pongo

package module

v1.0.0 Latest Latest Go to latest Published: May 10, 2020 License: AGPL-3.0 Imports: 12 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nefixestrada/pongo

Links

Open Source Insights

README ¶

pongo

Pongo is a gorilla/sessions store wrapper for crewjam/saml

Usage

package main

import (
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"net/http"
	"net/url"

	"github.com/crewjam/saml/samlsp"
	"github.com/gorilla/sessions"
	"github.com/nefixestrada/pongo"
)

func hello(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello, %s!", samlsp.AttributeFromContext(r.Context(), "displayName"))
}

var store = sessions.NewCookieStore([]byte("secret"))

func main() {
	keyPair, err := tls.LoadX509KeyPair("myservice.cert", "myservice.key")
	if err != nil {
		panic(err) // TODO handle error
	}
	keyPair.Leaf, err = x509.ParseCertificate(keyPair.Certificate[0])
	if err != nil {
		panic(err) // TODO handle error
	}

	idpMetadataURL, err := url.Parse("https://samltest.id/saml/idp")
	if err != nil {
		panic(err) // TODO handle error
	}

	rootURL, err := url.Parse("http://localhost:8000")
	if err != nil {
		panic(err) // TODO handle error
	}

	samlSP, _ := pongo.New(store, samlsp.Options{
		URL:            *rootURL,
		Key:            keyPair.PrivateKey.(*rsa.PrivateKey),
		Certificate:    keyPair.Leaf,
		IDPMetadataURL: idpMetadataURL,
	})
	app := http.HandlerFunc(hello)
	http.Handle("/hello", samlSP.RequireAccount(app))
	http.Handle("/saml/", samlSP)
	http.ListenAndServe(":8000", nil)
}

Why is the library named pongo?

https://en.wikipedia.org/wiki/Orangutan

Documentation ¶

Index ¶

func New(store sessions.Store, opts samlsp.Options) (*samlsp.Middleware, error)
type RequestTracker
- func DefaultRequestTracker(store sessions.Store, opts samlsp.Options, ...) *RequestTracker
type SessionProvider
- func DefaultSessionProvider(store sessions.Store, opts samlsp.Options) *SessionProvider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(store sessions.Store, opts samlsp.Options) (*samlsp.Middleware, error)

New creates a new Middleware with the default providers for the given options.

You can customize the behavior of the middleware in more detail by replacing and/or changing Session, RequestTracker, and ServiceProvider in the returned Middleware.

Types ¶

type RequestTracker ¶

type RequestTracker struct {
	Store sessions.Store

	ServiceProvider *saml.ServiceProvider
	NamePrefix      string
	Codec           samlsp.TrackedRequestCodec
	MaxAge          time.Duration
}

RequestTracker tracks pending authentication requests.

func DefaultRequestTracker ¶

func DefaultRequestTracker(store sessions.Store, opts samlsp.Options, serviceProvider *saml.ServiceProvider) *RequestTracker

DefaultRequestTracker creates a new RequestTracker using the store, the saml.SessionProvider and options provided

func (*RequestTracker) GetTrackedRequest ¶

func (t *RequestTracker) GetTrackedRequest(r *http.Request, index string) (*samlsp.TrackedRequest, error)

GetTrackedRequest returns a pending tracked request.

func (*RequestTracker) GetTrackedRequests ¶

func (t *RequestTracker) GetTrackedRequests(r *http.Request) []samlsp.TrackedRequest

GetTrackedRequests returns all the pending tracked requests

func (*RequestTracker) StopTrackingRequest ¶

func (t *RequestTracker) StopTrackingRequest(w http.ResponseWriter, r *http.Request, index string) error

StopTrackingRequest stops tracking the SAML request given by index, which is a string previously returned from TrackRequest

func (*RequestTracker) TrackRequest ¶

func (t *RequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)

TrackRequest starts tracking the SAML request with the given ID. It returns an `index` that should be used as the RelayState in the SAMl request flow.

type SessionProvider ¶

type SessionProvider struct {
	Store sessions.Store

	Name     string
	Domain   string
	HTTPOnly bool
	Secure   bool
	MaxAge   time.Duration
	Codec    samlsp.SessionCodec
}

SessionProvider is an interface implemented by types that can track the active session of a user.

func DefaultSessionProvider ¶

func DefaultSessionProvider(store sessions.Store, opts samlsp.Options) *SessionProvider

DefaultSessionProvider creates a new SessionProvider using the store and options provided

func (*SessionProvider) CreateSession ¶

func (s *SessionProvider) CreateSession(w http.ResponseWriter, r *http.Request, assertion *saml.Assertion) error

CreateSession is called when we have received a valid SAML assertion and should create a new session and modify the http response accordingly, e.g. by setting a cookie.

func (*SessionProvider) DeleteSession ¶

func (s *SessionProvider) DeleteSession(w http.ResponseWriter, r *http.Request) error

DeleteSession is called to modify the response such that it removed the current session, e.g. by deleting a cookie.

func (*SessionProvider) GetSession ¶

func (s *SessionProvider) GetSession(r *http.Request) (samlsp.Session, error)

GetSession returns the current Session associated with the request, or ErrNoSession if there is no valid session.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
example

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL