Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/greenpau/origin_crewjam_saml

SAML library for go
https://github.com/greenpau/origin_crewjam_saml

Fixes handling signed response with encrypted assertions (#273)

When the response is signed, the verification must happen before the assertion is decrypted sinc...

1897fa4247bbc22fd1b7b25e44ad4a5f1990219d authored over 4 years ago by Ricardo Andrade <[email protected]>
SessionNotOnOrAfter is serialized to XML if set (#292)

It is currently possible to set SessionNotOnOrAfter directly on the Go
structure, but it is not...

97641c475e47915d46aa053414a3e80bf773859c authored over 4 years ago by Andy Lindeman <[email protected]>
Include a path when clearing the cookie (#278)

Some browsers will refuse to remove a cookie that doesn't include the path

9843f17b5608f064011124df7b86b749fe2f6518 authored over 4 years ago by Ron Kuris <[email protected]>
Bump github.com/stretchr/testify from 1.5.0 to 1.5.1 (#264)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.0 to 1.5.1.
-...

530d24b9630f3db5a8032bd8e8cb57ab86cc7881 authored almost 5 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bump github.com/stretchr/testify from 1.4.0 to 1.5.0 (#263)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.5.0.
-...

63667204bd3c10cea54b351079c8c380b1710d6a authored almost 5 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Update README.md (#261)

ad43eca6d5ff80683f2fb39a483dc03c36652b4d authored almost 5 years ago by Andreas Fritzler <[email protected]>
feat: add Post / Redirect methods for LogoutRequest (#260)

17489b9c3af5c6ca7224d71cf3469bd637410111 authored almost 5 years ago by (0x794E6).toString(36) <[email protected]>
Add EntityID (#258)

1e8b902bc9ab6e31505b87e89e5428913ead2387 authored almost 5 years ago by miketonks <[email protected]>
fix(sp): no check for InResponseTo for if IDPInitiated is true (#259)

625396c43dd2f27cac4c8866027e30761f9945d0 authored almost 5 years ago by Mathieu Mailhos <[email protected]>
feat(slo): add Bytes() and Deflate() functions for LogoutRequest (#251)

Bytes() is needed in for returning a byte array for POST Binding.
Deflate() is needed for compr...

0e0bf51428863320b775db302c2c1d8a14d91fce authored almost 5 years ago by Mathieu Mailhos <[email protected]>
clean up README about breaking changes

eefb3b24a63419941cc2885f3b7d9e178f074870 authored almost 5 years ago by Ross Kinder <[email protected]>
fix(slo): fix SessionIndex attribute in LogoutRequest (#245)

bbcdf4f032281573dfa54af7b4c8a53d053f4d9e authored almost 5 years ago by Mathieu Mailhos <[email protected]>
feat(slo): add logout response request validation (#247)

a8bc8f9350cd9fba0bdbf08dedbd594c1398b300 authored almost 5 years ago by Mathieu Mailhos <[email protected]>
add HTTPOnly bool to CookieSessionProvider (#248)

cdaa4af37eca86ebc04f1b249a065578d50adc6a authored almost 5 years ago by Daniel Hochman <[email protected]>
Bump github.com/kr/pretty from 0.1.0 to 0.2.0 (#243)

Bumps [github.com/kr/pretty](https://github.com/kr/pretty) from 0.1.0 to 0.2.0.
- [Release note...

9cb6acfdc617df3d6bf15fb90ca5b77c25a25329 authored almost 5 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
AllowIDPInitiated=true allows both IDP-initiated and normal (#240)

861266e3a689a963b9a9285bb2152d201db92ef5 authored about 5 years ago by David Goeke <[email protected]>
Add optional callback for signature verification (#237)

Fixes #234

0acc933a1417c932d3db9c8cbacaf00044946b81 authored about 5 years ago by Joe Siltberg <[email protected]>
refactor samlsp package to be more modular (#230)

This change splits the Middleware component into three interfaces (in addition to the saml.Servi...

695c7b1abe5223dd32db3fa60915b58116880b29 authored about 5 years ago by Ross Kinder <[email protected]>
make ValidDuration configurable for IDP. (#235)

f73528f13b646a5f72bc7d84f8573efb1ae79aca authored about 5 years ago by aspeteRakete <[email protected]>
Merge branch 'master' of github.com:crewjam/saml

29c9e64293345aeba43e691fe8bb363f27b99d31 authored about 5 years ago by Ross Kinder <[email protected]>
schema: don't include empty Format attributes in samlp:NameIDPolicyElement

fixes #177

1bde040d6e5350fe0f710aeca3a577fa27ac470a authored about 5 years ago by Ross Kinder <[email protected]>
update test expectations

5b972073da2291673d882c9f7c92e11c19c875dd authored about 5 years ago by Ross Kinder <[email protected]>
golangci: require comments, add a few missing ones

438f1aa9efea1a28c6ce6a198654e2955c0663b4 authored about 5 years ago by Ross Kinder <[email protected]>
golangci: require comments, add a few missing ones

017fca4101f19e64b1c8fdd5baaf2dfed49ba1a0 authored about 5 years ago by Ross Kinder <[email protected]>
fix bad merge

e81117beeae84afb3f08f02898f87e377cb0c134 authored about 5 years ago by Ross Kinder <[email protected]>
update readme to reflect our inability to produce encrypted assertions

re #179

28fdf79aacf8961a8c73f434c9fae18c261bf2eb authored about 5 years ago by Ross Kinder <[email protected]>
(Add tests for) Destination is checked only if this is a signed SAML request, as that is the only case in which a Destination attribute is required.

93d07adf4a56214cd7daed61de880a61dda09c05 authored about 5 years ago by Jan Szumiec <[email protected]>
Remove 'Failing' from certificate missing check

23ac8247a9078c2ae5eecc16392cd748c8d15aed authored about 5 years ago by Bryce Fisher <[email protected]>
Add test case from OneLogin

This adds a test case provided by @fredipevcin in [https://github.com/crewjam/saml/pull/25](PR25...

5ec9c967d6a80c901732cbe598e580a65b05ee11 authored about 5 years ago by Ross Kinder <[email protected]>
Make cert optional for ServiceProvider.Metadata()

86948ad5a1de109ee0a1c3db19f8423110f0facf authored about 5 years ago by Matthew Steffen <[email protected]>
Return status code if not success

62f4c478d9dc0dd3f75a9746cfceef9ae436dcad authored about 5 years ago by Michael Rauh <[email protected]>
update test expectations

04d05625ddf5853b1b41c748cbf36c9eb347df9e authored about 5 years ago by Ross Kinder <[email protected]>
Bump github.com/beevik/etree from 1.0.1 to 1.1.0

Bumps [github.com/beevik/etree](https://github.com/beevik/etree) from 1.0.1 to 1.1.0.
- [Release...

3068c6a0ba119932e4c1bd7f4e59861c47262fe4 authored about 5 years ago by dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
travis: pin golangci-lint version

5eedd072943705f6bad5436c0f93e9e1eedd577e authored about 5 years ago by Ross Kinder <[email protected]>
Removes unused dependencies

Ran go mod tidy to remove golangci-lint as that isn't actally needed for
this project. Its inclu...

c42136edf9b14ac3ca9250b0642d24949e2aee31 authored about 5 years ago by Leonard Gram <[email protected]>
Merge pull request #226 from grafana/rsa-key-validation-optional

* removed mandatory check for validating embedded certificate for rsa
* Rename validateRSAKey t...

f52124309c9d6ffacb99bb2e481e388ceee1910a authored about 5 years ago by Ross Kinder <[email protected]>
Rename validateRSAKey to validateRSAKeyIfPresent

Now that the validation is optional, the previous name did not
accurately reflected the intention.

2cf64eba8531fd88362bc48f6bc4b1128c7d292b authored about 5 years ago by gotjosh <[email protected]>
removed mandatory check for validating embedded certificate for rsa

75440c9d20ae9065870204cd3ab441162d1ac1fb authored about 5 years ago by Jon Gyllensward <[email protected]>
update test expectations

8611714f5c799f40b0357a86cbf8cc93c7ec98bc authored about 5 years ago by Ross Kinder <[email protected]>
Set session NameID based on email

41e40c05c2365d822141d16a2f7f085be31afe80 authored about 5 years ago by Grace Noah <[email protected]>
Add Single Logout data structure

b822498a44293ed20c4ba92058dd312a5eea5dbf authored about 5 years ago by Ryan Zhang <[email protected]>
Use RS256 rather than HS256

Using HS256 with the RSA private key (serialised as ASN.1 according
to PKCS1) as the secret is u...

70ab2e9dc178e10c7c2c2be49ff7ee9c2d38f883 authored about 5 years ago by Stevie Johnstone <[email protected]>
fix travis configuration

387c07cfa12261a7316504b5c9817855b9477168 authored about 5 years ago by Ross Kinder <[email protected]>
fix travis configuration

562a89503bd44fdd74301f4b7050791d84e3a8ff authored about 5 years ago by Ross Kinder <[email protected]>
fix go.mod

ff5e2cacdb125f851e5bd2ead335474965dceb7b authored about 5 years ago by Ross Kinder <[email protected]>
Merge branch 'master' of github.com:crewjam/saml

90fc2090fb6373f22c05e10a52be73623e6528af authored about 5 years ago by Ross Kinder <[email protected]>
lint with golangci-lint

fe20026b45b5339d456422f6b9c133747648428e authored about 5 years ago by Ross Kinder <[email protected]>
lint with golangci-lint

fc8df6359904ed7fd738c57bf9d448a05719bf5f authored about 5 years ago by Ross Kinder <[email protected]>
tests: convert from go-check to testify

e3546ebe04ceb44fdfefebf6fb0adfe8e2501575 authored about 5 years ago by Ross Kinder <[email protected]>
Gopkg -> go.mod

4acac2f8adcc31a77daebfb3234abf01a1b815ad authored about 5 years ago by Ross Kinder <[email protected]>
fix compile error

4936c1bfe75277a0fa7082e36a778f055da71729 authored about 5 years ago by Ross Kinder <[email protected]>
remove log junk

f684913a6dcc24bb8c587ce01f9de8f7a0c8ba75 authored about 5 years ago by Ross Kinder <[email protected]>
remove bad import

c36824a6851d3197223405c2f69ff5ae3ac441b1 authored about 5 years ago by Ross Kinder <[email protected]>
SP: Add capability to provide intermediate certs (#178)

87f373d7ded4e5d96dddbd7223b03e9adbddf1be authored about 5 years ago by Benjamin Schubert <[email protected]>
Prevent panic caused by IDP-initiated login (#183)

* - Check if IDP-initiated login is allowed and if so assume that the RelayState is a deep-link....

72834b567519a944347735b6373af08303bd98d5 authored about 5 years ago by Praneet Loke <[email protected]>
omit validUntil if empty (#190)

b20013af9fe4ad9fc9a036d43b1ccd09e92c565a authored about 5 years ago by Christopher Goulet <[email protected]>
Fix typo for idp example path in readme (#170)

71a99f9c6f9665e8c8854e5573d79639e0b6c427 authored about 5 years ago by ferhat elmas <[email protected]>
Add in actual attribute evaluation for eduPersonScopedAffiliation.

14f99545233de15160d166a0c317ffb10343ca0b authored about 5 years ago by Shane Jeffery <[email protected]>
Adding support for eduPersonScopedAffiliation

44907b5a237929447c1316259e83990223b820c2 authored about 5 years ago by Shane Jeffery <[email protected]>
Separate response validation from the Middleware so that ServiceProvider can be used standalone to validate requests. Also fix IDPInitiated requestids bug since Standalone validation may not have possibleRequestIds.

4a6d0a9d67ea6b870a6f1e801a3a037dd2ea8217 authored about 5 years ago by Tom Bruno <[email protected]>
Set the default domain for cookies properly (#187)

Fixes #186.

1533bb555e1423d81d7accea9a545f0f23880935 authored about 5 years ago by Daniel Cormier <[email protected]>
Replaces testshib.org with samltest.id in the README (#211)

Fixes #201

abf756096ab7625c4e1e542c50fae7762666fadf authored about 5 years ago by Joe Siltberg <[email protected]>
Don't require Destination attribute in response when response is not signed (#213)

* Destination is checked only if this is a signed SAML request, as that is the only case in whic...

78a11e90c068fdf605e83ec5d0c6abdb04ab853b authored about 5 years ago by Chris Vermilion <[email protected]>
update value of UnspecifiedNameIDFormat and EmailAddressNameIDFormat (#217)

6e8a81a7ac7094407c5bc6013d1ac3d6902596ca authored about 5 years ago by Noval Agung Prayogo <[email protected]>
Don't include the port with the domain when setting the cookie (#202)

344d075952c9343809f57f4e465504dd5e3068a4 authored over 5 years ago by Robin Wood <[email protected]>
Allow AudienceRestriction to be missing

re #198

ca21de9dd5b9cd0ce62b9f7264b1a08c2c1c8a42 authored over 5 years ago by Stephen Kress <[email protected]>
#194: Properly default EncryptionMethod/DigestMethod when not present.

d288d9a3f61cb824df6cc06f4f593e24ab1f1121 authored over 5 years ago by Stephen Kress <[email protected]>
Handle root URL's with trailing slash

724cb1c4fab17ba90fa24c4dde8f6f594d105071 authored over 5 years ago by Geoff Bourne <[email protected]>
#192: Account for Go/check changes.

2076e4554266b4d09dcd467c602a0c7121d610f6 authored over 5 years ago by Stephen Kress <[email protected]>
#192: Support multiple IdP signing certificates

727f495679e8131786c4852853b80a66dc00a5d7 authored over 5 years ago by Stephen Kress <[email protected]>
add support for other external middleware (#184)

Changed samlsp/middleware.go to move the request handling part of the RequireAccount method out ...

d99784de73809d47ae01457c2bcf6e5283051ae3 authored over 5 years ago by jb <[email protected]>
add stale integration

ref: https://probot.github.io/apps/stale/

ebc5f787b786ee76ee69bf49184fade38d2238af authored over 6 years ago by Ross Kinder <[email protected]>
add support for a logout URL binding

545fa6893a58e53e3a0be4b6dbf8c4b73bfc1db2 authored over 6 years ago by Ross Kinder <[email protected]>
Removed %s format for claims audience not matching Provider EntityID for #154 (#161)

9bb91e864923308363e4ac523b17451c9925f7b9 authored over 6 years ago by Darrel Herbst <[email protected]>
idp: Make signature method configurable (#126)

8be1aaba35aa3c4ff36ac10860b13180b256dc25 authored over 6 years ago by Andrew Pilloud <[email protected]>
idp: Allow intermediates to be encoded in signature (#127)

8ccd3e0090719ba7b919d6bc6792a31b6b097a84 authored over 6 years ago by Andrew Pilloud <[email protected]>
Fix AES decryption (#142)

Fix AES decryption by decrypting the EncryptedKey from the response, and passing
the decrypted ...

6b183f4238dc6c4415238c6af00deb94c9d27013 authored over 6 years ago by Volkan Gürel <[email protected]>
made selected binding configureable (#144)

42c78b15ef23b2cc763bad84e44d4787aa439c69 authored over 6 years ago by Christoph Hack <[email protected]>
added godoc badge to README.md (#143)

e8774a44b475737a1ffbf2434e1e2e5734879075 authored over 6 years ago by Christoph Hack <[email protected]>
fix missing time on IDP-initiated IdpAuthnRequest (#147)

e928cf45fcaf69f0adfb8e24ffb142eaecb693e1 authored over 6 years ago by ☃ Elliot Shepherd <[email protected]>
add the ability to use custom cookie names and domain

a4cce22aee83e3b294de27a9dbc9d205bb99da09 authored over 6 years ago by Josh Silvas <[email protected]>
dep ensure [ch16254] (#156)

449e95b2ab276627b81a8108f83d6f5f5006f582 authored over 6 years ago by Neha Malviya <[email protected]>
Fixed some typos in the README.md file. (#160)

61e52e7fa9c22217257dc81ac8123a37083b2cae authored over 6 years ago by Darrel Herbst <[email protected]>
Added Travis badge (#159)

8f169cca9336544f35f619861c68ebc7c4203592 authored over 6 years ago by Darrel Herbst <[email protected]>
Remove the default xmlns from the expected output because the encoder does not reset the default. Should resolve the test for issue 152. (#158)

eefba2157cd8996a89c980b436ad502ca7fb62ab authored over 6 years ago by Darrel Herbst <[email protected]>
make MaxIssueDelay configurable at runtime (mini-hack)

d6cac45820cee327314738fdd2dd7c2d714fb1a8 authored over 6 years ago by Ross Kinder <[email protected]>
Update PGP key in README.md

e231b7a1204a93c343c1a5fa2374ca2f6572f715 authored almost 7 years ago by Ross Kinder <[email protected]>
add test cases for SAML comment injection (#140)

ref: CVE-2017-11427
ref: CVE-2017-11428
ref: CVE-2017-11429
ref: CVE-2017-11430
ref: CVE-201...

814d1d9c18457deeda08cbda2d38f79bedccfa62 authored almost 7 years ago by Ross Kinder <[email protected]>
idp: handle assertions where no ACS url is specified (#139)

794aa926cb4e60cf6f582cffa041efb68f9cf275 authored almost 7 years ago by Ross Kinder <[email protected]>
add field to IdpAuthnRequest so you can externally control the “current” time (#136)

The default is obviously the current time, but for various reasons you may wish to evaluate the
...

16d16c23752fa21ade7a10671e44d5a5ecdede98 authored almost 7 years ago by Ross Kinder <[email protected]>
samlsp: move the setting and reading of cookies into an interface (#133)

We’ve had a bunch of changes requesting the ability to customize
how cookies are set and it is ...

f5e68a00b8955f4034fe91cfca5d76fe8945146e authored almost 7 years ago by Ross Kinder <[email protected]>
samlsp: remove X-Saml headers in favor of attaching Claims to request context (#131)

c9c2cbc53c23c361d7aa69a9e110be1ffa22f972 authored almost 7 years ago by Ross Kinder <[email protected]>
travis cleanup: remove older go versions (#132)

e9d713d675ee2594bce37c249c15f3d38db6ab28 authored almost 7 years ago by Ross Kinder <[email protected]>
samlsp: use current time for the JWT rather than the IssueInstant from the assertion (#130)

fixes #122

jwt-go not support leeway parameter

804bf46d055bf1962bedee11085f0457d126cef7 authored almost 7 years ago by Nao YONASHIRO <[email protected]>
fix some minor lint / style errors

b1cfb7985ff6e912aa009fb22444b7380b5aee60 authored almost 7 years ago by Ross Kinder <[email protected]>
update README

f33bc82ea9d52e5d5e302aa3593564efa17ed0c0 authored almost 7 years ago by Ross Kinder <[email protected]>
remove cruft

90a8ae8f9e4fb8de549e5d181830419a4e553fe1 authored almost 7 years ago by Ross Kinder <[email protected]>
samlsp.Middleware.SecureCookie option (#128)

61c058411fa0d57a584b23f541eb7ae88254f984 authored almost 7 years ago by Beyang Liu <[email protected]>
fix validUntil in SPSSODescriptor

fixes #123

bbf4ae9718fef366f9adb38404f2769f9f843a7b authored almost 7 years ago by Lucas <[email protected]>
expose ForceAuthn (#119)

5e89d545f563261a14cd84483eb5ff10233e208e authored over 7 years ago by Dustin Decker <[email protected]>