peppelinux
commented
5 years ago I'm looking for a better solution using pyFF, with the possibility to get information on demand from it.
""" The pyffd tool starts a metadata server with an HTTP-based interface for viewing and downloading metadata. The HTTP interface can produce XML, HTML and JSON output (aswell as other formats with a bit of configuration) and implements the MDX specification for online SAML metadata query. """
This is not an Issue but my thoughts about some improvements that could sounds more efficient in production environment. I wrote this post with my latest ideas, then I should read some other posts over the net to integrate them into this.
Expected Behavior
Code and Documention about a metadata class like saml2.mdstore.MetaDataExtern, for example, to fetch metadatas from a cache system like nosql (memcached, redis...) or filesystem.
I think that download should be scheduled when dealing with large data set, as federation's metadatas. Thus I think that this task could be also be done in a integrated way with the same Class, specialized methods.
Current Behavior
At the moment in pysaml2 metadata are donwloaded and stored in a specific filesystem path or downloaded at every http request. I put some notes here: https://github.com/peppelinux/Django-Identity/blob/master/djangosaml2_sp/djangosaml2_sp/djangosaml2_sp/sp_pysaml2_shibidp.py#L143 (nothing important, it want just to let newcomers to have some reference).
Possible Solution
Just start the discussions, elements will be collected in future.
Additional resources
https://github.com/knaperek/djangosaml2/issues/113#issuecomment-401441848 https://github.com/IdentityPython/pysaml2/blob/master/src/saml2/mdstore.py