Documentation ¶
Index ¶
Constants ¶
View Source
const ( // DefaultConfigPath the default saml2aws configuration path DefaultConfigPath = "~/.saml2aws" // DefaultAmazonWebservicesURN URN used when authenticating to aws using SAML // NOTE: This only needs to be changed to log into GovCloud DefaultAmazonWebservicesURN = "urn:amazon:webservices" // DefaultSessionDuration this is the default session duration which can be overridden in the AWS console // see https://aws.amazon.com/blogs/security/enable-federated-api-access-to-your-aws-resources-for-up-to-12-hours-using-iam-roles/ DefaultSessionDuration = 3600 // DefaultProfile this is the default profile name used to save the credentials in the aws cli DefaultProfile = "saml" // Environment Variable used to define the Keyring Backend for Linux based distro KeyringBackEnvironmentVariableName = "SAML2AWS_KEYRING_BACKEND" )
Variables ¶
View Source
var ErrIdpAccountNotFound = errors.New("IDP account not found, run configure to set it up")
ErrIdpAccountNotFound returned if the idp account is not found in the configuration file
Functions ¶
This section is empty.
Types ¶
type ConfigManager ¶
type ConfigManager struct {
// contains filtered or unexported fields
}
ConfigManager manage the various IDP account settings
func NewConfigManager ¶
func NewConfigManager(configFile string) (*ConfigManager, error)
NewConfigManager build a new config manager and optionally override the config path
func (*ConfigManager) LoadIDPAccount ¶
func (cm *ConfigManager) LoadIDPAccount(idpAccountName string) (*IDPAccount, error)
LoadIDPAccount load the idp account and default to an empty one if it doesn't exist
func (*ConfigManager) SaveIDPAccount ¶
func (cm *ConfigManager) SaveIDPAccount(idpAccountName string, account *IDPAccount) error
SaveIDPAccount save idp account
type IDPAccount ¶
type IDPAccount struct { Name string `ini:"name"` AppID string `ini:"app_id"` // used by OneLogin and AzureAD URL string `ini:"url"` Username string `ini:"username"` Provider string `ini:"provider"` BrowserType string `ini:"browser_type,omitempty"` // used by 'Browser' Provider BrowserExecutablePath string `ini:"browser_executable_path,omitempty"` // used by 'Browser' Provider BrowserAutoFill bool `ini:"browser_autofill,omitempty"` // used by 'Browser' Provider MFA string `ini:"mfa"` MFAIPAddress string `ini:"mfa_ip_address"` // used by OneLogin SkipVerify bool `ini:"skip_verify"` Timeout int `ini:"timeout"` AmazonWebservicesURN string `ini:"aws_urn"` SessionDuration int `ini:"aws_session_duration"` Profile string `ini:"aws_profile"` ResourceID string `ini:"resource_id"` // used by F5APM Subdomain string `ini:"subdomain"` // used by OneLogin RoleARN string `ini:"role_arn"` Region string `ini:"region"` HttpAttemptsCount string `ini:"http_attempts_count"` HttpRetryDelay string `ini:"http_retry_delay"` CredentialsFile string `ini:"credentials_file"` SAMLCache bool `ini:"saml_cache"` SAMLCacheFile string `ini:"saml_cache_file"` TargetURL string `ini:"target_url"` DisableRememberDevice bool `ini:"disable_remember_device"` // used by Okta DisableSessions bool `ini:"disable_sessions"` // used by Okta DownloadBrowser bool `ini:"download_browser_driver"` // used by browser BrowserDriverDir string `ini:"browser_driver_dir,omitempty"` // used by browser; hide from user if not set Headless bool `ini:"headless"` // used by browser Prompter string `ini:"prompter"` KCAuthErrorMessage string `ini:"kc_auth_error_message,omitempty"` // used by KeyCloak; hide from user if not set KCAuthErrorElement string `ini:"kc_auth_error_element,omitempty"` // used by KeyCloak; hide from user if not set }
IDPAccount saml IDP account
func NewIDPAccount ¶
func NewIDPAccount() *IDPAccount
NewIDPAccount Create an idp account and fill in any default fields with sane values
func (IDPAccount) String ¶
func (ia IDPAccount) String() string
func (*IDPAccount) Validate ¶
func (ia *IDPAccount) Validate() error
Validate validate the required / expected fields are set
Click to show internal directories.
Click to hide internal directories.