saml

package

v0.0.0-...-ee57881 Latest Latest Go to latest Published: Dec 20, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/authgear/authgear-server

Documentation ¶

Index ¶

Constants
Variables
func RenderSAMLEntityID(cfg config.SAMLEnvironmentConfig, appID string) string
type BindingHTTPPostWriter
type BindingHTTPRedirectWriter
type IDPSessionProvider
type OfflineGrantService
type SAMLElementSigned
type SAMLElementToSign
type SAMLEndpoints
type SAMLService
type SAMLUserInfoProvider
type SLOService
- func (s *SLOService) SendSLORequest(ctx context.Context, rw http.ResponseWriter, r *http.Request, ...) error
type Service

Constants ¶

View Source

const MaxAuthnRequestValidDuration = duration.Short

View Source

const MetadataValidDuration = time.Hour * 24

Variables ¶

View Source

var DependencySet = wire.NewSet(
	wire.Struct(new(Service), "*"),
	wire.Struct(new(SLOService), "*"),
)

Functions ¶

func RenderSAMLEntityID ¶

func RenderSAMLEntityID(cfg config.SAMLEnvironmentConfig, appID string) string

Types ¶

type BindingHTTPPostWriter ¶

type BindingHTTPPostWriter interface {
	WriteRequest(
		rw http.ResponseWriter,
		r *http.Request,
		callbackURL string,
		requestElement *etree.Element,
		relayState string) error
}

type BindingHTTPRedirectWriter ¶

type BindingHTTPRedirectWriter interface {
	WriteRequest(
		rw http.ResponseWriter,
		r *http.Request,
		callbackURL string,
		requestElement *etree.Element,
		relayState string) error
}

type IDPSessionProvider ¶

type IDPSessionProvider interface {
	AddSAMLServiceProviderParticipant(
		ctx context.Context,
		session *idpsession.IDPSession,
		serviceProviderID string,
	) (*idpsession.IDPSession, error)
}

type OfflineGrantService ¶

type OfflineGrantService interface {
	AddSAMLServiceProviderParticipant(
		ctx context.Context,
		grant *oauth.OfflineGrant,
		serviceProviderID string,
	) (*oauth.OfflineGrant, error)
}

type SAMLElementSigned ¶

type SAMLElementSigned struct {
	SAMLResponse string
	SAMLRequest  string
}

type SAMLElementToSign ¶

type SAMLElementToSign struct {
	SAMLResponse string
	SAMLRequest  string
}

type SAMLEndpoints ¶

type SAMLEndpoints interface {
	SAMLLoginURL(serviceProviderId string) *url.URL
	SAMLLogoutURL(serviceProviderId string) *url.URL
}

type SAMLService ¶

type SAMLService interface {
	IssueLogoutRequest(
		ctx context.Context,
		sp *config.SAMLServiceProviderConfig,
		sloSession *samlslosession.SAMLSLOSession,
	) (*samlprotocol.LogoutRequest, error)
}

type SAMLUserInfoProvider ¶

type SAMLUserInfoProvider interface {
	GetUserInfo(ctx context.Context, userID string, clientLike *oauth.ClientLike) (map[string]interface{}, error)
}

type SLOService ¶

type SLOService struct {
	SAMLService               SAMLService
	BindingHTTPPostWriter     BindingHTTPPostWriter
	BindingHTTPRedirectWriter BindingHTTPRedirectWriter
}

func (*SLOService) SendSLORequest ¶

func (s *SLOService) SendSLORequest(
	ctx context.Context,
	rw http.ResponseWriter,
	r *http.Request,
	sloSession *samlslosession.SAMLSLOSession,
	sp *config.SAMLServiceProviderConfig,
) error

type Service ¶

type Service struct {
	Clock                   clock.Clock
	AppID                   config.AppID
	SAMLEnvironmentConfig   config.SAMLEnvironmentConfig
	SAMLConfig              *config.SAMLConfig
	SAMLIdpSigningMaterials *config.SAMLIdpSigningMaterials
	SAMLSpSigningMaterials  *config.SAMLSpSigningMaterials
	Endpoints               SAMLEndpoints
	UserInfoProvider        SAMLUserInfoProvider

	IDPSessionProvider          IDPSessionProvider
	OfflineGrantSessionProvider OfflineGrantService
}

func (*Service) ConstructSignedQueryParameters ¶

func (s *Service) ConstructSignedQueryParameters(
	relayState string,
	el *SAMLElementToSign,
) (url.Values, error)

func (*Service) IdpEntityID ¶

func (s *Service) IdpEntityID() string

func (*Service) IdpMetadata ¶

func (s *Service) IdpMetadata(serviceProviderId string) (*samlprotocol.Metadata, error)

func (*Service) IssueLoginSuccessResponse ¶

func (s *Service) IssueLoginSuccessResponse(
	ctx context.Context,
	callbackURL string,
	serviceProviderId string,
	authInfo authenticationinfo.T,
	inResponseToAuthnRequest *samlprotocol.AuthnRequest,
) (*samlprotocol.Response, error)

func (*Service) IssueLogoutRequest ¶

func (s *Service) IssueLogoutRequest(
	ctx context.Context,
	sp *config.SAMLServiceProviderConfig,
	sloSession *samlslosession.SAMLSLOSession,
) (*samlprotocol.LogoutRequest, error)

func (*Service) IssueLogoutResponse ¶

func (s *Service) IssueLogoutResponse(
	callbackURL string,
	inResponseToLogoutRequest *samlprotocol.LogoutRequest,
	isPartialLogout bool,
) (*samlprotocol.LogoutResponse, error)

func (*Service) ValidateAuthnRequest ¶

func (s *Service) ValidateAuthnRequest(serviceProviderId string, authnRequest *samlprotocol.AuthnRequest) error

Validate the AuthnRequest This method does not verify the signature

func (*Service) VerifyEmbeddedSignature ¶

func (s *Service) VerifyEmbeddedSignature(
	sp *config.SAMLServiceProviderConfig,
	samlElementXML string) error

func (*Service) VerifyExternalSignature ¶

func (s *Service) VerifyExternalSignature(
	sp *config.SAMLServiceProviderConfig,
	el *SAMLElementSigned,
	sigAlg string,
	relayState string,
	signature string) error

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
samlbinding
samlprotocol
samlsession
samlslosession

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL