Mock SAML 2.0 Identity Provider
Project description
SAML 2.0 Mock Identity Provider
Authentication testing environment for SAML2.0 service providers.
Ever needed to test an SSO setup but don't have access to the IDP for whatever reason?
Mock IDP provides a SAML2.0 IDP using POST bindings without need for a user database or complicated enterprise software setup.
Installation
Install and run mock-idp using Pip:
$ pip3 install mock-idp
$ mock-idp
...
Configuration File
To override the system configuration create a config file. The service loads config files in the following order:
mockidp.yaml
in the current working directory~/.mockidp.yaml
in your home directory/etc/mockidp.yaml
in the global config directory- internal default config file shipped with the service package
Here is a sample (copy of built-in config) file to start with:
service_providers:
- name: "local:service:author"
response_url: "http://localhost:3000/saml_login"
users:
charlie:
first_name: "Charlie"
last_name: "Brown"
email: "charlie@gmail.com"
password: snoopy
linus:
first_name: "Linus"
last_name: "van Pelt"
email: "linus@gmail.com"
password: pumpkin
lucy:
password: charlie
first_name: "Lucy"
last_name: "van Pelt"
email: "lucy@gmail.com"
peppermint:
first_name: "Peppermint"
last_name: "Patty"
email: "peppermint@gmail.com"
password: peppermint
Service providers
For each service provider (client) that uses the identity provider, an entry in the service providers section of the config is needed. It has two values:
service_providers:
- name: "local:aem:author"
response_url: "http://localhost:14502/saml_login"
- name is the service provider entity id that the service provider sends with each request.
- response_url is the public url of the service provider. Once login has been completed, the browser will be redirected to this url.
Users
Users is a fairly self explanatory list of user credentials recognized by the IDP:
users:
charlie:
first_name: "Charlie"
last_name: "Brown"
email: "charlie@gmail.com"
password: snoopy
roles:
- administrators
Configuring a generic Service Provider
- Mock-IDP supports the POST binding protocol of SAML2.0.
- By default mock-idp runs on port 5000 and the binding path is /saml.
- the response message provides four attributes:
- uid: The username
- email: the user email address
- firstName: The users first name
- lastName: The users last name
- The logout path is /saml/logout
Certificate keys
To generate a service provider Certificate, run the following commands:
$ openssl genrsa -out saml.pem 2048
$ openssl req -new -key saml.pem -out saml.csr
$ openssl x509 -req -days 365 -in saml.csr -signkey saml.pem -out saml.crt
This will produce three files:
- saml.pem - The private key
- saml.csr - The certificate signing request
- saml.crt - The final certificate
Refer to your service provider documentation on how to install the certificate.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for mock_idp-0.4.0b0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | de87e12630305a8768284ee5e5426a7cf6bc067e71b3ea0ba02fff52dd11c7ba |
|
MD5 | 45d361b2ef482b8d52cfc7ba5c8d0928 |
|
BLAKE2b-256 | d2722d766c98d7c5ee525a3297760a216699ad7350a46b9700545ee24cc77178 |