Merge branch 'master' of https://github.com/peppelinux/pysaml2

peppelinux · peppelinux · commit 9385c8da2a94 · 2020-06-24T12:31:26.000+02:00
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py
@@ -181,6 +181,9 @@ def __init__(self, config=None, identity_cache=None, state_cache=None,
 
             setattr(self, attr, val)
 
+        for algorithm in ('signing_algorithm', 'digest_algorithm'):
+            setattr(self, algorithm, self.config.getattr(algorithm, "sp"))
+
         if self.entity_type == "sp" and not any(
             [
                 self.want_assertions_signed,
diff --git a/src/saml2/config.py b/src/saml2/config.py
@@ -69,6 +69,9 @@
     "extensions",
     "allow_unknown_attributes",
     "crypto_backend",
+    "id_attr_name",
+    "signing_algorithm",
+    "digest_algorithm",
     "delete_tmpfiles",
 ]
 
@@ -242,6 +245,8 @@ def __init__(self, homedir="."):
         self.attribute = []
         self.attribute_profile = []
         self.requested_attribute_name_format = NAME_FORMAT_URI
+        self.signing_algorithm = None
+        self.digest_algorithm = None
         self.delete_tmpfiles = True
 
     def setattr(self, context, attr, val):
diff --git a/src/saml2/entity.py b/src/saml2/entity.py
@@ -416,6 +416,13 @@ def unpack_soap_message(text):
 
     def sign(self, msg, mid=None, to_sign=None, sign_prepare=False,
              sign_alg=None, digest_alg=None):
+
+        if sign_alg is None and self.signing_algorithm:
+            sign_alg = self.signing_algorithm
+
+        if digest_alg is None and self.digest_algorithm:
+            digest_alg = self.digest_algorithm
+
         if msg.signature is None:
             msg.signature = pre_signature_part(msg.id, self.sec.my_cert, 1,
                                                sign_alg=sign_alg,
diff --git a/src/saml2/server.py b/src/saml2/server.py
@@ -595,6 +595,9 @@ def gather_authn_response_args(self, sp_entity_id, name_id_policy, userid,
         except KeyError:
             args['best_effort'] = False
 
+        for algorithm in ('signing_algorithm', 'digest_algorithm'):
+            setattr(self, algorithm, self.config.getattr(algorithm, "idp"))
+
         for param in ['sign_assertion', 'sign_response', 'encrypt_assertion',
                       'encrypt_assertion_self_contained',
                       'encrypted_advice_attributes', 'encrypt_cert_advice',

Original file line number	Diff line number	Diff line change
`@@ -181,6 +181,9 @@ def __init__(self, config=None, identity_cache=None, state_cache=None,`
`181`	`181`
`182`	`182`	`setattr(self, attr, val)`
`183`	`183`
	`184`	`+ for algorithm in ('signing_algorithm', 'digest_algorithm'):`
	`185`	`+ setattr(self, algorithm, self.config.getattr(algorithm, "sp"))`
	`186`	`+`
`184`	`187`	`if self.entity_type == "sp" and not any(`
`185`	`188`	`[`
`186`	`189`	`self.want_assertions_signed,`