italia / spid-sp-test

SAML2 SPID/CIE Service Provider validation tool
European Union Public License 1.2
38 stars 17 forks source link

Possibility to test SAML2 and OIDC Proxy #10

Open peppelinux opened 3 years ago

peppelinux commented 3 years ago

an additional option, like --proxy saml2|oidc|oauth2 would load a specialized authnrequest loader, for each kind of proxy type. This will follow the requests if they are saml2 redirect or post or oidc/oauth2 auth code flow.

This is a approach that would be experimental, each tested proxy as working would be referenced in a dedicated section in the README.

the proxy that would drive the first tests are:

SATOSA-Saml2SPID AgID Login (oidc auth code flow)

peppelinux commented 3 years ago

This feature Is implemented with the help of authn plugins https://github.com/italia/spid-sp-test/commit/af22d98cade94701e59c17fb21eb207873487bc3

We needs to get some contribution and examples. The First proxy plugin Will cover satosa-saml2spid and It would a good starting point, as well, for others

peppelinux commented 3 years ago

Satosa-Saml2Spid IAM Proxy covered here https://github.com/italia/spid-sp-test/blob/12d72a95c9187ea574e18f31df85695090e4c939/src/spid_sp_test/plugins/authn_request.py#L39

it could be a good starting point for every Saml2Saml proxies

peppelinux commented 3 years ago

linked to this https://github.com/italia/spid-sp-test/issues/65