1This package provides basic integration for baseapp with a SAML IDP. The package handles the auth flow with the IDP (ACS and redirect). It does not implement any session tracking/memory so users must implement their own.
2
3There are 3 main integration points users should be aware of:
4
51. `ErrorCallback`: called whenever an error occurs during the auth flow. The callback is expected to send a response to the request
62. `LoginCallback`: called when a user successfully authenticates. The callback should create a session based on the passed in assertion.
73. `IDStore`: used to store SAML requestID's to prevent assertion spoofing.
8
9## Example
10A simple example of how to integrate the saml package into baseapp
11
12```golang
13logger := baseapp.NewLogger(baseapp.LoggingConfig{
14 Level: "debug",
15 Pretty: true,
16})
17
18p := baseapp.DefaultParams(logger, "")
19s, err := baseapp.NewServer(baseapp.HTTPConfig{
20 Address: "127.0.0.1",
21 Port: 8000,
22}, p...)
23
24if err != nil {
25 panic(err)
26}
27
28spParam := []saml.Param{
29 saml.WithCertificateFromFile("./cert.pem"),
30 saml.WithKeyFromFile("./key"),
31 saml.WithEntityFromURL("http://localhost:8080/simplesaml/saml2/idp/metadata.php"),
32 saml.WithACSPath("/saml/acs"),
33 saml.WithMetadataPath("/saml/metadata"),
34}
35
36sp, err := saml.NewServiceProvider(spParam...)
37if err != nil {
38 panic(err)
39}
40
41s.Mux().Handle(pat.Post("/saml/acs"), sp.ACSHandler())
42s.Mux().Handle(pat.Get("/saml/metadata"), sp.MetadataHandler())
43s.Mux().HandleFunc(pat.Get("/auth"), sp.DoAuth)
44
45_ = s.Start()
46```
View as plain text