Documentation ¶
Index ¶
- Constants
- Variables
- func GenerateSAMLId() string
- func SAMLDecode(input string) ([]byte, error)
- func SAMLEncode(input []byte) (string, error)
- func SAMLForm(action string, attrs map[string]string) string
- func SignXML(xmlstr string, privateKey *rsa.PrivateKey) (string, error)
- func ValidateXML(signed string) ([]string, error)
- type Assertion
- type Attribute
- type AttributeConsumingService
- type AttributeStatement
- type AttributeValue
- type Audience
- type AudienceRestriction
- type AuthnContext
- type AuthnContextClassRef
- type AuthnRequest
- type AuthnStatement
- type CipherData
- type CipherValue
- type Conditions
- type DigestMethod
- type EncryptedAssertion
- type EncryptedData
- type EncryptedKey
- type EncryptionMethod
- type EntityDescriptor
- type Extensions
- type Issuer
- type KeyDescriptor
- type KeyInfo
- type NameID
- type NameIDPolicy
- type Organization
- type Reference
- type RequestInitiator
- type RequestedAttribute
- type Response
- type SIdpInitiatedLoginInput
- type SIdpRedirectLoginInput
- type SSAMLIdpInitiatedLoginData
- type SSAMLIdpMetadataInput
- type SSAMLInstance
- type SSAMLNameIDFormat
- type SSAMLRequestInput
- type SSAMLResponseAttribute
- type SSAMLResponseInput
- type SSAMLScope
- type SSAMLService
- type SSAMLSpInitiatedLoginData
- type SSAMLSpMetadataInput
- type SSAMLUIInfo
- type SSAMLValue
- type SSODescriptor
- type SSpInitiatedLoginInput
- type SXMLLogo
- type SXMLText
- type Signature
- type SignedInfo
- type SigningMethod
- type Status
- type StatusCode
- type StatusMessage
- type Subject
- type SubjectConfirmation
- type SubjectConfirmationData
- type SubjectLocality
- type Transforms
- type X509Certificate
- type X509Data
Constants ¶
View Source
const ( XMLNS_MD = "urn:oasis:names:tc:SAML:2.0:metadata" XMLNS_DS = "http://www.w3.org/2000/09/xmldsig#" XMLNS_PROTO = "urn:oasis:names:tc:SAML:2.0:protocol" XMLNS_ASSERT = "urn:oasis:names:tc:SAML:2.0:assertion" PROTOCOL_SAML2 = "urn:oasis:names:tc:SAML:2.0:protocol" KEY_USE_SIGNING = "signing" KEY_USE_ENCRYPTION = "encryption" NAME_ID_FORMAT_PERSISTENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NAME_ID_FORMAT_TRANSIENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NAME_ID_FORMAT_EMAIL = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" NAME_ID_FORMAT_UNSPEC = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NAME_ID_FORMAT_X509 = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName" NAME_ID_FORMAT_WINDOWS = "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName" NAME_ID_FORMAT_KERBEROS = "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos" NAME_ID_FORMAT_ENTITY = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SAML2_VERSION = "2.0" STATUS_SUCCESS = "urn:oasis:names:tc:SAML:2.0:status:Success" BINDING_HTTP_POST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" BINDING_HTTP_REDIRECT = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" HTML_SAML_FORM_TOKEN = "$FORM$" DEFAULT_HTML_TEMPLATE = `<!DOCTYPE html><html lang="en-US"><body>$FORM$</body></html>` )
Variables ¶
View Source
var ( NAME_ID_FORMATS = []string{ NAME_ID_FORMAT_PERSISTENT, NAME_ID_FORMAT_TRANSIENT, NAME_ID_FORMAT_EMAIL, NAME_ID_FORMAT_UNSPEC, NAME_ID_FORMAT_X509, NAME_ID_FORMAT_WINDOWS, NAME_ID_FORMAT_KERBEROS, NAME_ID_FORMAT_ENTITY, } )
Functions ¶
func GenerateSAMLId ¶
func GenerateSAMLId() string
func SAMLDecode ¶
func SAMLEncode ¶
func ValidateXML ¶
Types ¶
type Assertion ¶
type Assertion struct { XMLName xml.Name ID string `xml:"ID,attr"` Version string `xml:"Version,attr"` IssueInstant string `xml:"IssueInstant,attr"` Issuer Issuer `xml:"Issuer"` Signature *Signature `xml:"Signature"` Subject Subject `xml:"Subject"` Conditions Conditions `xml:"Conditions"` AttributeStatement *AttributeStatement `xml:"AttributeStatement"` AuthnStatement AuthnStatement `xml:"AuthnStatement"` }
type AttributeConsumingService ¶
type AttributeConsumingService struct { XMLName xml.Name Index string `xml:"index,attr"` ServiceName SXMLText `xml:"ServiceName"` RequestedAttributes []RequestedAttribute `xml:"RequestedAttribute"` }
type AttributeStatement ¶
type AttributeValue ¶
type AudienceRestriction ¶
type AuthnContext ¶
type AuthnContext struct { XMLName xml.Name AuthnContextClassRef AuthnContextClassRef `xml:"AuthnContextClassRef"` }
type AuthnContextClassRef ¶
type AuthnRequest ¶
type AuthnRequest struct { XMLName xml.Name AssertionConsumerServiceURL string `xml:"AssertionConsumerServiceURL,attr"` Destination string `xml:"Destination,attr"` ForceAuthn string `xml:"ForceAuthn,attr"` ID string `xml:"ID,attr"` IsPassive string `xml:"IsPassive,attr"` IssueInstant string `xml:"IssueInstant,attr"` ProtocolBinding string `xml:"ProtocolBinding,attr"` Version string `xml:"Version,attr"` Issuer Issuer `xml:"Issuer"` NameIDPolicy NameIDPolicy `xml:"NameIDPolicy"` }
func NewRequest ¶
func NewRequest(input SSAMLRequestInput) AuthnRequest
type AuthnStatement ¶
type AuthnStatement struct { XMLName xml.Name AuthnInstant string `xml:"AuthnInstant,attr"` SessionIndex string `xml:"SessionIndex,attr"` SubjectLocality *SubjectLocality `xml:"SubjectLocality"` AuthnContext AuthnContext `xml:"AuthnContext"` }
type CipherData ¶
type CipherData struct { XMLName xml.Name CipherValue CipherValue `xml:"CipherValue"` }
type CipherValue ¶
type Conditions ¶
type Conditions struct { XMLName xml.Name NotBefore *string `xml:"NotBefore,attr"` NotOnOrAfter string `xml:"NotOnOrAfter,attr"` AudienceRestrictions []AudienceRestriction `xml:"AudienceRestriction"` }
type DigestMethod ¶
type EncryptedAssertion ¶
type EncryptedAssertion struct { XMLName xml.Name EncryptedData EncryptedData `xml:"EncryptedData"` }
type EncryptedData ¶
type EncryptedData struct { XMLName xml.Name Id string `xml:"Id,attr"` Type string `xml:"Type,attr"` EncryptionMethod EncryptionMethod `xml:"EncryptionMethod"` KeyInfo KeyInfo `xml:"KeyInfo"` CipherData CipherData `xml:"CipherData"` }
type EncryptedKey ¶
type EncryptedKey struct { XMLName xml.Name Id string `xml:"Id,attr"` Recipient string `xml:"Recipient,attr"` EncryptionMethod EncryptionMethod `xml:"EncryptionMethod"` KeyInfo KeyInfo `xml:"KeyInfo"` CipherData CipherData `xml:"CipherData"` }
type EncryptionMethod ¶
type EncryptionMethod struct { XMLName xml.Name Algorithm string `xml:"Algorithm,attr"` DigestMethod *DigestMethod `xml:"DigestMethod"` }
type EntityDescriptor ¶
type EntityDescriptor struct { XMLName xml.Name // Id *string `xml:"ID,attr"` EntityId string `xml:"entityID,attr"` Extensions *Extensions `xml:"Extensions"` Signature *Signature `xml:"Signature"` SPSSODescriptor *SSODescriptor `xml:"SPSSODescriptor"` IDPSSODescriptor *SSODescriptor `xml:"IDPSSODescriptor"` Organization *Organization `xml:"Organization"` }
func NewIdpMetadata ¶
func NewIdpMetadata(input SSAMLIdpMetadataInput) EntityDescriptor
func NewSpMetadata ¶
func NewSpMetadata(input SSAMLSpMetadataInput) EntityDescriptor
func ParseMetadata ¶
func ParseMetadata(data []byte) (EntityDescriptor, error)
func (EntityDescriptor) String ¶
func (ed EntityDescriptor) String() string
type Extensions ¶
type Extensions struct { XMLName xml.Name SigningMethods []SigningMethod `xml:"SigningMethod"` DigestMethods []DigestMethod `xml:"DigestMethod"` RequestInitiator *RequestInitiator `xml:"RequestInitiator"` UIInfo *SSAMLUIInfo `xml:"UIInfo"` Scope *SSAMLScope `xml:"Scope"` }
type KeyDescriptor ¶
type KeyDescriptor struct { XMLName xml.Name Use string `xml:"use,attr"` KeyInfo KeyInfo `xml:"KeyInfo"` EncryptionMethods []EncryptionMethod `xml:"EncryptionMethod"` }
type KeyInfo ¶
type KeyInfo struct { XMLName xml.Name X509Data *X509Data `xml:"X509Data"` EncryptedKey *EncryptedKey `xml:"EncryptedKey"` }
type NameIDPolicy ¶
type Organization ¶
type Reference ¶
type Reference struct { XMLName xml.Name URI string `xml:"URI,attr"` Transforms Transforms `xml:"Transforms"` DigestMethod EncryptionMethod `xml:"DigestMethod"` DigestValue SSAMLValue `xml:"DigestValue"` }
type RequestInitiator ¶
type RequestedAttribute ¶
type Response ¶
type Response struct { XMLName xml.Name ID string `xml:"ID,attr"` InResponseTo *string `xml:"InResponseTo,attr"` Version string `xml:"Version,attr"` IssueInstant string `xml:"IssueInstant,attr"` Destination string `xml:"Destination,attr"` Issuer Issuer `xml:"Issuer"` Status Status `xml:"Status"` Assertion *Assertion `xml:"Assertion"` EncryptedAssertion *EncryptedAssertion `xml:"EncryptedAssertion"` }
func NewResponse ¶
func NewResponse(input SSAMLResponseInput) Response
func (*Response) AddAttribute ¶
func (r *Response) AddAttribute(name string, friendlyName string, nameFormat string, values []string)
AddAttribute add strong attribute to the Response
func (*Response) AddAudienceRestriction ¶
func (Response) FetchAttribtues ¶
type SIdpInitiatedLoginInput ¶
type SIdpRedirectLoginInput ¶
type SSAMLIdpInitiatedLoginData ¶
type SSAMLIdpInitiatedLoginData struct { SSAMLSpInitiatedLoginData RelayState string }
type SSAMLIdpMetadataInput ¶
type SSAMLInstance ¶
type SSAMLInstance struct {
// contains filtered or unexported fields
}
func NewSAMLInstance ¶
func NewSAMLInstance(entityID string, cert, key string) (*SSAMLInstance, error)
func (*SSAMLInstance) GetCertString ¶
func (saml *SSAMLInstance) GetCertString() string
func (*SSAMLInstance) GetEntityId ¶
func (saml *SSAMLInstance) GetEntityId() string
func (*SSAMLInstance) SetEntityId ¶
func (saml *SSAMLInstance) SetEntityId(id string)
func (*SSAMLInstance) UnmarshalResponse ¶
func (saml *SSAMLInstance) UnmarshalResponse(xmlText []byte) (*Response, error)
type SSAMLNameIDFormat ¶
type SSAMLRequestInput ¶
type SSAMLResponseAttribute ¶
type SSAMLResponseInput ¶
type SSAMLScope ¶
type SSAMLService ¶
type SSAMLSpInitiatedLoginData ¶
type SSAMLSpInitiatedLoginData struct { NameId string NameIdFormat string AudienceRestriction string Attributes []SSAMLResponseAttribute Form string }
type SSAMLSpMetadataInput ¶
type SSAMLSpMetadataInput struct { EntityId string CertString string AssertionConsumerUrl string ServiceName string RequestedAttributes []RequestedAttribute }
type SSAMLUIInfo ¶
type SSAMLValue ¶
type SSODescriptor ¶
type SSODescriptor struct { XMLName xml.Name AuthnRequestsSigned *string `xml:"AuthnRequestsSigned,attr"` WantAssertionsSigned *string `xml:"WantAssertionsSigned,attr"` ProtocolSupportEnumeration string `xml:"protocolSupportEnumeration,attr"` Extensions *Extensions `xml:"Extensions"` KeyDescriptors []KeyDescriptor `xml:"KeyDescriptor"` ArtifactResolutionServices []SSAMLService `xml:"ArtifactResolutionService"` SingleLogoutServices []SSAMLService `xml:"SingleLogoutService"` ManageNameIDServices []SSAMLService `xml:"ManageNameIDService"` NameIDFormat []SSAMLNameIDFormat `xml:"NameIDFormat"` SingleSignOnServices []SSAMLService `xml:"SingleSignOnService"` AssertionConsumerServices []SSAMLService `xml:"AssertionConsumerService"` AttributeConsumingServices []AttributeConsumingService `xml:"AttributeConsumingService"` }
type SSpInitiatedLoginInput ¶
type SSpInitiatedLoginInput struct {
EntityID string `json:"EntityID"`
}
type Signature ¶
type Signature struct { XMLName xml.Name SignedInfo SignedInfo `xml:"SignedInfo"` SignatureValue SSAMLValue `xml:"SignatureValue"` KeyInfo KeyInfo `xml:"KeyInfo"` }
type SignedInfo ¶
type SignedInfo struct { XMLName xml.Name CanonicalizationMethod EncryptionMethod `xml:"CanonicalizationMethod"` SignatureMethod EncryptionMethod `xml:"SignatureMethod"` Reference Reference `xml:"Reference"` }
type SigningMethod ¶
type Status ¶
type Status struct { XMLName xml.Name StatusCode StatusCode `xml:"StatusCode"` StatusMessage *StatusMessage `xml:"StatusMessage"` }
type StatusCode ¶
type StatusMessage ¶
type Subject ¶
type Subject struct { XMLName xml.Name NameID NameID `xml:"NameID"` SubjectConfirmation SubjectConfirmation `xml:"SubjectConfirmation"` }
type SubjectConfirmation ¶
type SubjectConfirmation struct { XMLName xml.Name Method string `xml:"Method,attr"` SubjectConfirmationData SubjectConfirmationData `xml:"SubjectConfirmationData"` }
type SubjectConfirmationData ¶
type SubjectLocality ¶
type Transforms ¶
type Transforms struct { XMLName xml.Name Transforms []EncryptionMethod `xml:"Transform"` }
type X509Certificate ¶
type X509Data ¶
type X509Data struct { XMLName xml.Name X509Certificate X509Certificate `xml:"X509Certificate"` }
Click to show internal directories.
Click to hide internal directories.