hennge / minisignxml Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
minisignxml's Issues
Wider defusedxml dep range
minisignxml (>=20.11b0,<21.0) requires defusedxml (>=0.6.0,<0.7.0).
meanwhile, current https://pypi.org/project/defusedxml/ is 0.7.1
extract_verified_element_and_certificate fails if ./ds:KeyInfo/ds:X509Data/ds:X509Certificate contains whitespace
Hi,
I'm attempting to utilise minisaml in my project. However, when processing the response, I receive the following error (I have curtailed the traceback to where my code starts [i.e. I have removed any code caused by my web API library, FastAPI]).
File "D:\Users\redstonedesigner\...\Projects\Applications\app\api\saml.py", line 37, in process_saml_callback
response = validate_response(
File "D:\Users\...\AppData\Local\pypoetry\Cache\virtualenvs\applications-uAhKr-uD-py3.10\lib\site-packages\minisaml\response.py", line 64, in validate_response
element, certificate_used = extract_verified_element_and_certificate(
File "D:\Users\...\AppData\Local\pypoetry\Cache\virtualenvs\applications-uAhKr-uD-py3.10\lib\site-packages\minisignxml\verify.py", line 35, in extract_verified_element_and_certificate
base64.b64decode(key_info.text, validate=True), default_backend()
File "D:\Program Files\Python310\lib\base64.py", line 86, in b64decode
raise binascii.Error('Non-base64 digit found')
As this is a testing, self-hosted version of my IdP and application, I will provide both my IdP certificate (self-signed by the IdP) and the SAML response received.
SAML Response:
PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiB4bWxuczptZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm1ldGFkYXRhIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAyMS0xMS0xN1QxNTo0NjoyOVoiIERlc3RpbmF0aW9uPSJodHRwOi8vMTI3LjAuMC4xOjgwODAvYXBpL3NhbWwvY2FsbGJhY2siIElEPSJfZjZjNGVkNzdjOGM0NGRkZTg2OGVmYzdiYzFiMzg2ODgiIEluUmVzcG9uc2VUbz0iRGFhbHJwajZkd2p2OENOMHZhZDVnUGMtWDJTUS1MX2h2dk4tb2IzUk8tayI+PHNhbWw6SXNzdWVyPmlkLm9tZWdhLmRldjwvc2FtbDpJc3N1ZXI+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIFZlcnNpb249IjIuMCIgSUQ9Il81NDIwYmY5YmViMzI0M2I4YjEwMjg0MDY2OTQ3MTI3YiIgSXNzdWVJbnN0YW50PSIyMDIxLTExLTE3VDE1OjQ2OjI5WiI+PHNhbWw6SXNzdWVyPmlkLm9tZWdhLmRldjwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZT4KPGRzOlNpZ25lZEluZm8+CjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+CjxkczpSZWZlcmVuY2UgVVJJPSIjXzU0MjBiZjliZWIzMjQzYjhiMTAyODQwNjY5NDcxMjdiIj4KPGRzOlRyYW5zZm9ybXM+CjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPgo8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CjwvZHM6VHJhbnNmb3Jtcz4KPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3NoYTI1NiIvPgo8ZHM6RGlnZXN0VmFsdWU+WUx3ZldqUHoyZ3prUzl6WHArV21EOFFOUSszU1pmSDFzOWFiaVhjN0FDND08L2RzOkRpZ2VzdFZhbHVlPgo8L2RzOlJlZmVyZW5jZT4KPC9kczpTaWduZWRJbmZvPgo8ZHM6U2lnbmF0dXJlVmFsdWU+V1EwMDd1Y3UvcGU3S282NEd3MzNnMmNOa2ZXU2JrakxJdnZaRDdaeWRXL3UrY0REbXZ6cGgxbWx0akdISDJ1Swo2SHBCRGYvMGY0ZkNqTHVjWkVGWXlwcjk1U2E1cUlIVWxjRjNHUG51S0thaGRXUXljc24xZENhSjRtZzEwMXpVCkE0YlhvYWswd0ZDRGF6VVoxaFBHZ3lJcFlmZE03OG4wWXBtaWtqVFVWbVRwd2FGdi9uL1A2bXgyUXZ4TWRqWGYKb3prRnlFeGtBekduNFI1bWliYnBjLzQrbEtyUzRCa3FlR25tQ2daaXdCSWt5b0wrRHhKMFNTK3R1WWhKWmVaZgpmOXNFdDRlcHYrTHpaNGI3UXlnS0NlQmdWSTR2cnZFcHJzVm9zZzEwR3EvR1poWHNLUGsyOXpocDYzZThDc2lwCkQ1Ujl4cHZFQzBON2JyRmxHc1Ayc1E9PTwvZHM6U2lnbmF0dXJlVmFsdWU+CjxkczpLZXlJbmZvPgo8ZHM6WDUwOURhdGE+CjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJRERqQ0NBZmFnQXdJQkFnSVFLaWozRFlPM1NTdU10aVRGSUJ4YlF6QU5CZ2txaGtpRzl3MEJBUXNGQURBZQpNUnd3R2dZRFZRUUREQk5oZFhSb1pXNTBhV3NnTWpBeU1TNHhNQzQwTUI0WERUSXhNVEV4TVRJeU1EWTBOVm9YCkRUSXlNVEV4TWpJeU1EWTBOVm93VmpFcU1DZ0dBMVVFQXd3aFlYVjBhR1Z1ZEdscklGTmxiR1l0YzJsbmJtVmsKSUVObGNuUnBabWxqWVhSbE1SSXdFQVlEVlFRS0RBbGhkWFJvWlc1MGFXc3hGREFTQmdOVkJBc01DMU5sYkdZdApjMmxuYm1Wa01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBbzNnZGhZV0xFQjQ5CkhXNUJKNXNxRm9UMnFBdlFMeGtKN0t6aUZ5OCtrc1NpTkQzbjRNTW9ORE4zcy8rSkZBdlQ0UzUzOFdEUk51bUEKQXMxQnZEVFlGU3JMNW9Za2crRXZ4Z0tpOFlXQjFkSUhwakw3SDI2NkRNeXR0Rk43d2ZYK2xtMVJyYy9xeVo1ZQpXa0QxdGY4aUNMSk0ySHVjbUEyOGI4VDBPQWQxV1FpOWdpRklWcGxsNEh0ZFpJSVJyQ3hpZWZPbDBQdktUZ0lQCnUzSHVQc1JUR2xiZW1FMHpSQnk5djQ5VDJFU1NaNjFTTkJJSzNVUktJalkwNHpUTzZIcFRud3Rya05ZNTBtdzIKbE9sMitBRS9kNEJHS0hCRTYxbW5OVml4QWxTZ1NrVzFrOGI4a1QwMlNiMUJSSzl3SDBlZXVQS3NSeCtvSldXYwpKTjhGdCswdDhRSURBUUFCb3hBd0RqQU1CZ05WSFJFQkFmOEVBakFBTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCCkFRQjhsTWpzWFhQZXphdXV4OS9WZThiaGM0ZzZXK3Q1emhqWDRsK25zaW00eWk0MVQyZGd0bHVNd1g5MUJwQnIKQTk3MmdYRmY0UVhsZnlyZ3kzZklkV200c0pKR1dMclNVeElmVndDdEppVFhCOGtjRUNQRW1XZnRZZk1lYWYvRQpKZGdraXVoelNvYUJWaDd0MEpCa3RiNHFzVjJvcGwxOW1SQTVKVnYraWpDMmFLbXlCWnZaZ0Q1RU55K29Bcm5kCmx1Yzl5Ky9XdUM0eXNhaWM1TDFnUXpHbS9XQWVINDhGSXh0a3M5VW9ENDNxM3dSbzJaQllHbXFGSGJqakl5ZkIKZGU4TEVGblIrNXlYUU9IRVBpVkdkMzJqK3dRclZQVGJxQXVIem1OZXFuc3YzNXZpNkMyb3hRdzk2QmFBOXEwOApCZTZqaDQ1VjdtYzBBZnRubWg1QjVZR208L2RzOlg1MDlDZXJ0aWZpY2F0ZT4KPC9kczpYNTA5RGF0YT4KPC9kczpLZXlJbmZvPgo8L2RzOlNpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIj43MjRiZmQzNGZmYmUyYWQ4MWE1MjZkYjQ2MjAzNjllMTEyODNiMjkzMTlhNjhmM2NhNDRiM2RhYjdmZTc1ODQ2PC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJEYWFscnBqNmR3anY4Q04wdmFkNWdQYy1YMlNRLUxfaHZ2Ti1vYjNSTy1rIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMTEtMTdUMTU6NTE6MjlaIiBSZWNpcGllbnQ9Imh0dHA6Ly8xMjcuMC4wLjE6ODA4MC9hcGkvc2FtbC9jYWxsYmFjayIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDIxLTExLTE3VDE1OjQxOjI5WiIgTm90T25PckFmdGVyPSIyMDIxLTExLTE3VDE1OjUxOjI5WiIvPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyMS0xMS0xN1QxNTo0MToyOVoiIFNlc3Npb25JbmRleD0iXzU0MjBiZjliZWIzMjQzYjhiMTAyODQwNjY5NDcxMjdiIj48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3dpbmRvd3NhY2NvdW50bmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWU+cmVkc3RvbmVkZXNpZ25lcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy5nb2F1dGhlbnRpay5pby8yMDIxLzAyL3NhbWwvdXNlcm5hbWUiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlPnJlZHN0b25lZGVzaWduZXI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvZW1haWxhZGRyZXNzIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZT5tZUByZWRzdG9uZWRlc2lnbmVyLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy91cG4iPjxzYW1sOkF0dHJpYnV0ZVZhbHVlPm1lQHJlZHN0b25lZGVzaWduZXIuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLmdvYXV0aGVudGlrLmlvLzIwMjEvMDIvc2FtbC91aWQiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlPjE8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvY2xhaW1zL0dyb3VwIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZT5JZGVudGl0eSBBZG1pbmlzdHJhdG9yPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL25hbWUiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlPkdhYnJpZWwgVDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
IdP certificate attached. You will need to rename it and remove the .txt extension, which I added to allow upload to GH.
authentik Self-signed Certificate_certificate.pem.txt
Prod release, please ๐
betas have been up for some time, I guess it's time to call it final/prod before the year is out!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.