Releases: andrewheberle/go-http-auth-server
v1.5.2
v1.5.1
The default in-memory attribute store now uses a LRU caching process and expires items after 1-hour of inactivity.
This is currently hard-coded in the compiled executable, however this is configurable when using the sp package using the following example:
root, _ := url.Parse("https://localhost:8080")
store := sp.NewMemoryAttributeStore(time.Hour * 8)
serviceProvider, err := sp.NewServiceProvider("./samlsp.crt", "./samlsp.key", root, sp.WithMetadataURL("https://mocksaml.com/api/saml/metadata"), sp.WithAttributeStore(store))v1.5.0
What's Changed
- By using a config file multiple service providers can be supported by @andrewheberle in #40
Example
With the following configuration files as config.yml:
service-providers:
- name: a
sp-url: http://localhost:9091/a
sp-cert: ./samlsp.crt
sp-key: ./samlsp.key
idp-metadata: https://mocksaml.com/api/saml/metadata
- name: b
sp-url: http://localhost:9091/b
sp-cert: ./samlsp.crt
sp-key: ./samlsp.key
idp-metadata: https://mocksaml.com/api/saml/metadataTwo service providers will be available using the following command:
./http-auth-server.exe --config config.ymlIn the above configuration, the SP name is optional and mainly used for logging purposes.
Full Changelog: v1.4.1...v1.5.0
Contributors
Assets 2
v1.3.7
This release uses a basic server side session store that holds claims based on the session ID.
The implementation is very basic with no expiry process so is likely to be problematic for high volume use.
v1.3.6
This version represents a working version that has been tested in the real world.
Known Issues
When large claims are returned by the SAML IdP the session cookie may be larger than the maximum allowed size of 4Kib, which will then be blocked by the browser.
This is an issue with the upstream and will require a custom implementation of the session codec to change how this works.