Skip to content

Releases: pressly/saml

Update AuthnReq signature generation

22 Nov 22:17
@diogogmt diogogmt
v0.15.2
9a10555
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Update AuthnReq signature generation Latest
Latest
  • Using spec recommendation for Canonicalization Method
  • Fixed AuthReqn marshaling issue
Assets 2
Loading

Custom time format XML marshalling.

05 Nov 19:32
@diogogmt diogogmt
v0.15.1
380321c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Custom time format XML marshalling.

Being compatible with Azure IdP when marshalling IssueInstant for AuthnRequests

Assets 2
Loading

Rename to github.com/pressly/saml

24 Oct 22:18
@VojtechVitek VojtechVitek
v0.15.0
3128dc6
Compare
Choose a tag to compare
Rename to github.com/pressly/saml

We renamed github.com/goware/saml to github.com/pressly/saml.

This is a breaking API change. But that's fine, since we haven't released v1.0 yet.

Assets 2
Loading

Signed SAML HTTP-POST AuthnRequests

16 Oct 21:20
@diogogmt diogogmt
v0.13.0
c3c3b8d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Signed SAML HTTP-POST AuthnRequests 
Merge pull request #17 from goware/signed_saml_requests

Signing SAML HTTP-POST requests.
Assets 2
Loading

HTTP-POST Binding

18 Sep 16:10
@diogogmt diogogmt
v0.12.0
6697646
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HTTP-POST Binding

This is an API breaking release.

It adds SP support for generating a HTTP-POST binding AuthnRequest.

Eg;

serviceProvider := &saml.ServiceProvider{}

// Parse IdP metadata
//
// from URL
serviceProvider.IdPMetadataURL = "http://idp.example.com/metadata.xml"
// or from XML file
serviceProvider.IdPMetadataXML = []byte("<xml>")
idpMetadata, _ := serviceProvider.ParseIdPMetadata()

// Get SSOService element for the selected binding
//
ssoService := idpMetadata.SSOService(saml.HTTPPostBinding)
serviceProvider.IdPSSOServiceBinding = ssoService.Binding
serviceProvider.IdPSSOServiceURL = ssoService.Location

// or set information from a different source
serviceProvider.IdPSSOServiceBinding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
serviceProvider.IdPSSOServiceURL = "https://idp.example.com/sso",

// Generate SAML Response for HTTP-POST binding
samlReq, _ := serviceProvider.NewPostSAMLRequest()

Removes ServeSSO handler wrapper and introduces an explicit function to generate a SAML Response for a given AuthnRequest.

Removes http.Request dependency from IdPAuthnRequest

Makes IdP metadata parsing explicit

Assets 2
Loading

API breaking release

05 Sep 04:46
@VojtechVitek VojtechVitek
v0.11.0
65aa78d
Compare
Choose a tag to compare
API breaking release

Drop magical HTTP handlers and middleware.

Instead, provide simple ServiceProvider methods, ie. to parse SAML response and get the assertion, serve Metadata XML and generate AuthnRequest URL.

Drop the custom logger, since we return explicit errors to the caller now instead of logging them.

Assets 2
Loading