SAML-Toolkits / python3-saml

MIT License
699 stars 309 forks source link

Initialization of OneLogin_Saml2_Auth from a Stream #414

Closed maayan-cohen-hs closed 4 months ago

maayan-cohen-hs commented 4 months ago

Hi!

I have a question regarding the initialization of the OneLogin_Saml2_Auth object. Currently, we use the custom_base_path argument to specify a file path. However, as we transition to obtaining this data via an API instead of files, we are exploring ways to pass these settings in a non-file format, such as a stream or a dictionary.

We noticed the option to pass an old_settings object instead of using custom_base_path, which might suit our needs. However, we are concerned that this approach may diverge from the standard usage patterns of the library. Could you please advise if utilizing the old_settings object or another non-file format is likely to cause compatibility issues with future releases? We want to ensure our implementation remains aligned with the intended usage and avoid any potential upgrade obstacles.

pitbulk commented 4 months ago

Sorry for the confusion on the name but that parameter was there for the very beginning and we kept that name for compatibility.

Using old_settings is ok and is the way to inject settings if you already have them in a dict.

If you the Settings constructor:

    def __init__(self, settings=None, custom_base_path=None, sp_validation_only=False):
        """
        Initializes the settings:
        - Sets the paths of the different folders
        - Loads settings info from settings file or array/object provided

        :param settings: SAML Toolkit Settings
        :type settings: dict

You see injecting dict is another valid alternative to the settings provided using a file.