This also allows users to use more complex 2FA methods, as well as adding support for browser IDPs. This is based on the work done in PR #350 which has been pretty stale.
Reading through the original PR and with https://github.com/Versent/saml2aws/pull/794 being merged, the need for a fork of saml2aws is no longer needed. I thus also updated the dependency to saml2aws to the current latest version (using go mod), allowing the submodule to be removed.
I also updated the logic in pkg/plugins/identity/saml/sp/aws/resolver.go to use the ProviderList already available in saml2aws so updating the dependency should also update the list of idp-provider supported.
In the end, I needed the dependency to be updated to be able to use g.co/sc as my 2FA provider in kconnect which works flawlessly in saml2aws.
Which issue(s) this PR fixes(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #349
What this PR does / why we need it:
This also allows users to use more complex 2FA methods, as well as adding support for browser IDPs. This is based on the work done in PR #350 which has been pretty stale.
Reading through the original PR and with https://github.com/Versent/saml2aws/pull/794 being merged, the need for a fork of saml2aws is no longer needed. I thus also updated the dependency to
saml2awsto the current latest version (usinggo mod), allowing the submodule to be removed.I also updated the logic in
pkg/plugins/identity/saml/sp/aws/resolver.goto use the ProviderList already available insaml2awsso updating the dependency should also update the list of idp-provider supported.In the end, I needed the dependency to be updated to be able to use
g.co/scas my 2FA provider inkconnectwhich works flawlessly insaml2aws.The config used to test it is:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged): Fixes #349