ConfigurationΒΆ
The IdP needs two configuration options by default,
SAML2_IDP
and SAML2_SERVICE_PROVIDERS
.
SAML2_IDP
configures the IdP itself,
while SAML2_SERVICE_PROVIDERS
specifies all the SPs this IdP supports.
from flask_saml2.utils import certificate_from_file, private_key_from_file
SAML2_IDP = {
'autosubmit': True,
'certificate': certificate_from_file('keys/idp_certificate.pem'),
'private_key': private_key_from_file('keys/idp_private_key.pem'),
}
SAML2_SERVICE_PROVIDERS = [
{
'CLASS': 'myapp.SPHandler',
'OPTIONS': {
'display_name': 'Example Service Provider',
'entity_id': 'http://service.example.com/saml/metadata.xml',
'acs_url': 'http://service.example.com/saml/acs/',
'certificate': certificate_from_file('keys/example_sp_certificate.pem'),
},
},
]
SAML2_IDP
is documented in IdentityProvider.get_idp_config()
.
SAML2_SERVICE_PROVIDERS
is a list of SPs the IdP will authenticate users for.
Each SP is represented as a dict.
CLASS
is the dotted Python path to a SPHandler
subclass,
and OPTIONS
is a dict of keyword arguments to its constructor.
Refer to SPHandler
for more information on constructor arguments.