Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/greenpau/origin_crewjam_saml

SAML library for go
https://github.com/greenpau/origin_crewjam_saml

Fix example code so that it compiles (#118)

febc3985383ae19ddb8ac4773f7478c503e3d762 authored over 7 years ago by Paul Tötterman <[email protected]>
Use dep package manager (#114)

* use dep package manager
* updated travis

5098b490c460d769bf45636fe87c29dbfc1376f3 authored over 7 years ago by Dustin Decker <[email protected]>
saml{sp,idp}: add httpOnly and secure flag (conditionally) to cookies (#116)

bb12e772a7fcad4c57bc083f9487ee1334da508c authored over 7 years ago by Dustin Decker <[email protected]>
Fixed script hash to remove JS console errors when redirecting (#117)

@RichardKnop PR#94

50777a197ff45b09f6cc13c86cede051b89607dd authored over 7 years ago by Ross Kinder <[email protected]>
add ability to set the domain for the cookies (#95)

56801ab132fb827e5b43bec8dd4f4dfe747f69a4 authored over 7 years ago by Sevki <[email protected]>
Merge branch 'pr115'

a6e02ca3c7ac4f438193ff24e8f32c3f1135e96c authored over 7 years ago by Ross Kinder <[email protected]>
Merge branch 'pr90'

54c5d5ac40fcccf6f5fee8fdedade2a4e9a4749b authored over 7 years ago by Ross Kinder <[email protected]>
Enable persistent name id format (#107)

* Enable persistent name id format

aa1c5982ade0800f2f3dcc33b31f26810a41e503 authored over 7 years ago by Bryce Fisher <[email protected]>
Merge pull request #96 from umayr/master

Add syntax highlight

9477cf440fff674b48e21ee14c4508a882c87321 authored over 7 years ago by Ross Kinder <[email protected]>
expose CookieMaxAge in samlsp Options

aa4e43f09370eae4743ae2791e35673bce2487cc authored over 7 years ago by Dustin Decker <[email protected]>
Add syntax highlight

6ab3142ac20ecf8a15ce67292845341a67c88d44 authored over 7 years ago by Umayr Shahid <[email protected]>
bugfix: New sometimes selected the wrong EntityDescriptor when parsing a metadata file with multiple EntityDescriptor's underneath a EntitiesDescriptor tag

9b49e7d72ce7be5c79548989fcb4f90038fd8024 authored over 7 years ago by Donald Hoelle <[email protected]>
samlsp: update test expectations from previous commit

446329e8c4c41e3a72b7e9aa08d8f8fad7228eea authored over 7 years ago by Ross Kinder <[email protected]>
Merge pull request #61 from eloff/patch-3

Use time.Unix(1,0) not time.Time{}.Add(time.Second)

662f069ae46a633cfad450d17f441cabaf45d4c9 authored over 7 years ago by Ross Kinder <[email protected]>
Merge pull request #79 from mabeyj/fix-cache-duration-format

Fix EntityDescriptor.CacheDuration format

2c3322e1baf00ddc4ec144dcbadcd4920c783f5f authored over 7 years ago by Ross Kinder <[email protected]>
idp: do not require Destination if the AuthnRequest is not signed

This is based on PR #84 from @parryjacob, but it reflects logic which
is a little closer to what...

253e5181782e27bcc26e8f629be35b4ebc92777d authored over 7 years ago by Ross Kinder <[email protected]>
fix rounding in RelaxedTime, add tests

e5a0028b6faf3321c794ec88e47aee194eb23e54 authored over 7 years ago by Ross Kinder <[email protected]>
xmlenc: tidy up recent changes to RSA.Decrypt()

c4a98d9b4f37de0da78a3b8c78244a262ba8b535 authored over 7 years ago by Ross Kinder <[email protected]>
Allow validateRSA to pass if the certificate name and serial number if provided

11b5a264a0812a804cddde187b9e328fc12b33ce authored over 7 years ago by Bryce Fisher <[email protected]>
xmlenc: add failing test for case where ds:X509Certificate is not present

This test should be activated when #80 lands

cb53b639fe422f48b55f8dc5ae0fde53ad71b26d authored over 7 years ago by Ross Kinder <[email protected]>
idp: move NotBefore time back by the max clock skew in case our clock is ahead of the SP clock

2504480691fa721e66dbe78fec2687756c24f2a0 authored over 7 years ago by Ross Kinder <[email protected]>
Allow EntitiesDescriptor in IDP

0a16262a460999912c28bb574a3d33aa068ef1c2 authored over 7 years ago by Jacob Parry <[email protected]>
Hide IdP submit button

1bd07a97fa6f0017567ceadec23a09e25f6b7867 authored over 7 years ago by Jimmy Mabey <[email protected]>
Fix year const, only use time consts in tests

1dfacaea137943953459ad09aedf007c1b92deb2 authored over 7 years ago by Jimmy Mabey <[email protected]>
Fix MarshalXML not being called in test

Because the receiver was type *EntityDescriptor but
TestCanProduceSPMetadata marshals type Entit...

d9cfdd186178c152c7d169e139a3e67ceab35a1a authored over 7 years ago by Jimmy Mabey <[email protected]>
Update samlidp test

0299b2aec7305653a568b3b159e3393b32d63042 authored over 7 years ago by Jimmy Mabey <[email protected]>
Remove extra pointer

22f637183ce3713fcf875405eb424041a62f6afd authored over 7 years ago by Jimmy Mabey <[email protected]>
Add Duration to EntityDescriptor.(Un)MarshalXML

Also test validUntil unmarshalling in TestCanParseMetadata.

7a7037bb413c457774cd0c188ffabd6069ca5b00 authored over 7 years ago by Jimmy Mabey <[email protected]>
Add Duration type

b881be9feece0d34488957df09d2e6bd4731ced5 authored over 7 years ago by Jimmy Mabey <[email protected]>
add test case that the special headers are correctly filtered

c056b81cf1d8e143ed0eea21ee862ac333e33eac authored over 7 years ago by Ross Kinder <[email protected]>
idp: sign the response element too

b446b5c03a19ebd41315b53d9f8dbd466f2286a1 authored over 7 years ago by Ross Kinder <[email protected]>
idp: add AssertionMaker interface to allow you to edit assertions

375ccdfdf4f7a3e93e5bd470da0415ce38c42a77 authored over 7 years ago by Ross Kinder <[email protected]>
idp: set the Issuer format correctly

0a01372a2335b8a02078b6653fa322e403914932 authored over 7 years ago by Ross Kinder <[email protected]>
Allow custom HTTP client when creating samlsp (#75)

c37cdca76c2c69f2c3eec1a4cddfa3e008d5cdda authored over 7 years ago by Bryce Fisher <[email protected]>
idp: EncryptedAssertion element should be in urn:oasis:names:tc:SAML:2.0:assertion

16debf5048a561a977806791f79daf4ccf1a5161 authored over 7 years ago by Ross Kinder <[email protected]>
update README.md

55a313682ef3ca901dd5da421756b56b6d476203 authored over 7 years ago by Ross Kinder <[email protected]>
update README

2c87103fe21f5968e1a8dd26053488d2ec6e2739 authored over 7 years ago by Ross Kinder <[email protected]>
BREAKING: update schema to more accurately reflect the standard

This commit adds missing fields and structures.

This commit turns some fields from pointers to...

b595cb6d3448257c06c528c804ff5bc68a44f57b authored over 7 years ago by Ross Kinder <[email protected]>
xmlenc: RSA: expect key passed to Encrypt() to be *x509.Certificate not []byte

Before this commit, we expected that the `interface{}` value we pass to
Encrypt() for RSA shoul...

05bca43d05c23e18dfb21f13d8061cba58c293a5 authored over 7 years ago by Ross Kinder <[email protected]>
remove signature types which are no longer used

d36626cab43b30fa058a4f45f841455b03c2c219 authored over 7 years ago by Ross Kinder <[email protected]>
Use interface for logging to allow structured logs

6b5dd2d26974f7f5e59132ef5921fab7993794d7 authored over 7 years ago by Pavel Nikolov <[email protected]>
BREAKING (IDP): generalize the IDP ServiceProviders

Before the list of service providers for the IDP was in a map. This
commit replaces the map with...

f102ca011a341812e72a4b34cbd2f1ac110a029a authored over 7 years ago by Ross Kinder <[email protected]>
BREAKING: replace incorrect use of string to hold URLs and keys with correct types

For the service provider, keys are now *rsa.PrivateKey and *x509.Certificate.
For the IDP, keys ...

08dd8e913c79e18565115b74a4d1d67bcecec1cb authored over 7 years ago by Ross Kinder <[email protected]>
identity provider: compare the plaintext assertion to expectation in test

e8d469be72457a112841e0df84f7ba8a2bee9bd1 authored over 7 years ago by Ross Kinder <[email protected]>
remove extraneous log messages

c12caa1112d2c844b7a6898e694bc3982be89292 authored over 7 years ago by Ross Kinder <[email protected]>
samlsp: validate that JWT cookies are signed by the correct method

ref #51 #52

8c6054354e0a674c27eefd49795a5bc10a5a0fd2 authored over 7 years ago by Ross Kinder <[email protected]>
readme: fix testshib setup steps

5d2f87e376b9e9409f2e5bd4aad2aa3ffc185f44 authored over 7 years ago by Ross Kinder <[email protected]>
add pure-go partial implementation of xmlenc

This commit adds a (partial, but hopefully sufficient) implementation of
the XML encryption sta...

b5912d9f2a692fb4f099beadc9b0a0d38a9ff4da authored over 7 years ago by Ross Kinder <[email protected]>
Replace the go-xmlsec implementations of xmldsig and xmlenc with pure go implementations

bd56ac4bf15f3c260306d795947dc5150bf70e2d authored over 7 years ago by Ross Kinder <[email protected]>
service provider: handle more types of responses

- allow one or both of the Response or Assertion to be signed
- gracefully ignore responses cont...

0e496a39d366994a851ff7f6729700ceb05788a2 authored over 7 years ago by Ross Kinder <[email protected]>
Use time.Unix(1,0) not time.Time{}.Add(time.Second)

Cookie year must be at least 1601 and Go's http.Cookie checks for this.

d22d4c3f1a926c516b275c91659000cb6185851e authored over 7 years ago by Daniel Eloff <[email protected]>
Fix minor typo

1a3f6914428e37b90226025073f7577cd5ceeb15 authored over 7 years ago by Adrian Hesketh <[email protected]>
Fix broken external links

874244d624b813fe732e15a18baf60777d222c0e authored over 7 years ago by Adrian Hesketh <[email protected]>
samlsp: properly delete cookie (#56)

Delete cookie with time.Time{} just creates a new (empty) cookie with no expiry. You need to use...

c8bd7a845eadf6d5d3465d4f24361e488c072ac7 authored over 7 years ago by Daniel Eloff <[email protected]>
getElementByID -> getElementById

0f7af12e08ca4dcd75e676acc3b4c8e7fb779ac0 authored almost 8 years ago by Jimmy Mabey <[email protected]>
Update README.md (#54)

61931e245e129a3f08821f1e8208166f12b436e6 authored almost 8 years ago by Sevki <[email protected]>
Update README.md

d9b9ba03f95560fcce7e39b7f37822570d79a2b7 authored almost 8 years ago by Ross Kinder <[email protected]>
update test expectations

broken in 8f75fbd99a4d32fac7d90da3c4a384d609426e01

1baa789c632a3fa20ee523b053bdcf83d9069c8f authored almost 8 years ago by Ross Kinder <[email protected]>
samlsp: hide the ugly submit button that flashes on the screen

8f75fbd99a4d32fac7d90da3c4a384d609426e01 authored almost 8 years ago by kiangj <[email protected]>
account for clock skew when validating assertions (#46)

* account for clock skew when validating assertions

fixes #40

5e201a7c1b9860ae7c7abe4b8b8fd76ec5316e32 authored almost 8 years ago by Andrew Harding <[email protected]>
use conformant marshalled xml values for instants

The marshalled instants now more closely match section 1.2.2 of the
OASIS SAML 1.1 specification...

15a9e8cf0f8577ac083987478a01b979408410cc authored almost 8 years ago by Andrew Harding <[email protected]>
Merge pull request #44 from digitalcrab/master

SP: validUntil is configurable

eb9057e02df068ad7b4f4c6ddfe9b54746da6b15 authored almost 8 years ago by Ross Kinder <[email protected]>
SP: validUntil is configurable

13852117fdec48e02caba75d2a915d0f62c299b2 authored almost 8 years ago by Maksim Naumov <[email protected]>
Merge pull request #42 from azdagron/master

limited nameid format support on auth requests

fccc33c4c7642a05089903fe95aa7e31ee81033d authored almost 8 years ago by Ross Kinder <[email protected]>
limited nameid format support on auth requests

Supports "unspecified", "transient", and "emailAddress" (defaults to
"transient").

8c8d683852668fc9e93098423553aa221349919c authored almost 8 years ago by Andrew Harding <[email protected]>
Merge pull request #41 from skyportsystems/paul_cj_saml_changes

Added IDPSSODescriptor.WantAuthnRequestsSigned

74fc22c664771017ca8fb1070267f966dfd54e01 authored almost 8 years ago by Ross Kinder <[email protected]>
Added IDPSSODescriptor.WantAuthnRequestsSigned

IDPSSODescriptor.WantAuthnRequestsSigned may come from some IDPs.

f075c5b16e21888faa056266fd2005abdc9e8e44 authored almost 8 years ago by Paul Fraley <[email protected]>
Merge pull request #39 from pavelnikolov/user-agent-for-onelogin

OneLogin SAML integration

0a53ecc90c16d1f1a7bda774ee16ee459f4d256e authored almost 8 years ago by Ross Kinder <[email protected]>
User agent string for metadata requests

047c0d9d07305822c25ab07c36dfb4eea4e4af6b authored almost 8 years ago by Pavel Nikolov <[email protected]>
drop support for go 1.5

3606ea4b4423881c765cb1115f929404cd72651f authored about 8 years ago by Ross Kinder <[email protected]>
samlsp: make the cookie max age and name configurable

re #16

2f432ab85776ac0789593ad5b324e54a69df9804 authored about 8 years ago by Ross Kinder <[email protected]>
make the default protocol binding HTTP-POST

Per @puiterwijk in issue #32, ProtocolBinding
refers to the *response* not the request. In a
pr...

c719077fc32479a9b4da3f52f429ff6f254e0d9d authored about 8 years ago by Ross Kinder <[email protected]>
add helper to parse redirect AuthnRequests

This makes test expectations easier to manage.
Before this we compared against the flats-compres...

5e41efb6c50da8b69a6c7d9dd82a3efb2493d448 authored about 8 years ago by Ross Kinder <[email protected]>
samlsp: add test for HTTP-Post binding

0dd234367a6a0f42885697dd304aff40ba8bf049 authored about 8 years ago by Ross Kinder <[email protected]>
samlsp: improve attribute extraction

This change improves how attributes are extracted from SAML responses. We now use a type-safe ob...

26f9824b130702be0af94ea404500fb03f5b7f6f authored about 8 years ago by Ross Kinder <[email protected]>
samlsp: add support for HTTPPostBinding

5083b7b2ffa2b76f38f940f8f44946801d907726 authored about 8 years ago by Ross Kinder <[email protected]>
when generating AuthnRequests make sure ProtocolBinding is set.

fixes #32

4c6680f19598c2718ddaa2b207db850164b3d750 authored about 8 years ago by Ross Kinder <[email protected]>
samlsp: tighten up the cases where we’ll re-parse the metadata

b42b206c4510d0fc71e22ce490cafcca0814505c authored about 8 years ago by Ross Kinder <[email protected]>
Merge pull request #31 from crewjam/fix-idp-metadata-parsing

Fix IDP metadata parsing and add tests

e6e8983496494049258e5ab0bff0686177498f35 authored about 8 years ago by Ross Kinder <[email protected]>
relax parsing to time.Time objects from XML

899f1eebda1aca7433f0aca643273a9d89af233f authored about 8 years ago by Ross Kinder <[email protected]>
when samlsp.New() fails to parse metadata, report the first error

cbdbd26cf3a209205a6c05ac69cd417957c57735 authored about 8 years ago by Ross Kinder <[email protected]>
add test that samlsp can parse metadata

2ee1d33f759b27aaa9c70e1b712dce07aad25f0d authored about 8 years ago by Ross Kinder <[email protected]>
update test expectations for go 1.7

07b35b66d604addabe264ec278dcaed689e42ff4 authored about 8 years ago by Ross Kinder <[email protected]>
Merge pull request #29 from jtolds/master

Handle multiple IDPMetadataURL return styles

c8785023367210abb6bd7c9f0f1fb285108f351f authored about 8 years ago by Ross Kinder <[email protected]>
Handle multiple IDPMetadataURL return styles

(EntityDescriptor vs EntitiesDescriptor)

a6fe9f17a9cb15e58e8ca2efa28f4460afde5733 authored about 8 years ago by JT Olds <[email protected]>
merge

b5680b24696f5e7b28fdaf4d3210a379d7db0a1e authored over 8 years ago by Ross Kinder <[email protected]>
run travis against go 1.7

fb2d539a01d1417fdd2b87e282d77b446252c1a9 authored over 8 years ago by Ross Kinder <[email protected]>
Merge pull request #26 from edaniels/master

Be SAML xsd:dateTime conformant; Update JWT pkg usage

bb9cca94f218ad6040774eec07b340b24d86673d authored over 8 years ago by Ross Kinder <[email protected]>
Update usages of JWT to support newest pkg version

7d69af39e7a7bf92a77e3aea368b5dd2fd44f1e2 authored over 8 years ago by Eric Daniels <[email protected]>
Make usage of TimeNow conform to SAML xsd:dateTime UTC requirement

0df434695acf058528298c8cad0fd0c2c07e8ae3 authored over 8 years ago by Eric Daniels <[email protected]>
clean up LICENSE

6139d7adb479304a39ca42d8387df865d38cbd1b authored over 8 years ago by Ross Kinder <[email protected]>
use gofmt -s

cddd9474a7d4426c486c4de2094b15ddfcab291e authored over 8 years ago by Ross Kinder <[email protected]>
add license

73c2fa6953bae9aa6fadcd3152962827752a74e2 authored over 8 years ago by Ross Kinder <[email protected]>
fix spelling error

208dfef529a8752a6fab032afdedae33f0bbbd3e authored over 8 years ago by Ross Kinder <[email protected]>
test with go 1.6

c6e17faf7c3b828c06ba2d266fbac5f5acff753d authored almost 9 years ago by Ross Kinder <[email protected]>
per [SAML2Meta] the well-known metadata URL should be an <EntityDescriptor> not an <EntitiesDescriptor> and should have a particular content type

961661d71d7b64dd152621c1d211d8f8fa717f35 authored almost 9 years ago by Ross Kinder <[email protected]>
middleware: fix test expectations

6d3b5a21aa42c0ac747f0ba74f6cfbd2e23b9417 authored almost 9 years ago by Ross Kinder <[email protected]>
sp: add test for onelogin integration

fixes #6

225e8f0125adf0bd4470ac4b9e209f6d7fb1cf65 authored almost 9 years ago by Ross Kinder <[email protected]>
middleware: don’t try to set a cookie with an invalid name

82186c46d520c9ac0c1841e3856535b386bee9b3 authored almost 9 years ago by Ross Kinder <[email protected]>
sp: support signed, plaintext assertions

re #19

880f38c9d587b281b0a9d877a1bc32eadb2a6f87 authored almost 9 years ago by Ross Kinder <[email protected]>