lywsvip/cloudpods
1
0
Fork 0
mirror of https://github.com/yunionio/cloudpods.git synced 2026-05-17 04:27:47 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d7da3c6e9cd73dc052d871bb00dd2d2f8953aefd
cloudpods/pkg/util/samlutils/util.go
Qu Xuan 627503cdc1 feat(cloudid): add azure saml
2021-01-18 14:58:19 +08:00

139 lines
3.7 KiB
Go
Raw Blame History

// Copyright 2019 Yunion
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package samlutils
import (
"bytes"
"compress/flate"
"crypto/rsa"
"encoding/base64"
"fmt"
"io"
"strings"
"github.com/ma314smith/signedxml"
"yunion.io/x/log"
"yunion.io/x/pkg/errors"
"yunion.io/x/pkg/utils"
)
func compressString(in string) string {
buf := new(bytes.Buffer)
compressor, _ := flate.NewWriter(buf, 9)
compressor.Write([]byte(in))
compressor.Close()
return buf.String()
}
func decompressString(in string) string {
buf := new(bytes.Buffer)
decompressor := flate.NewReader(strings.NewReader(in))
io.Copy(buf, decompressor)
decompressor.Close()
return buf.String()
}
func compress(in []byte) ([]byte, error) {
buf := new(bytes.Buffer)
compressor, _ := flate.NewWriter(buf, 9)
_, err := compressor.Write(in)
if err != nil {
return nil, errors.Wrap(err, "compressor.Write")
}
compressor.Close()
return buf.Bytes(), nil
}
func decompress(in []byte) ([]byte, error) {
buf := new(bytes.Buffer)
decompressor := flate.NewReader(bytes.NewReader(in))
_, err := io.Copy(buf, decompressor)
if err != nil {
return nil, errors.Wrap(err, "io.Copy")
}
decompressor.Close()
return buf.Bytes(), nil
}
func SAMLDecode(input string) ([]byte, error) {
reqBytes, err := base64.StdEncoding.DecodeString(input)
if err != nil {
return nil, errors.Wrap(err, "base64.StdEncoding.DecodeString")
}
return func() []byte {
// Azure no need to decompress
plainText, err := decompress(reqBytes)
if err != nil {
log.Warningf("decompress %s error: %v", string(reqBytes), err)
return reqBytes
}
return plainText
}(), nil
}
func SAMLEncode(input []byte) (string, error) {
comp, err := compress(input)
if err != nil {
return "", errors.Wrap(err, "compress")
}
return base64.StdEncoding.EncodeToString(comp), nil
}
func SAMLForm(action string, attrs map[string]string) string {
form := strings.Builder{}
// form.WriteString(`<!DOCTYPE html><html lang="en-US"><body>`)
form.WriteString(`<form id="saml_submit_form" method="POST" action="`)
form.WriteString(action)
form.WriteString(`">`)
for k, v := range attrs {
form.WriteString(fmt.Sprintf("<input type=\"hidden\" name=\"%s\" value=\"%s\" />", k, v))
}
form.WriteString(`<input type="submit" value="Submit" />`)
form.WriteString("</form><script><!--\n")
form.WriteString("document.getElementById('saml_submit_form').submit();\n")
form.WriteString(`//--></script>`)
// form.WriteString(`</body></html>`)
return form.String()
}
func SignXML(xmlstr string, privateKey *rsa.PrivateKey) (string, error) {
signer, err := signedxml.NewSigner(string(xmlstr))
if err != nil {
return "", errors.Wrap(err, "signedxml.NewSigner")
}
signed, err := signer.Sign(privateKey)
if err != nil {
return "", errors.Wrap(err, "signer.Sign")
}
return signed, nil
}
func ValidateXML(signed string) ([]string, error) {
validator, err := signedxml.NewValidator(signed)
if err != nil {
return nil, errors.Wrap(err, "signedxml.NewValidator")
}
validXMLs, err := validator.ValidateReferences()
if err != nil {
return nil, errors.Wrap(err, "validator.ValidateReferences")
}
return validXMLs, nil
}
func GenerateSAMLId() string {
return "_" + utils.GenRequestId(16)
}
Reference in New Issue View Git Blame Copy Permalink