SATOSA icon indicating copy to clipboard operation
SATOSA copied to clipboard

verified publisher icon IdentityPython

Metadata

Proxy translating between different authentication protocols (SAML2, OpenID Connect and OAuth2)

Results 90 SATOSA issues
Sort by recently updated
recently updated
newest added

add session_not_on_or_after

3 comment

Sets the session_not_on_or_after parameter in downstream assertions when appropriately configured. ### All Submissions: * [x] Have you checked to ensure there aren't other open [Pull Requests](../../pulls) for the same update/change?...

pcaskey avatar pcaskey

Parsing paths incorrect for discovery service

1) The regular expression to match a discovery_response endpoint should ignore the entityID query string which will be different each time. (so the match should not be to the end...

alanbarrett avatar alanbarrett

Full symmetric meshed metadata proxy

6 comment

This pullrequest makes satosa a full symmetric meshed federation hub-n-spoke saml proxy. That means that SP's can connect with mirrored IdP's and IdP's can connect with mirrored SP entityID. Meanwhile,...

mrvanes avatar mrvanes

enhancement

Select LDAP config by extracted attribute

1 comment

This patch introduces a new global config variable `provider_attribute` to make it possible to select the config not only by entity but also select the config variable by a previous...

shaardie avatar shaardie

[Proposal] Add Authn Request arguments in context.state

I could be wrong, so forgive me eventually! Using Saml2Saml I found that SATOSA does not check the consistency between `in_response_to` and the identifier of the original Authn Request. Specifically,...

peppelinux avatar peppelinux

next-release

[Cookie parameters] Better to handle them in the general proxy_conf.yaml

As we can see all these parameters are costant in the code. Better to manage them as configurable variables ![image](https://user-images.githubusercontent.com/1297620/105995447-4814e300-60a9-11eb-9ac7-ce6bea54ed2b.png)

peppelinux avatar peppelinux

next-release

Unsolicited Response: KeyError exception when allow_unsolicited = true

5 comment

## Code Version latest (6.1.0) ## Expected Behavior I'm working with an SP that does not support sp-initiated requests. Ideally, I would like to use do something like: SAMLFrontend Idp-initated...

senorkrabs avatar senorkrabs

closing

Reading config fails if no microservcies are configured

1 comment

https://github.com/IdentityPython/SATOSA/blob/34c5836e1a4e616348ac4fe029eff8d4d82df733/src/satosa/satosa_config.py#L47 If *no* microservcies are configured in proxy.yaml, SaToSa will not start nor construct SAML metadata as the above module fails to load plugin configuration: ``` File \"/home/debian/vopaas/virtualenv/lib/python3.5/site-packages/satosa/scripts/satosa_saml_metadata.py\", line 43,...

surfnet-niels avatar surfnet-niels

BASE must not include a path in mod_wsgi-hosted deployments

4 comment

## Code Version master (v3.4.8) ## Expected Behavior I should be able to host SATOSA at any valid URL path, e.g., setting **BASE** to `https://federation.example.com/satosa`. Likewise, the following values of...

xenophonf avatar xenophonf

LDAP Attribute Store microservice should do case-insensitive comparisons when appropriate

1 comment

The LDAP Attribute Store microservice should allow for case-insensitive comparisons when appropriate. For example, if the primary identifier from the upstream authenticating IdP is eduPersonPrincipalName, and the microservice is searching...

skoranda avatar skoranda

Metadata

186
Stars
118
Forks
Watchers

Owner

verified publisher icon IdentityPython

Metadata

Proxy translating between different authentication protocols (SAML2, OpenID Connect and OAuth2)

Back