saml

package module

v0.0.0-...-6a08a26 Latest Latest Go to latest Published: Sep 4, 2014 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/amussey/gosaml

Links

Open Source Insights

README ¶

gosaml

SAML client library written in Go (golang)

SAML is the successful OASIS standard for cloud based single sign on (SSO). SAML allows for companies that maintain a security infrastructure internally to allow using that same set of credentials via a safe, secure mechanism with externally hosted services.

For instance, New Relic allows you to configure a saml provider (https://newrelic.com/docs/subscriptions/saml-service-providers) so you can maintain your own credentials instead of using New Relic's.

Ping Identity has a nice video for SAML here: https://www.pingidentity.com/resource-center/Introduction-to-SAML-Video.cfm

Installation

Use the go get command to fetch gosaml and its dependencies into your local $GOPATH:

$ go get github.com/mattbaird/gosaml

Usage

package main

import (
    "fmt"
    "github.com/mattbaird/gosaml"
)

func main() {
    // Configure the app and account settings
    appSettings := saml.NewAppSettings("http://www.onelogin.net", "issuer")
    accountSettings := saml.NewAccountSettings("cert", "http://www.onelogin.net")

    // Construct an AuthnRequest
    authRequest := saml.NewAuthorizationRequest(*appSettings, *accountSettings)

    // Return a SAML AuthnRequest as a string
    saml, err := authRequest.GetRequest(false)

    if err != nil {
        fmt.Println(err)
        return
    }
    fmt.Println(saml)
}

The above code will generate the following AuthnRequest XML:

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    ID="_fd22bc94-0dee-489f-47d5-b86e3100268c" Version="2.0" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    AssertionConsumerServiceURL="http://www.onelogin.net" IssueInstant="2014-09-02T13:15:28" AssertionConsumerServiceIndex="0"
    AttributeConsumingServiceIndex="0">
    <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"></samlp:NameIDPolicy>
    <samlp:RequestedAuthnContext xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Comparison="exact"></samlp:RequestedAuthnContext>
    <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
        urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
    </saml:AuthnContextClassRef>
</samlp:AuthnRequest>

Documentation ¶

Index ¶

func LoadCertificate(crtFile string) (*x509.Certificate, error)
func LoadCertificateFromBytes(cert []byte) (*x509.Certificate, error)
type AccountSettings
- func NewAccountSettings(cert string, targetUrl string) *AccountSettings
type AppSettings
- func NewAppSettings(assertionServiceUrl string, issuer string) *AppSettings
type AuthnContextClassRef
type AuthnRequest
type AuthorizationRequest
- func NewAuthorizationRequest(appSettings AppSettings, accountSettings AccountSettings) *AuthorizationRequest
- func (ar AuthorizationRequest) GetRequest(base64Encode bool) (string, error)
- func (ar AuthorizationRequest) GetRequestUrl() (string, error)
type Issuer
type NameIDPolicy
type RequestedAuthnContext
type Response

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func LoadCertificate ¶

func LoadCertificate(crtFile string) (*x509.Certificate, error)

func LoadCertificateFromBytes ¶

func LoadCertificateFromBytes(cert []byte) (*x509.Certificate, error)

Types ¶

type AccountSettings ¶

type AccountSettings struct {
	Certificate        string
	IDP_SSO_Target_URL string
}

func NewAccountSettings ¶

func NewAccountSettings(cert string, targetUrl string) *AccountSettings

type AppSettings ¶

type AppSettings struct {
	AssertionConsumerServiceURL string
	Issuer                      string
}

func NewAppSettings ¶

func NewAppSettings(assertionServiceUrl string, issuer string) *AppSettings

type AuthnContextClassRef ¶

type AuthnContextClassRef struct {
	XMLName   xml.Name
	SAML      string `xml:"xmlns:saml,attr"`
	Transport string `xml:",innerxml"`
}

type AuthnRequest ¶

type AuthnRequest struct {
	XMLName                        xml.Name
	SAMLP                          string                `xml:"xmlns:samlp,attr"`
	SAML                           string                `xml:"xmlns:saml,attr"`
	ID                             string                `xml:"ID,attr"`
	Version                        string                `xml:"Version,attr"`
	ProtocolBinding                string                `xml:"ProtocolBinding,attr"`
	AssertionConsumerServiceURL    string                `xml:"AssertionConsumerServiceURL,attr"`
	IssueInstant                   string                `xml:"IssueInstant,attr"`
	AssertionConsumerServiceIndex  int                   `xml:"AssertionConsumerServiceIndex,attr"`
	AttributeConsumingServiceIndex int                   `xml:"AttributeConsumingServiceIndex,attr"`
	Issuer                         Issuer                `xml:"Issuer"`
	NameIDPolicy                   NameIDPolicy          `xml:"NameIDPolicy"`
	RequestedAuthnContext          RequestedAuthnContext `xml:"RequestedAuthnContext"`
	AuthnContextClassRef           AuthnContextClassRef  `xml:"AuthnContextClassRef"`
}

type AuthorizationRequest ¶

type AuthorizationRequest struct {
	Id              string
	IssueInstant    string
	AppSettings     AppSettings
	AccountSettings AccountSettings
	Base64          int
}

func NewAuthorizationRequest ¶

func NewAuthorizationRequest(appSettings AppSettings, accountSettings AccountSettings) *AuthorizationRequest

func (AuthorizationRequest) GetRequest ¶

func (ar AuthorizationRequest) GetRequest(base64Encode bool) (string, error)

GetRequest returns a string formatted XML document that represents the SAML document TODO: parameterize more parts of the request

func (AuthorizationRequest) GetRequestUrl ¶

func (ar AuthorizationRequest) GetRequestUrl() (string, error)

String reqString = accSettings.getIdp_sso_target_url()+"?SAMLRequest=" + AuthRequest.getRidOfCRLF(URLEncoder.encode(authReq.getRequest(AuthRequest.base64),"UTF-8"));

type Issuer ¶

type Issuer struct {
	XMLName xml.Name
	Url     string `xml:",innerxml"`
}

type NameIDPolicy ¶

type NameIDPolicy struct {
	XMLName     xml.Name
	AllowCreate bool   `xml:"AllowCreate,attr"`
	Format      string `xml:"Format,attr"`
}

type RequestedAuthnContext ¶

type RequestedAuthnContext struct {
	XMLName    xml.Name
	SAMLP      string `xml:"xmlns:samlp,attr"`
	Comparison string `xml:"Comparison,attr"`
}

type Response ¶

type Response struct {
	XmlDoc   string
	Settings AccountSettings
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL