Add hooks to retrieve last-sent and last-received requests and responses #159
Conversation
|
But why you don't collect the requests/responses that gonna be processed in the views that uses the python-saml toolkit? |
|
In the case of responses, they can contain encrypted assertions that cannot be effectively extracted without duplicating a large amount of While these concerns may be overcome with enough time spent on them, Oh, and I should note that we've been seeing Travis segfaults while working on this, but tests do pass locally. |
|
it does not pass pep8/pyflakes. I will review this feature and see if it makes sense and does not compromise security. |
|
Thanks for pointing that out @pitbulk; I've fixed those issues. |
…dating readme and adding tests
haikuginger
force-pushed
the
haikuginger/last-xml-document-hooks
branch
from
ea8ee66
to
87d4c18
Compare
|
Rebased from |
|
@pitbulk, as with the other PR I have open here, we've been using this code for a while in production, and are hoping to get it reviewed and merged here so that we can return to using the canonical source. |
|
I'm sorry for the delay. I think this feature makes sense, but I was busy with a security improvement that I'm publishing today with a new release. I was so busy with that, since I mad this improvements in all the toolkits. I think next eeek I will be able to review and add this functionality and maybe do a minor release with it. |
|
This PR covers:
|
|
@pitbulk, our what our organization needs is just the login request and the response received. I can look into whether we can expand our scope on this to cover those items in a subsequent PR, but for right now, we'd like to get this piece merged. |
|
@pitbulk Hi :) @haikuginger is working with me on this. We want to have something you can merge, so please let us know what you'd need for that to happen. To answer your question, currently the last SAML request from those other processes is not saved. If you it's important to have that consistency in place before this can be merged, let us know. |
|
It's ok, I will improve your PR and merge it soon. |
|
@bradenmacdonald , @haikuginger I improved the PR here: #171 It lacks some tests, but I will implement them today and if you agree with the solution, merge it to master. |
|
#171 is ready, @bradenmacdonald , @haikuginger can you review? |
To get more data for troubleshooting in production, we've added hooks to allow us to pull the relevant XML documents out of
python-samlfor logging on our side of things. This way, we can retest those documents on a non-production system to determine what might have gone wrong.