samlutils

package
v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2024 License: Apache-2.0 Imports: 23 Imported by: 38

Documentation

Index

Constants

View Source
const (
	XMLNS_MD     = "urn:oasis:names:tc:SAML:2.0:metadata"
	XMLNS_DS     = "http://www.w3.org/2000/09/xmldsig#"
	XMLNS_PROTO  = "urn:oasis:names:tc:SAML:2.0:protocol"
	XMLNS_ASSERT = "urn:oasis:names:tc:SAML:2.0:assertion"

	PROTOCOL_SAML2 = "urn:oasis:names:tc:SAML:2.0:protocol"

	KEY_USE_SIGNING    = "signing"
	KEY_USE_ENCRYPTION = "encryption"

	NAME_ID_FORMAT_PERSISTENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
	NAME_ID_FORMAT_TRANSIENT  = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
	NAME_ID_FORMAT_EMAIL      = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
	NAME_ID_FORMAT_UNSPEC     = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
	NAME_ID_FORMAT_X509       = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
	NAME_ID_FORMAT_WINDOWS    = "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName"
	NAME_ID_FORMAT_KERBEROS   = "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos"
	NAME_ID_FORMAT_ENTITY     = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"

	SAML2_VERSION = "2.0"

	STATUS_SUCCESS = "urn:oasis:names:tc:SAML:2.0:status:Success"

	BINDING_HTTP_POST     = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
	BINDING_HTTP_REDIRECT = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"

	HTML_SAML_FORM_TOKEN  = "$FORM$"
	DEFAULT_HTML_TEMPLATE = `<!DOCTYPE html><html lang="en-US"><body>$FORM$</body></html>`
)

Variables

Functions

func GenerateSAMLId

func GenerateSAMLId() string

func SAMLDecode

func SAMLDecode(input string) ([]byte, error)

func SAMLEncode

func SAMLEncode(input []byte) (string, error)

func SAMLForm

func SAMLForm(action string, attrs map[string]string) string

func SignXML

func SignXML(xmlstr string, privateKey *rsa.PrivateKey) (string, error)

func ValidateXML

func ValidateXML(signed string) ([]string, error)

Types

type Assertion

type Assertion struct {
	XMLName xml.Name

	ID           string `xml:"ID,attr"`
	Version      string `xml:"Version,attr"`
	IssueInstant string `xml:"IssueInstant,attr"`

	Issuer             Issuer              `xml:"Issuer"`
	Signature          *Signature          `xml:"Signature"`
	Subject            Subject             `xml:"Subject"`
	Conditions         Conditions          `xml:"Conditions"`
	AttributeStatement *AttributeStatement `xml:"AttributeStatement"`
	AuthnStatement     AuthnStatement      `xml:"AuthnStatement"`
}

type Attribute

type Attribute struct {
	XMLName xml.Name

	FriendlyName *string `xml:"FriendlyName,attr"`
	Name         string  `xml:"Name,attr"`
	NameFormat   *string `xml:"NameFormat,attr"`

	AttributeValues []AttributeValue `xml:"AttributeValue"`
}

type AttributeConsumingService

type AttributeConsumingService struct {
	XMLName xml.Name

	Index string `xml:"index,attr"`

	ServiceName SXMLText `xml:"ServiceName"`

	RequestedAttributes []RequestedAttribute `xml:"RequestedAttribute"`
}

type AttributeStatement

type AttributeStatement struct {
	XMLName xml.Name

	Attributes []Attribute `xml:"Attribute"`
}

type AttributeValue

type AttributeValue struct {
	XMLName xml.Name

	Type string `xml:"type,attr"`

	Value string `xml:",innerxml"`
}

type Audience

type Audience struct {
	XMLName xml.Name

	Value string `xml:",innerxml"`
}

type AudienceRestriction

type AudienceRestriction struct {
	XMLName xml.Name

	Audience Audience `xml:"Audience"`
}

type AuthnContext

type AuthnContext struct {
	XMLName xml.Name

	AuthnContextClassRef AuthnContextClassRef `xml:"AuthnContextClassRef"`
}

type AuthnContextClassRef

type AuthnContextClassRef struct {
	XMLName xml.Name

	Value string `xml:",innerxml"`
}

type AuthnRequest

type AuthnRequest struct {
	XMLName xml.Name

	AssertionConsumerServiceURL string `xml:"AssertionConsumerServiceURL,attr"`
	Destination                 string `xml:"Destination,attr"`
	ForceAuthn                  string `xml:"ForceAuthn,attr"`
	ID                          string `xml:"ID,attr"`
	IsPassive                   string `xml:"IsPassive,attr"`
	IssueInstant                string `xml:"IssueInstant,attr"`
	ProtocolBinding             string `xml:"ProtocolBinding,attr"`
	Version                     string `xml:"Version,attr"`

	Issuer       Issuer       `xml:"Issuer"`
	NameIDPolicy NameIDPolicy `xml:"NameIDPolicy"`
}

func NewRequest

func NewRequest(input SSAMLRequestInput) AuthnRequest

type AuthnStatement

type AuthnStatement struct {
	XMLName xml.Name

	AuthnInstant string `xml:"AuthnInstant,attr"`
	SessionIndex string `xml:"SessionIndex,attr"`

	SubjectLocality *SubjectLocality `xml:"SubjectLocality"`

	AuthnContext AuthnContext `xml:"AuthnContext"`
}

type CipherData

type CipherData struct {
	XMLName xml.Name

	CipherValue CipherValue `xml:"CipherValue"`
}

type CipherValue

type CipherValue struct {
	XMLName xml.Name

	Value string `xml:",innerxml"`
}

type Conditions

type Conditions struct {
	XMLName xml.Name

	NotBefore    *string `xml:"NotBefore,attr"`
	NotOnOrAfter string  `xml:"NotOnOrAfter,attr"`

	AudienceRestrictions []AudienceRestriction `xml:"AudienceRestriction"`
}

type DigestMethod

type DigestMethod struct {
	XMLName xml.Name

	Algorithm string `xml:"Algorithm,attr"`
}

type EncryptedAssertion

type EncryptedAssertion struct {
	XMLName xml.Name

	EncryptedData EncryptedData `xml:"EncryptedData"`
}

type EncryptedData

type EncryptedData struct {
	XMLName xml.Name

	Id   string `xml:"Id,attr"`
	Type string `xml:"Type,attr"`

	EncryptionMethod EncryptionMethod `xml:"EncryptionMethod"`
	KeyInfo          KeyInfo          `xml:"KeyInfo"`
	CipherData       CipherData       `xml:"CipherData"`
}

type EncryptedKey

type EncryptedKey struct {
	XMLName xml.Name

	Id        string `xml:"Id,attr"`
	Recipient string `xml:"Recipient,attr"`

	EncryptionMethod EncryptionMethod `xml:"EncryptionMethod"`
	KeyInfo          KeyInfo          `xml:"KeyInfo"`
	CipherData       CipherData       `xml:"CipherData"`
}

type EncryptionMethod

type EncryptionMethod struct {
	XMLName xml.Name

	Algorithm string `xml:"Algorithm,attr"`

	DigestMethod *DigestMethod `xml:"DigestMethod"`
}

type EntityDescriptor

type EntityDescriptor struct {
	XMLName xml.Name

	// Id *string `xml:"ID,attr"`
	EntityId string `xml:"entityID,attr"`

	Extensions *Extensions `xml:"Extensions"`
	Signature  *Signature  `xml:"Signature"`

	SPSSODescriptor  *SSODescriptor `xml:"SPSSODescriptor"`
	IDPSSODescriptor *SSODescriptor `xml:"IDPSSODescriptor"`

	Organization *Organization `xml:"Organization"`
}

func NewIdpMetadata

func NewIdpMetadata(input SSAMLIdpMetadataInput) EntityDescriptor

func NewSpMetadata

func NewSpMetadata(input SSAMLSpMetadataInput) EntityDescriptor

func ParseMetadata

func ParseMetadata(data []byte) (EntityDescriptor, error)

func (EntityDescriptor) String

func (ed EntityDescriptor) String() string

type Extensions

type Extensions struct {
	XMLName xml.Name

	SigningMethods []SigningMethod `xml:"SigningMethod"`
	DigestMethods  []DigestMethod  `xml:"DigestMethod"`

	RequestInitiator *RequestInitiator `xml:"RequestInitiator"`

	UIInfo *SSAMLUIInfo `xml:"UIInfo"`

	Scope *SSAMLScope `xml:"Scope"`
}

type Issuer

type Issuer struct {
	XMLName xml.Name

	Format *string `xml:"Format,attr"`

	Issuer string `xml:",innerxml"`
}

type KeyDescriptor

type KeyDescriptor struct {
	XMLName xml.Name

	Use string `xml:"use,attr"`

	KeyInfo KeyInfo `xml:"KeyInfo"`

	EncryptionMethods []EncryptionMethod `xml:"EncryptionMethod"`
}

type KeyInfo

type KeyInfo struct {
	XMLName xml.Name

	X509Data     *X509Data     `xml:"X509Data"`
	EncryptedKey *EncryptedKey `xml:"EncryptedKey"`
}

type NameID

type NameID struct {
	XMLName xml.Name

	Format        string  `xml:"Format,attr"`
	NameQualifier *string `xml:"NameQualifier,attr"`

	Value string `xml:",innerxml"`
}

type NameIDPolicy

type NameIDPolicy struct {
	XMLName xml.Name

	AllowCreate     string  `xml:"AllowCreate,attr"`
	Format          string  `xml:"Format,attr"`
	SPNameQualifier *string `xml:"SPNameQualifier,attr"`
}

type Organization

type Organization struct {
	XMLName xml.Name

	OrganizationName        SXMLText `xml:"OrganizationName"`
	OrganizationDisplayName SXMLText `xml:"OrganizationDisplayName"`
	OrganizationURL         SXMLText `xml:"OrganizationURL"`
}

type Reference

type Reference struct {
	XMLName xml.Name

	URI string `xml:"URI,attr"`

	Transforms   Transforms       `xml:"Transforms"`
	DigestMethod EncryptionMethod `xml:"DigestMethod"`
	DigestValue  SSAMLValue       `xml:"DigestValue"`
}

type RequestInitiator

type RequestInitiator struct {
	XMLName xml.Name

	Binding  string `xml:"Binding,attr"`
	Location string `xml:"Location,attr"`
}

type RequestedAttribute

type RequestedAttribute struct {
	XMLName xml.Name

	IsRequired   string `xml:"isRequired,attr"`
	Name         string `xml:"Name,attr"`
	FriendlyName string `xml:"FriendlyName,attr"`
}

type Response

type Response struct {
	XMLName xml.Name

	ID           string  `xml:"ID,attr"`
	InResponseTo *string `xml:"InResponseTo,attr"`
	Version      string  `xml:"Version,attr"`
	IssueInstant string  `xml:"IssueInstant,attr"`
	Destination  string  `xml:"Destination,attr"`

	Issuer Issuer `xml:"Issuer"`
	Status Status `xml:"Status"`

	Assertion          *Assertion          `xml:"Assertion"`
	EncryptedAssertion *EncryptedAssertion `xml:"EncryptedAssertion"`
}

func NewResponse

func NewResponse(input SSAMLResponseInput) Response

func (*Response) AddAttribute

func (r *Response) AddAttribute(name string, friendlyName string, nameFormat string, values []string)

AddAttribute add strong attribute to the Response

func (*Response) AddAudienceRestriction

func (r *Response) AddAudienceRestriction(value string)

func (Response) FetchAttribtues

func (samlResp Response) FetchAttribtues() map[string][]string

func (Response) IsSuccess

func (samlResp Response) IsSuccess() bool

type SIdpInitiatedLoginInput

type SIdpInitiatedLoginInput struct {
	EntityID    string `json:"EntityID"`
	IdpId       string `json:"IdpId"`
	RedirectUrl string `json:"redirectUrl"`
}

type SIdpRedirectLoginInput

type SIdpRedirectLoginInput struct {
	SAMLRequest string `json:"SAMLRequest,ignoreempty"`
	RelayState  string `json:"RelayState,ignoreempty"`
	SigAlg      string `json:"SigAlg,ignoreempty"`
	Signature   string `json:"Signature,ignoreempty"`

	Username string `json:"username,ignoreempty"`
}

type SSAMLIdpInitiatedLoginData

type SSAMLIdpInitiatedLoginData struct {
	SSAMLSpInitiatedLoginData

	RelayState string
}

type SSAMLIdpMetadataInput

type SSAMLIdpMetadataInput struct {
	EntityId          string
	CertString        string
	RedirectLoginUrl  string
	RedirectLogoutUrl string
}

type SSAMLInstance

type SSAMLInstance struct {
	// contains filtered or unexported fields
}

func NewSAMLInstance

func NewSAMLInstance(entityID string, cert, key string) (*SSAMLInstance, error)

func (*SSAMLInstance) GetCertString

func (saml *SSAMLInstance) GetCertString() string

func (*SSAMLInstance) GetEntityId

func (saml *SSAMLInstance) GetEntityId() string

func (*SSAMLInstance) SetEntityId

func (saml *SSAMLInstance) SetEntityId(id string)

func (*SSAMLInstance) SignXML

func (saml *SSAMLInstance) SignXML(xmlstr string) (string, error)

func (*SSAMLInstance) UnmarshalResponse

func (saml *SSAMLInstance) UnmarshalResponse(xmlText []byte) (*Response, error)

type SSAMLNameIDFormat

type SSAMLNameIDFormat struct {
	XMLName xml.Name

	Format string `xml:",innerxml"`
}

type SSAMLRequestInput

type SSAMLRequestInput struct {
	AssertionConsumerServiceURL string
	Destination                 string
	RequestID                   string
	EntityID                    string
}

type SSAMLResponseAttribute

type SSAMLResponseAttribute struct {
	Name         string
	NameFormat   string
	FriendlyName string
	Values       []string
}

type SSAMLResponseInput

type SSAMLResponseInput struct {
	IssuerEntityId string

	RequestEntityId string
	RequestID       string

	AssertionConsumerServiceURL string

	IssuerCertString string

	SSAMLSpInitiatedLoginData
}

type SSAMLScope

type SSAMLScope struct {
	XMLName xml.Name

	Regexp string `xml:"regexp,attr"`
	Scope  string `xml:",innerxml"`
}

type SSAMLService

type SSAMLService struct {
	XMLName xml.Name

	Binding   string  `xml:"Binding,attr"`
	Location  string  `xml:"Location,attr"`
	Index     *string `xml:"index,attr"`
	IsDefault *string `xml:"isDefault,attr"`
}

type SSAMLSpInitiatedLoginData

type SSAMLSpInitiatedLoginData struct {
	NameId       string
	NameIdFormat string

	AudienceRestriction string

	Attributes []SSAMLResponseAttribute

	Form string
}

type SSAMLSpMetadataInput

type SSAMLSpMetadataInput struct {
	EntityId             string
	CertString           string
	AssertionConsumerUrl string
	ServiceName          string
	RequestedAttributes  []RequestedAttribute
}

type SSAMLUIInfo

type SSAMLUIInfo struct {
	XMLName xml.Name

	DisplayName SXMLText `xml:"DisplayName"`
	Description SXMLText `xml:"Description"`
}

type SSAMLValue

type SSAMLValue struct {
	XMLName xml.Name

	Value string `xml:",innerxml"`
}

type SSODescriptor

type SSODescriptor struct {
	XMLName xml.Name

	AuthnRequestsSigned        *string `xml:"AuthnRequestsSigned,attr"`
	WantAssertionsSigned       *string `xml:"WantAssertionsSigned,attr"`
	ProtocolSupportEnumeration string  `xml:"protocolSupportEnumeration,attr"`

	Extensions *Extensions `xml:"Extensions"`

	KeyDescriptors []KeyDescriptor `xml:"KeyDescriptor"`

	ArtifactResolutionServices []SSAMLService `xml:"ArtifactResolutionService"`

	SingleLogoutServices []SSAMLService `xml:"SingleLogoutService"`
	ManageNameIDServices []SSAMLService `xml:"ManageNameIDService"`

	NameIDFormat         []SSAMLNameIDFormat `xml:"NameIDFormat"`
	SingleSignOnServices []SSAMLService      `xml:"SingleSignOnService"`

	AssertionConsumerServices []SSAMLService `xml:"AssertionConsumerService"`

	AttributeConsumingServices []AttributeConsumingService `xml:"AttributeConsumingService"`
}

type SSpInitiatedLoginInput

type SSpInitiatedLoginInput struct {
	EntityID string `json:"EntityID"`
}
type SXMLLogo struct {
	XMLName xml.Name

	Height string `xml:"height,attr"`
	Width  string `xml:"width,attr"`
	URL    string `xml:",innerxml"`
}

type SXMLText

type SXMLText struct {
	XMLName xml.Name

	Lang string `xml:"xml:lang,attr"`
	Text string `xml:",innerxml"`
}

type Signature

type Signature struct {
	XMLName xml.Name

	SignedInfo     SignedInfo `xml:"SignedInfo"`
	SignatureValue SSAMLValue `xml:"SignatureValue"`
	KeyInfo        KeyInfo    `xml:"KeyInfo"`
}

type SignedInfo

type SignedInfo struct {
	XMLName xml.Name

	CanonicalizationMethod EncryptionMethod `xml:"CanonicalizationMethod"`
	SignatureMethod        EncryptionMethod `xml:"SignatureMethod"`

	Reference Reference `xml:"Reference"`
}

type SigningMethod

type SigningMethod struct {
	XMLName xml.Name

	Algorithm string `xml:"Algorithm,attr"`
}

type Status

type Status struct {
	XMLName xml.Name

	StatusCode    StatusCode     `xml:"StatusCode"`
	StatusMessage *StatusMessage `xml:"StatusMessage"`
}

type StatusCode

type StatusCode struct {
	XMLName xml.Name

	Value string `xml:"Value,attr"`
}

type StatusMessage

type StatusMessage struct {
	XMLName xml.Name

	Message string `xml:",innerxml"`
}

type Subject

type Subject struct {
	XMLName xml.Name

	NameID NameID `xml:"NameID"`

	SubjectConfirmation SubjectConfirmation `xml:"SubjectConfirmation"`
}

type SubjectConfirmation

type SubjectConfirmation struct {
	XMLName xml.Name

	Method string `xml:"Method,attr"`

	SubjectConfirmationData SubjectConfirmationData `xml:"SubjectConfirmationData"`
}

type SubjectConfirmationData

type SubjectConfirmationData struct {
	XMLName xml.Name

	InResponseTo *string `xml:"InResponseTo,attr"`
	Recipient    string  `xml:"Recipient,attr"`
	NotBefore    *string `xml:"NotBefore,attr"`
	NotOnOrAfter string  `xml:"NotOnOrAfter,attr"`
}

type SubjectLocality

type SubjectLocality struct {
	XMLName xml.Name

	Address string `xml:"Address,attr"`
}

type Transforms

type Transforms struct {
	XMLName xml.Name

	Transforms []EncryptionMethod `xml:"Transform"`
}

type X509Certificate

type X509Certificate struct {
	XMLName xml.Name

	Cert string `xml:",innerxml"`
}

type X509Data

type X509Data struct {
	XMLName xml.Name

	X509Certificate X509Certificate `xml:"X509Certificate"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL