Initial QSfera import
This commit is contained in:
+89
@@ -0,0 +1,89 @@
|
||||
package samlsp
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/crewjam/saml"
|
||||
)
|
||||
|
||||
// Session is an interface implemented to contain a session.
|
||||
type Session interface{}
|
||||
|
||||
// SessionWithAttributes is a session that can expose the
|
||||
// attributes provided by the SAML identity provider.
|
||||
type SessionWithAttributes interface {
|
||||
Session
|
||||
GetAttributes() Attributes
|
||||
}
|
||||
|
||||
// ErrNoSession is the error returned when the remote user does not have a session
|
||||
var ErrNoSession = errors.New("saml: session not present")
|
||||
|
||||
// SessionProvider is an interface implemented by types that can track
|
||||
// the active session of a user. The default implementation is CookieSessionProvider
|
||||
type SessionProvider interface {
|
||||
// CreateSession is called when we have received a valid SAML assertion and
|
||||
// should create a new session and modify the http response accordingly, e.g. by
|
||||
// setting a cookie.
|
||||
CreateSession(w http.ResponseWriter, r *http.Request, assertion *saml.Assertion) error
|
||||
|
||||
// DeleteSession is called to modify the response such that it removed the current
|
||||
// session, e.g. by deleting a cookie.
|
||||
DeleteSession(w http.ResponseWriter, r *http.Request) error
|
||||
|
||||
// GetSession returns the current Session associated with the request, or
|
||||
// ErrNoSession if there is no valid session.
|
||||
GetSession(r *http.Request) (Session, error)
|
||||
}
|
||||
|
||||
// SessionCodec is an interface to convert SAML assertions to a
|
||||
// Session. The default implementation uses JWTs, JWTSessionCodec.
|
||||
type SessionCodec interface {
|
||||
// New creates a Session from the SAML assertion.
|
||||
New(assertion *saml.Assertion) (Session, error)
|
||||
|
||||
// Encode returns a serialized version of the Session.
|
||||
//
|
||||
// Note: When implementing this function, it is reasonable to expect that
|
||||
// Session is of the exact type returned by New(), and panic if it is not.
|
||||
Encode(s Session) (string, error)
|
||||
|
||||
// Decode parses the serialized session that may have been returned by Encode
|
||||
// and returns a Session.
|
||||
Decode(string) (Session, error)
|
||||
}
|
||||
|
||||
type indexType int
|
||||
|
||||
const sessionIndex indexType = iota
|
||||
|
||||
// SessionFromContext returns the session associated with ctx, or nil
|
||||
// if no session are associated
|
||||
func SessionFromContext(ctx context.Context) Session {
|
||||
v := ctx.Value(sessionIndex)
|
||||
if v == nil {
|
||||
return nil
|
||||
}
|
||||
return v.(Session)
|
||||
}
|
||||
|
||||
// ContextWithSession returns a new context with session associated
|
||||
func ContextWithSession(ctx context.Context, session Session) context.Context {
|
||||
return context.WithValue(ctx, sessionIndex, session)
|
||||
}
|
||||
|
||||
// AttributeFromContext is a convenience method that returns the named attribute
|
||||
// from the session, if available.
|
||||
func AttributeFromContext(ctx context.Context, name string) string {
|
||||
s := SessionFromContext(ctx)
|
||||
if s == nil {
|
||||
return ""
|
||||
}
|
||||
sa, ok := s.(SessionWithAttributes)
|
||||
if !ok {
|
||||
return ""
|
||||
}
|
||||
return sa.GetAttributes().Get(name)
|
||||
}
|
||||
Reference in New Issue
Block a user