Open peppelinux opened 3 years ago
This feature Is implemented with the help of authn plugins https://github.com/italia/spid-sp-test/commit/af22d98cade94701e59c17fb21eb207873487bc3
We needs to get some contribution and examples. The First proxy plugin Will cover satosa-saml2spid and It would a good starting point, as well, for others
Satosa-Saml2Spid IAM Proxy covered here https://github.com/italia/spid-sp-test/blob/12d72a95c9187ea574e18f31df85695090e4c939/src/spid_sp_test/plugins/authn_request.py#L39
it could be a good starting point for every Saml2Saml proxies
linked to this https://github.com/italia/spid-sp-test/issues/65
an additional option, like
--proxy saml2|oidc|oauth2
would load a specialized authnrequest loader, for each kind of proxy type. This will follow the requests if they are saml2 redirect or post or oidc/oauth2 auth code flow.This is a approach that would be experimental, each tested proxy as working would be referenced in a dedicated section in the README.
the proxy that would drive the first tests are:
SATOSA-Saml2SPID AgID Login (oidc auth code flow)