Onelogin Python Toolkit. Add SAML support to your Python software using this library
Add SAML support to your Python softwares using this library. Forget those complicated libraries and use that open source library provided and supported by OneLogin Inc.
This version supports Python2, exists an alternative version compatible with Python 3: python3-saml (https://github.com/onelogin/python3-saml)
Update python-saml to 2.2.3, this version replaces some etree.tostring calls, that were introduced recfently, by the sanitized call provided by defusedxml
Update python-saml to 2.2.0, this version includes a security patch that contains extra validations that will prevent signature wrapping attacks. CVE-2016-1000252 (https://github.com/distributedweaknessfiling/DWF-Database-Artifacts/blob/master/DWF/2016/1000252/CVE-2016-1000252.json)
python-saml < v2.2.0 is vulnerable and allows signature wrapping!
If you believe you have discovered a security vulnerability in this toolkit, please report it at https://www.onelogin.com/security with a description. We follow responsible disclosure guidelines, and will work with you to quickly find a resolution
SAML is an XML-based standard for web browser single sign-on and is defined by the OASIS Security Services Technical Committee. The standard has been around since 2002, but lately it is becoming popular due its advantages:
OneLogin’s SAML Python toolkit let you build a SP (Service Provider) over your Python application and connect it to any IdP (Identity Provider).
Review the setup.py file to know the version of the library that python-saml is using
The toolkit is hosted on github. You can download it from:
Copy the core of the library (src/onelogin/saml2 folder) and merge the setup.py inside the python application. (each application has its structure so take your time to locate the Python SAML toolkit in the best place).
The library is hosted in pypi, you can find the python-saml package at https://pypi.python.org/pypi/python-saml
You can install it executing:
pip install python-saml
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|File Name & Checksum SHA256 Checksum Help||Version||File Type||Upload Date|
|python_saml-2.2.3-py2-none-any.whl (68.6 kB) Copy SHA256 Checksum SHA256||2.7||Wheel||Jun 15, 2017|
|python-saml-2.2.3.tar.gz (56.4 kB) Copy SHA256 Checksum SHA256||–||Source||Jun 15, 2017|