SATOSA icon indicating copy to clipboard operation
SATOSA copied to clipboard

Published 20 hours ago verified publisher icon IdentityPython

MDQ always uses sha1 entityId encoding, but some MDQ server only handle percent-encoding

Open prigaux opened this issue 10 months ago • 4 comments

Code Version

8.4.0 (via docker)

Expected Behavior

With

  sp_config:
    metadata:
      mdq:
         - url: https://mdq.federation.renater.fr/test

I expected requests /test/entities/https%3A%2F%2Fidp-test.univ-paris1.fr

Current Behavior

It did /test/entities/%7Bsha1%7Dd75d16c821f38b1bf6e33dc3d4d44e542a9f6786 which is not handled by mdq.federation.renater.fr (I will contact them to add sha1 support)

Possible Solution

Suggested tested solution:

  sp_config:
    metadata:
      mdq:
         - url: https://mdq.federation.renater.fr/test
           entity_transform: percent_encoded

with new feature from https://github.com/prigaux/pysaml2/commit/562dd2d329dd67987a097245ae434bf72e28f2cc

Steps to Reproduce

This is currently failing : https://filex-ng-test.univ-paris1.fr/Shibboleth.sso/Login?entityID=https://satosa.univ-paris1.fr/filex_ng_test/idp.xml

  1. choose "Utiliser mon compte Paris 1"
  2. you get an error

prigaux avatar Apr 07 '24 08:04 prigaux