Modules
Public entry points for strict-by-default SAML protocol flows.
Value struct representing the resolved trust relationship for a SAML connection.
Public extension contract for resolving the SAML connection context.
Thin persisted-connection resolver adapter.
Diagnostic bundle orchestration service.
Compiles system state and metrics into an explicitly redacted, in-memory .zip archive.
Explicit redaction and transformation engine for diagnostic bundle generation. Ensures that sensitive data (PII, secrets, keys) does not leak when exporting system state for debugging.
Coordinator for bulk operations across multiple connections.
Stable typed error contract for Relyra security and protocol paths.
Public extension contract for SP decryption private key material.
Optional LiveView admin surface helpers.
Mountable LiveView router for the optional Relyra admin surface.
Resolved admin scope for the optional LiveView surface.
Host callback contract for resolving admin actor and organization scope.
The successful outcome of a SAML response consumption.
Shared redaction and export for login trace steps and audit rows.
Phase 21 scheduled-refresh wrapper per D-05. Does NOT re-implement
Relyra.Metadata.Refresh.refresh/2 — wraps it from outside, inserting
the asymmetric-strictness checks D-15..D-21 BEFORE any deep parse.
Pure exponential-backoff schedule for Phase 21 auto-suspend per D-25.
Pure cadence resolver for Phase 21 scheduled metadata refresh.
Drift detection for Phase 21 scheduled metadata refresh per D-18.
Pure D-27 classifier. Maps a Phase-21 error-code atom to three flags
that drive the [:relyra, :saml, :metadata, :auto_refresh, ...] state
machine and telemetry payload (D-23/D-27).
Phase 21 scheduled metadata refresh entry point per D-01.
Operator-pinned trust-anchor check for Phase 21 scheduled metadata refresh per D-17.
Optional-deps gateway for Oban (D-02, D-37 canonical pattern). Lets the
Phase 21 worker (Relyra.Workers.MetadataRefresh) and the documented
Oban Cron one-liner reference Oban modules even when Oban is not in the
adopter's deps tree.
Phoenix integration for Relyra.
Plug to skip CSRF protection for SAML ACS routes.
Exposes the saml_routes/2 macro for mounting SAML endpoints in a Phoenix router.
Represents the verified subject identity and attributes from a SAML assertion.
Provider preset registry for known SAML IdPs.
Public extension contract for atomic replay-key consumption.
Public extension contract for request-intent persistence and one-time consumption.
Batch traversal function to check for expiring SAML certificates.
Security utility for validating redirect paths to prevent Open Redirect vulnerabilities.
Hardened XML seam contract for trust-sensitive SAML handling.
Escapes a string for use in an XML attribute value per Exclusive C14N rules.
Hand-rolled Exclusive XML Canonicalization 1.0 (no-comments)
(http://www.w3.org/2001/10/xml-exc-c14n#) engine over the
Relyra.Security.XML.SaxyTree.Node parse-tree shape.
Runtime security-corpus gate for the Phase 21 scheduled-refresh path per D-21.
Pure-BEAM baseline adapter for XML seam enforcement.
Saxy.Handler that turns a raw SAML XML binary into a structured parse tree
carrying, per element node: the verbatim qualified name, raw attributes in
document order, and a computed in-scope namespace stack inherited from
ancestors.
A single element node in the Relyra.Security.XML.SaxyTree parse tree.
Public extension contract for handing off authenticated subjects to host sessions.
Telemetry catalog for Relyra SAML events.
Optional reference handler for Phase 21 scheduled metadata refresh
telemetry. Emits one redaction-aware Logger line per documented
[:relyra, :saml, :metadata, :auto_refresh, ...] event.
Telemetry handler that accumulates consume-path span outcomes and flushes one
domain: :login audit row per consume_response/3 attempt.
Test helpers for adapter and controller tests.
A small in-process SAML response builder for tests.
Phase 29 (D-11) — a minimal, genuine XMLDSig signer for tests.
Public extension contract for mapping verified login data into a host-shaped user map.
Optional Oban worker that drives Relyra.Metadata.Scheduler.run_due/2
per D-02. Compiles whether or not Oban is in the adopter's deps tree
(Pitfall 5 — mix compile --no-optional-deps --warnings-as-errors
lane).
Mix Tasks
Generates the checked-in batteries-included proof artifact from executable repo state.
Generates the checked-in conformance report from executable manifest state.
Generates a diagnostic bundle of the current Relyra state.
Pins a SHA-256 trust fingerprint onto a connection's metadata source.
Runs any due Phase 21 scheduled metadata refreshes once.
Generates the checked-in security review evidence packet from executable security state.
Prints redacted login traces for a connection (headless operator inspection).
Verifies that the file list inside the published Hex tarball for X.Y.Z
matches the file list at git tag vX.Y.Z over Relyra's full package.files
scope (lib/, priv/, docs/, guides/, and root artifacts).