Is there a SAML library for The Go Language?

go saml-2.0
10,556

Solution 1

I have used gosaml and it works pretty good but there is also go-saml from robots and pencils.

I figured after a year, it would be good to answer this question because it would still be good to have some sort of answer here for people looking for SAML libraries for Go.

Solution 2

I haven't seen a SAML implementation for Go, but you could use a server that already implements it in front of your app.

One of the best supported SAML implementations is Shibboleth. The apache module is the most mature, and is probably the easiest method to use, since you just put your app behind a reverse proxy in apache. There's also a fastcgi authenticator, which uses the same backend, but I can't speak for it's ease of implementation.

If you just need a service-provider, the simplest SAML binding is HTTP-POST-SimpleSign. I made a proof-of-concept implementation in python, to try and demonstrate the simplest SP I could. I make no claims to the robustness of this module, but you can see that it could be done with not too much code. That's assuming the Identity Providers you're working with support this binding. And as always, be wary when deploying any custom security-related code.

Solution 3

If you want to validate SAML replies from AWS IdP in your assertion consumer endpoint then you better go with https://github.com/crewjam/saml as it does not rely on libxmlsec1 system library.

For some reason libxmlsec1 does not validate SAML replies from some IdP (AWS) successfully (supposedly because of some undefined namespaces).

Share:
10,556
Peter
Author by

Peter

Updated on July 06, 2022

Comments

  • Peter
    Peter almost 2 years

    I see that the goauth and go-oauth OAuth libraries have been written for the Go Programming Language, but a couple of hours of searching online turns up nothing for SAML.

    I would like to use Go to implement SSO support using SAML for a web service, but without a SAML library for Go it looks like I will have to "wrap" the SAML logic in a separate service, implemented in another language.

    Does anyone know of a Go-friendly SAML library, or maybe some some trick for using a Java, C, or PHP library from a Go program?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Go Http Handler is restarting itself during the execution of a command (cmd.Command)
Calling Google Cloud Run gRPC from Dart with Firebase authentication: certificate signed by unknown authority
Firebase Admin SDK Event Listener not triggered
How to use deep link in flutter web using navigator 2.0 on my webserver?
How to redirect to a login page if Flutter API response is unauthorized?
How does grpc-web security work in production?
Can gRPC be integrated into flutter-web?
Flutter, use DynamicLibrary.open() on prebuild GO .so library without the need to write Native Code(Java/Swift)
Flutter parsing json with DateTime from Golang RFC3339: FormatException: Invalid date format
Issues with post request in Flutter/Dart frontend with Go backend