Skip to content

Latest commit

 

History

History
63 lines (42 loc) · 2.78 KB

README.md

File metadata and controls

63 lines (42 loc) · 2.78 KB

OIDC/SAML Callback URL Validator

Introduction

This proposal outlines the development of a Python-based software tool designed to validate a list of OpenID Connect (OIDC) or Security Assertion Markup Language (SAML) callback URLs. The primary objective of this tool is to ensure that the provided URLs are accessible and respond with specific HTTP status codes indicating their validity which will be used to audit the callback list settings for each client application within Auth0. This document describes the functionality, components, and specifications required for the tool's implementation.

Objectives

  • Primary Objective: To create a Python tool that takes a client_id, retrieves the client applications callback list, validates each callback URL against specified criteria, and returns their validity status.
  • Usability Goal: To provide a straightforward and efficient mechanism for validating multiple OIDC or SAML callback URLs at once, ensuring they meet the necessary criteria for successful interactions.

Techstack

Python 3.12.3 Auth0 Python SDK

Auth0 environment variables

To make use of this application three Auth0 variables have to be set up

  • AUTH0_DOMAIN
  • AUTH0_CLIENT_ID
  • AUTH0_CLIENT_SECRET

These variables can be set as a part of your shell environment variables or in a file name .env Without these variables you will not be able to run the code. these credentials are used to generate a token that interacts with the Auth0 Management API.

The client should have the one following scopes set in Auth0:

  • read:client
  • read:client_keys
  • read:client_credentials
  • read:client_summary

See Auth0 Get Clients and Auth- Get Clients By Id for further documentation on required scopes.

Running Tests

Run the command:

python3 -m unittest

Running Code

Run the command:

python3 validator/validator.py

Examples

  • show help message: python3 validator/validator.py -h

  • retrieve callback urls for all clients: python3 validator/validator.py -a

  • retrieve callback urls for one client: python3 validator/validator.py client_id

Building an executable

Run the commands:

cd validator pyinstaller --onefile validator.py

Running the executable

pyinstaller will create the final executable in the dist directory and will be named validator. You can run the executable by typing the command validator with the appropriate flags or values

Examples

  • show help message: ./validator -h

  • retrieve callback urls for all clients: ./validator -a

  • retrieve callback urls for one client: ./validator client_id