Documentation
¶
Index ¶
- func ContextMiddleware(next http.Handler) http.Handler
- func CustomAuthenticator(next http.Handler) http.Handler
- func CustomServiceProvider(opts samlsp.Options) saml.ServiceProvider
- func CustomSessionCodec(opts samlsp.Options, sessionMaxAge time.Duration) samlsp.JWTSessionCodec
- func CustomSessionProvider(opts samlsp.Options, cookieMaxAge time.Duration) samlsp.CookieSessionProvider
- func GetIDPMetadata(mode string, filePath string, fetchURL string) (*saml.EntityDescriptor, error)
- func New(config Config, services Services) *chi.Mux
- func ReverseProxy(plugin plugin.MyrteaPlugin) http.HandlerFunc
- func SwaggerUICustomizationMiddleware(next http.Handler) http.Handler
- type Config
- type CustomCookieRequestTracker
- func (t CustomCookieRequestTracker) GetTrackedRequest(r *http.Request, index string) (*samlsp.TrackedRequest, error)
- func (t CustomCookieRequestTracker) GetTrackedRequests(r *http.Request) []samlsp.TrackedRequest
- func (t CustomCookieRequestTracker) StopTrackingRequest(w http.ResponseWriter, r *http.Request, index string) error
- func (t CustomCookieRequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)
- type SamlSPMiddleware
- func (m *SamlSPMiddleware) AdminAuthentificator(next http.Handler) http.Handler
- func (m *SamlSPMiddleware) ContextMiddleware(next http.Handler) http.Handler
- func (m *SamlSPMiddleware) Deconnexion(handler http.Handler) http.Handler
- func (m *SamlSPMiddleware) HandleStartAuthFlow(w http.ResponseWriter, r *http.Request)
- func (m *SamlSPMiddleware) RequireAccount(handler http.Handler) http.Handler
- type SamlSPMiddlewareConfig
- type Services
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CustomAuthenticator ¶
CustomAuthenticator is a default authentication middleware to enforce access from the Verifier middleware request context values. The Authenticator sends a 401 Unauthorized response for any unverified tokens and passes the good ones through. It's just fine until you decide to write something similar and customize your client response.
func CustomServiceProvider ¶
func CustomServiceProvider(opts samlsp.Options) saml.ServiceProvider
CustomServiceProvider returns a custom saml.ServiceProvider for the provided options.
func CustomSessionCodec ¶ added in v5.0.16
CustomSessionCodec returns the custom SessionCodec for the provided options, a JWTSessionCodec configured to issue signed tokens.
func CustomSessionProvider ¶
func CustomSessionProvider(opts samlsp.Options, cookieMaxAge time.Duration) samlsp.CookieSessionProvider
CustomSessionProvider returns the default SessionProvider for the provided options, a CookieSessionProvider configured to store sessions in a cookie.
func GetIDPMetadata ¶
GetIDPMetadata returns the IDP metadata descriptor from a local XML file or a remote URL
func New ¶
New returns a new fully configured instance of chi.Mux It instanciates all middlewares including the security ones, all routes and route groups
func ReverseProxy ¶
func ReverseProxy(plugin plugin.MyrteaPlugin) http.HandlerFunc
ReverseProxy act as a reverse proxy for any plugin http handlers
Types ¶
type Config ¶
type Config struct {
Production bool
Security bool
CORS bool
GatewayMode bool
VerboseError bool
AuthenticationMode string
LogLevel zap.AtomicLevel
}
Config wraps common configuration parameters
type CustomCookieRequestTracker ¶
type CustomCookieRequestTracker struct {
ServiceProvider *saml.ServiceProvider
NamePrefix string
Codec samlsp.TrackedRequestCodec
MaxAge time.Duration
}
CustomCookieRequestTracker tracks requests by setting a uniquely named cookie for each request.
func CustomRequestTracker ¶
func CustomRequestTracker(opts samlsp.Options, serviceProvider *saml.ServiceProvider) CustomCookieRequestTracker
CustomRequestTracker returns a new RequestTracker for the provided options, a CustomCookieRequestTracker which uses cookies to track pending requests.
func (CustomCookieRequestTracker) GetTrackedRequest ¶
func (t CustomCookieRequestTracker) GetTrackedRequest(r *http.Request, index string) (*samlsp.TrackedRequest, error)
GetTrackedRequest returns a pending tracked request.
func (CustomCookieRequestTracker) GetTrackedRequests ¶
func (t CustomCookieRequestTracker) GetTrackedRequests(r *http.Request) []samlsp.TrackedRequest
GetTrackedRequests returns all the pending tracked requests
func (CustomCookieRequestTracker) StopTrackingRequest ¶
func (t CustomCookieRequestTracker) StopTrackingRequest(w http.ResponseWriter, r *http.Request, index string) error
StopTrackingRequest stops tracking the SAML request given by index, which is a string previously returned from TrackRequest
func (CustomCookieRequestTracker) TrackRequest ¶
func (t CustomCookieRequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)
TrackRequest starts tracking the SAML request with the given ID. It returns an `index` that should be used as the RelayState in the SAMl request flow.
type SamlSPMiddleware ¶
type SamlSPMiddleware struct {
*samlsp.Middleware
Config SamlSPMiddlewareConfig
}
SamlSPMiddleware wraps default samlsp.Middleware and override some specific func
func NewSamlSP ¶
func NewSamlSP(spRootURLStr string, entityID string, keyFile string, crtFile string, config SamlSPMiddlewareConfig) (*SamlSPMiddleware, error)
NewSamlSP build a new SAML Service Provider middleware
func (*SamlSPMiddleware) AdminAuthentificator ¶
func (m *SamlSPMiddleware) AdminAuthentificator(next http.Handler) http.Handler
AdminAuthentificator is a middle which check if the user is administrator (* * *)
func (*SamlSPMiddleware) ContextMiddleware ¶
func (m *SamlSPMiddleware) ContextMiddleware(next http.Handler) http.Handler
ContextMiddleware extracts a session from the request context and adds (if possible) a new user in the request context for further usage in the APIs
func (*SamlSPMiddleware) Deconnexion ¶ added in v5.2.6
func (m *SamlSPMiddleware) Deconnexion(handler http.Handler) http.Handler
func (*SamlSPMiddleware) HandleStartAuthFlow ¶
func (m *SamlSPMiddleware) HandleStartAuthFlow(w http.ResponseWriter, r *http.Request)
HandleStartAuthFlow is called to start the SAML authentication process.
func (*SamlSPMiddleware) RequireAccount ¶
func (m *SamlSPMiddleware) RequireAccount(handler http.Handler) http.Handler
RequireAccount is a HTTP middleware that requires that each request is associated with a valid session. If the request is not associated with a valid session, then rather than serve the request, the middleware redirects the user to start the SAML authentication flow.
type SamlSPMiddlewareConfig ¶
type SamlSPMiddlewareConfig struct {
MetadataMode string
MetadataFilePath string
MetadataURL string
AttributeUserID string
AttributeUserDisplayName string
EnableMemberOfValidation bool
AttributeUserMemberOf string
CookieMaxAge time.Duration
}
SamlSPMiddlewareConfig wraps multiple parameters for SAML authentication
func (SamlSPMiddlewareConfig) IsValid ¶
func (config SamlSPMiddlewareConfig) IsValid() (bool, error)
IsValid check if the config is valid
type Services ¶ added in v5.3.6
type Services struct {
PluginCore *plugin.Core
ProcessorHandler *handlers.ProcessorHandler
ExportHandler *handlers.ExportHandler
ServiceHandler *handlers.ServiceHandler
}
Services is a wrapper for service instances, it is passed through router functions
Source Files
Directories