pysaml2

PySAML2 - SAML2 for Python

PySAML2 is a pure python implementation of SAML Version 2 Standard. It contains all necessary pieces for building a SAML2 service provider or an identity provider. The distribution contains examples of both. Originally written to work in a WSGI environment there are extensions that allow you to use it with other frameworks.

Website: https://idpy.org/

Documentation: https://pysaml2.readthedocs.io/

Contribution guidelines: CONTRIBUTING.md

Security policies: SECURITY.md

Source code: https://github.com/IdentityPython/pysaml2/

Developer guidelines: DEVELOPERS.md

PyPI project: https://pypi.org/project/pysaml2/

License: LICENSE

Specifications

Retrieved from https://wiki.oasis-open.org/security/FrontPage

SAML V2.0 Standard

• SAML2 Core (aka Assertions and Protocols): http://www.oasis-open.org/committees/download.php/56776/sstc-saml-core-errata-2.0-wd-07.pdf
  • Assertion schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd
  • Protocols schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd
• Bindings: http://www.oasis-open.org/committees/download.php/56779/sstc-saml-bindings-errata-2.0-wd-06.pdf
• Profiles: http://www.oasis-open.org/committees/download.php/56782/sstc-saml-profiles-errata-2.0-wd-07.pdf
• Metadata: http://www.oasis-open.org/committees/download.php/56785/sstc-saml-metadata-errata-2.0-wd-05.pdf
  • Metadata schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
• Authentication Context: http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf
• Conformance Requirements: https://docs.oasis-open.org/security/saml/v2.0/saml-conformance-2.0-os.pdf
• Security and Privacy Considerations: http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf
• Glossary: http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf

Profiles and extensions

• Metadata Extension for SAML V2.0 and V1.x Query Requesters: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ext-query-os.pdf
• SAML V2.0 Metadata Interoperability Profile: https://docs.oasis-open.org/security/saml/Post2.0/sstc-metadata-iop-os.pdf
• SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0: https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ui/v1.0/os/sstc-saml-metadata-ui-v1.0-os.pdf
• SAML V2.0 LDAP/X.500 Attribute Profile: http://www.oasis-open.org/committees/download.php/28042/sstc-saml-attribute-x500-cs-01.pdf
• SAML V2.0 Enhanced Client or Proxy Profile Version 2.0: https://docs.oasis-open.org/security/saml/Post2.0/saml-ecp/v2.0/cs01/saml-ecp-v2.0-cs01.pdf

Committee Specifications

• SAML V2.0 Subject Identifier Attributes Profile Version 1.0: https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml-subject-id-attr-v1.0-cs01.pdf

Installation

You can install PySAML2 through pip:

pip install pysaml2

External dependencies

PySAML2 works with the xmlsec binary. Notice that support for xmlsec 1 1.3 was added with v7.4.2.

xmlsec should be readily available in most Linux distributions:

$ apt-get install xmlsec1
$ dnf install xmlsec1-openssl
$ yum install xmlsec1-openssl
$ pacman -S xmlsec
...

and on MacOS through homebrew

$ brew install libxmlsec1

Changelog

See the CHANGELOG to learn about the latest developments.

Contributing

We've set up a separate document for our contribution guidelines.

Community

IdentityPython is a community around a collection of libraries and tools to manage identity related concepts with Python code. You can interact with the community though the mailing list or on the Slack workspace (invitation).

Development

We've set up a separate document for developers.

Releasing

We've set up a separate document for our release process.

Pre-commit

(TODO)