spid-sp-test 0.2.6

SAML2 SPID Service Provider validation tool that can be run from the command line

spid-sp-test

spid-sp-test is a SAML2 SPID Service Provider validation tool that can be run from the command line. This tool was born by separating the test library already present in spid-saml-check.

Features

spid-sp-test is:

• extremely faster in execution time than spid-saml-check
• extremely easy to setup
• able to test a SAML2 SPID Metadata file
• able to test a SAML2 SPID AuthnRequest
• integrable in CI
• able to export a detailed report in json format, in stdout or in a file.

Roadmap

• Next releases: a hundred of SAML2 SPID fake Responses ... For security assessment!

Setup

apt install libxml2-dev libxmlsec1-dev libxmlsec1-openssl
pip install spid-sp-test --upgrade --no-cache

Examples

Run spid_sp_test -h for inline documentation.

Test metadata passing a file

spid_sp_test -metadata_url file://metadata.xml

Test metadata from a URL

spid_sp_test -metadata_url http://localhost:8000/spid/metadata

Get fake IdP metadata and copy it to your SP metadatastore folder

spid_sp_test --idp-metadata > /path/to/spid-django/example/spid_config/metadata/spid-sp-test.xml

A quite standard test

spid_sp_test -metadata_url http://localhost:8000/spid/metadata --authn-url http://localhost:8000/spid/login/?idp=http://localhost:8088 --extra

Print only ERRORs

spid_sp_test -metadata_url http://localhost:8000/spid/metadata --authn-url http://localhost:8000/spid/login/?idp=http://localhost:8080 --extra -debug ERROR

JSON report (add -o filename.json to write to a file)

spid_sp_test -metadata_url http://localhost:8000/spid/metadata --authn-url http://localhost:8000/spid/login/?idp=http://localhost:8080 --extra -debug CRITICAL -json

Authors

• Giuseppe De Marco
• Paolo Smiraglia
• Michele D'Amico