minisaml

Minimal SAML2 client


Keywords
python, saml, sans-io
License
Apache-2.0
Install
pip install minisaml==21.10

Documentation

MiniSAML

Code style: black CircleCI Documentation Status

Absolutely minimalistic SAML 2 client. Does not support the full SAML 2 specification, on purpose. It only supports requests via HTTP Redirect and responses via HTTP POST.

Usage

Create a SAML Request

from minisaml.request import get_request_redirect_url

url = get_request_redirect_url(
    saml_endpoint='https://your-idp.invalid/sso-endpoint/', 
    expected_audience='Your SAML Issuer', 
    acs_url='https://you.web-site.invalid/saml/acs/'
)

# This line depends on your web framework/server
redirect_user_to_url(url)

Validate and parse the SAML Response

from minisaml.response import validate_response

# This line depends on your web framework/server
saml_response = get_SAMLResponse_form_data_as_bytes() 

# Load the x509 certificate as a cryptography.x509.Certificate somehow
certificate = ...

try:
    response = validate_response(data=saml_response, certificate=certificate, expected_audience='Your SAML Issuer')
except:
    handle_invalid_response_somehow()

# response is a minisaml.response.Response object