update with SATOSA v7.0.3

example/backends/spidsaml2.py

@@ -37,7 +37,7 @@ def _metadata_endpoint(self, context):
         """
         logger.debug("Sending metadata response")
         conf = self.sp.config
-              
+
         metadata = entity_descriptor(conf)
         # creare gli attribute_consuming_service
         cnt = 0
@@ -89,66 +89,66 @@ def _metadata_endpoint(self, context):
                 spid_contact.loadd(contact_kwargs)
                 contact_kwargs['contact_type'] = contact['contact_type']
                 spid_extensions = saml2.ExtensionElement(
-                    'Extensions', 
+                    'Extensions',
                     namespace='urn:oasis:names:tc:SAML:2.0:metadata'
                 )
                 for k,v in contact.items():
                     if k in contact_kwargs: continue
                     ext = saml2.ExtensionElement(
-                            k, 
+                            k,
                             namespace=SPID_PREFIXES['spid'],
                             text=v
                     )
                     spid_extensions.children.append(ext)
-            
+
             elif contact['contact_type'] == 'billing':
                 contact_kwargs['company'] = contact['company']
                 spid_contact.loadd(contact_kwargs)
                 spid_extensions = saml2.ExtensionElement(
-                    'Extensions', 
+                    'Extensions',
                     namespace='urn:oasis:names:tc:SAML:2.0:metadata'
                 )
-                
+
                 elements = {}
                 for k,v in contact.items():
                     if k in contact_kwargs: continue
                     ext = saml2.ExtensionElement(
-                            k, 
+                            k,
                             namespace=SPID_PREFIXES['fpa'],
                             text=v
                     )
                     elements[k] = ext
-                
+
                 # DatiAnagrafici
                 IdFiscaleIVA = saml2.ExtensionElement(
-                    'IdFiscaleIVA', 
+                    'IdFiscaleIVA',
                     namespace=SPID_PREFIXES['fpa'],
                 )
                 Anagrafica = saml2.ExtensionElement(
-                    'Anagrafica', 
+                    'Anagrafica',
                     namespace=SPID_PREFIXES['fpa'],
                 )
                 Anagrafica.children.append(elements['Denominazione'])
-                
+
                 IdFiscaleIVA.children.append(elements['IdPaese'])
                 IdFiscaleIVA.children.append(elements['IdCodice'])
                 DatiAnagrafici = saml2.ExtensionElement(
-                    'DatiAnagrafici', 
+                    'DatiAnagrafici',
                     namespace=SPID_PREFIXES['fpa'],
                 )
                 if elements.get('CodiceFiscale'):
                     DatiAnagrafici.children.append(elements['CodiceFiscale'])
                 DatiAnagrafici.children.append(IdFiscaleIVA)
                 DatiAnagrafici.children.append(Anagrafica)
                 CessionarioCommittente = saml2.ExtensionElement(
-                    'CessionarioCommittente', 
+                    'CessionarioCommittente',
                     namespace=SPID_PREFIXES['fpa'],
                 )
                 CessionarioCommittente.children.append(DatiAnagrafici)
-                
+
                 # Sede
                 Sede = saml2.ExtensionElement(
-                    'Sede', 
+                    'Sede',
                     namespace=SPID_PREFIXES['fpa'],
                 )
                 Sede.children.append(elements['Indirizzo'])
@@ -158,9 +158,9 @@ def _metadata_endpoint(self, context):
                 Sede.children.append(elements['Provincia'])
                 Sede.children.append(elements['Nazione'])
                 CessionarioCommittente.children.append(Sede)
-                
+
                 spid_extensions.children.append(CessionarioCommittente)
-    
+
             spid_contact.extensions = spid_extensions
             metadata.contact_person.append(spid_contact)
             cnt += 1
@@ -232,7 +232,7 @@ def authn_request(self, context, entity_id):
 
         try:
             binding = saml2.BINDING_HTTP_POST
-            destination = context.request['entityID']
+            destination = context.internal_data['target_entity_id']
             # SPID CUSTOMIZATION
             # client = saml2.client.Saml2Client(conf)
             client = self.sp
@@ -317,7 +317,7 @@ def authn_request(self, context, entity_id):
             context.state[self.name] = {"relay_state": relay_state}
             # these will give the way to check compliances between the req and resp
             context.state['req_args'] = {'id': authn_req.id}
-            
+
             logger.debug("ht_args: %s" % ht_args)
             return make_saml_response(binding, ht_args)
 
@@ -339,7 +339,7 @@ def authn_response(self, context, binding):
         if not context.request["SAMLResponse"]:
             logger.debug("Missing Response for state")
             raise SATOSAAuthenticationError(context.state, "Missing Response")
-        
+
         try:
             authn_response = self.sp.parse_authn_request_response(
                 context.request["SAMLResponse"],
@@ -355,7 +355,7 @@ def authn_response(self, context, binding):
                 logger.debug(errmsg)
                 raise SATOSAAuthenticationError(context.state, errmsg)
             del self.outstanding_queries[req_id]
-        
+
         # Context validation
         if not context.state.get(self.name):
             _msg = "context.state[self.name] KeyError: where self.name is {}".format(self.name)
@@ -372,13 +372,13 @@ def authn_response(self, context, binding):
         authn_context_classref = self.config['acr_mapping']['']
 
         issuer = authn_response.response.issuer
-    
+
         # this will get the entity name in state
         if len(context.state.keys()) < 2:
             _msg = "Inconsistent context.state"
             logger.error(_msg)
             raise SATOSAStateError(context.state, _msg)
-        
+
         destination_frontend = list(context.state.keys())[1]
         # deprecated
         # if not context.state.get('Saml2IDP'):
@@ -393,7 +393,7 @@ def authn_response(self, context, binding):
             logging.debug(f'Attributes to {authn_response.return_addrs} '
                           f'in_response_to {authn_response.in_response_to}: '
                           f'{",".join(authn_response.ava.keys())}')
-        
+
         validator = Saml2ResponseValidator(authn_response=authn_response.xmlstr,
                                            recipient = recipient,
                                            in_response_to=in_response_to,
@@ -402,7 +402,7 @@ def authn_response(self, context, binding):
                                            authn_context_class_ref=authn_context_classref,
                                            return_addrs=authn_response.return_addrs)
         validator.run()
-        
+
         context.decorate(Context.KEY_BACKEND_METADATA_STORE, self.sp.metadata)
         if self.config.get(SAMLBackend.KEY_MEMORIZE_IDP):
             issuer = authn_response.response.issuer.text.strip()

example/plugins/backends/spidsaml2_backend.yaml

@@ -3,7 +3,7 @@ module: backends.spidsaml2.SpidSAMLBackend
 name: spidSaml2
 config:
   # idp_blacklist_file: /path/to/blacklist.json
-  
+
   # make metadata downloadable from entityid url
   entityid_endpoint: true
 
@@ -23,7 +23,7 @@ config:
     attribute_map_dir: 'attributes-map'
 
     organization: { display_name: [['Saml2 Authentication Proxy', 'it']], name: [['Spid Authentication Proxy', 'it']],  url: [['https://spid.proxy.example.org', 'it']]}
-    
+
     contact_person:
         - {'contact_type': 'other', 'telephone_number': '+39 8475634785', 'email_address': 'tech-info@example.org', 'VATNumber': 'IT12345678901', 'FiscalCode': 'XYZABCAAMGGJ000W', 'Private': ''}
         # - {'contact_type': 'other', 'telephone_number': '+39 84756344785', 'email_address': 'info@example.org', 'VATNumber': 'IT12345678901', 'FiscalCode': 'XYasdasdadasdGGJ000W', 'Private': '' }

example/plugins/microservices/target_based_routing.yaml

@@ -1,6 +1,13 @@
 module: satosa.micro_services.custom_routing.DecideBackendByTarget
 name: TargetRouter
 config:
+
+  default_backend: Saml2
+
+  # regex that will intercept http requests to be handled with this microservice
+  endpoint_paths:
+    - ".*/disco"
+
   target_mapping:
     # test platforms
     "http://idpspid.testunical.it:8088": "spidSaml2"

example/static/disco.html

@@ -284,10 +284,10 @@ <h4 class="">Benvenuto in Nome Organizzazione Spid Discovery Service</h4>
 <div id="spid-idp-button-xlarge-post" class="spid-idp-button spid-idp-button-tip spid-idp-button-relative">
     <ul id="spid-idp-list-medium-root-get" class="spid-idp-button-menu" aria-labelledby="spid-idp">
 
-        <li class="spid-idp-button-link" id="spiditalia" data-idp="spiditalia" data-entityid="http://localhost:8080">
-            <a href="#"><span class="spid-sr-only">SPID-saml-check</span><img src="" onerror="this.src=''; this.onerror=null;" alt="Spid test env2"></a>
+        <li class="spid-idp-button-link" id="spiditalia" data-idp="spid-saml-check" data-entityid="http://localhost:8080">
+            <a href="#"><span class="spid-sr-only">SPID-saml-check</span><img src="" onerror="this.src=''; this.onerror=null;" alt="Spid Saml Check"></a>
         </li>
-        <li class="spid-idp-button-link" id="spiditalia" data-idp="spiditalia" data-entityid="http://localhost:8088">
+        <li class="spid-idp-button-link" id="spiditalia" data-idp="spidtestenv" data-entityid="http://localhost:8088">
             <a href="#"><span class="spid-sr-only">SPID-testenv2</span><img src="" onerror="this.src=''; this.onerror=null;" alt="Spid test env2"></a>
         </li>
         <li class="spid-idp-button-link" id="spiditalia" data-idp="spiditalia" data-entityid="https://spid.register.it">

requirements.txt

@@ -45,5 +45,5 @@ wcwidth==0.1.8
 Werkzeug==1.0.0
 zipp==3.1.0
 
-git+https://github.com/peppelinux/SATOSA.git@pplnx-v7.0.1
+git+https://github.com/peppelinux/SATOSA.git@pplnx-v7.0.3
 uwsgi