This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import requests | |
| from keystoneclient.contrib.auth.v3 import saml2 | |
| from keystoneclient import session | |
| # project id you want to scope to | |
| VALID_PROJECT_ID = 'your_project_id' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class A(object): | |
| def __init__(self): | |
| self.zmienna = 'konstruktor' | |
| def run(self): | |
| self._run = 'run' | |
| def attrs(self): | |
| setattr(self, '_attrs', 'wartość') | |
| a = A() | |
| a.run() |
zaccone
/ federated-projects
Created
July 25, 2014 14:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import pdb | |
| import requests | |
| from keystoneclient.contrib.auth.v3 import saml2 | |
| from keystoneclient import session | |
| from keystoneclient.v3 import client | |
| IDENTITY_PROVIDER = '*****' | |
| IDENTITY_PROVIDER_URL = "****" |
zaccone
/ fed_projects
Created
July 22, 2014 20:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import pdb | |
| import requests | |
| from keystoneclient.contrib.auth.v3 import saml2 | |
| from keystoneclient import session | |
| from keystoneclient.v3 import client | |
| IDENTITY_PROVIDER = 'testshib' | |
| IDENTITY_PROVIDER_URL = "https://idp.testshib.org/idp/profile/SAML2/SOAP/ECP" |
zaccone
/ attribute-map.xml
Created
June 11, 2014 13:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <!-- First some useful eduPerson attributes that many sites might use. --> | |
| <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" id="eppn"> | |
| <AttributeDecoder xsi:type="ScopedAttributeDecoder"/> | |
| </Attribute> | |
| <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" id="eppn"> | |
| <AttributeDecoder xsi:type="ScopedAttributeDecoder"/> | |
| </Attribute> |
zaccone
/ decrypted_saml2_assertion
Created
June 11, 2014 13:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_a69045cb285de87702e1ccad45674058" IssueInstant="2014-06-11T13:05:28.891Z" Version="2.0"> | |
| <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://idp.testshib.org/idp/shibboleth</saml2:Issuer> | |
| <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> | |
| <ds:SignedInfo> | |
| <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> | |
| <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> | |
| <ds:Reference URI="#_a69045cb285de87702e1ccad45674058"> | |
| <ds:Transforms> | |
| <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/"> | |
| <soap11:Header> | |
| <ecp:Response xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" AssertionConsumerServiceURL="https://openstack4.local/Shibboleth.sso/SAML2/ECP" soap11:actor="http://schemas.xmlsoap.org/soap/actor/next" soap11:mustUnderstand="1" /> | |
| <samlec:GeneratedKey xmlns:samlec="urn:ietf:params:xml:ns:samlec" soap11:actor="http://schemas.xmlsoap.org/soap/actor/next">d3i1G0SkPUcH0BhYwyS4Wv0MEENFArq61Jb4N5xX1Qw=</samlec:GeneratedKey> | |
| </soap11:Header> | |
| <soap11:Body> | |
| <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://openstack4.local/Shibboleth.sso/SAML2/ECP" ID="_bbbe6298d7ee586c915d952013875440" InResponseTo="_a07186e3992e70e92c17b9d249495643" IssueInstant="2014-06-09T09:48:58.945Z" Version="2.0"> | |
| <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity |
zaccone
/ federated-keystone-vhost
Created
May 2, 2014 08:36
Sample federated-keystone vhost configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| WSGISocketPrefix /var/run/apache2 | |
| <VirtualHost *:443> | |
| WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /var/www/keystone/main/$1 | |
| WSGIScriptAlias / /var/www/keystone/main | |
| WSGIDaemonProcess keystone-public user=stack group=stack processes=3 threads=10 home=/opt/stack/keystone | |
| WSGIApplicationGroup %{GLOBAL} | |
| WSGIProcessGRoup keystone-public | |
| ErrorLog /var/log/apache2/keystone | |
| LogLevel debug | |
| CustomLog /var/log/apache2/access.log combined |
zaccone
/ gist:10716761
Created
April 15, 2014 09:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "rules": [ | |
| { | |
| "local":[ | |
| { | |
| "user": { | |
| "name": "{0}" | |
| } | |
| } | |
| ], |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| This simple client uses standard Python modules | |
| along with the Python lxml toolkit from | |
| http://lxml.de/ | |
| to demonstrate how a SAML ECP client works. | |
| Studying this client is not an acceptable replacement | |
| for reading Draft 02 of the ECP profile [ECP] available at |