Module esaml_cowboy

Convenience functions for use with Cowboy handlers.

Description

Convenience functions for use with Cowboy handlers

This module makes it easier to use esaml in your Cowboy-based web application, by providing easy wrappers around the functions in esaml_binding and esaml_sp.

Data Types

custom_security_callback()

custom_security_callback() = fun((#xmlElement{}, esaml:assertion(), custom_security_callback_state()) -> ok | {error, any()})

custom_security_callback_state()

custom_security_callback_state() = any()

uri()

uri() = string()

xml_callback_fun()

xml_callback_fun() = fun((#xmlElement{}, xml_callback_state()) -> any())

xml_callback_state()

xml_callback_state() = any()

Function Index

reply_with_authnreq/4Reply to a Cowboy request with an AuthnRequest payload.
reply_with_authnreq/7Reply to a Cowboy request with an AuthnRequest payload and calls the callback with the (signed?) XML.
reply_with_logoutreq/4Reply to a Cowboy request with a LogoutRequest payload.
reply_with_logoutresp/5Reply to a Cowboy request with a LogoutResponse payload.
reply_with_metadata/2Reply to a Cowboy request with a Metadata payload.
validate_assertion/2Validate and parse an Assertion inside a SAMLResponse.
validate_assertion/3
validate_assertion/5Validate and parse an Assertion with duplicate detection.
validate_logout/2Validate and parse a LogoutRequest or LogoutResponse.

Function Details

reply_with_authnreq/4

reply_with_authnreq(SP::esaml:sp(), IdPSSOEndpoint::uri(), RelayState::binary(), Req) -> Req

Reply to a Cowboy request with an AuthnRequest payload

RelayState is an arbitrary blob up to 80 bytes long that will be returned verbatim with any assertion that results from this AuthnRequest.

reply_with_authnreq/7

reply_with_authnreq(SP::esaml:sp(), IdPSSOEndpoint::uri(), RelayState::binary(), Req, User_Name_Id::undefined | string(), Xml_Callback::undefined | xml_callback_fun(), Xml_Callback_State::undefined | xml_callback_state()) -> Req

Reply to a Cowboy request with an AuthnRequest payload and calls the callback with the (signed?) XML

Similar to reply_with_authnreq/4, but before replying - calls the callback with the (signed?) XML, allowing persistence and later validation.

reply_with_logoutreq/4

reply_with_logoutreq(SP::esaml:sp(), IdPSLOEndpoint::uri(), NameID::string(), Req) -> Req

Reply to a Cowboy request with a LogoutRequest payload

NameID should be the exact subject name from the assertion you wish to log out.

reply_with_logoutresp/5

reply_with_logoutresp(SP::esaml:sp(), IdPSLOEndpoint::uri(), Status::esaml:status_code(), RelayState::binary(), Req) -> Req

Reply to a Cowboy request with a LogoutResponse payload

Be sure to keep the RelayState from the original LogoutRequest that you received to allow the IdP to keep state.

reply_with_metadata/2

reply_with_metadata(SP::esaml:sp(), Req) -> Req

Reply to a Cowboy request with a Metadata payload

validate_assertion/2

validate_assertion(SP::esaml:sp(), Req) -> {ok, esaml:assertion(), RelayState::binary(), Req} | {error, Reason::term(), Req}

Validate and parse an Assertion inside a SAMLResponse

This function handles only POST bindings.

validate_assertion/3

validate_assertion(SP::esaml:sp(), DuplicateFun::esaml_sp:dupe_fun(), Req) -> {ok, esaml:assertion(), RelayState::binary(), Req} | {error, Reason::term(), Req}

validate_assertion/5

validate_assertion(SP::esaml:sp(), DuplicateFun::esaml_sp:dupe_fun(), Custom_Response_Security_Callback::undefined | custom_security_callback(), Callback_State::undefined | custom_security_callback_state(), Req) -> {ok, esaml:assertion(), RelayState::binary(), Req} | {error, Reason::term(), Req}

Validate and parse an Assertion with duplicate detection

This function handles only POST bindings.

For the signature of DuplicateFun, see esaml_sp:validate_assertion/3

validate_logout/2

validate_logout(SP::esaml:sp(), Req) -> {request, esaml:logoutreq(), RelayState::binary(), Req} | {response, esaml:logoutresp(), RelayState::binary(), Req} | {error, Reason::term(), Req}

Validate and parse a LogoutRequest or LogoutResponse

This function handles both REDIRECT and POST bindings.


Generated by EDoc