Skip to content
Snippets Groups Projects
Commit 6fe09ec2 authored by ale's avatar ale
Browse files

Properly parse the x509 cert in saml-server

parent 62a48de8
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 8 additions and 3 deletions
saml/saml.go
+ 8
3
View file @ 6fe09ec2
...@@ -3,6 +3,7 @@ package saml ...@@ -3,6 +3,7 @@ package saml
import ( import (
"crypto/rand" "crypto/rand"
"crypto/tls" "crypto/tls"
"crypto/x509"
"encoding/base64" "encoding/base64"
"encoding/hex" "encoding/hex"
"encoding/xml" "encoding/xml"
...@@ -213,7 +214,11 @@ func NewSAMLIDP(config *Config) (http.Handler, error) { ...@@ -213,7 +214,11 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {
return nil, err return nil, err
} }
cert, err := tls.LoadX509KeyPair(config.CertificateFile, config.PrivateKeyFile) tlsCert, err := tls.LoadX509KeyPair(config.CertificateFile, config.PrivateKeyFile)
if err != nil {
return nil, err
}
x509Cert, err := x509.ParseCertificate(tlsCert.Certificate[0])
if err != nil { if err != nil {
return nil, err return nil, err
} }
...@@ -250,8 +255,8 @@ func NewSAMLIDP(config *Config) (http.Handler, error) { ...@@ -250,8 +255,8 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {
// mux.Router in front in order to wrap just the ssoURL with // mux.Router in front in order to wrap just the ssoURL with
// our own SSO handler. // our own SSO handler.
idp := &saml.IdentityProvider{ idp := &saml.IdentityProvider{
Key: cert.PrivateKey, Key: tlsCert.PrivateKey,
Certificate: cert.Leaf, Certificate: x509Cert,
Logger: logger.DefaultLogger, Logger: logger.DefaultLogger,
MetadataURL: metadataURL, MetadataURL: metadataURL,
SSOURL: ssoURL, SSOURL: ssoURL,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment