Documentation
¶
Index ¶
- type AssertionConsumerService
- type FederationAnalyzer
- type FederationAttack
- type FederationDiscoverer
- type FederationDiscoveryResult
- type FederationEndpoint
- type FederationProvider
- type FederationTrustConfig
- type FederationVuln
- type IDPSSODescriptor
- type KeyDescriptor
- type KeyInfo
- type OIDCConfiguration
- type SAMLMetadata
- type SPSSODescriptor
- type SingleLogoutService
- type SingleSignOnService
- type TrustRelationship
- type TrustRelationshipMapper
- type X509Data
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FederationAnalyzer ¶
type FederationAnalyzer struct {
// contains filtered or unexported fields
}
FederationAnalyzer analyzes federation vulnerabilities
func NewFederationAnalyzer ¶
func NewFederationAnalyzer(logger common.Logger) *FederationAnalyzer
NewFederationAnalyzer creates a new federation analyzer
func (*FederationAnalyzer) FindFederationVulns ¶
func (f *FederationAnalyzer) FindFederationVulns(domain string) []FederationVuln
FindFederationVulns finds federation vulnerabilities
func (*FederationAnalyzer) GenerateFederationAttacks ¶
func (f *FederationAnalyzer) GenerateFederationAttacks(providers []FederationProvider) []FederationAttack
GenerateFederationAttacks generates federation attacks
type FederationAttack ¶
type FederationAttack struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Target string `json:"target"`
Description string `json:"description"`
Payload string `json:"payload"`
Steps []string `json:"steps"`
Success bool `json:"success"`
}
FederationAttack represents a federation attack
type FederationDiscoverer ¶
type FederationDiscoverer struct {
// contains filtered or unexported fields
}
FederationDiscoverer discovers federation endpoints and providers
func NewFederationDiscoverer ¶
func NewFederationDiscoverer(client *http.Client, logger common.Logger) *FederationDiscoverer
NewFederationDiscoverer creates a new federation discoverer
func (*FederationDiscoverer) DiscoverAllProviders ¶
func (d *FederationDiscoverer) DiscoverAllProviders(domain string) *FederationDiscoveryResult
DiscoverAllProviders performs comprehensive federation discovery
func (*FederationDiscoverer) DiscoverProviders ¶
func (d *FederationDiscoverer) DiscoverProviders(domain string) []FederationProvider
DiscoverProviders discovers federation providers for a domain
type FederationDiscoveryResult ¶
type FederationDiscoveryResult struct {
Domain string `json:"domain"`
Providers []FederationProvider `json:"providers"`
TotalFound int `json:"total_found"`
SAMLCount int `json:"saml_count"`
OAuthCount int `json:"oauth_count"`
FederationCount int `json:"federation_count"`
DiscoveryTime time.Duration `json:"discovery_time"`
}
FederationDiscoveryResult represents discovery results
type FederationEndpoint ¶
type FederationEndpoint struct {
URL string `json:"url"`
Type string `json:"type"` // SSO, SLO, metadata
Method string `json:"method"`
Headers map[string]string `json:"headers"`
}
FederationEndpoint represents a federation endpoint
type FederationProvider ¶
type FederationProvider struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"` // SAML, OAuth2, OIDC
MetadataURL string `json:"metadata_url"`
Endpoints []FederationEndpoint `json:"endpoints"`
TrustConfig FederationTrustConfig `json:"trust_config"`
Metadata map[string]interface{} `json:"metadata"`
}
FederationProvider represents a federation provider
type FederationTrustConfig ¶
type FederationTrustConfig struct {
TrustedIssuers []string `json:"trusted_issuers"`
TrustedAudiences []string `json:"trusted_audiences"`
CertificateChain []string `json:"certificate_chain"`
SignatureAlgs []string `json:"signature_algorithms"`
AllowedRedirects []string `json:"allowed_redirects"`
}
FederationTrustConfig represents trust configuration
type FederationVuln ¶
type FederationVuln struct {
ID string `json:"id"`
Type string `json:"type"`
Provider string `json:"provider"`
Severity string `json:"severity"`
Title string `json:"title"`
Description string `json:"description"`
Impact string `json:"impact"`
Evidence []common.Evidence `json:"evidence"`
Remediation common.Remediation `json:"remediation"`
CreatedAt time.Time `json:"created_at"`
}
FederationVuln represents a federation vulnerability
type IDPSSODescriptor ¶
type IDPSSODescriptor struct {
XMLName xml.Name `xml:"IDPSSODescriptor"`
SingleSignOnService []SingleSignOnService `xml:"SingleSignOnService"`
SingleLogoutService []SingleLogoutService `xml:"SingleLogoutService"`
KeyDescriptor []KeyDescriptor `xml:"KeyDescriptor"`
NameIDFormat []string `xml:"NameIDFormat"`
}
type KeyDescriptor ¶
type OIDCConfiguration ¶
type OIDCConfiguration struct {
Issuer string `json:"issuer"`
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
UserInfoEndpoint string `json:"userinfo_endpoint"`
JWKSUri string `json:"jwks_uri"`
ScopesSupported []string `json:"scopes_supported"`
ResponseTypesSupported []string `json:"response_types_supported"`
GrantTypesSupported []string `json:"grant_types_supported"`
TokenEndpointAuthMethods []string `json:"token_endpoint_auth_methods_supported"`
CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
}
OIDC configuration structure
type SAMLMetadata ¶
type SAMLMetadata struct {
XMLName xml.Name `xml:"EntityDescriptor"`
EntityID string `xml:"entityID,attr"`
IDPSSODescriptor []IDPSSODescriptor `xml:"IDPSSODescriptor"`
SPSSODescriptor []SPSSODescriptor `xml:"SPSSODescriptor"`
}
SAML metadata structures
type SPSSODescriptor ¶
type SPSSODescriptor struct {
XMLName xml.Name `xml:"SPSSODescriptor"`
AssertionConsumerService []AssertionConsumerService `xml:"AssertionConsumerService"`
SingleLogoutService []SingleLogoutService `xml:"SingleLogoutService"`
KeyDescriptor []KeyDescriptor `xml:"KeyDescriptor"`
}
type SingleLogoutService ¶
type SingleSignOnService ¶
type TrustRelationship ¶
type TrustRelationship struct {
From string `json:"from"`
To string `json:"to"`
Type string `json:"type"`
Strength string `json:"strength"`
Bidirectional bool `json:"bidirectional"`
Conditions []string `json:"conditions"`
}
TrustRelationship represents a trust relationship
type TrustRelationshipMapper ¶
type TrustRelationshipMapper struct {
// contains filtered or unexported fields
}
TrustRelationshipMapper maps trust relationships between providers
func NewTrustRelationshipMapper ¶
func NewTrustRelationshipMapper(logger common.Logger) *TrustRelationshipMapper
NewTrustRelationshipMapper creates a new trust relationship mapper
func (*TrustRelationshipMapper) MapTrustRelationships ¶
func (t *TrustRelationshipMapper) MapTrustRelationships(providers []FederationProvider) []TrustRelationship
MapTrustRelationships maps trust relationships between providers
Source Files
Click to show internal directories.
Click to hide internal directories.