Giuseppe, Heather, Scott, Christos, Johan, Ivan, Peter
1 - GitHub review
b. Satosa - https://github.com/IdentityPython/SATOSA
Next release will be a major version change to signal people will have to do something
different re: install (see pyOP notes below).
Reference added to new microservices developed by
Ivan will also add instructions on how to install and work with some of those packages.
Merged a PR for a different attribute
New reflector backend: https://github.com/IdentityPython/SATOSA/pull/374
development purposes). This is similar to a service DAASI developed to communicate with an
LDAP. This basically turns Satosa into an IdP. Maybe time to change the name? Satosa
originally stood for "SAML to SAML". If we continue to develop this kind of
interfaces, it becomes more than a protocol proxy. Need to check in with Roland.
Adding more context to requests: https://github.com/IdentityPython/SATOSA/pull/365
is needed for IdP hinting
A new PR to make cookies configurable: https://github.com/IdentityPython/SATOSA/pull/363
A new frontend that creates virtual collaboration
c. pySAML2 - https://github.com/IdentityPython/pysaml2
User wants to have a mechanism to load the metadata. We usually use an MDX service. For
non-MDX cases, there was no way to reload the metadata. New PRs introduces a function that
will let us do this.
Suggest that the new endpoints should not be enabled by default. We still want to point
people to MDX as the proper way to do this.
Some discussions happening in Slack which resulted in PRs. Those have not been reviewed
a. OIDC - https://github.com/IdentityPython
pyOP update - a couple of PRs
adding Redis support. Also some changes on how to install with different databases (e.g.,
'pip install pyop[mongo]' or 'pip install pyop[redis]'). This broke Satosa
because of the new package dependencies.
- adding support for pkce
d. pyFF - https://github.com/IdentityPython/pyFF
Leif had created a PR (https://github.com/IdentityPython/pyXMLSecurity/pull/69
), but the
CI tests are failing. It seems related to the PKS interface; the software is not releasing
secrets. Tests are working locally. This adds support for things other than the basic
algorithms. Main goal is to support what is needed by eIDAS. No release yet.
2 - Discussion
Short update: W3C’s FedID Community Group - https://www.w3.org/community/fed-id/