jumarmartin
commented
1 year ago (abridged from https://github.com/crewjam/saml#getting-started-as-a-service-provider)
-
inside of the backend fodler, create a X.509 keypair using the following command:
openssl req -x509 -newkey rsa:2048 -keyout myservice.key -out myservice.cert -days 365 -nodes -subj "/CN=myservice.example.com" -
run the following command to generate a metadata file:
mdpath=saml-test-$USER-$HOST.xml \ curl localhost:8000/saml/metadata > $mdpath -
upload the metadata file to https://samltest.id/upload.php
-
browse to localhost:3000/affiliate
-
login through samltest.id (same pattern of Elon's login feature)
added new path for SAML support, "/saml"
removed identity as this is no longer required due to samlsp.RequireAccount middleware (maybe)
naïvely generated key/cert, added skeleton for possible pass-in-flag-or-env-var
added initializeSaml to services initializer
rename Services -> svc in main.go
improved make run in ods/backend to support local dev without building docker container
cleaned up go.mod