Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mattbaird/gosaml

SAML client library written in Go (golang)
https://github.com/mattbaird/gosaml

Last synced: 3 months ago
JSON representation

SAML client library written in Go (golang)

Host: GitHub
URL: https://github.com/mattbaird/gosaml
Owner: mattbaird
License: apache-2.0
Created: 2013-10-03T19:59:01.000Z (about 11 years ago)
Default Branch: master
Last Pushed: 2015-12-09T21:15:49.000Z (almost 9 years ago)
Last Synced: 2024-06-20T13:29:49.615Z (5 months ago)
Language: Go
Size: 23.4 KB
Stars: 148
Watchers: 6
Forks: 24
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-saml - mattbaird/gosaml

README

        gosaml

======

SAML client library written in Go (golang)

SAML is the successful OASIS standard for cloud based single sign on (SSO). SAML allows for companies that maintain a security infrastructure internally to allow using that same set of credentials via a safe, secure mechanism with externally hosted services.

For instance, New Relic allows you to configure a saml provider (https://newrelic.com/docs/subscriptions/saml-service-providers) so you can maintain your own credentials instead of using New Relic's.

Ping Identity has a nice video for SAML here: https://www.pingidentity.com/resource-center/Introduction-to-SAML-Video.cfm

Installation

------------

Use the `go get` command to fetch `gosaml` and its dependencies into your local `$GOPATH`:

    $ go get github.com/mattbaird/gosaml

Usage

-----

### Generating Unsigned AuthnRequests

```go

package main

import (

    "fmt"

    "github.com/mattbaird/gosaml"

)

func main() {

    // Configure the app and account settings

    appSettings := saml.NewAppSettings("http://www.onelogin.net", "issuer")

    accountSettings := saml.NewAccountSettings("cert", "http://www.onelogin.net")

    // Construct an AuthnRequest

    authRequest := saml.NewAuthorizationRequest(*appSettings, *accountSettings)

    // Return a SAML AuthnRequest as a string

    saml, err := authRequest.GetRequest(false)

    if err != nil {

        fmt.Println(err)

        return

    }

    fmt.Println(saml)

}

```

The above code will generate the following AuthnRequest XML:

```xml

    https://sp.example.com/SAML2

    

    

    

        urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport

    

```

### Generating Signed AuthnRequests

See the github wiki for basic instructions on [generating an X.509 certificate for signing](https://github.com/mattbaird/gosaml/wiki/Generating-an-X.509-Certificate-for-Signing).

```go

package main

import (

    "fmt"

    "github.com/mattbaird/gosaml"

)

func main() {

    // Configure the app and account settings

    appSettings := saml.NewAppSettings("http://www.onelogin.net", "issuer")

    accountSettings := saml.NewAccountSettings("cert", "http://www.onelogin.net")

    // Construct an AuthnRequest

    authRequest := saml.NewAuthorizationRequest(*appSettings, *accountSettings)

    // Return a SAML AuthnRequest as a string

    saml, err := authRequest.GetSignedRequest(false, "/path/to/publickey.cer", "/path/to/privatekey.pem")

    if err != nil {

        fmt.Println(err)

        return

    }

    fmt.Println(saml)

}

```

The above code will generate the following AuthnRequest XML:

```xml

    https://sp.example.com/SAML2

    

    

    

        urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport

    

    

        

            

            

            

                

                    

                

                

                8nJJwstdugjt6LJ+pbICc2iBwCc=

            

        

        J35w3/wk5pmrKn6qdfo4L0r0c...t2MGKH8w==

        

            

                MIICKzCCAdWgAwIBA...JHpg+GVGdcCty+4xA==

            

        

    

```