The highest tagged major version isv9.
samlinvalidate
package
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
- Stable version
When a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Invalidate SAML.
Submit a SAML LogoutRequest message to Elasticsearch for consumption.
NOTE: This API is intended for use by custom web applications other thanKibana.If you are using Kibana, refer to the documentation for configuring SAMLsingle-sign-on on the Elastic Stack.
The logout request comes from the SAML IdP during an IdP initiated SingleLogout.The custom web application can use this API to have Elasticsearch process the`LogoutRequest`.After successful validation of the request, Elasticsearch invalidates theaccess token and refresh token that corresponds to that specific SAMLprincipal and provides a URL that contains a SAML LogoutResponse message.Thus the user can be redirected back to their IdP.
Index¶
- Variables
- type NewSamlInvalidate
- type Request
- type Response
- type SamlInvalidate
- func (r *SamlInvalidate) Acs(acs string) *SamlInvalidate
- func (r SamlInvalidate) Do(providedCtx context.Context) (*Response, error)
- func (r *SamlInvalidate) ErrorTrace(errortrace bool) *SamlInvalidate
- func (r *SamlInvalidate) FilterPath(filterpaths ...string) *SamlInvalidate
- func (r *SamlInvalidate) Header(key, value string) *SamlInvalidate
- func (r *SamlInvalidate) HttpRequest(ctx context.Context) (*http.Request, error)
- func (r *SamlInvalidate) Human(human bool) *SamlInvalidate
- func (r SamlInvalidate) Perform(providedCtx context.Context) (*http.Response, error)
- func (r *SamlInvalidate) Pretty(pretty bool) *SamlInvalidate
- func (r *SamlInvalidate) QueryString(querystring string) *SamlInvalidate
- func (r *SamlInvalidate) Raw(raw io.Reader) *SamlInvalidate
- func (r *SamlInvalidate) Realm(realm string) *SamlInvalidate
- func (r *SamlInvalidate) Request(req *Request) *SamlInvalidate
Constants¶
This section is empty.
Variables¶
var ErrBuildPath =errors.New("cannot build path, check for missing path parameters")ErrBuildPath is returned in case of missing parameters within the build of the request.
Functions¶
This section is empty.
Types¶
typeNewSamlInvalidate¶
type NewSamlInvalidate func() *SamlInvalidate
NewSamlInvalidate type alias for index.
funcNewSamlInvalidateFunc¶
func NewSamlInvalidateFunc(tpelastictransport.Interface)NewSamlInvalidate
NewSamlInvalidateFunc returns a new instance of SamlInvalidate with the provided transport.Used in the index of the library this allows to retrieve every apis in once place.
typeRequest¶
type Request struct {// Acs The Assertion Consumer Service URL that matches the one of the SAML realm in// Elasticsearch that should be used. You must specify either this parameter or// the `realm` parameter.Acs *string `json:"acs,omitempty"`// QueryString The query part of the URL that the user was redirected to by the SAML IdP to// initiate the Single Logout.// This query should include a single parameter named `SAMLRequest` that// contains a SAML logout request that is deflated and Base64 encoded.// If the SAML IdP has signed the logout request, the URL should include two// extra parameters named `SigAlg` and `Signature` that contain the algorithm// used for the signature and the signature value itself.// In order for Elasticsearch to be able to verify the IdP's signature, the// value of the `query_string` field must be an exact match to the string// provided by the browser.// The client application must not attempt to parse or process the string in any// way.QueryStringstring `json:"query_string"`// Realm The name of the SAML realm in Elasticsearch the configuration. You must// specify either this parameter or the `acs` parameter.Realm *string `json:"realm,omitempty"`}Request holds the request body struct for the package samlinvalidate
typeResponse¶added inv8.7.0
type Response struct {// Invalidated The number of tokens that were invalidated as part of this logout.Invalidatedint `json:"invalidated"`// Realm The realm name of the SAML realm in Elasticsearch that authenticated the// user.Realmstring `json:"realm"`// Redirect A SAML logout response as a parameter so that the user can be redirected back// to the SAML IdP.Redirectstring `json:"redirect"`}Response holds the response body struct for the package samlinvalidate
typeSamlInvalidate¶
type SamlInvalidate struct {// contains filtered or unexported fields}funcNew¶
func New(tpelastictransport.Interface) *SamlInvalidate
Invalidate SAML.
Submit a SAML LogoutRequest message to Elasticsearch for consumption.
NOTE: This API is intended for use by custom web applications other thanKibana.If you are using Kibana, refer to the documentation for configuring SAMLsingle-sign-on on the Elastic Stack.
The logout request comes from the SAML IdP during an IdP initiated SingleLogout.The custom web application can use this API to have Elasticsearch process the`LogoutRequest`.After successful validation of the request, Elasticsearch invalidates theaccess token and refresh token that corresponds to that specific SAMLprincipal and provides a URL that contains a SAML LogoutResponse message.Thus the user can be redirected back to their IdP.
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-invalidate.html
func (*SamlInvalidate)Acs¶added inv8.9.0
func (r *SamlInvalidate) Acs(acsstring) *SamlInvalidate
Acs The Assertion Consumer Service URL that matches the one of the SAML realm inElasticsearch that should be used. You must specify either this parameter orthe `realm` parameter.API name: acs
func (SamlInvalidate)Do¶
func (rSamlInvalidate) Do(providedCtxcontext.Context) (*Response,error)
Do runs the request through the transport, handle the response and returns a samlinvalidate.Response
func (*SamlInvalidate)ErrorTrace¶added inv8.14.0
func (r *SamlInvalidate) ErrorTrace(errortracebool) *SamlInvalidate
ErrorTrace When set to `true` Elasticsearch will include the full stack trace of errorswhen they occur.API name: error_trace
func (*SamlInvalidate)FilterPath¶added inv8.14.0
func (r *SamlInvalidate) FilterPath(filterpaths ...string) *SamlInvalidate
FilterPath Comma-separated list of filters in dot notation which reduce the responsereturned by Elasticsearch.API name: filter_path
func (*SamlInvalidate)Header¶
func (r *SamlInvalidate) Header(key, valuestring) *SamlInvalidate
Header set a key, value pair in the SamlInvalidate headers map.
func (*SamlInvalidate)HttpRequest¶
HttpRequest returns the http.Request object built from thegiven parameters.
func (*SamlInvalidate)Human¶added inv8.14.0
func (r *SamlInvalidate) Human(humanbool) *SamlInvalidate
Human When set to `true` will return statistics in a format suitable for humans.For example `"exists_time": "1h"` for humans and`"eixsts_time_in_millis": 3600000` for computers. When disabled the humanreadable values will be omitted. This makes sense for responses beingconsumedonly by machines.API name: human
func (SamlInvalidate)Perform¶added inv8.7.0
Perform runs the http.Request through the provided transport and returns an http.Response.
func (*SamlInvalidate)Pretty¶added inv8.14.0
func (r *SamlInvalidate) Pretty(prettybool) *SamlInvalidate
Pretty If set to `true` the returned JSON will be "pretty-formatted". Only usethis option for debugging only.API name: pretty
func (*SamlInvalidate)QueryString¶added inv8.9.0
func (r *SamlInvalidate) QueryString(querystringstring) *SamlInvalidate
QueryString The query part of the URL that the user was redirected to by the SAML IdP toinitiate the Single Logout.This query should include a single parameter named `SAMLRequest` thatcontains a SAML logout request that is deflated and Base64 encoded.If the SAML IdP has signed the logout request, the URL should include twoextra parameters named `SigAlg` and `Signature` that contain the algorithmused for the signature and the signature value itself.In order for Elasticsearch to be able to verify the IdP's signature, thevalue of the `query_string` field must be an exact match to the stringprovided by the browser.The client application must not attempt to parse or process the string in anyway.API name: query_string
func (*SamlInvalidate)Raw¶
func (r *SamlInvalidate) Raw(rawio.Reader) *SamlInvalidate
Raw takes a json payload as input which is then passed to the http.RequestIf specified Raw takes precedence on Request method.
func (*SamlInvalidate)Realm¶added inv8.9.0
func (r *SamlInvalidate) Realm(realmstring) *SamlInvalidate
Realm The name of the SAML realm in Elasticsearch the configuration. You mustspecify either this parameter or the `acs` parameter.API name: realm
func (*SamlInvalidate)Request¶
func (r *SamlInvalidate) Request(req *Request) *SamlInvalidate
Request allows to set the request property with the appropriate payload.
Source Files