[Idpy-discuss] head of pyFF master broken MDQ via sha1 hash?

Scott Koranda skoranda at gmail.com
Mon Sep 23 21:09:07 UTC 2019


Hi,

I am using today's pyFF master head, commit

bbdf245ccdb0be8ce45dda8c0cef06a6d33e2755

My pipeline contains

- when request:
    - select:
    - pipe:
        - when accept application/xml:
            - first
            - finalize:
                cacheDuration: PT12H
                validUntil: P10D
            - sign:
                key: metadata-signer.key
                cert: metadata-signer.crt
            - emit application/xml
            - break
        - when accept application/json:
            - discojson
            - emit application/json
            - break

This query returns the XML I expect

curl 'http://127.0.0.1:8080/entities/https%3A%2F%2Fwiki.ligo.org%2Fshibboleth-sp'

proving that pyFF has the metadata for the entityID.

But this query returns an empty <EntitiesDescriptor>:

curl 'http://127.0.0.1:8080/entities/%7Bsha1%7Dff767393c6b06e8282603e9e4541ac1e878d63aa'

Note that

$ python3
Python 3.7.3 (default, Apr  3 2019, 05:39:12)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from hashlib import sha1
>>> m = sha1()
>>> m.update(b'https://wiki.ligo.org/shibboleth-sp')
>>> m.hexdigest()
'ff767393c6b06e8282603e9e4541ac1e878d63aa'

This is problematic since thiss-js wants to use sha1 hashes to query
MDQ.

Is there something special I have to configure to get pyFF to accept the
sha1 hash?

Thanks,

Scott K



More information about the Idpy-discuss mailing list