habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

saml_idp: start rewriting to use DB Certs

Browse Source
This commit is contained in:
Jens Langhammer
2018-12-14 15:30:11 +01:00
parent e81f525cea
commit 625835a266
4 changed files with 17 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
passbook/saml_idp/xml_signing.py
View File

@ -5,27 +5,12 @@ from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from defusedxml import ElementTree
from signxml import XMLSigner
from signxml.util import strip_pem_header
from passbook.lib.config import CONFIG
from passbook.lib.utils.template import render_to_string
LOGGER = getLogger(__name__)
def load_certificate(strip=False):
"""Get Public key from config"""
cert = CONFIG.y('saml_idp.certificate', '')
if strip:
return strip_pem_header(cert.replace('\r', '')).replace('\n', '')
return cert
def load_private_key():
"""Get Private Key from config"""
return CONFIG.y('saml_idp.key', '')
def sign_with_signxml(private_key, data, cert, reference_uri=None):
"""Sign Data with signxml"""
key = serialization.load_pem_private_key(