mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 01:47:33 +00:00
feat(saml): implementation of saml for ZITADEL v2 (#3618)
This commit is contained in:
Stefan Benz
40
internal/domain/application_saml.go
Normal file
40
internal/domain/application_saml.go
Normal file
@@ -0,0 +1,40 @@
|
||||
package domain
|
||||
|
||||
import (
|
||||
"github.com/zitadel/zitadel/internal/eventstore/v1/models"
|
||||
)
|
||||
|
||||
type SAMLApp struct {
|
||||
models.ObjectRoot
|
||||
|
||||
AppID string
|
||||
AppName string
|
||||
EntityID string
|
||||
Metadata []byte
|
||||
MetadataURL string
|
||||
|
||||
State AppState
|
||||
}
|
||||
|
||||
func (a *SAMLApp) GetApplicationName() string {
|
||||
return a.AppName
|
||||
}
|
||||
|
||||
func (a *SAMLApp) GetState() AppState {
|
||||
return a.State
|
||||
}
|
||||
|
||||
func (a *SAMLApp) GetMetadata() []byte {
|
||||
return a.Metadata
|
||||
}
|
||||
|
||||
func (a *SAMLApp) GetMetadataURL() string {
|
||||
return a.MetadataURL
|
||||
}
|
||||
|
||||
func (a *SAMLApp) IsValid() bool {
|
||||
if a.MetadataURL == "" && a.Metadata == nil {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
@@ -119,6 +119,8 @@ func NewAuthRequestFromType(requestType AuthRequestType) (*AuthRequest, error) {
|
||||
switch requestType {
|
||||
case AuthRequestTypeOIDC:
|
||||
return &AuthRequest{Request: &AuthRequestOIDC{}}, nil
|
||||
case AuthRequestTypeSAML:
|
||||
return &AuthRequest{Request: &AuthRequestSAML{}}, nil
|
||||
}
|
||||
return nil, errors.ThrowInvalidArgument(nil, "DOMAIN-ds2kl", "invalid request type")
|
||||
}
|
||||
|
||||
@@ -10,22 +10,32 @@ import (
|
||||
type KeyPair struct {
|
||||
es_models.ObjectRoot
|
||||
|
||||
Usage KeyUsage
|
||||
Algorithm string
|
||||
PrivateKey *Key
|
||||
PublicKey *Key
|
||||
Usage KeyUsage
|
||||
Algorithm string
|
||||
PrivateKey *Key
|
||||
PublicKey *Key
|
||||
Certificate *Key
|
||||
}
|
||||
|
||||
type KeyUsage int32
|
||||
|
||||
const (
|
||||
KeyUsageSigning KeyUsage = iota
|
||||
KeyUsageSAMLMetadataSigning
|
||||
KeyUsageSAMLResponseSinging
|
||||
KeyUsageSAMLCA
|
||||
)
|
||||
|
||||
func (u KeyUsage) String() string {
|
||||
switch u {
|
||||
case KeyUsageSigning:
|
||||
return "sig"
|
||||
case KeyUsageSAMLCA:
|
||||
return "saml_ca"
|
||||
case KeyUsageSAMLResponseSinging:
|
||||
return "saml_response_sig"
|
||||
case KeyUsageSAMLMetadataSigning:
|
||||
return "saml_metadata_sig"
|
||||
}
|
||||
return ""
|
||||
}
|
||||
@@ -38,7 +48,8 @@ type Key struct {
|
||||
func (k *KeyPair) IsValid() bool {
|
||||
return k.Algorithm != "" &&
|
||||
k.PrivateKey != nil && k.PrivateKey.IsValid() &&
|
||||
k.PublicKey != nil && k.PublicKey.IsValid()
|
||||
k.PublicKey != nil && k.PublicKey.IsValid() &&
|
||||
k.Certificate != nil && k.Certificate.IsValid()
|
||||
}
|
||||
|
||||
func (k *Key) IsValid() bool {
|
||||
|
||||
@@ -39,6 +39,13 @@ func (a *AuthRequestOIDC) IsValid() bool {
|
||||
}
|
||||
|
||||
type AuthRequestSAML struct {
|
||||
ID string
|
||||
RequestID string
|
||||
BindingType string
|
||||
Code string
|
||||
Issuer string
|
||||
IssuerName string
|
||||
Destination string
|
||||
}
|
||||
|
||||
func (a *AuthRequestSAML) Type() AuthRequestType {
|
||||
|
||||
Reference in New Issue
Block a user