IdentityPython
diff --git a/‎.gitignore
Lines changed: 40 additions & 0 deletions b/‎.gitignore
Lines changed: 40 additions & 0 deletions
diff --git a/‎example/idp2/idp.py
Lines changed: 6 additions & 2 deletions b/‎example/idp2/idp.py
Lines changed: 6 additions & 2 deletions
diff --git a/‎example/sp/pki/certgeneration.py
Lines changed: 20 additions & 0 deletions b/‎example/sp/pki/certgeneration.py
Lines changed: 20 additions & 0 deletions
diff --git a/‎example/sp/sp_conf.py.example
Lines changed: 1 addition & 1 deletion b/‎example/sp/sp_conf.py.example
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/s2repoze/plugins/sp.py
Lines changed: 14 additions & 6 deletions b/‎src/s2repoze/plugins/sp.py
Lines changed: 14 additions & 6 deletions
diff --git a/‎src/saml2/authn_context/__init__.py
Lines changed: 1 addition & 1 deletion b/‎src/saml2/authn_context/__init__.py
Lines changed: 1 addition & 1 deletion
@@ -109,3 +109,43 @@ example/sp/sp_conf_local.py
 example/sp/my_backup_sp_conf_local.py
 
 example/sp/backup_sp_conf_local.py
+
+example/idp2/pki/localhost.ca.crt
+
+example/idp2/pki/localhost.ca.crt
+
+example/idp2/pki/localhost.ca.key
+
+example/idp2/pki/localhost.ca.key
+
+example/sp/pki/localhost.ca.crt
+
+example/sp/pki/localhost.ca.crt
+
+example/sp/pki/localhost.ca.key
+
+example/sp/pki/localhost.ca.key
+
+example/idp2/idp_conf_dirgweb.py
+
+example/idp2/idp_conf_nocert.py
+
+example/idp2/idp_conf_proxy.py
+
+example/idp2/idp_nocert.xml
+
+example/sp/nocert_sp_conf/sp_nocert.xml
+
+example/sp/normal_sp_conf/sp.xml
+
+example/sp/normal_sp_conf/sp_conf.py
+
+example/sp/normal_sp_conf/who.ini
+
+example/sp/sp_nocert.xml
+
+example/sp/sp_nocert2.xml
+
+example/sp/test.py
+
+example/sp/sp_conf.py
@@ -297,10 +297,13 @@ def do(self, query, binding_in, relay_state=""):
             if REPOZE_ID_EQUIVALENT:
                 identity[REPOZE_ID_EQUIVALENT] = self.user
             try:
+                sign_assertion = IDP.config.getattr("sign_assertion", "idp")
+                if sign_assertion is None:
+                    sign_assertion = False
                 _resp = IDP.create_authn_response(
                     identity, userid=self.user,
-                    authn=AUTHN_BROKER[self.environ["idp.authn_ref"]],
-                    **resp_args)
+                    authn=AUTHN_BROKER[self.environ["idp.authn_ref"]], sign_assertion=sign_assertion,
+                    sign_response=False, **resp_args)
             except Exception, excp:
                 logging.error(exception_trace(excp))
                 resp = ServiceError("Exception: %s" % (excp,))
@@ -322,6 +325,7 @@ def _store_request(self, _dict):
 
     def redirect(self):
         """ This is the HTTP-redirect endpoint """
+
         logger.info("--- In SSO Redirect ---")
         _info = self.unpack_redirect()
 
 
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+from saml2.cert import OpenSSLWrapper
+
+__author__ = 'haho0032'
+
+
+cert_info_ca = {
+    "cn": "localhost.ca",
+    "country_code": "se",
+    "state": "ac",
+    "city": "umea",
+    "organization": "ITS Umea University",
+    "organization_unit": "DIRG"
+}
+
+osw = OpenSSLWrapper()
+
+ca_cert, ca_key = osw.create_certificate(cert_info_ca, request=False, write_to_file=True,
+                                                cert_dir="./")
@@ -48,4 +48,4 @@ CONFIG = {
         },
         "loglevel": "debug",
     }
-}
+}
@@ -23,7 +23,9 @@
 import sys
 import platform
 import shelve
+import threading
 import traceback
+import saml2
 from urlparse import parse_qs, urlparse
 
 from StringIO import StringIO
@@ -133,7 +135,6 @@ def __init__(self, rememberer_name, config, saml_client, wayf, cache,
         self.discosrv = discovery
         self.idp_query_param = idp_query_param
         self.logout_endpoints = [urlparse(ep)[2] for ep in config.endpoint("single_logout_service")]
-
         try:
             self.metadata = self.conf.metadata
         except KeyError:
@@ -360,11 +361,18 @@ def challenge(self, environ, _status, _app_headers, _forget_headers):
                 logger.debug("srvs: %s" % srvs)
                 dest = srvs[0]["location"]
                 logger.debug("destination: %s" % dest)
-                req = _cli.create_authn_request(dest, vorg=vorg_name)
-                ht_args = _cli.apply_binding(_binding, "%s" % req,
-                                             destination=dest,
-                                             relay_state=came_from)
-                _sid = req.id
+
+                if _cli.authn_requests_signed:
+                    _sid = saml2.s_utils.sid(_cli.seed)
+                    msg_str = _cli.create_authn_request(dest, vorg=vorg_name, sign=_cli.authn_requests_signed,
+                                                        message_id=_sid)
+                else:
+                    req = _cli.create_authn_request(dest, vorg=vorg_name, sign=False)
+                    msg_str = "%s" % req
+                    _sid = req.id
+
+                ht_args = _cli.apply_binding(_binding, msg_str, destination=dest, relay_state=came_from)
+
                 logger.debug("ht_args: %s" % ht_args)
             except Exception, exc:
                 logger.exception(exc)
 
@@ -136,7 +136,7 @@ def _pick_by_class_ref(self, cls_ref, comparision_type="exact"):
                 res = []
 
             for ref in _refs[1:]:
-                item = self.db[ref]
+                item = self.db["info"][ref]
                 res.append((item["method"], ref))
                 if func(_level, item["level"]):
                     _level = item["level"]
Original file line number	Diff line number	Diff line change
`@@ -48,4 +48,4 @@ CONFIG = {`
`48`	`48`	`},`
`49`	`49`	`"loglevel": "debug",`
`50`	`50`	`}`
`51`		`-}`
	`51`	`+}`