{"id":16211611,"url":"https://github.com/laurabeatris/shin","last_synced_at":"2025-03-19T09:30:40.699Z","repository":{"id":228230673,"uuid":"773465978","full_name":"LauraBeatris/shin","owner":"LauraBeatris","description":"🍀 A collection of auth utilities for Elixir ","archived":false,"fork":false,"pushed_at":"2024-03-30T16:24:48.000Z","size":482,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-05-02T05:10:36.403Z","etag":null,"topics":["authentication","elixir","openid-connect","phoenix","saml"],"latest_commit_sha":null,"homepage":"https://hexdocs.pm/shin_auth","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LauraBeatris.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-17T18:28:27.000Z","updated_at":"2024-04-02T12:17:52.000Z","dependencies_parsed_at":null,"dependency_job_id":"8dc36e3d-27dd-4f7b-857f-1a92e29b8ded","html_url":"https://github.com/LauraBeatris/shin","commit_stats":null,"previous_names":["laurabeatris/shin"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LauraBeatris%2Fshin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LauraBeatris%2Fshin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LauraBeatris%2Fshin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LauraBeatris%2Fshin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LauraBeatris","download_url":"https://codeload.github.com/LauraBeatris/shin/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243981313,"owners_count":20378555,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","elixir","openid-connect","phoenix","saml"],"created_at":"2024-10-10T10:48:44.427Z","updated_at":"2025-03-19T09:30:40.282Z","avatar_url":"https://github.com/LauraBeatris.png","language":"Elixir","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Shin\n\n🍀 A collection of lightweight auth utilities for Elixir. \n\n## Introduction\n\n**Shin** **信** means \"trust\", \"faith\", or \"belief\" in Japanese. \n\nThis package aims to provide lightweight utilities that can be used to ensure that primitives are well validated and trusted for usage by auth providers. \n\n## Playground \n\nA UI playground with usage example per utility can be found at https://shin.howauth.com \n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"shin.howauth.com/\"\u003e\n    \u003cimg width=\"500\" src=\"./.github/images/saml.png\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n## Getting started \n\nThe package can be installed by adding `shin_auth` to your list of dependencies in `mix.exs`:\n\n```elixir \ndef deps do\n  [\n    {:shin_auth, \"~\u003e 1.3.0\"}\n  ]\nend\n```\n\n## Utilities per protocol \n\n### OpenID Connect (OIDC)\n\n#### `load_provider_configuration` \n\nBased on the spec: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata\n\nLoads, validates and parses the Identity Provider configuration based on their discovery endpoint metadata. \n\nWith valid configuration, returns parsed metadata:\n```ex\niex(1)\u003e ShinAuth.OIDC.load_provider_configuration(\"https://valid-url/.well-known/openid-configuration\")\n{:ok, %ShinAuth.OIDC.ProviderConfiguration.Metadata{}}\n```\n\nWith invalid configuration, returns error:\n\n```ex\niex(1)\u003e ShinAuth.OIDC.load_provider_configuration(\"https://invalid-discovery/.well-known/openid-configuration\")\n{:error, %ShinAuth.OIDC.ProviderConfiguration.Error{}}\n```\n\nHere's a list of error per tags:\n\n| Tags                                | Reason                                                                 |\n|------------------------------------|------------------------------------------------------------------------|\n| `malformed_discovery_endpoint` or `discovery_endpoint_unreachable`      | The provided endpoint is either malformed or unreachable via HTTP request       |\n| `authorization_endpoint_unreachable` | `authorization_code` is unreachable via HTTP request |\n| `token_endpoint_unreachable`       |  `token_endpoint` is unreachable via HTTP request           |\n| `jwks_uri_unreachable` or `malformed_jwks_uri_response`       | `jwks_uri` is either unreachable via HTTP request or the response is malformed |\n| `missing_issuer_attribute`         | `issuer` attribute is missing from the provider's metadata |\n\n\n### Security Assertion Markup Language (SAML) \n\n### `decode_saml_response`\n\nParsed a given SAML response to a struct with attributes and values: \n\n```ex\niex(1)\u003e ShinAuth.SAML.decode_saml_response(saml_response_xml)\n\n{:ok, %ShinAuth.SAML.Response{\n   common: %ShinAuth.SAML.Response.Common{\n     id: \"_123\",\n     version: \"2.0\",\n     destination: \"https://api.example.com/sso/saml/acs/123\",\n     issuer: \"https://example.com/1234/issuer/1234\",\n     issue_instant: \"2024-03-23T20:56:56.768Z\"\n   },\n   status: %ShinAuth.SAML.Response.Status{\n     status: :success,\n     status_code: \"urn:oasis:names:tc:SAML:2.0:status:Success\"\n   },\n   conditions: %ShinAuth.SAML.Response.Conditions{\n     not_before: \"2024-03-23T20:56:56.768Z\",\n     not_on_or_after: \"2024-03-23T21:01:56.768Z\"\n   },\n   attributes: [\n     %ShinAuth.SAML.Response.Attribute{\n       name: \"id\",\n       value: \"209bac63df9962e7ec458951607ae2e8ed00445a\"\n     },\n     %ShinAuth.SAML.Response.Attribute{\n       name: \"email\",\n       value: \"foo@corp.com\"\n     },\n     %ShinAuth.SAML.Response.Attribute{\n       name: \"firstName\",\n       value: \"Laura\"\n     },\n     %ShinAuth.SAML.Response.Attribute{\n       name: \"lastName\",\n       value: \"Beatris\"\n     },\n     %ShinAuth.SAML.Response.Attribute{name: \"groups\", value: \"\"}\n   ]\n }}\n```\n\n### `decode_saml_request`\n\nParsed a given SAML request to a struct with attributes and values: \n\n```ex\niex(1)\u003e ShinAuth.SAML.decode_saml_request(saml_request_xml)\n\n{:ok, %ShinAuth.SAML.Request{\n   common: %ShinAuth.SAML.Request.Common{\n     id: \"_123\",\n     version: \"2.0\",\n     assertion_consumer_service_url: \"https://auth.example.com/sso/saml/acs/123\",\n     issuer: \"https://example.com/123\",\n     issue_instant: \"2023-09-27T17:20:42.746Z\"\n   }\n }}\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaurabeatris%2Fshin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flaurabeatris%2Fshin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaurabeatris%2Fshin/lists"}