Documentation ¶
Index ¶
- Variables
- func AssignPrincipals(awsRoles []*AWSRole, awsAccounts []*AWSAccount)
- func ExtractAwsRoles(data []byte) ([]string, error)
- func ExtractSessionDuration(data []byte) (int64, error)
- func PromptForConfigurationDetails(idpAccount *cfg.IDPAccount) error
- func PromptForLoginDetails(loginDetails *creds.LoginDetails, provider string) error
- type AWSAccount
- type AWSRole
- type ErrMissingElement
- type ProviderList
- type SAMLClient
Constants ¶
This section is empty.
Variables ¶
var (
ErrMissingAssertion = ErrMissingElement{Tag: assertionTag}
)
ErrMissingAssertion indicates that an appropriate assertion element could not be found in the SAML Response
var MFAsByProvider = ProviderList{ "ADFS": []string{"Auto", "VIP"}, "ADFS2": []string{"Auto", "RSA"}, "Ping": []string{"Auto"}, "PingOne": []string{"Auto"}, "JumpCloud": []string{"Auto"}, "Okta": []string{"Auto", "PUSH", "DUO", "SMS", "TOTP", "OKTA"}, "OneLogin": []string{"Auto", "OLP", "SMS", "TOTP"}, "KeyCloak": []string{"Auto"}, "GoogleApps": []string{"Auto"}, "Shibboleth": []string{"Auto"}, "PSU": []string{"Auto"}, }
MFAsByProvider a list of providers with their respective supported MFAs
Functions ¶
func AssignPrincipals ¶
func AssignPrincipals(awsRoles []*AWSRole, awsAccounts []*AWSAccount)
AssignPrincipals assign principal from roles
func ExtractAwsRoles ¶ added in v1.0.0
ExtractAwsRoles given an assertion document extract the aws roles
func ExtractSessionDuration ¶
ExtractSessionDuration this will attempt to extract a session duration from the assertion see https://aws.amazon.com/SAML/Attributes/SessionDuration
func PromptForConfigurationDetails ¶
func PromptForConfigurationDetails(idpAccount *cfg.IDPAccount) error
PromptForConfigurationDetails prompt the user to present their hostname, username and mfa
func PromptForLoginDetails ¶
func PromptForLoginDetails(loginDetails *creds.LoginDetails, provider string) error
PromptForLoginDetails prompt the user to present their username, password
Types ¶
type AWSAccount ¶ added in v1.5.0
AWSAccount holds the AWS account name and roles
func ExtractAWSAccounts ¶ added in v1.5.0
func ExtractAWSAccounts(data []byte) ([]*AWSAccount, error)
ExtractAWSAccounts extract the accounts from the AWS html page
func ParseAWSAccounts ¶ added in v1.5.0
func ParseAWSAccounts(samlAssertion string) ([]*AWSAccount, error)
ParseAWSAccounts extract the aws accounts from the saml assertion
type AWSRole ¶ added in v1.0.0
AWSRole aws role attributes
func LocateRole ¶
LocateRole locate role by name
func ParseAWSRoles ¶ added in v1.3.0
ParseAWSRoles parses and splits the roles while also validating the contents
func PromptForAWSRoleSelection ¶ added in v1.0.0
func PromptForAWSRoleSelection(accounts []*AWSAccount) (*AWSRole, error)
PromptForAWSRoleSelection present a list of roles to the user for selection
type ErrMissingElement ¶
type ErrMissingElement struct {
Tag, Attribute string
}
ErrMissingElement is the error type that indicates an element and/or attribute is missing. It provides a structured error that can be more appropriately acted upon.
func (ErrMissingElement) Error ¶
func (e ErrMissingElement) Error() string
type ProviderList ¶
ProviderList list of providers with their MFAs
func (ProviderList) Mfas ¶
func (mfbp ProviderList) Mfas(provider string) []string
Mfas retrieve a sorted list of mfas from the provider list
func (ProviderList) Names ¶
func (mfbp ProviderList) Names() []string
Names get a list of provider names
type SAMLClient ¶
type SAMLClient interface {
Authenticate(loginDetails *creds.LoginDetails) (string, error)
}
SAMLClient client interface
func NewSAMLClient ¶
func NewSAMLClient(idpAccount *cfg.IDPAccount) (SAMLClient, error)
NewSAMLClient create a new SAML client
Directories ¶
Path | Synopsis |
---|---|
cmd
|
|
helper
|
|
osxkeychain
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
wincred
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
Code generated by mockery v1.0.0
|
Code generated by mockery v1.0.0 |
pkg
|
|
cookiejar
Package cookiejar implements an in-memory RFC 6265-compliant http.CookieJar.
|
Package cookiejar implements an in-memory RFC 6265-compliant http.CookieJar. |