
 ^^^^^^^^^
 
 If the configuration is covering both two or three different service types
-(like if one server is actually acting as both an IdP and a SP) then in some
+(like if one server is actually acting as both an IdP and an SP) then in some
 cases you might want to have these below different for the different services.
 
 endpoints
@@ -707,7 +707,7 @@ This directive has as value a dictionary with one or more of the following keys:
 * single_logout_service (aa, idp, sp)
 * single_sign_on_service (idp)
 
-The values per service is a list of endpoint specifications.
+The value per service is a list of endpoint specifications.
 An endpoint specification can either be just the URL::
 
   ”http://localhost:8088/A"
@@ -743,7 +743,7 @@ logout_requests_signed
 
 Indicates if this entity will sign the Logout Requests originated from it.
 
-This can be overriden by application code for a specific call.
+This can be overridden by application code for a specific call.
 
 Valid values are True or False. Default value is False.
 
@@ -759,9 +759,9 @@ subject_data
 """"""""""""
 
 The name of a database where the map between a local identifier and
-a distributed identifier is kept. By default this is a shelve database.
-So if you just specify name, then a shelve database with that name
-is created. On the other hand if you specify a tuple then the first
+a distributed identifier is kept. By default, this is a shelve database.
+So if you just specify a name, then a shelve database with that name
+is created. On the other hand, if you specify a tuple, then the first
 element in the tuple specifies which type of database you want to use
 and the second element is the address of the database.
 
@@ -832,8 +832,8 @@ We start with a simple but fairly complete Service provider configuration::
             }]
     }
 
-This is the typical setup for a SP.
-A metadata file to load is *always* needed, but it can of course
+This is the typical setup for an SP.
+A metadata file to load is *always* needed, but it can, of course,
 contain anything from 1 up to many entity descriptions.
 
 ------

docs/index.rst

@@ -12,7 +12,7 @@ About PySAML2
 PySAML2 is a pure python implementation of SAML2. It contains all
 necessary pieces for building a SAML2 service provider or an identity provider.
 The distribution contains examples of both.
-Originally written to work in a WSGI environment there are extensions that
+Originally written to work in a WSGI environment, there are extensions that
 allow you to use it with other frameworks.
 
 
@@ -22,18 +22,18 @@ How to use PySAML2
 Before you can use Pysaml2, you'll need to get it installed.
 If you have not done it yet, read the :ref:`install`
 
-Well, now you have it installed and you want to do something.
+Well, now you have it installed, and you want to do something.
 
-And I'm sorry to tell you this; but there isn't really a lot you can do with
+And I'm sorry to tell you this, but there isn't really a lot you can do with
 this code on it's own.
 
-Sure you can send a AuthenticationRequest to an IdentityProvider or a
+Sure you can send a AuthenticationRequest to an IdentityProvider or an
 AttributeQuery to an AttributeAuthority but in order to get what they
-return you have to sit behind a Web server. Well that is not really true since
+return you have to sit behind a Web server. Well, that is not really true since
 the AttributeQuery would be over SOAP and you would get the result over the
 connection you have to the AttributeAuthority.
 
-But anyway, you may get my point. This is middleware stuff !
+But anyway, you may get my point. This is middleware stuff!
 
 PySAML2 is built to fit into a
 `WSGI  <http://www.python.org/dev/peps/pep-0333/>`_ application

docs/install.rst

@@ -3,13 +3,13 @@
 Quick install guide
 ===================
 
-Before you can use PySAML2, you'll need to get it installed. This guide 
+Before you can use PySAML2, you'll need to get it installed. This guide
 will guide you to a simple, minimal installation.
 
 Install PySAML2
 ---------------
 
-For all this to work you need to have Python installed. 
+For all this to work, you need to have Python installed.
 The development has been done using 2.7.
 There is now a 3.X version.
 
@@ -18,12 +18,12 @@ Prerequisites
 
 You have to have ElementTree, which is either part of your Python distribution
 if it's recent enough, or if the Python is too old you have to install it,
-for instance by getting it from the Python Package Instance by using 
+for instance by getting it from the Python Package Instance by using
 easy_install.
 
 You also need xmlsec1 which you can download from http://www.aleksey.com/xmlsec/
 
-If you're on OS X you can get xmlsec1 installed from MacPorts or Fink.
+If you're on macOS, you can get xmlsec1 installed from MacPorts or Fink.
 
 Depending on how you are going to use PySAML2 you might also need
 
@@ -46,13 +46,13 @@ Note for rhel/centos 6: cffi depends on libffi-devel, and cryptography on openss
 So you might want first to do:
 yum install libffi-devel openssl-devel
 
-After this you ought to be able to run the tests without an hitch.
+After this, you ought to be able to run the tests without a hitch.
 The tests are based on the pypy test environment, so::
 
     cd tests
     pip install -r test-requirements.txt
-    pytest 
+    pytest
 
-is what you should use. If you don't have py.test, get it it's part of pypy! 
-It's really good !
+is what you should use. If you don't have py.test, get it it's part of pypy!
+It's really good!
 

docs/sp_test/internal.rst

@@ -4,18 +4,18 @@ How sp_test works internally
 :Release: |release|
 :Date: |today|
 
-This are a few hints how sp_test works internally. It halps to extend it with
+Here are a few hints on how sp_test works internally. It helps to extend it with
 new test classes
 
-When you want to test a SAML2 entity with this tool you need following things:
+When you want to test a SAML2 entity with this tool, you need the following things:
 
 #. The Test Driver Configuration, an example can be found in tests/idp_test/config.py
 #. Attribute Maps mapping URNs, OIDs and friendly names
 #. Key files for the test tool
 #. A metadata file representing the tool
 #. The Test Target Configuration file describes how to interact with the entity to be tested.  The metadata for the entity is part of this file. An example can be found in tests/idp_test/test_target_config.py.
 
-These files should be stored outside the saml2test package to have a clean separation between the package and a particular test configuration. To create a directory for the configuration files copy the saml2test/tests including its contents.
+These files should be stored outside the saml2test package to have a clean separation between the package and a particular test configuration. To create a directory for the configuration files, copy the saml2test/tests including its contents.
 
 
 (1) Class and Object Structure
@@ -24,7 +24,7 @@ These files should be stored outside the saml2test package to have a clean separ
 Client (sp_test/__init__.py)
 .........................
 Its life cycle is responsible for following activities:
- - read config files and command line argumants (the test driver's config is "json_config")
+ - read config files and command line arguments (the test driver's config is "json_config")
  - initialize the test driver IDP
  - initialize a Conversation
  - start the Conversion with .do_sequence_and_tests()
@@ -50,14 +50,14 @@ Sequence
 
 Test (in the context of an operation)
 ....
-  - class to be executed as part of an operation, either before ("pre") or after ("post") the sequence or inbetween a SAML request and response ("mid").
+  - class to be executed as part of an operation, either before ("pre") or after ("post") the sequence or in between a SAML request and response ("mid").
     There are standard tests with the Request class (VerifyAuthnRequest) and operation-specific tests.
   - Example for an operation-specific "mid" test: VerifyIfRequestIsSigned
   - A test may be specified together with an argument as a tuple.
 
 Flow
 ....
-  * A tuple of classes that together implement an SAML request-response pair between IDP and SP (and possible other actors, such as a discovery service or IDP-proxy). A class can be derived from Request, Response (or other), Check or Operation.
+  * A tuple of classes that together implement a SAML request-response pair between IDP and SP (and possibly other actors, such as a discovery service or IDP-proxy). A class can be derived from Request, Response (or other), Check or Operation.
   * A flow for a solicited authentication consists of 4 classes:
 
     * flow[0]: Operation (Handling a login flow such as discovery or WAYF - not implemented yet)
@@ -67,19 +67,19 @@ Flow
 
 Check (and subclasses)
 .....
-  - an optional class that is executed on receiving the SP's HTTP response(s) after the SAML response. If there are redirects it will be called for each response.
-  - writes a structured test report to conv.test_output
-  - It can check for expected errors, which do not cause an exception but in contrary are reported as success
+  - An optional class that is executed on receiving the SP's HTTP response(s) after the SAML response. If there are redirects, it will be called for each response.
+  - Writes a structured test report to conv.test_output
+  - It can check for expected errors, which do not cause an exception but in contrary are reported as a success
 
 Interaction
 ...........
   - An interaction automates a human interaction. It searches a response from a test target for some constants, and if
     there is a match, it will create a response suitable response.
 
-(2) Simplyfied Flow
+(2) Simplified Flow
 :::::::::::::::::::
 
-The following pseudocode is an extract showing an overview of what is executed
+The following pseudo code is an extract showing an overview of what is executed
 for test sp-00::
 
     do_sequence_and_test(self, oper, test):
@@ -138,12 +138,12 @@ must be considered:
 
 #. An operation that was successful because the test target reports OK (e.g. HTTP 200)
 #. An operation that was successful because the test target reports NOK as expected, e.g. because of an invalid signature - HTTP 500 could be the correct response
-#. An errror in SAML2Test
-#. An errror in configuration of SAML2Test
+#. An error in SAML2Test
+#. An error in the configuration of SAML2Test
 
 Status values are defined in saml2test.check like this:
 INFORMATION = 0, OK = 1, WARNING = 2, ERROR = 3, CRITICAL = 4, INTERACTION = 5
 
 
-There are 2 targets to write output to:
+There are two targets to write output to:
 * Test_output is written to conv.test_output during the execution of the flows.

src/saml2/mdstore.py

@@ -471,7 +471,7 @@ def do_entity_descriptor(self, entity_descr):
         if self.check_validity:
             try:
                 if not valid(entity_descr.valid_until):
-                    logger.error("Entity descriptor (entity id:%s) to old",
+                    logger.error("Entity descriptor (entity id:%s) too old",
                                  entity_descr.entity_id)
                     self.to_old.append(entity_descr.entity_id)
                     return