Documentation ¶
Index ¶
- Variables
- func ContextMiddleware(next http.Handler) http.Handler
- func CustomAuthenticator(next http.Handler) http.Handler
- func CustomLogger(next http.Handler) http.Handler
- func CustomRequestLogger(f chimiddleware.LogFormatter) func(next http.Handler) http.Handler
- func CustomServiceProvider(opts samlsp.Options) saml.ServiceProvider
- func CustomSessionProvider(opts samlsp.Options, cookieMaxAge time.Duration) samlsp.CookieSessionProvider
- func GetIDPMetadata(mode string, filePath string, fetchURL string) (*saml.EntityDescriptor, error)
- func New(config Config) *chi.Mux
- func ReverseProxy(plugin plugin.MyrteaPlugin) http.HandlerFunc
- func UnverifiedAuthenticator(next http.Handler) http.Handler
- type Config
- type CustomCookieRequestTracker
- func (t CustomCookieRequestTracker) GetTrackedRequest(r *http.Request, index string) (*samlsp.TrackedRequest, error)
- func (t CustomCookieRequestTracker) GetTrackedRequests(r *http.Request) []samlsp.TrackedRequest
- func (t CustomCookieRequestTracker) StopTrackingRequest(w http.ResponseWriter, r *http.Request, index string) error
- func (t CustomCookieRequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)
- type CustomLogFormatter
- type SamlSPMiddleware
- func (m *SamlSPMiddleware) AdminAuthentificator(next http.Handler) http.Handler
- func (m *SamlSPMiddleware) ContextMiddleware(next http.Handler) http.Handler
- func (m *SamlSPMiddleware) HandleStartAuthFlow(w http.ResponseWriter, r *http.Request)
- func (m *SamlSPMiddleware) RequireAccount(handler http.Handler) http.Handler
- type SamlSPMiddlewareConfig
Constants ¶
This section is empty.
Variables ¶
var ( // RequestLogger is called by the Logger middleware handler to log each request. // Its made a package-level variable so that it can be reconfigured for custom // logging configurations. RequestLogger = CustomRequestLogger(&CustomLogFormatter{Logger: log.New(os.Stdout, "", log.LstdFlags), NoColor: false}) )
Functions ¶
func CustomAuthenticator ¶
CustomAuthenticator is a default authentication middleware to enforce access from the Verifier middleware request context values. The Authenticator sends a 401 Unauthorized response for any unverified tokens and passes the good ones through. It's just fine until you decide to write something similar and customize your client response.
func CustomLogger ¶
CustomLogger is a middleware that logs the start and end of each request, along with some useful data about what was requested, what the response status was, and how long it took to return. When standard output is a TTY, Logger will print in color, otherwise it will print in black and white. Logger prints a request ID if one is provided.
Alternatively, look at https://github.com/pressly/lg and the `lg.RequestLogger` middleware pkg.
func CustomRequestLogger ¶
func CustomRequestLogger(f chimiddleware.LogFormatter) func(next http.Handler) http.Handler
CustomRequestLogger returns a logger handler using a custom LogFormatter.
func CustomServiceProvider ¶
func CustomServiceProvider(opts samlsp.Options) saml.ServiceProvider
CustomServiceProvider returns a custom saml.ServiceProvider for the provided options.
func CustomSessionProvider ¶ added in v4.1.11
func CustomSessionProvider(opts samlsp.Options, cookieMaxAge time.Duration) samlsp.CookieSessionProvider
CustomSessionProvider returns the default SessionProvider for the provided options, a CookieSessionProvider configured to store sessions in a cookie.
func GetIDPMetadata ¶
GetIDPMetadata returns the IDP metadata descriptor from a local XML file or a remote URL
func New ¶
func New(config Config) *chi.Mux
New returns a new fully configured instance of chi.Mux It instanciates all middlewares including the security ones, all routes and route groups
func ReverseProxy ¶
func ReverseProxy(plugin plugin.MyrteaPlugin) http.HandlerFunc
ReverseProxy act as a reverse proxy for any plugin http handlers
func UnverifiedAuthenticator ¶
UnverifiedAuthenticator doc WARNING: Don't use this method unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it.
Types ¶
type Config ¶
type Config struct { Security bool CORS bool GatewayMode bool VerboseError bool AuthenticationMode string LogLevel zap.AtomicLevel Plugins []plugin.MyrteaPlugin }
Config wraps common configuration parameters
type CustomCookieRequestTracker ¶
type CustomCookieRequestTracker struct { ServiceProvider *saml.ServiceProvider NamePrefix string Codec samlsp.TrackedRequestCodec MaxAge time.Duration }
CustomCookieRequestTracker tracks requests by setting a uniquely named cookie for each request.
func CustomRequestTracker ¶
func CustomRequestTracker(opts samlsp.Options, serviceProvider *saml.ServiceProvider) CustomCookieRequestTracker
CustomRequestTracker returns a new RequestTracker for the provided options, a CustomCookieRequestTracker which uses cookies to track pending requests.
func (CustomCookieRequestTracker) GetTrackedRequest ¶
func (t CustomCookieRequestTracker) GetTrackedRequest(r *http.Request, index string) (*samlsp.TrackedRequest, error)
GetTrackedRequest returns a pending tracked request.
func (CustomCookieRequestTracker) GetTrackedRequests ¶
func (t CustomCookieRequestTracker) GetTrackedRequests(r *http.Request) []samlsp.TrackedRequest
GetTrackedRequests returns all the pending tracked requests
func (CustomCookieRequestTracker) StopTrackingRequest ¶
func (t CustomCookieRequestTracker) StopTrackingRequest(w http.ResponseWriter, r *http.Request, index string) error
StopTrackingRequest stops tracking the SAML request given by index, which is a string previously returned from TrackRequest
func (CustomCookieRequestTracker) TrackRequest ¶
func (t CustomCookieRequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)
TrackRequest starts tracking the SAML request with the given ID. It returns an `index` that should be used as the RelayState in the SAMl request flow.
type CustomLogFormatter ¶
type CustomLogFormatter struct { Logger chimiddleware.LoggerInterface NoColor bool }
CustomLogFormatter is a simple logger that implements a LogFormatter.
func (*CustomLogFormatter) NewLogEntry ¶
func (l *CustomLogFormatter) NewLogEntry(r *http.Request) chimiddleware.LogEntry
NewLogEntry creates a new LogEntry for the request.
type SamlSPMiddleware ¶
type SamlSPMiddleware struct { *samlsp.Middleware Config SamlSPMiddlewareConfig }
SamlSPMiddleware wraps default samlsp.Middleware and override some specific func
func NewSamlSP ¶
func NewSamlSP(spRootURLStr string, entityID string, keyFile string, crtFile string, config SamlSPMiddlewareConfig) (*SamlSPMiddleware, error)
NewSamlSP build a new SAML Service Provider middleware
func (*SamlSPMiddleware) AdminAuthentificator ¶
func (m *SamlSPMiddleware) AdminAuthentificator(next http.Handler) http.Handler
AdminAuthentificator is a middle which check if the user is administrator (role=1)
func (*SamlSPMiddleware) ContextMiddleware ¶
func (m *SamlSPMiddleware) ContextMiddleware(next http.Handler) http.Handler
ContextMiddleware extracts a session from the request context and adds (if possible) a new user in the request context for further usage in the APIs
func (*SamlSPMiddleware) HandleStartAuthFlow ¶
func (m *SamlSPMiddleware) HandleStartAuthFlow(w http.ResponseWriter, r *http.Request)
HandleStartAuthFlow is called to start the SAML authentication process.
func (*SamlSPMiddleware) RequireAccount ¶
func (m *SamlSPMiddleware) RequireAccount(handler http.Handler) http.Handler
RequireAccount is a HTTP middleware that requires that each request is associated with a valid session. If the request is not associated with a valid session, then rather than serve the request, the middleware redirects the user to start the SAML authentication flow.
type SamlSPMiddlewareConfig ¶
type SamlSPMiddlewareConfig struct { MetadataMode string MetadataFilePath string MetadataURL string AttributeUserID string AttributeUserDisplayName string EnableMemberOfValidation bool AttributeUserMemberOf string CookieMaxAge time.Duration }
SamlSPMiddlewareConfig wraps multiple parameters for SAML authentication
func (SamlSPMiddlewareConfig) IsValid ¶
func (config SamlSPMiddlewareConfig) IsValid() (bool, error)
IsValid check if the config is valid