You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Joël Franusic 946110b218 Merge pull request #2 from itamaro/master Update Python packages, use inline metadata, Dockerize app		9 years ago
.profile.d	add xmlsec1 binaries to paths	10 years ago
docs/_static	Add README	10 years ago
templates	Update Python packages to more recent versions, including required fix in templates	9 years ago
.buildpacks	Add support for Heroku:	10 years ago
.gitignore	Initial commit	10 years ago
Dockerfile	Dockerize the app	9 years ago
LICENSE	Initial commit	10 years ago
Procfile	Add support for Heroku:	10 years ago
README.md	Update README with development libraries.	10 years ago
README.org	Update README with development libraries.	10 years ago
app.py	Use inline PySAML2 metadata instead of local tempfile	9 years ago
requirements.txt	Update Python packages to more recent versions, including required fix in templates	9 years ago

README.md

Introduction

This is an example SAML SP service written using Flask and pysaml2.

Requirements

You will also need a development environment capable of compiling Python packages and the "libffi" and "libxmlsec1" development libraries, which are needed by PySAML2.

Instructions for installing these development libraries will differ depending on your host operating system.

Mac OS X

$ brew install libffi libxmlsec1

RHEL

$ sudo yum install libffi-devel xmlsec1 xmlsec1-openssl

Installation

$ virtualenv venv
$ source venv/bin/activate
$ pip install -r requirements.txt

Running

$ python app.py

Testing

The fastest way to test this example SAML SP is to use the saml.oktadev.com service.

Here is how:

Edit the "app.py" file and uncomment the line in the "test" line in "metadata_url_for" dictionary.

$ $EDITOR app.py

Change this line:

# 'test': 'http://idp.oktadev.com/metadata',

To this:

'test': 'http://idp.oktadev.com/metadata',

Start the example SAML SP
```
$ python app.py
```
Start ngrok on the port that the example SAML SP is running on. By default, the example SAML SP runs on TCP 5000.
```
$ ngrok http 5000
```
You will need to install ngrok if you haven't already.

Here is what it should look like:
Run saml.oktadev.com to test this example SAML SP
- Load saml.oktadev.com in your browser and fill out as follows:
  
  Issuer: "urn:example:idp"
  
  SAML ACS URL: "http://REPLACE_ME.ngrok.com/saml/sso/test"
  
  SAML Audience URI: "http://REPLACE_ME.ngrok.com/saml/sso/test"
  
  Be sure to replace the string "REPLACE_ME" with the sub-domain that ngrok selected for you!
- Click the "Submit" button.
- Your output should look like the image below:

Testing the security of your SAML SP

After successfully completing the steps in the "Testing" section above, select the "Run security validation" option to have saml.oktadev.com run an extended series of security tests against your SAML SP.

Contact

Updates or corrections to this document are very welcome. Feel free to send pull requests with suggestions.

Additionally, comments or questions can be sent to: developers@okta.com