View Source hund (hund v0.1.1)
Summary
Functions
Checks for a duplicate assertion using ETS tables in memory on all available nodes.
Converts various ascii hex/base64 fingerprint formats to binary
Converts a calendar:datetime() into SAML time string
Reads IDP metadata from a URL (or ETS memory cache)
Reads IDP metadata from a URL (or ETS memory cache) and validates the signature
Loads a private key from a file on disk (or ETS memory cache)
Converts a SAML time string into a calendar:datetime()
Types
-type assertion() :: #saml_assertion{}.
-type authn() :: #saml_authn{}.
-type authn_class() ::
password | password_protected_transport | internet_protocol | internet_protocol_password |
mobile_one_factor_contract | mobile_two_factor_contract | previous_session | unspecified.
-type authnreq() :: #saml_authnreq{}.
-type condition() :: #saml_condition{}.
-type contact() :: #saml_contact{}.
-type datetime() :: string() | binary().
-type idp_metadata() :: #saml_idp_metadata{}.
-type localized_string() :: string() | [{Locale :: atom(), LocalString :: string()}].
-type logout_request() :: #saml_logout_request{}.
-type logout_response() :: #saml_logout_response{}.
-type name_format() :: email | x509 | windows | krb | persistent | transient | unknown.
-type org() :: #saml_org{}.
-type saml_record() :: contact() | org() | idp_metadata() | sp_metadata() | subject() | assertion() | authn() | authnreq() | logout_request() | logout_response().
-type sp_metadata() :: #saml_sp_metadata{}.
-type status_code() ::
success | request_error | response_error | bad_version | authn_failed | bad_attr | denied |
bad_binding | unknown.
-type subject() :: #saml_subject{}.
-type subject_method() :: bearer | holder_of_key | sender_vouches.
-type version() :: string().
Functions
-spec check_dupe_ets(esaml:assertion(), Digest :: binary()) -> ok | {error, duplicate_assertion}.
Checks for a duplicate assertion using ETS tables in memory on all available nodes.
This is a helper to be used as a DuplicateFun with hund_sp:validate_assertion/3. If you aren't using standard erlang distribution for your app, you probably don't want to use this.-spec convert_fingerprints([string() | binary()]) -> [binary()].
-spec date_to_saml(calendar:date()) -> string() | binary().
-spec datetime_to_saml(calendar:datetime()) -> datetime().
-spec import_certificate(EncodedCert :: string(), Identifier :: term()) -> binary().
-spec import_private_key(EncodedKey :: string(), Identifier :: term()) -> #'RSAPrivateKey'{}.
-spec load_certificate(Path :: string()) -> binary().
-spec load_metadata(Url :: string()) -> esaml:idp_metadata().
-spec load_metadata(Url :: string(), Fingerprints :: [string() | binary()]) -> esaml:idp_metadata().
-spec load_private_key(Path :: string()) -> #'RSAPrivateKey'{}.
-spec map_authn_class(AuthnClass :: string()) -> authn_class().
-spec map_if(term()) -> [term()].
-spec map_if(atom(), term()) -> [term()].
-spec nameid_map(string()) -> name_format().
-spec rev_map_authn_class(Context :: atom()) -> string().
-spec rev_nameid_map(atom()) -> string().
-spec rev_status_code_map(status_code() | atom()) -> string().
-spec rev_subject_method_map(subject_method()) -> string().
-spec saml_to_datetime(esaml:datetime()) -> calendar:datetime().
Converts a SAML time string into a calendar:datetime()
Inverse of datetime_to_saml/1-spec status_code_map(string()) -> status_code() | atom().
-spec threaduntil([fun((Acc :: term()) -> {error, term()} | {stop, term()} | term())],
InitAcc :: term()) ->
{error, term()} | {ok, term()}.