pongo

package module

v1.0.0 Latest Latest Go to latest Published: May 10, 2020 License: AGPL-3.0 Imports: 12 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nefixestrada/pongo

Links

Open Source Insights

README ¶

pongo

Pongo is a gorilla/sessions store wrapper for crewjam/saml

Usage

package main

import (
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"net/http"
	"net/url"

	"github.com/crewjam/saml/samlsp"
	"github.com/gorilla/sessions"
	"github.com/nefixestrada/pongo"
)

func hello(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello, %s!", samlsp.AttributeFromContext(r.Context(), "displayName"))
}

var store = sessions.NewCookieStore([]byte("secret"))

func main() {
	keyPair, err := tls.LoadX509KeyPair("myservice.cert", "myservice.key")
	if err != nil {
		panic(err) // TODO handle error
	}
	keyPair.Leaf, err = x509.ParseCertificate(keyPair.Certificate[0])
	if err != nil {
		panic(err) // TODO handle error
	}

	idpMetadataURL, err := url.Parse("https://samltest.id/saml/idp")
	if err != nil {
		panic(err) // TODO handle error
	}

	rootURL, err := url.Parse("http://localhost:8000")
	if err != nil {
		panic(err) // TODO handle error
	}

	samlSP, _ := pongo.New(store, samlsp.Options{
		URL:            *rootURL,
		Key:            keyPair.PrivateKey.(*rsa.PrivateKey),
		Certificate:    keyPair.Leaf,
		IDPMetadataURL: idpMetadataURL,
	})
	app := http.HandlerFunc(hello)
	http.Handle("/hello", samlSP.RequireAccount(app))
	http.Handle("/saml/", samlSP)
	http.ListenAndServe(":8000", nil)
}

Why is the library named pongo?

https://en.wikipedia.org/wiki/Orangutan

Documentation ¶

Index ¶

func New(store sessions.Store, opts samlsp.Options) (*samlsp.Middleware, error)
type RequestTracker
- func DefaultRequestTracker(store sessions.Store, opts samlsp.Options, ...) *RequestTracker
type SessionProvider
- func DefaultSessionProvider(store sessions.Store, opts samlsp.Options) *SessionProvider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(store sessions.Store, opts samlsp.Options) (*samlsp.Middleware, error)

New creates a new Middleware with the default providers for the given options.

You can customize the behavior of the middleware in more detail by replacing and/or changing Session, RequestTracker, and ServiceProvider in the returned Middleware.

Types ¶

type RequestTracker ¶

type RequestTracker struct {
	Store sessions.Store

	ServiceProvider *saml.ServiceProvider
	NamePrefix      string
	Codec           samlsp.TrackedRequestCodec
	MaxAge          time.Duration
}

RequestTracker tracks pending authentication requests.

func DefaultRequestTracker ¶

func DefaultRequestTracker(store sessions.Store, opts samlsp.Options, serviceProvider *saml.ServiceProvider) *RequestTracker

DefaultRequestTracker creates a new RequestTracker using the store, the saml.SessionProvider and options provided

func (*RequestTracker) GetTrackedRequest ¶

func (t *RequestTracker) GetTrackedRequest(r *http.Request, index string) (*samlsp.TrackedRequest, error)

GetTrackedRequest returns a pending tracked request.

func (*RequestTracker) GetTrackedRequests ¶

func (t *RequestTracker) GetTrackedRequests(r *http.Request) []samlsp.TrackedRequest

GetTrackedRequests returns all the pending tracked requests

func (*RequestTracker) StopTrackingRequest ¶

func (t *RequestTracker) StopTrackingRequest(w http.ResponseWriter, r *http.Request, index string) error

StopTrackingRequest stops tracking the SAML request given by index, which is a string previously returned from TrackRequest

func (*RequestTracker) TrackRequest ¶

func (t *RequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)

TrackRequest starts tracking the SAML request with the given ID. It returns an `index` that should be used as the RelayState in the SAMl request flow.

type SessionProvider ¶

type SessionProvider struct {
	Store sessions.Store

	Name     string
	Domain   string
	HTTPOnly bool
	Secure   bool
	MaxAge   time.Duration
	Codec    samlsp.SessionCodec
}

SessionProvider is an interface implemented by types that can track the active session of a user.

func DefaultSessionProvider ¶

func DefaultSessionProvider(store sessions.Store, opts samlsp.Options) *SessionProvider

DefaultSessionProvider creates a new SessionProvider using the store and options provided

func (*SessionProvider) CreateSession ¶

func (s *SessionProvider) CreateSession(w http.ResponseWriter, r *http.Request, assertion *saml.Assertion) error

CreateSession is called when we have received a valid SAML assertion and should create a new session and modify the http response accordingly, e.g. by setting a cookie.

func (*SessionProvider) DeleteSession ¶

func (s *SessionProvider) DeleteSession(w http.ResponseWriter, r *http.Request) error

DeleteSession is called to modify the response such that it removed the current session, e.g. by deleting a cookie.

func (*SessionProvider) GetSession ¶

func (s *SessionProvider) GetSession(r *http.Request) (samlsp.Session, error)

GetSession returns the current Session associated with the request, or ErrNoSession if there is no valid session.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
example

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL