github.com/crewjam/saml@v0.4.14/example/idp/idp.go (about) 1 // Package main contains an example identity provider implementation. 2 package main 3 4 import ( 5 "crypto" 6 "crypto/x509" 7 "encoding/pem" 8 "flag" 9 "net/url" 10 11 "github.com/zenazn/goji" 12 "golang.org/x/crypto/bcrypt" 13 14 "github.com/crewjam/saml/logger" 15 "github.com/crewjam/saml/samlidp" 16 ) 17 18 var key = func() crypto.PrivateKey { 19 b, _ := pem.Decode([]byte(`-----BEGIN RSA PRIVATE KEY----- 20 MIIEpAIBAAKCAQEA0OhbMuizgtbFOfwbK7aURuXhZx6VRuAs3nNibiuifwCGz6u9 21 yy7bOR0P+zqN0YkjxaokqFgra7rXKCdeABmoLqCC0U+cGmLNwPOOA0PaD5q5xKhQ 22 4Me3rt/R9C4Ca6k3/OnkxnKwnogcsmdgs2l8liT3qVHP04Oc7Uymq2v09bGb6nPu 23 fOrkXS9F6mSClxHG/q59AGOWsXK1xzIRV1eu8W2SNdyeFVU1JHiQe444xLoPul5t 24 InWasKayFsPlJfWNc8EoU8COjNhfo/GovFTHVjh9oUR/gwEFVwifIHihRE0Hazn2 25 EQSLaOr2LM0TsRsQroFjmwSGgI+X2bfbMTqWOQIDAQABAoIBAFWZwDTeESBdrLcT 26 zHZe++cJLxE4AObn2LrWANEv5AeySYsyzjRBYObIN9IzrgTb8uJ900N/zVr5VkxH 27 xUa5PKbOcowd2NMfBTw5EEnaNbILLm+coHdanrNzVu59I9TFpAFoPavrNt/e2hNo 28 NMGPSdOkFi81LLl4xoadz/WR6O/7N2famM+0u7C2uBe+TrVwHyuqboYoidJDhO8M 29 w4WlY9QgAUhkPyzZqrl+VfF1aDTGVf4LJgaVevfFCas8Ws6DQX5q4QdIoV6/0vXi 30 B1M+aTnWjHuiIzjBMWhcYW2+I5zfwNWRXaxdlrYXRukGSdnyO+DH/FhHePJgmlkj 31 NInADDkCgYEA6MEQFOFSCc/ELXYWgStsrtIlJUcsLdLBsy1ocyQa2lkVUw58TouW 32 RciE6TjW9rp31pfQUnO2l6zOUC6LT9Jvlb9PSsyW+rvjtKB5PjJI6W0hjX41wEO6 33 fshFELMJd9W+Ezao2AsP2hZJ8McCF8no9e00+G4xTAyxHsNI2AFTCQcCgYEA5cWZ 34 JwNb4t7YeEajPt9xuYNUOQpjvQn1aGOV7KcwTx5ELP/Hzi723BxHs7GSdrLkkDmi 35 Gpb+mfL4wxCt0fK0i8GFQsRn5eusyq9hLqP/bmjpHoXe/1uajFbE1fZQR+2LX05N 36 3ATlKaH2hdfCJedFa4wf43+cl6Yhp6ZA0Yet1r8CgYEAwiu1j8W9G+RRA5/8/DtO 37 yrUTOfsbFws4fpLGDTA0mq0whf6Soy/96C90+d9qLaC3srUpnG9eB0CpSOjbXXbv 38 kdxseLkexwOR3bD2FHX8r4dUM2bzznZyEaxfOaQypN8SV5ME3l60Fbr8ajqLO288 39 wlTmGM5Mn+YCqOg/T7wjGmcCgYBpzNfdl/VafOROVbBbhgXWtzsz3K3aYNiIjbp+ 40 MunStIwN8GUvcn6nEbqOaoiXcX4/TtpuxfJMLw4OvAJdtxUdeSmEee2heCijV6g3 41 ErrOOy6EqH3rNWHvlxChuP50cFQJuYOueO6QggyCyruSOnDDuc0BM0SGq6+5g5s7 42 H++S/wKBgQDIkqBtFr9UEf8d6JpkxS0RXDlhSMjkXmkQeKGFzdoJcYVFIwq8jTNB 43 nJrVIGs3GcBkqGic+i7rTO1YPkquv4dUuiIn+vKZVoO6b54f+oPBXd4S0BnuEqFE 44 rdKNuCZhiaE2XD9L/O9KP1fh5bfEcKwazQ23EvpJHBMm8BGC+/YZNw== 45 -----END RSA PRIVATE KEY-----`)) 46 k, _ := x509.ParsePKCS1PrivateKey(b.Bytes) 47 return k 48 }() 49 50 var cert = func() *x509.Certificate { 51 b, _ := pem.Decode([]byte(`-----BEGIN CERTIFICATE----- 52 MIIDBzCCAe+gAwIBAgIJAPr/Mrlc8EGhMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV 53 BAMMD3d3dy5leGFtcGxlLmNvbTAeFw0xNTEyMjgxOTE5NDVaFw0yNTEyMjUxOTE5 54 NDVaMBoxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB 55 BQADggEPADCCAQoCggEBANDoWzLos4LWxTn8Gyu2lEbl4WcelUbgLN5zYm4ron8A 56 hs+rvcsu2zkdD/s6jdGJI8WqJKhYK2u61ygnXgAZqC6ggtFPnBpizcDzjgND2g+a 57 ucSoUODHt67f0fQuAmupN/zp5MZysJ6IHLJnYLNpfJYk96lRz9ODnO1Mpqtr9PWx 58 m+pz7nzq5F0vRepkgpcRxv6ufQBjlrFytccyEVdXrvFtkjXcnhVVNSR4kHuOOMS6 59 D7pebSJ1mrCmshbD5SX1jXPBKFPAjozYX6PxqLxUx1Y4faFEf4MBBVcInyB4oURN 60 B2s59hEEi2jq9izNE7EbEK6BY5sEhoCPl9m32zE6ljkCAwEAAaNQME4wHQYDVR0O 61 BBYEFB9ZklC1Ork2zl56zg08ei7ss/+iMB8GA1UdIwQYMBaAFB9ZklC1Ork2zl56 62 zg08ei7ss/+iMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAVoTSQ5 63 pAirw8OR9FZ1bRSuTDhY9uxzl/OL7lUmsv2cMNeCB3BRZqm3mFt+cwN8GsH6f3uv 64 NONIhgFpTGN5LEcXQz89zJEzB+qaHqmbFpHQl/sx2B8ezNgT/882H2IH00dXESEf 65 y/+1gHg2pxjGnhRBN6el/gSaDiySIMKbilDrffuvxiCfbpPN0NRRiPJhd2ay9KuL 66 /RxQRl1gl9cHaWiouWWba1bSBb2ZPhv2rPMUsFo98ntkGCObDX6Y1SpkqmoTbrsb 67 GFsTG2DLxnvr4GdN1BSr0Uu/KV3adj47WkXVPeMYQti/bQmxQB8tRFhrw80qakTL 68 UzreO96WzlBBMtY= 69 -----END CERTIFICATE-----`)) 70 c, _ := x509.ParseCertificate(b.Bytes) 71 return c 72 }() 73 74 func main() { 75 logr := logger.DefaultLogger 76 baseURLstr := flag.String("idp", "", "The URL to the IDP") 77 flag.Parse() 78 79 baseURL, err := url.Parse(*baseURLstr) 80 if err != nil { 81 logr.Fatalf("cannot parse base URL: %v", err) 82 } 83 84 idpServer, err := samlidp.New(samlidp.Options{ 85 URL: *baseURL, 86 Key: key, 87 Logger: logr, 88 Certificate: cert, 89 Store: &samlidp.MemoryStore{}, 90 }) 91 if err != nil { 92 logr.Fatalf("%s", err) 93 } 94 95 hashedPassword, _ := bcrypt.GenerateFromPassword([]byte("hunter2"), bcrypt.DefaultCost) 96 err = idpServer.Store.Put("/users/alice", samlidp.User{Name: "alice", 97 HashedPassword: hashedPassword, 98 Groups: []string{"Administrators", "Users"}, 99 Email: "alice@example.com", 100 CommonName: "Alice Smith", 101 Surname: "Smith", 102 GivenName: "Alice", 103 }) 104 if err != nil { 105 logr.Fatalf("%s", err) 106 } 107 108 err = idpServer.Store.Put("/users/bob", samlidp.User{ 109 Name: "bob", 110 HashedPassword: hashedPassword, 111 Groups: []string{"Users"}, 112 Email: "bob@example.com", 113 CommonName: "Bob Smith", 114 Surname: "Smith", 115 GivenName: "Bob", 116 }) 117 if err != nil { 118 logr.Fatalf("%s", err) 119 } 120 121 goji.Handle("/*", idpServer) 122 goji.Serve() 123 }