Merge branch 'master' of https://github.com/peppelinux/pysaml2

peppelinux · peppelinux · commit 1bc8a00ef8ca · 2020-01-13T16:55:02.000+01:00
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py
@@ -135,6 +135,9 @@ def __init__(self, config=None, identity_cache=None, state_cache=None,
 
             setattr(self, attr, val)
 
+        for algorithm in ('signing_algorithm', 'digest_algorithm'):
+            setattr(self, algorithm, self.config.getattr(algorithm, "sp"))
+
         if self.entity_type == "sp" and not any(
             [
                 self.want_assertions_signed,
diff --git a/src/saml2/config.py b/src/saml2/config.py
@@ -69,6 +69,8 @@
     "allow_unknown_attributes",
     "crypto_backend",
     "id_attr_name",
+    "signing_algorithm",
+    "digest_algorithm",
     "delete_tmpfiles",
 ]
 
@@ -244,6 +246,8 @@ def __init__(self, homedir="."):
         self.attribute = []
         self.attribute_profile = []
         self.requested_attribute_name_format = NAME_FORMAT_URI
+        self.signing_algorithm = None
+        self.digest_algorithm = None
         self.delete_tmpfiles = True
 
     def setattr(self, context, attr, val):
diff --git a/src/saml2/entity.py b/src/saml2/entity.py
@@ -417,6 +417,13 @@ def unpack_soap_message(text):
 
     def sign(self, msg, mid=None, to_sign=None, sign_prepare=False,
              sign_alg=None, digest_alg=None):
+
+        if sign_alg is None and self.signing_algorithm:
+            sign_alg = self.signing_algorithm
+
+        if digest_alg is None and self.digest_algorithm:
+            digest_alg = self.digest_algorithm
+
         if msg.signature is None:
             msg.signature = pre_signature_part(msg.id, self.sec.my_cert, 1,
                                                sign_alg=sign_alg,
diff --git a/src/saml2/server.py b/src/saml2/server.py
@@ -595,6 +595,9 @@ def gather_authn_response_args(self, sp_entity_id, name_id_policy, userid,
         except KeyError:
             args['best_effort'] = False
 
+        for algorithm in ('signing_algorithm', 'digest_algorithm'):
+            setattr(self, algorithm, self.config.getattr(algorithm, "idp"))
+
         for param in ['sign_assertion', 'sign_response', 'encrypt_assertion',
                       'encrypt_assertion_self_contained',
                       'encrypted_advice_attributes', 'encrypt_cert_advice',

Original file line number	Diff line number	Diff line change
`@@ -135,6 +135,9 @@ def __init__(self, config=None, identity_cache=None, state_cache=None,`
`135`	`135`
`136`	`136`	`setattr(self, attr, val)`
`137`	`137`
	`138`	`+ for algorithm in ('signing_algorithm', 'digest_algorithm'):`
	`139`	`+ setattr(self, algorithm, self.config.getattr(algorithm, "sp"))`
	`140`	`+`
`138`	`141`	`if self.entity_type == "sp" and not any(`
`139`	`142`	`[`
`140`	`143`	`self.want_assertions_signed,`