Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix branch #576

Closed
wants to merge 22 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ linters:
- depguard # Go linter that checks if package imports are in a list of acceptable packages [fast: true, auto-fix: false]
linters-settings:
goimports:
local-prefixes: github.com/crewjam/saml
local-prefixes: github.com/lorodoes/saml
govet:
disable:
- shadow
Expand Down
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# SAML

[![](https://godoc.org/github.com/crewjam/saml?status.svg)](http://godoc.org/github.com/crewjam/saml)
[![](https://godoc.org/github.com/lorodoes/saml?status.svg)](http://godoc.org/github.com/lorodoes/saml)

![Build Status](https://github.com/crewjam/saml/workflows/Presubmit/badge.svg)
![Build Status](https://github.com/lorodoes/saml/workflows/Presubmit/badge.svg)

Package saml contains a partial implementation of the SAML standard in golang.
SAML is a standard for identity federation, i.e. either allowing a third party to authenticate your users or allowing third parties to rely on us to authenticate their users.
Expand Down Expand Up @@ -54,7 +54,7 @@ import (
"net/http"
"net/url"

"github.com/crewjam/saml/samlsp"
"github.com/lorodoes/saml/samlsp"
)

func hello(w http.ResponseWriter, r *http.Request) {
Expand Down
4 changes: 2 additions & 2 deletions example/idp/idp.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ import (
"github.com/zenazn/goji"
"golang.org/x/crypto/bcrypt"

"github.com/crewjam/saml/logger"
"github.com/crewjam/saml/samlidp"
"github.com/lorodoes/saml/logger"
"github.com/lorodoes/saml/samlidp"
)

var key = func() crypto.PrivateKey {
Expand Down
2 changes: 1 addition & 1 deletion example/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ import (
"github.com/zenazn/goji"
"github.com/zenazn/goji/web"

"github.com/crewjam/saml/samlsp"
"github.com/lorodoes/saml/samlsp"
)

var links = map[string]Link{}
Expand Down
2 changes: 1 addition & 1 deletion example/trivial/trivial.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import (
"net/url"
"time"

"github.com/crewjam/saml/samlsp"
"github.com/lorodoes/saml/samlsp"
)

var samlMiddleware *samlsp.Middleware
Expand Down
11 changes: 9 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/crewjam/saml
module github.com/lorodoes/saml

go 1.19
go 1.20

require (
github.com/beevik/etree v1.2.0
Expand All @@ -12,17 +12,24 @@ require (
github.com/mattermost/xml-roundtrip-validator v0.1.0
github.com/russellhaering/goxmldsig v1.4.0
github.com/stretchr/testify v1.8.4
github.com/pkg/errors v0.9.1 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/sirupsen/logrus v1.9.0
github.com/stretchr/testify v1.8.1
github.com/zenazn/goji v1.0.1
golang.org/x/crypto v0.18.0
gotest.tools v2.2.0+incompatible
)

require (
github.com/andybalholm/brotli v1.0.5 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/jonboulle/clockwork v0.2.2 // indirect
github.com/kr/text v0.2.0 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/rogpeppe/go-internal v1.9.0 // indirect
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
28 changes: 22 additions & 6 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
github.com/beevik/etree v1.2.0 h1:l7WETslUG/T+xOPs47dtd6jov2Ii/8/OjCldk5fYfQw=
github.com/beevik/etree v1.2.0/go.mod h1:aiPf89g/1k3AShMVAzriilpcE4R/Vuor90y83zVZWFc=
Expand All @@ -13,6 +16,12 @@ github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOW
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/golang-jwt/jwt/v4 v4.4.3 h1:Hxl6lhQFj4AnOX6MLrsCb/+7tCj7DxP7VA+2rDIq5AU=
github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
Expand All @@ -36,17 +45,24 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE
github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys=
github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
github.com/russellhaering/goxmldsig v1.2.0 h1:Y6GTTc9Un5hCxSzVz4UIWQ/zuVwDvzJk80guqzwx6Vg=
github.com/russellhaering/goxmldsig v1.2.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/zenazn/goji v1.0.1 h1:4lbD8Mx2h7IvloP7r2C0D6ltZP6Ufip8Hn0wmSK5LR8=
github.com/zenazn/goji v1.0.1/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/crypto v0.0.0-20220128200615-198e4374d7ed h1:YoWVYYAfvQ4ddHv3OKmIvX7NCAhFGTj62VP2l2kfBbA=
golang.org/x/crypto v0.0.0-20220128200615-198e4374d7ed/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
Expand Down
4 changes: 2 additions & 2 deletions identity_provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@ import (
xrv "github.com/mattermost/xml-roundtrip-validator"
dsig "github.com/russellhaering/goxmldsig"

"github.com/crewjam/saml/logger"
"github.com/crewjam/saml/xmlenc"
"github.com/lorodoes/saml/logger"
"github.com/lorodoes/saml/xmlenc"
)

// Session represents a user session. It is returned by the
Expand Down
6 changes: 3 additions & 3 deletions identity_provider_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,9 @@ import (
"github.com/golang-jwt/jwt/v4"
dsig "github.com/russellhaering/goxmldsig"

"github.com/crewjam/saml/logger"
"github.com/crewjam/saml/testsaml"
"github.com/crewjam/saml/xmlenc"
"github.com/lorodoes/saml/logger"
"github.com/lorodoes/saml/testsaml"
"github.com/lorodoes/saml/xmlenc"
)

type IdentityProviderTest struct {
Expand Down
4 changes: 2 additions & 2 deletions saml.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
//
// Version 0.4.0 introduces a few breaking changes to the _samlsp_ package in order to make the package more extensible, and to clean up the interfaces a bit. The default behavior remains the same, but you can now provide interface implementations of _RequestTracker_ (which tracks pending requests), _Session_ (which handles maintaining a session) and _OnError_ which handles reporting errors.
//
// Public fields of _samlsp.Middleware_ have changed, so some usages may require adjustment. See [issue 231](https://github.com/crewjam/saml/issues/231) for details.
// Public fields of _samlsp.Middleware_ have changed, so some usages may require adjustment. See [issue 231](https://github.com/lorodoes/saml/issues/231) for details.
//
// The option to provide an IDP metadata URL has been deprecated. Instead, we recommend that you use the `FetchMetadata()` function, or fetch the metadata yourself and use the new `ParseMetadata()` function, and pass the metadata in _samlsp.Options.IDPMetadata_.
//
Expand Down Expand Up @@ -76,7 +76,7 @@
// "net/http"
// "net/url"
//
// "github.com/crewjam/saml/samlsp"
// "github.com/lorodoes/saml/samlsp"
//
// )
//
Expand Down
4 changes: 2 additions & 2 deletions samlidp/samlidp.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ import (

"github.com/zenazn/goji/web"

"github.com/crewjam/saml"
"github.com/crewjam/saml/logger"
"github.com/lorodoes/saml"
"github.com/lorodoes/saml/logger"
)

// Options represent the parameters to New() for creating a new IDP server
Expand Down
4 changes: 2 additions & 2 deletions samlidp/samlidp_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@ import (

"github.com/golang-jwt/jwt/v4"

"github.com/crewjam/saml"
"github.com/crewjam/saml/logger"
"github.com/lorodoes/saml"
"github.com/lorodoes/saml/logger"
)

type testRandomReader struct {
Expand Down
2 changes: 1 addition & 1 deletion samlidp/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import (

"github.com/zenazn/goji/web"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

// Service represents a configured SP for whom this IDP provides authentication services.
Expand Down
2 changes: 1 addition & 1 deletion samlidp/session.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ import (

"github.com/zenazn/goji/web"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

var sessionMaxAge = time.Hour
Expand Down
2 changes: 1 addition & 1 deletion samlidp/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (

xrv "github.com/mattermost/xml-roundtrip-validator"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

func randomBytes(n int) []byte {
Expand Down
2 changes: 1 addition & 1 deletion samlsp/error.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"log"
"net/http"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

// ErrorFunction is a callback that is invoked to return an error to the
Expand Down
5 changes: 2 additions & 3 deletions samlsp/fetch_metadata.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,8 @@ import (
"github.com/crewjam/httperr"
xrv "github.com/mattermost/xml-roundtrip-validator"

"github.com/crewjam/saml/logger"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
"github.com/lorodoes/saml/logger"
)

// ParseMetadata parses arbitrary SAML IDP metadata.
Expand Down
10 changes: 9 additions & 1 deletion samlsp/middleware.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ import (
"encoding/xml"
"net/http"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
log "github.com/sirupsen/logrus"
)

// Middleware implements middleware than allows a web application
Expand Down Expand Up @@ -108,17 +109,22 @@ func (m *Middleware) ServeACS(w http.ResponseWriter, r *http.Request) {
// to start the SAML auth flow.
func (m *Middleware) RequireAccount(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Debugf("RequireAccount: Getting the Session")
session, err := m.Session.GetSession(r)
if session != nil {
log.Debugf("RequireAccount: Session Not nil")
r = r.WithContext(ContextWithSession(r.Context(), session))
handler.ServeHTTP(w, r)
return
}
if err == ErrNoSession {
log.Debugf("RequireAccount: Error No Session")
log.Debugf("RequireAccount: Error: %s", err)
m.HandleStartAuthFlow(w, r)
return
}

log.Debugf("RequireAccount: error")
m.OnError(w, r, err)
})
}
Expand Down Expand Up @@ -215,10 +221,12 @@ func (m *Middleware) CreateSessionFromAssertion(w http.ResponseWriter, r *http.R
}

if err := m.Session.CreateSession(w, r, assertion); err != nil {
log.Debugf("Error on CreateSession line 209, %s", err)
m.OnError(w, r, err)
return
}

log.Debugf("Redirecting to URI")
http.Redirect(w, r, redirectURI, http.StatusFound)
}

Expand Down
4 changes: 2 additions & 2 deletions samlsp/middleware_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ import (
is "gotest.tools/assert/cmp"
"gotest.tools/golden"

"github.com/crewjam/saml"
"github.com/crewjam/saml/testsaml"
"github.com/lorodoes/saml"
"github.com/lorodoes/saml/testsaml"
)

type MiddlewareTest struct {
Expand Down
2 changes: 1 addition & 1 deletion samlsp/new.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import (

dsig "github.com/russellhaering/goxmldsig"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

// Options represents the parameters for creating a new middleware
Expand Down
2 changes: 1 addition & 1 deletion samlsp/request_tracker_cookie.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import (
"strings"
"time"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

var _ RequestTracker = CookieRequestTracker{}
Expand Down
2 changes: 1 addition & 1 deletion samlsp/request_tracker_jwt.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import (

"github.com/golang-jwt/jwt/v4"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

var defaultJWTSigningMethod = jwt.SigningMethodRS256
Expand Down
2 changes: 1 addition & 1 deletion samlsp/session.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"errors"
"net/http"

"github.com/crewjam/saml"
"github.com/lorodoes/saml"
)

// Session is an interface implemented to contain a session.
Expand Down
Loading
Loading