saml

package
v0.0.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 3, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type SAMLAssertion 

type SAMLAssertion struct {
	Issuer       string
	Subject      string
	NotBefore    *time.Time
	NotOnOrAfter *time.Time
	Attributes   map[string][]string
}

SAMLAssertion represents a parsed and validated SAML assertion

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service provides minimal SAML capabilities: SP metadata generation and assertion parsing

func NewService 

func NewService() *Service

NewService creates a SAML service without SP configured (parsing only)

func (*Service) GenerateAuthnRequest 

func (s *Service) GenerateAuthnRequest(idpURL, relayState string) (string, string, error)

GenerateAuthnRequest creates a SAML AuthnRequest for login initiation

func (*Service) Metadata 

func (s *Service) Metadata() string

Metadata returns SP metadata XML using crewjam/saml if configured, else minimal fallback

func (*Service) NewServiceProvider 

func (s *Service) NewServiceProvider(entityID, acsURL, metadataURL string) error

NewServiceProvider initializes a ServiceProvider with self-signed certificate for metadata

func (*Service) ParseAndValidateResponse 

func (s *Service) ParseAndValidateResponse(b64Response, expectedIssuer, relayState string, idpCert *x509.Certificate) (*SAMLAssertion, error)

ParseAndValidateResponse performs full SAML response validation including signatures

func (*Service) ParseResponse 

func (s *Service) ParseResponse(b64, expectedIssuer string) (string, error)

ParseResponse decodes a base64-encoded SAMLResponse and extracts Issuer and NameID Returns NameID on success when Issuer matches expectedIssuer

func (*Service) ValidateRelayState 

func (s *Service) ValidateRelayState(relayState, expectedState string) bool

ValidateRelayState checks if the RelayState matches expected format

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.