Documentation ¶
Index ¶
Constants ¶
View Source
const ( HeaderAuthorizedUsing = "X-Authorized-Using" HeaderForwardedProto = "X-Forwarded-Proto" HeaderForwardedFor = "X-Forwarded-For" HeaderForwardedHost = "X-Forwarded-Host" )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶
type Config struct { Version bool `usage:"show version and exit" env:""` Bind string `default:":8080" usage:"[host:port] to bind for serving HTTP"` BaseUrl string `usage:"External [URL] of this proxy"` BackendUrl string `usage:"[URL] of the backend being proxied"` IdpMetadataUrl string `usage:"[URL] of the IdP's metadata XML, can be a local file by specifying the file:// scheme"` IdpCaPath string `usage:"Optional [path] to a CA certificate PEM file for the IdP"` NameIdFormat string `` /* 145-byte string literal not displayed */ SpKeyPath string `default:"saml-auth-proxy.key" usage:"The [path] to the X509 private key PEM file for this SP"` SpCertPath string `default:"saml-auth-proxy.cert" usage:"The [path] to the X509 public certificate PEM file for this SP"` NameIdMapping string `usage:"Name of the request [header] to convey the SAML nameID/subject"` AttributeHeaderMappings map[string]string `usage:"Comma separated list of [attribute=header] pairs mapping SAML IdP response attributes to forwarded request header"` AttributeHeaderWildcard string `usage:"Maps all SAML attributes with this option as a prefix` NewAuthWebhookUrl string `usage:"[URL] of webhook that will get POST'ed when a new authentication is processed"` AuthorizeAttribute string `usage:"Enables authorization and specifies the [attribute] to check for authorized values"` AuthorizeValues []string `usage:"If enabled, comma separated list of [values] that must be present in the authorize attribute"` CookieMaxAge time.Duration `usage:"Specifies the amount of time the authentication token will remain valid" default:"2h"` CookieDomain string `usage:"Overrides the domain set on the session cookie. By default the BaseUrl host is used."` CookieName string `default:"token" usage:"Overrides the name of the session cookie."` AllowIdpInitiated bool `usage:"If set, allows for IdP initiated authentication flow"` }
type CookieRequestTracker ¶
type CookieRequestTracker struct { samlsp.CookieRequestTracker Domain string }
func (CookieRequestTracker) TrackRequest ¶
func (t CookieRequestTracker) TrackRequest(w http.ResponseWriter, r *http.Request, samlRequestID string) (string, error)
Click to show internal directories.
Click to hide internal directories.