-
Notifications
You must be signed in to change notification settings - Fork 434
/
session.go
89 lines (73 loc) · 2.76 KB
/
session.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package samlsp
import (
"context"
"errors"
"net/http"
"github.com/crewjam/saml"
)
// Session is an interface implemented to contain a session.
type Session interface{}
// SessionWithAttributes is a session that can expose the
// attributes provided by the SAML identity provider.
type SessionWithAttributes interface {
Session
GetAttributes() Attributes
}
// ErrNoSession is the error returned when the remote user does not have a session
var ErrNoSession = errors.New("saml: session not present")
// SessionProvider is an interface implemented by types that can track
// the active session of a user. The default implementation is CookieSessionProvider
type SessionProvider interface {
// CreateSession is called when we have received a valid SAML assertion and
// should create a new session and modify the http response accordingly, e.g. by
// setting a cookie.
CreateSession(w http.ResponseWriter, r *http.Request, assertion *saml.Assertion) error
// DeleteSession is called to modify the response such that it removed the current
// session, e.g. by deleting a cookie.
DeleteSession(w http.ResponseWriter, r *http.Request) error
// GetSession returns the current Session associated with the request, or
// ErrNoSession if there is no valid session.
GetSession(r *http.Request) (Session, error)
}
// SessionCodec is an interface to convert SAML assertions to a
// Session. The default implementation uses JWTs, JWTSessionCodec.
type SessionCodec interface {
// New creates a Session from the SAML assertion.
New(assertion *saml.Assertion) (Session, error)
// Encode returns a serialized version of the Session.
//
// Note: When implementing this function, it is reasonable to expect that
// Session is of the exact type returned by New(), and panic if it is not.
Encode(s Session) (string, error)
// Decode parses the serialized session that may have been returned by Encode
// and returns a Session.
Decode(string) (Session, error)
}
type indexType int
const sessionIndex indexType = iota
// SessionFromContext returns the session associated with ctx, or nil
// if no session are associated
func SessionFromContext(ctx context.Context) Session {
v := ctx.Value(sessionIndex)
if v == nil {
return nil
}
return v.(Session)
}
// ContextWithSession returns a new context with session associated
func ContextWithSession(ctx context.Context, session Session) context.Context {
return context.WithValue(ctx, sessionIndex, session)
}
// AttributeFromContext is a convenience method that returns the named attribute
// from the session, if available.
func AttributeFromContext(ctx context.Context, name string) string {
s := SessionFromContext(ctx)
if s == nil {
return ""
}
sa, ok := s.(SessionWithAttributes)
if !ok {
return ""
}
return sa.GetAttributes().Get(name)
}