saml
saml copied to clipboard
crewjam
Step To Build A New IDP
First of all thanks for this great library! I have successfully tried on the Service Provider side in the first step, but then it failed at the next step, building my own IDP. Step to produce : I made a copy of idp.go from the sample directory. then create a new ssl with the command :
openssl req -x509 -newkey rsa:2048 -keyout myservice.key -out myservice.cert -days 365 -nodes -subj "/CN=myidp.com"
But then failed with error
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x18 pc=0x88cbe5]
goroutine 1 [running]:
main.glob..func1()
D:/GoProjects/myidp/main.go:70 +0x65
main.init()
D:/GoProjects/myidp/main.go:72 +0x17
exit status 2
var key = func() crypto.PrivateKey {
b, _ := pem.Decode([]byte(`---MYNEWPRIVATEKEY---`))
k, _ := x509.ParsePKCS1PrivateKey(b.Bytes) //<==This Line here!
return k
}()
same problem appears if I use free ssl from letsencrypt
how should I create new ssl on Idp side ?
The problem above has been resolved
Back To Original Code
I went back to the original code (also using the same private code and x509.Certificate) on the Idp side. And try to test it again as Service Provider and Identity Provider.
My Service Provider runs on http://localhost:8080/
Using the original code from trivial.go (SP) and using samltest.id as Idp test
idpMetadataURL, err := url.Parse("https://samltest.id/saml/idp")
url http://localhost:8080/hello url successfully redirected to https://samltest.id/idp/profile/SAML2/Redirect/SSO;jsessionid=CB608AB295FC86549E1DE69E2AE7E98A?execution=e1s1
fill the login form and then redirect back to http://localhost:8080/hello as it should be
Then..
Upload metadata file produced by http://localhost:8080/saml/metadata to
url POST http://localhost:8000/services/1
check the url GET http://localhost:8000/services/1 and the xml data displays as it should.
Then, I changed the Idp Url
idpMetadataURL, err := url.Parse("http://localhost:8000/metadata")
which is the url to idp (original code idp.go)
the url http://localhost:8080/hello changed to http://localhost:8080/sso?SAMLRequest=xxxxx...
the same SP host not redirect to Idp host and gave 404 page not found error status.
turns out when I directly access url with browser http://localhost:8000/metadata it provide the metadata xml!
what did I do wrong?
Do It Manually (Problem No.2)
I'm trying to manually access Idp url http://localhost:8000/sso?SAMLRequest=xxxxx...
The login form is opened; fill the form and yet
this error message appears on the console (the Service Provider side)
2022/01/02 17:19:08 WARNING: received invalid saml response: (now: 2022-01-02 17:19:08.6499395 +0700 +07) cannot unmarshal response: EOF
And the IDP Side :
2022/01/02 17:15:25.006502 [DESKTOP-4FVT10E/WwZiMOSUsP-000007] Returning 200 in 2.1845ms
2022/01/02 17:15:31.198130 [DESKTOP-4FVT10E/WwZiMOSUsP-000008] Started POST "/sso" from 127.0.0.1:62854
2022/01/02 17:15:31.198130 [DESKTOP-4FVT10E/WwZiMOSUsP-000008] Returning 200 in 0s
2022/01/02 17:16:22.686675 [DESKTOP-4FVT10E/WwZiMOSUsP-000009] Started POST "/sso" from 127.0.0.1:62854
2022/01/02 17:16:22.755205 [DESKTOP-4FVT10E/WwZiMOSUsP-000009] panic: runtime error: invalid memory address or nil pointer dereference
goroutine 35 [running]:
runtime/debug.Stack()
C:/Program Files/Go/src/runtime/debug/stack.go:24 +0x65
runtime/debug.PrintStack()
C:/Program Files/Go/src/runtime/debug/stack.go:16 +0x19
github.com/zenazn/goji/web/middleware.Recoverer.func1.1()
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware/recoverer.go:24 +0x6a
panic({0xda73e0, 0x110e7b0})
C:/Program Files/Go/src/runtime/panic.go:1038 +0x215
crypto/rsa.SignPKCS1v15({0xe92120, 0x1175308}, 0x0, 0xe19db0, {0xc00012e4e0, 0x14, 0x0})
C:/Program Files/Go/src/crypto/rsa/pkcs1v15.go:238 +0x1ba
github.com/russellhaering/goxmldsig.(*SigningContext).ConstructSignature(0xc0000caeb8, 0x6, 0x8)
D:/GoDev/pkg/mod/github.com/russellhaering/[email protected]/sign.go:188 +0x285
github.com/russellhaering/goxmldsig.(*SigningContext).SignEnveloped(0xc0004c9320, 0xe1de71)
D:/GoDev/pkg/mod/github.com/russellhaering/[email protected]/sign.go:213 +0x27
github.com/crewjam/saml.(*IdpAuthnRequest).MakeAssertionEl(0xc0004aa600)
D:/GoDev/pkg/mod/github.com/crewjam/[email protected]/identity_provider.go:835 +0x3ad
github.com/crewjam/saml.(*IdpAuthnRequest).MakeResponse(0xc0004aa600)
D:/GoDev/pkg/mod/github.com/crewjam/[email protected]/identity_provider.go:989 +0x45
github.com/crewjam/saml.(*IdpAuthnRequest).WriteResponse(0xc0004aa600, {0x24362634068, 0xc0003f3900})
D:/GoDev/pkg/mod/github.com/crewjam/[email protected]/identity_provider.go:882 +0x50
github.com/crewjam/saml.(*IdentityProvider).ServeSSO(0xc000160880, {0x24362634068, 0xc0003f3900}, 0x3ff)
D:/GoDev/pkg/mod/github.com/crewjam/[email protected]/identity_provider.go:251 +0x370
github.com/crewjam/saml/samlidp.(*Server).InitializeHTTP.func2({0x24362634068, 0xc0003f3900}, 0xe93160)
D:/GoDev/pkg/mod/github.com/crewjam/[email protected]/samlidp/samlidp.go:95 +0xbb
github.com/zenazn/goji/web.netHTTPHandlerFuncWrap.ServeHTTPC({0xc0001be508}, {0xc00027a780, 0x24362634068}, {0x24362634068, 0xc0003f3900}, 0xc00016a640)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/handler.go:22 +0x30
github.com/zenazn/goji/web.(*router).route(0x0, 0xc00027a780, {0x24362634068, 0xc0003f3900}, 0xc0000cb5e8)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/router.go:119 +0x13f
github.com/zenazn/goji/web.(*mStack).newStack.func1({0x24362634068, 0xc0003f3900}, 0xc000143980)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware.go:88 +0x43
net/http.HandlerFunc.ServeHTTP(0xc0001be4d0, {0x24362634068, 0xc0003f3900}, 0xc00016a640)
C:/Program Files/Go/src/net/http/server.go:2047 +0x2f
github.com/zenazn/goji/web.(*cStack).ServeHTTP(...)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware.go:46
github.com/zenazn/goji/web.(*Mux).ServeHTTP(0xc0001be4d0, {0x24362634068, 0xc0003f3900}, 0xa0e74b)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/mux.go:45 +0x82
github.com/zenazn/goji/web.netHTTPHandlerWrap.ServeHTTPC(...)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/handler.go:19
github.com/zenazn/goji/web.(*router).route(0xa03bf2, 0xc00027a6c0, {0x24362634068, 0xc0003f3900}, 0xc0000cb750)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/router.go:119 +0x13f
github.com/zenazn/goji/web.(*mStack).newStack.func1({0x24362634068, 0xc0003f3900}, 0xc0000cb778)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware.go:88 +0x43
net/http.HandlerFunc.ServeHTTP(0xa03cb4, {0x24362634068, 0xc0003f3900}, 0x30000)
C:/Program Files/Go/src/net/http/server.go:2047 +0x2f
github.com/zenazn/goji/web/middleware.AutomaticOptions.func1({0x24362634068, 0xc0003f3900}, 0xc0000cb808)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware/options.go:70 +0x110
net/http.HandlerFunc.ServeHTTP(0xda3a20, {0x24362634068, 0xc0003f3900}, 0x40)
C:/Program Files/Go/src/net/http/server.go:2047 +0x2f
github.com/zenazn/goji/web/middleware.Recoverer.func1({0x24362634068, 0xc0003f3900}, 0xc0003f3900)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware/recoverer.go:29 +0x1a7
net/http.HandlerFunc.ServeHTTP(0xc0001406c0, {0x24362634068, 0xc0003f3900}, 0x24362723170)
C:/Program Files/Go/src/net/http/server.go:2047 +0x2f
github.com/zenazn/goji/web/middleware.Logger.func1({0xe99e28, 0xc0004a60e0}, 0xc0000cb9c8)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware/logger.go:35 +0x305
net/http.HandlerFunc.ServeHTTP(0xda3a20, {0xe99e28, 0xc0004a60e0}, 0x2)
C:/Program Files/Go/src/net/http/server.go:2047 +0x2f
github.com/zenazn/goji/web/middleware.RequestID.func1({0xe99e28, 0xc0004a60e0}, 0xc000142f60)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware/request_id.go:68 +0x1a2
net/http.HandlerFunc.ServeHTTP(0xc00018c310, {0xe99e28, 0xc0004a60e0}, 0xffffffffffffffff)
C:/Program Files/Go/src/net/http/server.go:2047 +0x2f
github.com/zenazn/goji/web.(*cStack).ServeHTTP(...)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/middleware.go:46
github.com/zenazn/goji/web.(*Mux).ServeHTTP(0xc00018c310, {0xe99e28, 0xc0004a60e0}, 0xa0c92d)
D:/GoDev/pkg/mod/github.com/zenazn/[email protected]/web/mux.go:45 +0x82
net/http.(*ServeMux).ServeHTTP(0x0, {0xe99e28, 0xc0004a60e0}, 0xc0003ac800)
C:/Program Files/Go/src/net/http/server.go:2425 +0x149
net/http.serverHandler.ServeHTTP({0xe98f88}, {0xe99e28, 0xc0004a60e0}, 0xc0003ac800)
C:/Program Files/Go/src/net/http/server.go:2879 +0x43b
net/http.(*conn).serve(0xc0000b8140, {0xe9be80, 0xc00027a420})
C:/Program Files/Go/src/net/http/server.go:1930 +0xb08
created by net/http.(*Server).Serve
C:/Program Files/Go/src/net/http/server.go:3034 +0x4e8
Does anyone else have a guide on how to build Idp with this repository? Thanks in advance
1st Problem Is Solved
Turns out the problem is the space (yellow box) lack of coffee makes this happen
one more to go!