Safe Haskell	Safe-Inferred
Language	Haskell2010

Network.Wai.SAML2.Request

Description

Defines types and functions for SP-initiated SSO. Use issueAuthnRequest to initialise an AuthnRequest value which stores the parameters for the authentication request you wish to issue to the IdP. You can update this value as required.

Use renderBase64 to render the request for use with a HTTP POST binding [1], or renderUrlEncodingDeflate for HTTP redirect binding[2] respectively. You may wish to read the SAML2 overview for this process.

[1] https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf#page=21 Section 3.5 HTTP POST Binding
[2] https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf#page=15 Section 3.4 HTTP Redirect Binding

Since: 0.4

Synopsis

data AuthnRequest = AuthnRequest {
- authnRequestTimestamp :: !UTCTime
- authnRequestID :: !Text
- authnRequestIssuer :: !Text
- authnRequestDestination :: !(Maybe Text)
- authnRequestAllowCreate :: !Bool
- authnRequestNameIDFormat :: !NameIDFormat
}
issueAuthnRequest :: Text -> IO AuthnRequest
renderBase64 :: AuthnRequest -> ByteString
renderUrlEncodingDeflate :: AuthnRequest -> ByteString
renderXML :: AuthnRequest -> ByteString

Documentation

data AuthnRequest Source #

Parameters for SP-initiated SSO

Constructors

AuthnRequest

Fields

authnRequestTimestamp :: !UTCTime
The time at which AuthnRequest was created.
authnRequestID :: !Text
Unique identifier for AuthnRequest which should be preserved by the IdP in its response.
authnRequestIssuer :: !Text
SP Entity ID
authnRequestDestination :: !(Maybe Text)
The URI reference to which this request is to be sent. Required for signed requests
Since: 0.5
authnRequestAllowCreate :: !Bool
Allow IdP to generate a new identifier
authnRequestNameIDFormat :: !NameIDFormat
The URI reference corresponding to a name identifier format

Instances

Instances details

Show AuthnRequest Source #
Instance details Defined in Network.Wai.SAML2.Request Methods showsPrec :: Int -> AuthnRequest -> ShowS # show :: AuthnRequest -> String # showList :: [AuthnRequest] -> ShowS #
Eq AuthnRequest Source #
Instance details Defined in Network.Wai.SAML2.Request Methods (==) :: AuthnRequest -> AuthnRequest -> Bool # (/=) :: AuthnRequest -> AuthnRequest -> Bool #

issueAuthnRequest Source #

Arguments

:: Text	SP Entity ID
-> IO AuthnRequest

Creates a default AuthnRequest with the current timestamp and a randomly-generated ID.

renderBase64 :: AuthnRequest -> ByteString Source #

Renders and base64-encodes an AuthnRequest for SP initiated SSO suitable for use with HTTP POST binding

If used in an HTTP POST binding, the value should be sent as an invisible form control named SAMLRequest

renderUrlEncodingDeflate :: AuthnRequest -> ByteString Source #

Renders an AuthnRequest for SP initiated SSO according to urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE and suitable for use with HTTP Redirect binding

The value should be sent as a query parameter named SAMLRequest

renderXML :: AuthnRequest -> ByteString Source #

Render an AuthnRequest as XML