samlauthenticate

package
v8.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 17, 2025 License: Apache-2.0 Imports: 12 Imported by: 4

Documentation

Overview

Authenticate SAML.

Submit a SAML response message to Elasticsearch for consumption.

NOTE: This API is intended for use by custom web applications other than Kibana. If you are using Kibana, refer to the documentation for configuring SAML single-sign-on on the Elastic Stack.

The SAML message that is submitted can be:

* A response to a SAML authentication request that was previously created using the SAML prepare authentication API. * An unsolicited SAML message in the case of an IdP-initiated single sign-on (SSO) flow.

In either case, the SAML message needs to be a base64 encoded XML document with a root element of `<Response>`.

After successful validation, Elasticsearch responds with an Elasticsearch internal access token and refresh token that can be subsequently used for authentication. This API endpoint essentially exchanges SAML responses that indicate successful authentication in the IdP for Elasticsearch access and refresh tokens, which can be used for authentication against Elasticsearch.

Index

Constants

This section is empty.

Variables

View Source 
var ErrBuildPath = errors.New("cannot build path, check for missing path parameters")

ErrBuildPath is returned in case of missing parameters within the build of the request.

Functions

This section is empty.

Types

type NewSamlAuthenticate 

type NewSamlAuthenticate func() *SamlAuthenticate

NewSamlAuthenticate type alias for index.

func NewSamlAuthenticateFunc 

func NewSamlAuthenticateFunc(tp elastictransport.Interface) NewSamlAuthenticate

NewSamlAuthenticateFunc returns a new instance of SamlAuthenticate with the provided transport. Used in the index of the library this allows to retrieve every apis in once place.

type Request 

type Request struct {

	// Content The SAML response as it was sent by the user's browser, usually a Base64
	// encoded XML document.
	Content string `json:"content"`
	// Ids A JSON array with all the valid SAML Request Ids that the caller of the API
	// has for the current user.
	Ids []string `json:"ids"`
	// Realm The name of the realm that should authenticate the SAML response. Useful in
	// cases where many SAML realms are defined.
	Realm *string `json:"realm,omitempty"`
}

Request holds the request body struct for the package samlauthenticate

https://github.com/elastic/elasticsearch-specification/blob/f6a370d0fba975752c644fc730f7c45610e28f36/specification/security/saml_authenticate/Request.ts#L23-L61

func NewRequest added in v8.5.0 

func NewRequest() *Request

NewRequest returns a Request

func (*Request) FromJSON added in v8.5.0 

func (r *Request) FromJSON(data string) (*Request, error)

FromJSON allows to load an arbitrary json into the request structure

func (*Request) UnmarshalJSON added in v8.12.1 

func (s *Request) UnmarshalJSON(data []byte) error

type Response added in v8.7.0 

type Response struct {

	// AccessToken The access token that was generated by Elasticsearch.
	AccessToken string `json:"access_token"`
	// ExpiresIn The amount of time (in seconds) left until the token expires.
	ExpiresIn int `json:"expires_in"`
	// Realm The name of the realm where the user was authenticated.
	Realm string `json:"realm"`
	// RefreshToken The refresh token that was generated by Elasticsearch.
	RefreshToken string `json:"refresh_token"`
	// Username The authenticated user's name.
	Username string `json:"username"`
}

Response holds the response body struct for the package samlauthenticate

https://github.com/elastic/elasticsearch-specification/blob/f6a370d0fba975752c644fc730f7c45610e28f36/specification/security/saml_authenticate/Response.ts#L22-L45

func NewResponse added in v8.7.0 

func NewResponse() *Response

NewResponse returns a Response

type SamlAuthenticate 

type SamlAuthenticate struct {
	// contains filtered or unexported fields
}

func New 

func New(tp elastictransport.Interface) *SamlAuthenticate

Authenticate SAML.

Submit a SAML response message to Elasticsearch for consumption.

NOTE: This API is intended for use by custom web applications other than Kibana. If you are using Kibana, refer to the documentation for configuring SAML single-sign-on on the Elastic Stack.

The SAML message that is submitted can be:

* A response to a SAML authentication request that was previously created using the SAML prepare authentication API. * An unsolicited SAML message in the case of an IdP-initiated single sign-on (SSO) flow.

In either case, the SAML message needs to be a base64 encoded XML document with a root element of `<Response>`.

After successful validation, Elasticsearch responds with an Elasticsearch internal access token and refresh token that can be subsequently used for authentication. This API endpoint essentially exchanges SAML responses that indicate successful authentication in the IdP for Elasticsearch access and refresh tokens, which can be used for authentication against Elasticsearch.

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-authenticate.html

func (*SamlAuthenticate) Content added in v8.9.0 

func (r *SamlAuthenticate) Content(content string) *SamlAuthenticate

The SAML response as it was sent by the user's browser, usually a Base64 encoded XML document. API name: content

func (SamlAuthenticate) Do 

func (r SamlAuthenticate) Do(providedCtx context.Context) (*Response, error)

Do runs the request through the transport, handle the response and returns a samlauthenticate.Response

func (*SamlAuthenticate) ErrorTrace added in v8.14.0 

func (r *SamlAuthenticate) ErrorTrace(errortrace bool) *SamlAuthenticate

ErrorTrace When set to `true` Elasticsearch will include the full stack trace of errors when they occur. API name: error_trace

func (*SamlAuthenticate) FilterPath added in v8.14.0 

func (r *SamlAuthenticate) FilterPath(filterpaths ...string) *SamlAuthenticate

FilterPath Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch. API name: filter_path

func (*SamlAuthenticate) Header 

func (r *SamlAuthenticate) Header(key, value string) *SamlAuthenticate

Header set a key, value pair in the SamlAuthenticate headers map.

func (*SamlAuthenticate) HttpRequest 

func (r *SamlAuthenticate) HttpRequest(ctx context.Context) (*http.Request, error)

HttpRequest returns the http.Request object built from the given parameters.

func (*SamlAuthenticate) Human added in v8.14.0 

func (r *SamlAuthenticate) Human(human bool) *SamlAuthenticate

Human When set to `true` will return statistics in a format suitable for humans. For example `"exists_time": "1h"` for humans and `"eixsts_time_in_millis": 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines. API name: human

func (*SamlAuthenticate) Ids added in v8.9.0 

func (r *SamlAuthenticate) Ids(ids ...string) *SamlAuthenticate

A JSON array with all the valid SAML Request Ids that the caller of the API has for the current user. API name: ids

func (SamlAuthenticate) Perform added in v8.7.0 

func (r SamlAuthenticate) Perform(providedCtx context.Context) (*http.Response, error)

Perform runs the http.Request through the provided transport and returns an http.Response.

func (*SamlAuthenticate) Pretty added in v8.14.0 

func (r *SamlAuthenticate) Pretty(pretty bool) *SamlAuthenticate

Pretty If set to `true` the returned JSON will be "pretty-formatted". Only use this option for debugging only. API name: pretty

func (*SamlAuthenticate) Raw 

func (r *SamlAuthenticate) Raw(raw io.Reader) *SamlAuthenticate

Raw takes a json payload as input which is then passed to the http.Request If specified Raw takes precedence on Request method.

func (*SamlAuthenticate) Realm added in v8.9.0 

func (r *SamlAuthenticate) Realm(realm string) *SamlAuthenticate

The name of the realm that should authenticate the SAML response. Useful in cases where many SAML realms are defined. API name: realm

func (*SamlAuthenticate) Request 

func (r *SamlAuthenticate) Request(req *Request) *SamlAuthenticate

Request allows to set the request property with the appropriate payload.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.