[Idpy-discuss] Notes: idpy Developers call, 29 January 2019

On 29 Jan 2019, at 16:04, Heather Flanagan <hlflanagan at sphericalcowgroup.com> wrote: Attendees: Heather, Scott, Johan, Paul (I2), Ivan, Martin Regrets: Rainer, Roland 1. Project review - Satosa (Satosa PRs - https://github.com/IdentityPython/SATOSA <https://github.com/IdentityPython/SATOSA>) Expect a new release when the pySAML2 security bugs are fixed - pySAML2 (https://github.com/IdentityPython/pysaml2 <https://github.com/IdentityPython/pysaml2>) Security fixes added by Ivan have broken some peoples installation. Ivan will be working on resolving that today. Issues and changes discussed today: https://github.com/IdentityPython/pysaml2/issues/578 <https://github.com/IdentityPython/pysaml2/issues/578> - Don't hide xmlsec1 execution errors https://github.com/IdentityPython/pysaml2/pull/583 <https://github.com/IdentityPython/pysaml2/pull/583> - Check the xmlsec returncode https://github.com/IdentityPython/pysaml2/pull/581 <https://github.com/IdentityPython/pysaml2/pull/581> - Allow tests to pass after 2020 https://github.com/IdentityPython/pysaml2/issues/579 <https://github.com/IdentityPython/pysaml2/issues/579> - Wrong signed AuthnRequest with redirect binding https://github.com/IdentityPython/pysaml2/issues/586 <https://github.com/IdentityPython/pysaml2/issues/586> - Please don't cache MDQ responses (note - in the long term, Scott would like to see pySAML support a sophisticated metadata client, rather than having to rely on an external component. This would allow to use a python stack with as few pieces as possible. This may also mean not removing but instead fixing the cache.) (Martin) Hashing of the sub and the bloat of the id token - should the OIDC library enable putting claims in the id token (which would be difficult)

or should we stick to the specs and not put claims in the id token and instead query the end point? Most OIDC libraries out there put claims in the token, since that’s what Google does. Remember we’re replacing the pyOP libraries with new ones written by Roland (possibly not in all cases, though).

- pyFF (https://github.com/IdentityPython/pyFF <https://github.com/IdentityPython/pyFF>) See email from Leif 2 TIIME planning https://github.com/IdentityPython/Meetings/blob/master/TIIME-20190211 <https://github.com/IdentityPython/Meetings/blob/master/TIIME-20190211> - may end dev meeting early to have a board meeting Ivan will be adding a few agenda items How to add new members to the group (this will be both dev and board discussion) _______________________________________________ Idpy-discuss mailing list Idpy-discuss at lists.sunet.se https://lists.sunet.se/listinfo/idpy-discuss