:
- Sample Service Provider and Identity Provider (in Python)
- The SP implements a service that stores and presents images
in accounts (unique images, named after the hash of their
contents). Each user can only manage the images of their
account.
- Accounts are defined by a username. The IdP is very
primitive, it simply accepts a name provided by a user,
without any other confirmations. The IdP redirection to the
SP is hardwired, which it should not be.
- Short-term cookies are used by the SP to keep sessions
with clients across HTTP requests. Those cookies are insecure, they can easily be
forget by users.