This is a minimalist example for italian Spid SAML Service Provider service written using Flask and implementa a hard refactoring of python3-saml. Only for test purpose.
You will also need a development environment capable of compiling Python packages and the "libffi" and "libxmlsec1" development libraries, which are needed by python3-saml.
Instructions for installing these development libraries will differ depending on your host operating system.
These instructions allow you to test this project with spid-testnv2 and create SP metadata that pass all checks of spid saml check.
Spid Saml Check https check, pass only if you run this project under https url.
-
Clone repo
git clone https://github.com/archetipo/python-spid-service-provider.git
-
go to folrder
cd python-spid-service-provider -
make certs
go to saml/certs and type
$ openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -keyout sp.key -out sp.crt
-
make settings
cp settings.json.example saml/settings.json
cp advanced_settings.json.example saml/advanced_settings.json
in settings.json type
base_url_sp = IP:5000 or host of this project base_url_idp = url where spid-testenv2 running x509_idp = read this data from spid-testenv2 metadata$ openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -keyout sp.key -out sp.crt
in advanced_settings.json edit the
IPACodethis field is mandatory for spid saml check -
build Docker image
docker build -t spid-sp-test . -
run container:
docker run -p 5000:5000 spid-sp-test
Follow the instructions for build and run [spid-saml-check] (https://github.com/italia/spid-saml-check)
The fastest way to test this example SAML SP is to use the spid-testenv2 service.
Here is how:
-
Configure and Start Idp spid-testenv2
Updates or corrections to this document are very welcome. Feel free
Additionally, comments or questions can be sent to: [email protected]
LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
Alessio Gerace 2018-2020