zaccone
/ gist:8024982
Created
December 18, 2013 16:09
from http://docs.sqlalchemy.org/en/rel_0_7/orm/relationships.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Association(Base): | |
| __tablename__ = 'association' | |
| left_id = Column(Integer, ForeignKey('left.id'), primary_key=True) | |
| right_id = Column(Integer, ForeignKey('right.id'), primary_key=True) | |
| extra_data = Column(String(50)) | |
| child = relationship("Child", backref="parent_assocs") | |
| class Parent(Base): | |
| __tablename__ = 'left' | |
| id = Column(Integer, primary_key=True) |
zaccone
/ gist:8803808
Created
February 4, 2014 13:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| unscoped federated token: | |
| { token: { 'id': '223423445dfgdfgdfg' | |
| 'groups': ['sdfsdf', 'sdfsdfsd', 'sdfsdfsd', 'dfgdfgdfg'], | |
| 'expires_at' : <timestamp>, | |
| 'issued_at': <timestamp>, | |
| [ some more token related stuff here ] | |
| } | |
| } |
zaccone
/ gist:9526548
Created
March 13, 2014 11:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/keystone/contrib/federation/utils.py b/keystone/contrib/federation/utils.py | |
| index 646ce99..577e2bb 100644 | |
| --- a/keystone/contrib/federation/utils.py | |
| +++ b/keystone/contrib/federation/utils.py | |
| @@ -169,7 +169,8 @@ class RuleProcessor(object): | |
| # semi-colon to indicate multiple values, i.e. groups. | |
| # This will create a new dictionary where the values are arrays, and | |
| # any multiple values are stored in the arrays. | |
| - assertion = dict((n, v.split(';')) for n, v in assertion_data.items()) | |
| + assertion = dict((n, v.split(';')) for n, v in assertion_data.items() |
zaccone
/ gist:9526677
Created
March 13, 2014 11:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def _get_assertion_params_from_env(self, context): | |
| prefix = CONF.federation.assertion_prefix | |
| for k, v in context['environment'].iteritems(): | |
| if k.startswith(prefix): | |
| yield (k, v) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| This simple client uses standard Python modules | |
| along with the Python lxml toolkit from | |
| http://lxml.de/ | |
| to demonstrate how a SAML ECP client works. | |
| Studying this client is not an acceptable replacement | |
| for reading Draft 02 of the ECP profile [ECP] available at |
zaccone
/ gist:10716761
Created
April 15, 2014 09:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "rules": [ | |
| { | |
| "local":[ | |
| { | |
| "user": { | |
| "name": "{0}" | |
| } | |
| } | |
| ], |
zaccone
/ federated-keystone-vhost
Created
May 2, 2014 08:36
Sample federated-keystone vhost configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| WSGISocketPrefix /var/run/apache2 | |
| <VirtualHost *:443> | |
| WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /var/www/keystone/main/$1 | |
| WSGIScriptAlias / /var/www/keystone/main | |
| WSGIDaemonProcess keystone-public user=stack group=stack processes=3 threads=10 home=/opt/stack/keystone | |
| WSGIApplicationGroup %{GLOBAL} | |
| WSGIProcessGRoup keystone-public | |
| ErrorLog /var/log/apache2/keystone | |
| LogLevel debug | |
| CustomLog /var/log/apache2/access.log combined |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/"> | |
| <soap11:Header> | |
| <ecp:Response xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" AssertionConsumerServiceURL="https://openstack4.local/Shibboleth.sso/SAML2/ECP" soap11:actor="http://schemas.xmlsoap.org/soap/actor/next" soap11:mustUnderstand="1" /> | |
| <samlec:GeneratedKey xmlns:samlec="urn:ietf:params:xml:ns:samlec" soap11:actor="http://schemas.xmlsoap.org/soap/actor/next">d3i1G0SkPUcH0BhYwyS4Wv0MEENFArq61Jb4N5xX1Qw=</samlec:GeneratedKey> | |
| </soap11:Header> | |
| <soap11:Body> | |
| <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://openstack4.local/Shibboleth.sso/SAML2/ECP" ID="_bbbe6298d7ee586c915d952013875440" InResponseTo="_a07186e3992e70e92c17b9d249495643" IssueInstant="2014-06-09T09:48:58.945Z" Version="2.0"> | |
| <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity |
zaccone
/ decrypted_saml2_assertion
Created
June 11, 2014 13:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_a69045cb285de87702e1ccad45674058" IssueInstant="2014-06-11T13:05:28.891Z" Version="2.0"> | |
| <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://idp.testshib.org/idp/shibboleth</saml2:Issuer> | |
| <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> | |
| <ds:SignedInfo> | |
| <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> | |
| <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> | |
| <ds:Reference URI="#_a69045cb285de87702e1ccad45674058"> | |
| <ds:Transforms> | |
| <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> |
zaccone
/ attribute-map.xml
Created
June 11, 2014 13:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <!-- First some useful eduPerson attributes that many sites might use. --> | |
| <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" id="eppn"> | |
| <AttributeDecoder xsi:type="ScopedAttributeDecoder"/> | |
| </Attribute> | |
| <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" id="eppn"> | |
| <AttributeDecoder xsi:type="ScopedAttributeDecoder"/> | |
| </Attribute> |
OlderNewer