From a5a2a355f404328742aa507cc24ea3a5cb921124 Mon Sep 17 00:00:00 2001
From: Hank Leininger <hlein@korelogic.com>
Date: Wed, 2 Apr 2014 21:39:50 -0400
Subject: [PATCH 1/3] Fix the idp_conf.py / conf.py disagreement.

My guess is a file got renamed at some point w/o all.sh being updated
to reflect the change.
---
 example/all.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/example/all.sh b/example/all.sh
index b58cdaf..ac03c3a 100755
--- a/example/all.sh
+++ b/example/all.sh
@@ -9,7 +9,7 @@ startme() {
 
     cd ../idp2
     if [ ! -f idp_conf.py ] ; then
-        cp idp_conf.py.example conf.py
+        cp idp_conf.py.example idp_conf.py
     fi
     ../../tools/make_metadata.py idp_conf > idp.xml
 
@@ -34,4 +34,4 @@ case "$1" in
     *) echo "usage: $0 start|stop|restart" >&2
        exit 1
        ;;
-esac
\ No newline at end of file
+esac

From 104198416bcaf3884fa53b0bcdb4e459b4656d43 Mon Sep 17 00:00:00 2001
From: Hank Leininger <hlein@korelogic.com>
Date: Wed, 2 Apr 2014 21:42:01 -0400
Subject: [PATCH 2/3] Make sp-wsgi/ layout agree with other examples.

idp2/, idp2_repoze/, and sp-repoze/ all agree that configs should be
{idp,sp}_conf.py, but sp-wsgi/ was the exception, calling its config
just conf.py.  Changed it to match the others, and updated all.sh
accordingly.
---
 example/all.sh                                          | 8 ++++----
 example/sp-wsgi/{conf.py.example => sp_conf.py.example} | 0
 2 files changed, 4 insertions(+), 4 deletions(-)
 rename example/sp-wsgi/{conf.py.example => sp_conf.py.example} (100%)

diff --git a/example/all.sh b/example/all.sh
index ac03c3a..efbc145 100755
--- a/example/all.sh
+++ b/example/all.sh
@@ -2,10 +2,10 @@
 
 startme() {
     cd sp-wsgi
-    if [ ! -f conf.py ] ; then
-        cp conf.py.example conf.py
+    if [ ! -f sp_conf.py ] ; then
+        cp sp_conf.py.example sp_conf.py
     fi
-    ../../tools/make_metadata.py conf > sp.xml
+    ../../tools/make_metadata.py sp_conf > sp.xml
 
     cd ../idp2
     if [ ! -f idp_conf.py ] ; then
@@ -14,7 +14,7 @@ startme() {
     ../../tools/make_metadata.py idp_conf > idp.xml
 
     cd ../sp-wsgi
-    ./sp.py conf &
+    ./sp.py sp_conf &
 
     cd ../idp2
     ./idp.py idp_conf &
diff --git a/example/sp-wsgi/conf.py.example b/example/sp-wsgi/sp_conf.py.example
similarity index 100%
rename from example/sp-wsgi/conf.py.example
rename to example/sp-wsgi/sp_conf.py.example

From c8edb28d5b9a6b1d65c76978ac4388ef351eb6e8 Mon Sep 17 00:00:00 2001
From: Hank Leininger <hlein@korelogic.com>
Date: Wed, 2 Apr 2014 22:00:28 -0400
Subject: [PATCH 3/3] Change examples to bind to 127.0.0.1 by default.

Since the README already says to point a browser at localhost, it
was surprising to see the listeners bound to 0.0.0.0 by default.
Changed that and added notes in README about how to change it if
the user really wants to make a test listener accessible
externally.

Updated output messages during startup to include the bound IP,
to make this more obvious.

Added a missing EOL or two.
---
 example/README                  | 4 ++++
 example/idp2/idp.py             | 5 +++--
 example/idp2_repoze/idp.py      | 5 +++--
 example/sp-repoze/sp.py         | 5 +++--
 example/sp-wsgi/service_conf.py | 3 ++-
 example/sp-wsgi/sp.py           | 5 +++--
 6 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/example/README b/example/README
index 70d8cca..03aa4e1 100644
--- a/example/README
+++ b/example/README
@@ -25,6 +25,10 @@ To run the setup do
 
 and then use your favourite webbrowser to look at "http://localhost:8087/whoami"
 
+Note, the listeners are all configured to bind to localhost (127.0.0.1) only.
+If you want to be able to connect to them externally, grep "HOST = '127.0.0.1'"
+example/*/*.py and replace 127.0.0.1 with 0.0.0.0 or a specific IP.
+
 ./all.sh stop
 
 will of course stop your IdP and SP.
diff --git a/example/idp2/idp.py b/example/idp2/idp.py
index 3828d41..9fdaf5a 100755
--- a/example/idp2/idp.py
+++ b/example/idp2/idp.py
@@ -976,10 +976,11 @@ if __name__ == '__main__':
                             module_directory=_rot + 'modules',
                             input_encoding='utf-8', output_encoding='utf-8')
 
+    HOST = '127.0.0.1'
     PORT = 8088
 
-    SRV = make_server('', PORT, application)
-    print "IdP listening on port: %s" % PORT
+    SRV = make_server(HOST, PORT, application)
+    print "IdP listening on %s:%s" % (HOST, PORT)
     SRV.serve_forever()
 else:
     _rot = args.mako_root
diff --git a/example/idp2_repoze/idp.py b/example/idp2_repoze/idp.py
index 562ce51..4729392 100755
--- a/example/idp2_repoze/idp.py
+++ b/example/idp2_repoze/idp.py
@@ -977,10 +977,11 @@ if __name__ == '__main__':
                             module_directory=_rot + 'modules',
                             input_encoding='utf-8', output_encoding='utf-8')
 
+    HOST = '127.0.0.1'
     PORT = 8088
 
-    SRV = make_server('', PORT, application)
-    print "IdP listening on port: %s" % PORT
+    SRV = make_server(HOST, PORT, application)
+    print "IdP listening on %s:%s" % (HOST, PORT)
     SRV.serve_forever()
 else:
     _rot = args.mako_root
diff --git a/example/sp-repoze/sp.py b/example/sp-repoze/sp.py
index f16cc39..a0af4e7 100755
--- a/example/sp-repoze/sp.py
+++ b/example/sp-repoze/sp.py
@@ -268,6 +268,7 @@ app_with_auth = make_middleware_with_config(application, {"here": "."},
                                             log_file="repoze_who.log")
 
 # ----------------------------------------------------------------------------
+HOST = '127.0.0.1'
 PORT = 8087
 
 # allow uwsgi or gunicorn mount
@@ -291,6 +292,6 @@ if __name__ == '__main__':
     args = parser.parse_args()
 
     from wsgiref.simple_server import make_server
-    srv = make_server('', PORT, app_with_auth)
-    print "SP listening on port: %s" % PORT
+    srv = make_server(HOST, PORT, app_with_auth)
+    print "SP listening on %s:%s" % (HOST, PORT)
     srv.serve_forever()
diff --git a/example/sp-wsgi/service_conf.py b/example/sp-wsgi/service_conf.py
index e5dbf17..ad6c847 100644
--- a/example/sp-wsgi/service_conf.py
+++ b/example/sp-wsgi/service_conf.py
@@ -1,5 +1,6 @@
 from saml2.assertion import Policy
 
+HOST = '127.0.0.1'
 PORT = 8087
 HTTPS = False
 
@@ -13,4 +14,4 @@ POLICY = Policy(
 # HTTPS cert information
 SERVER_CERT = "pki/ssl.crt"
 SERVER_KEY = "pki/ssl.pem"
-CERT_CHAIN = ""
\ No newline at end of file
+CERT_CHAIN = ""
diff --git a/example/sp-wsgi/sp.py b/example/sp-wsgi/sp.py
index 05fcc03..f940f29 100755
--- a/example/sp-wsgi/sp.py
+++ b/example/sp-wsgi/sp.py
@@ -683,6 +683,7 @@ def application(environ, start_response):
 
 # ----------------------------------------------------------------------------
 
+HOST = service_conf.HOST
 PORT = service_conf.PORT
 # ------- HTTPS -------
 # These should point to relevant files
@@ -727,13 +728,13 @@ if __name__ == '__main__':
 
     add_urls()
 
-    SRV = wsgiserver.CherryPyWSGIServer(('0.0.0.0', PORT), application)
+    SRV = wsgiserver.CherryPyWSGIServer((HOST, PORT), application)
 
     if service_conf.HTTPS:
         SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(SERVER_CERT,
                                                          SERVER_KEY, CERT_CHAIN)
     logger.info("Server starting")
-    print "SP listening on port: %s" % PORT
+    print "SP listening on %s:%s" % (HOST, PORT)
     try:
         SRV.start()
     except KeyboardInterrupt: