-
-
Notifications
You must be signed in to change notification settings - Fork 308
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
introduce custom filenames for idp/sp cert/key #395
Conversation
|
||
:param settings: SAML Toolkit Settings | ||
:type settings: dict | ||
|
||
:returns: True if the settings info is valid | ||
:rtype: boolean | ||
""" | ||
self._sp = settings.get('sp', {}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Order should not be changed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The order doesn't matter to the functionality, as the '_load_settings_from_dict' method is only called during initialization. To make the code easier I use the get_idp_cert()
method to check if the config option or file actually exists and has content. Using the old order we would require way more code as the get_idp_cert()
uses the data from the _idp
dict (and so does the get_sp_cert()
method)
@@ -328,6 +347,11 @@ def _add_default_values(self): | |||
self._sp.setdefault('x509cert', '') | |||
self._sp.setdefault('privateKey', '') | |||
|
|||
# Set the default filenames for the certificates and keys | |||
self._idp.setdefault('cert_filename', 'idp.crt') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Better inject them in the _add_default_values method
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But it is already part of the _add_default_values
method
Any further comments or can we merge this? |
What's the status here? Can this be merged or does this patch need some additional work? |
Looks like the CI pipeline has a problem |
@pitbulk can you please check the CI or merge it manually? |
This PR introduces the possibility to have custom filenames for the service provider certificate and key, as well for the IdP cert.
Background
When deploying code in production environments it is common to have a dedicated folder for certificates. Especially if a server is hosting several services this folder also can contain several certificates. Having a custom filename enhances usability for administrators and gives the user more flexibility.
about this PR
_load_settings_dict()
, because it doesn't matter if we check the config before or after copying it to the protected attributes. Also, this became necessary as the protected attributes are called during config check.Tests
I ran all tests and all relevant tests passed, except for two of them, but reason for this is Windows using a different path separator and I didn't want to change the tests also.