Documentation
¶
Index ¶
- Constants
- type Assertion
- type Attribute
- type AttributeStatement
- type AttributeValue
- type Audience
- type AudienceRestriction
- type AuthnStatement
- type Conditions
- type ContactPerson
- type DigestMethod
- type EncryptedAssertion
- type EncryptedKey
- type EncryptionMethod
- type Endpoint
- type EntityDescriptor
- type IDPSSODescriptor
- type IndexedEndpoint
- type Issuer
- type KeyDescriptor
- type LocalizedName
- type LocalizedURI
- type NameID
- type NameIDFormat
- type OneTimeUse
- type Organization
- type ProxyRestriction
- type Response
- type SPSSODescriptor
- type Signature
- type SingleSignOnService
- type Status
- type StatusCode
- type Subject
- type SubjectConfirmation
- type SubjectConfirmationData
Constants ¶
View Source
const ( MethodRSAOAEP = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" MethodRSAOAEP2 = "http://www.w3.org/2009/xmlenc11#rsa-oaep" )
Well-known public-key encryption methods
View Source
const ( MethodAES128GCM = "http://www.w3.org/2009/xmlenc11#aes128-gcm" MethodAES128CBC = "http://www.w3.org/2001/04/xmlenc#aes128-cbc" MethodAES256CBC = "http://www.w3.org/2001/04/xmlenc#aes256-cbc" )
Well-known private key encryption methods
View Source
const ( MethodSHA1 = "http://www.w3.org/2000/09/xmldsig#sha1" MethodSHA256 = "http://www.w3.org/2000/09/xmldsig#sha256" MethodSHA512 = "http://www.w3.org/2000/09/xmldsig#sha512" )
Well-known hash methods
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Assertion ¶
type Assertion struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:assertion Assertion"`
Version string `xml:"Version,attr"`
ID string `xml:"ID,attr"`
IssueInstant time.Time `xml:"IssueInstant,attr"`
Issuer *Issuer `xml:"Issuer"`
Signature *Signature `xml:"Signature"`
Subject *Subject `xml:"Subject"`
Conditions *Conditions `xml:"Conditions"`
AttributeStatement *AttributeStatement `xml:"AttributeStatement"`
AuthnStatement *AuthnStatement `xml:"AuthnStatement"`
SignatureValidated bool `xml:"-"` // not read, not dumped
}
type AttributeStatement ¶
type AttributeValue ¶
type AudienceRestriction ¶
type AuthnStatement ¶
type Conditions ¶
type Conditions struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:assertion Conditions"`
NotBefore string `xml:"NotBefore,attr"`
NotOnOrAfter string `xml:"NotOnOrAfter,attr"`
AudienceRestrictions []AudienceRestriction `xml:"AudienceRestriction"`
OneTimeUse *OneTimeUse `xml:"OneTimeUse"`
ProxyRestriction *ProxyRestriction `xml:"ProxyRestriction"`
}
type ContactPerson ¶
type ContactPerson struct {
ContactType string `xml:"contactType,attr"`
Company string
GivenName string
SurName string
EmailAddresses []string `xml:"EmailAddress"`
TelephoneNumbers []string `xml:"TelephoneNumber"`
}
See http://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf §2.3.2.2
type DigestMethod ¶
type DigestMethod struct {
Algorithm string `xml:",attr,omitempty"`
}
DigestMethod is a digest type specification
type EncryptedAssertion ¶
type EncryptedAssertion struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:assertion EncryptedAssertion"`
EncryptionMethod EncryptionMethod `xml:"EncryptedData>EncryptionMethod"`
EncryptedKey EncryptedKey `xml:"EncryptedData>KeyInfo>EncryptedKey"`
DetEncryptedKey EncryptedKey `xml:"EncryptedKey"` // detached EncryptedKey element
CipherValue string `xml:"EncryptedData>CipherData>CipherValue"`
}
func (*EncryptedAssertion) Decrypt ¶
func (ea *EncryptedAssertion) Decrypt(cert *tls.Certificate) (*Assertion, error)
Decrypt decrypts and unmarshals the EncryptedAssertion.
func (*EncryptedAssertion) DecryptBytes ¶
func (ea *EncryptedAssertion) DecryptBytes(cert *tls.Certificate) ([]byte, error)
type EncryptedKey ¶
type EncryptedKey struct {
// EncryptionMethod string `xml:"EncryptionMethod>Algorithm"`
X509Data string `xml:"KeyInfo>X509Data>X509Certificate"`
CipherValue string `xml:"CipherData>CipherValue"`
EncryptionMethod EncryptionMethod
}
EncryptedKey contains the decryption key data from the saml2 core and xmlenc standards.
func (*EncryptedKey) DecryptSymmetricKey ¶
func (ek *EncryptedKey) DecryptSymmetricKey(cert *tls.Certificate) (cipher.Block, error)
DecryptSymmetricKey returns the private key contained in the EncryptedKey document
type EncryptionMethod ¶
type EncryptionMethod struct {
Algorithm string `xml:",attr,omitempty"`
DigestMethod *DigestMethod `xml:",omitempty"`
}
EncryptionMethod specifies the type of encryption that was used.
type EntityDescriptor ¶
type EntityDescriptor struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:metadata EntityDescriptor"`
ValidUntil time.Time `xml:"validUntil,attr"`
// SAML 2.0 8.3.6 Entity Identifier could be used to represent issuer
EntityID string `xml:"entityID,attr"`
SPSSODescriptor SPSSODescriptor `xml:"SPSSODescriptor"`
IDPSSODescriptor IDPSSODescriptor `xml:"IDPSSODescriptor,omitempty"`
Organization *Organization `xml:"urn:oasis:names:tc:SAML:2.0:metadata Organization,omitempty"`
ContactPerson *ContactPerson `xml:"urn:oasis:names:tc:SAML:2.0:metadata ContactPerson,omitempty"`
DigestMethod []DigestMethod `xml:"urn:oasis:names:tc:SAML:metadata:algsupport DigestMethod"`
}
type IDPSSODescriptor ¶
type IDPSSODescriptor struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:metadata IDPSSODescriptor"`
WantAuthnRequestsSigned bool `xml:"WantAuthnRequestsSigned,attr"`
KeyDescriptors []KeyDescriptor `xml:"KeyDescriptor"`
NameIDFormats []NameIDFormat `xml:"NameIDFormat"`
SingleSignOnServices []SingleSignOnService `xml:"SingleSignOnService"`
Attributes []Attribute `xml:"Attribute"`
}
type IndexedEndpoint ¶
type KeyDescriptor ¶
type LocalizedName ¶
See http://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf §2.2.4
type LocalizedURI ¶
See http://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf §2.2.5
type NameIDFormat ¶
type OneTimeUse ¶
type Organization ¶
type Organization struct {
OrganizationNames []LocalizedName `xml:"OrganizationName"`
OrganizationDisplayNames []LocalizedName `xml:"OrganizationDisplayName"`
OrganizationURLs []LocalizedURI `xml:"OrganizationURL"`
}
See http://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf §2.3.2.1
type ProxyRestriction ¶
type Response ¶
type Response struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:protocol Response"`
ID string `xml:"ID,attr"`
InResponseTo string `xml:"InResponseTo,attr"`
Destination string `xml:"Destination,attr"`
Version string `xml:"Version,attr"`
IssueInstant time.Time `xml:"IssueInstant,attr"`
Status *Status `xml:"Status"`
Issuer *Issuer `xml:"Issuer"`
Assertions []Assertion `xml:"Assertion"`
EncryptedAssertions []EncryptedAssertion `xml:"EncryptedAssertion"`
SignatureValidated bool `xml:"-"` // not read, not dumped
}
type SPSSODescriptor ¶
type SPSSODescriptor struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:metadata SPSSODescriptor"`
AuthnRequestsSigned bool `xml:"AuthnRequestsSigned,attr"`
WantAssertionsSigned bool `xml:"WantAssertionsSigned,attr"`
ProtocolSupportEnumeration string `xml:"protocolSupportEnumeration,attr"`
KeyDescriptors []KeyDescriptor `xml:"KeyDescriptor"`
SingleLogoutServices []Endpoint `xml:"SingleLogoutService"`
NameIDFormat string `xml:"NameIDFormat,omitempty"`
AssertionConsumerServices []IndexedEndpoint `xml:"AssertionConsumerService"`
}
type SingleSignOnService ¶
type Status ¶
type Status struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:protocol Status"`
StatusCode *StatusCode `xml:"StatusCode"`
}
type StatusCode ¶
type Subject ¶
type Subject struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:assertion Subject"`
NameID *NameID `xml:"NameID"`
SubjectConfirmation *SubjectConfirmation `xml:"SubjectConfirmation"`
}
type SubjectConfirmation ¶
type SubjectConfirmation struct {
XMLName xml.Name `xml:"urn:oasis:names:tc:SAML:2.0:assertion SubjectConfirmation"`
Method string `xml:"Method,attr"`
SubjectConfirmationData *SubjectConfirmationData `xml:"SubjectConfirmationData"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.