{"id":18457972,"url":"https://github.com/alokkusingh/saml","last_synced_at":"2026-04-30T13:34:11.443Z","repository":{"id":95088491,"uuid":"283214335","full_name":"alokkusingh/saml","owner":"alokkusingh","description":"SAML Identity Provider and Service Provider implementation using Spring Security","archived":false,"fork":false,"pushed_at":"2024-03-12T14:55:41.000Z","size":125,"stargazers_count":2,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-23T16:13:32.062Z","etag":null,"topics":["java","rsa-key-encryption","rsa-key-pair","rsa-key-signing","saml","saml-authentication","saml-identity-provider","saml-idp","saml-service-provider","saml-sp-single-sign-on","spring-boot","spring-security","x509"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alokkusingh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-28T13:03:52.000Z","updated_at":"2024-03-20T16:13:54.000Z","dependencies_parsed_at":"2024-12-25T05:41:01.681Z","dependency_job_id":"3631f303-5296-466b-8f54-0938a74ad76f","html_url":"https://github.com/alokkusingh/saml","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/alokkusingh/saml","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fsaml","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fsaml/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fsaml/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fsaml/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alokkusingh","download_url":"https://codeload.github.com/alokkusingh/saml/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fsaml/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32466333,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-30T13:12:12.517Z","status":"ssl_error","status_checked_at":"2026-04-30T13:12:06.837Z","response_time":57,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","rsa-key-encryption","rsa-key-pair","rsa-key-signing","saml","saml-authentication","saml-identity-provider","saml-idp","saml-service-provider","saml-sp-single-sign-on","spring-boot","spring-security","x509"],"created_at":"2024-11-06T08:16:16.914Z","updated_at":"2026-04-30T13:34:11.428Z","avatar_url":"https://github.com/alokkusingh.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.org/alokkusingh/saml.svg?branch=master)](https://travis-ci.org/github/alokkusingh/saml)\n[![GitHub issues](https://img.shields.io/github/issues/alokkusingh/saml.svg)](https://github.com/alokkusingh/saml/issues)\n[![GitHub issues closed](https://img.shields.io/github/issues-closed-raw/alokkusingh/saml.svg?maxAge=2592000)](https://github.com/alokkusingh/saml/issues?q=is%3Aissue+is%3Aclosed)\n\n# SAML - Identity Provider and Service Provider Services\n## Meta Data\n`IdP` and `SPS` both the services provide SAML meta data interface to negotiate the service.\n### 1. IdP Meta Data API\nThis meta data API can be integrated with `SPS` to get service negotiation.\n```\nhttp://localhost:8081/alok-idp/saml/idp/metadata\n```\n### 2. SPS Meta Data API\nThis meta data API can be integrated with `IdP` to get service negotiation.\n```\nhttp://localhost:8082/hello-sp/saml/sp/metadata\n```\n## Supported SAML Flows\n### 1. SPS Flow\nSAML authentication initiated by `IdP`.\n- `SPS` - SPS sends **SAML Request** to `IdP`\n- `IdP` authenticate the user and responds with **SAML Response**\n\n![](https://techdocs.akamai.com/eaa/img/saml-flow-sp-v1.png)\n\nUsecase:\n- TBD\n\n### 2. IdP Flow\nSAML authentication initiated by `SPS`.\n- `IdP` - IdP directly sends **SAML Response** to `SPS`. No **SAML Request** generated.\n\n![](https://techdocs.akamai.com/eaa/img/saml-flow-v1.png)\n\nUsecase: \n- Signle Sign-on - if we want to embed a secure web page provided by guest application (will act as \n        SPS service) as iFrame to the web page provided by host application (will act as IdP service). The Guest server \n        validates the user credentials as part of login process and the same time generates SAML Response for guest \n        application. When loading guest application web page to the Web page (as iFrame) the SAML Reponse shall be sent \n        to guest application. Guest application shall use SAML Response to Authenticate/Authorize user without asking \n        additinal credentials from user. Seamless single sign-on takes place.\n\n## IdP and SPS RSA Keys and Certificate\nBoth the services sign and encrypt Metadata/SAML Request/SAML Response.\n\n### 1. IdP RSA Private Key and Cert Generation\n\n#### 1.1 Generate Private Key and CSR Request\n```shell\nopenssl req -new -newkey rsa:4096 -nodes -keyout IdP_pkcs8.key -out IdP.csr\n```\nNote: no pwd\n\n#### 1.2 To pkcs1\n```shell\nopenssl rsa -in IdP_pkcs8.key -out IdP_pkcs1.key\n```\n#### 1.3 Sign Certificate\n```shell\nopenssl x509 -req -CA rootCA_Alok.crt -CAkey rootCA_Alok.key -in IdP.csr -out IdP.crt -days 365 -CAcreateserial\n```\n\n### 2. SPS RSA Private Key and Cert Generation\n#### 2.1 Generate Private Key and CSR Request\n```shell\nopenssl req -new -newkey rsa:4096 -nodes -keyout saml_spcs_pkcs8.key -out saml_spcs.csr\n```\nNote: no pwd\n#### 2.2 To pkcs1\n```shell\nopenssl rsa -in saml_spcs_pkcs8.key -out saml_spcs_pkcs1.key\n```\n#### 2.3 Sign Certificate\n```shell\nopenssl x509 -req -CA rootCA_Alok.crt -CAkey rootCA_Alok.key -in saml_spcs.csr -out saml_spcs.crt -days 365 -CAcreateserial\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falokkusingh%2Fsaml","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falokkusingh%2Fsaml","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falokkusingh%2Fsaml/lists"}