pythonsingle-sign-onsamlshibboleth

Python SSO: pysaml2 and python3-saml


I new to SSO and I've only tried pysaml2 by far.

I am also aware of python3-saml library (and its python-saml Python 2 flavour).

I need to use one of those with Shibboleth, if it is relevant.

What are the pros and cons of pysaml2 and python3-saml?


Update:

As for 2019, I still find python3-saml to be the best option if you need to implement an SP. It is not flawless (sorry @smartin, hhehe), but it will give you much less headache than pysaml2.


Solution

  • Both projects are compatible with Shibboleth.

    pysaml2 is older than python3-saml, right now both support py2 and py3. Both are kinda active and documented.

    python3-saml follows the structure of Onelogin's SAML toolkit so if you used any other toolkit before (php-saml, ruby-saml, java-saml), will be easy for you to handle with it (similar methods, same settings).

    Differences

    Crypto:

    Functionality:

    Settings:

    In my opinion, python3-saml is easier than pysaml2, settings are more precise and its repo contains code examples on how integrate a django or a flask app and a guide at the docs.

    Note: I'm the author of python3-saml