The wsfed package provides functionality for:
- Generating a redirect url to an IDP
- Parsing Tokens generated by an IDP (currently only SAML v1.1 Tokens are supported since that was my specific use case, but it wouldn't take much work to add other Tokens)
go get github.com/ma314smith/go-wsfed
config = wsfed.Config{}
// set the metatdata url for the IDP (alternatively set the IDPEndpoint)
config.MetadataURL = "https://idp.example.com/wsfederation/metadata"
// trust the certs in the metadata (alternatively set the TrustedCerts)
config.MetadataCertsAreTrusted = true
// poll the metadata once a week to check for any new certificates.
// the default is 0 seconds, which never refreshes after the initial poll
config.MetadataRefreshIntervalSeconds = 604800
// set your realm
config.Realm = "http://realm.example.com"
// use your config to create a new WSFed object
sso = wsfed.New(&config)// get the default request parameters (wa, wtrealm, wct) or create your own
rp := sso.GetDefaultRequestParameters()
// pass the RequestParameters to GetRequestURL
url, err := sso.GetRequestURL(rp)// get the wresult parameter from the IDP POST
wresult := r.PostFormValue("wresult")
// pass the wresult to ParseResponse
claims, err := sso.ParseResponse(wresult)Contributions are welcome. Just fork the repo and send a pull request.