[Idpy-discuss] head of pyFF master broken MDQ via sha1 hash?

Scott Koranda skoranda at gmail.com
Mon Sep 23 21:09:07 UTC 2019


I am using today's pyFF master head, commit


My pipeline contains

- when request:
    - select:
    - pipe:
        - when accept application/xml:
            - first
            - finalize:
                cacheDuration: PT12H
                validUntil: P10D
            - sign:
                key: metadata-signer.key
                cert: metadata-signer.crt
            - emit application/xml
            - break
        - when accept application/json:
            - discojson
            - emit application/json
            - break

This query returns the XML I expect

curl ''

proving that pyFF has the metadata for the entityID.

But this query returns an empty <EntitiesDescriptor>:

curl ''

Note that

$ python3
Python 3.7.3 (default, Apr  3 2019, 05:39:12)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from hashlib import sha1
>>> m = sha1()
>>> m.update(b'https://wiki.ligo.org/shibboleth-sp')
>>> m.hexdigest()

This is problematic since thiss-js wants to use sha1 hashes to query

Is there something special I have to configure to get pyFF to accept the
sha1 hash?


Scott K

More information about the Idpy-discuss mailing list