Shin v0.2.0

Shin.IdP (Shin v0.2.0) View Source

This module contains the IdP structure used to configure requests to a particular IdP. The defaults should work for a typical fresh installation of Shibboleth IdP v4, but may require customisation if the IdP has a different path for endpoints, or additional metrics groups, etc.

Link to this section Summary

Types

t()

Functions

configure(idp)

Returns a structure representing an IdP and its configuration.

configure(base_url, options \\ [])

Returns a structure representing an IdP and its configuration.

is_reloadable?(idp, service)

Checks if a service ID or service alias is present in the IdP configuration.

metric_groups(idp)

Return a list of metric groups for the IdP, as atoms.

metrics_path(idp)

Returns the base metrics path (for all metrics) for an IdP

metrics_path(idp, group)

Returns the base metrics path for the specified group at an IdP

service_aliases(idp)

Return a list of service aliases as atoms.

service_ids(idp)

Return a list of service IDs, as used by the Shibboleth IdP software.

validate_metric_group(idp, group)

Checks if a metric group is present in the IdP configuration and returns a normalised version.

validate_service(idp, service)

Checks if a service ID or service alias is present in the IdP configuration and returns a normalised version.

Link to this section Types

Link to this type

t()

View Source

Specs

t() :: %Shin.IdP{
  attributes_path: binary(),
  base_url: binary(),
  lockout_bean: binary(),
  lockout_path: binary(),
  md_query_path: binary(),
  md_reload_path: binary(),
  metric_groups: list(),
  metrics_path: binary(),
  no_dns_check: boolean(),
  reload_path: binary(),
  reloadable_services: map(),
  retries: integer(),
  timeout: integer()
}

Link to this section Functions

Link to this function

configure(idp)

View Source

Specs

configure(idp :: binary() | t()) :: {:ok, t()} | {:error, binary()}

Returns a structure representing an IdP and its configuration.

Pass a URL as the only parameter (although it will pass-through existing IdP stucts too)

The URL is the base URL of the IdP service, not its entity ID. Normally this will include the "/idp" path.

Examples 

{:ok, idp} = Shin.IdP.configure("https://example.com/idp")
{:ok, idp} = Shin.IdP.configure(idp) # pass-through an existing IdP struct
Link to this function

configure(base_url, options \\ [])

View Source

Specs

configure(idp :: binary(), options :: keyword()) ::
  {:ok, t()} | {:error, binary()}

Returns a structure representing an IdP and its configuration.

Pass a URL as the first (and required) parameter. URL validation can be skipped by specifying no_dns_check: true as an option. Other options will replace defaults for the IdP's configuration.

The URL is the base URL of the IdP service, not its entity ID. Normally this will include the "/idp" path.

Examples 

{:ok, idp} = Shin.IdP.configure("https://example.com/idp")
{:ok, idp} = Shin.IdP.configure("https://hostnamedoesnotexist.com/idp", no_dns_check: true)
{:ok, idp} = Shin.IdP.configure("https://example.com/idp", metric_groups: [:core, :idp, :logging, :metadata, :errors])
Link to this function

is_reloadable?(idp, service)

View Source

Specs

is_reloadable?(idp :: t(), service :: atom() | binary()) :: boolean()

Checks if a service ID or service alias is present in the IdP configuration.

Returns true or false

Examples 

  Shin.IdP.is_reloadable?(idp, :attribute_registry)
  # => true
Link to this function

metric_groups(idp)

View Source

Specs

metric_groups(idp :: t()) :: list()

Return a list of metric groups for the IdP, as atoms.

Examples 

Shin.IdP.metric_groups(idp)
# => [:core, :idp, :logging, :access, :metadata, :nameid, :relyingparty, :registry, :resolver, :filter, :cas, :bean]
Link to this function

metrics_path(idp)

View Source

Specs

metrics_path(idp :: t()) :: binary()

Returns the base metrics path (for all metrics) for an IdP

Examples 

  Shin.IdP.metrics_path(idp)
  # =>  metrics_path: "https://example.com/idp/profile/admin/metrics",
Link to this function

metrics_path(idp, group)

View Source

Specs

metrics_path(idp :: t(), group :: atom() | binary()) :: binary()

Returns the base metrics path for the specified group at an IdP

Examples 

  Shin.IdP.metrics_path(idp, :core)
  # =>  metrics_path: "https://example.com/idp/profile/admin/metrics/core",
Link to this function

service_aliases(idp)

View Source

Specs

service_aliases(idp :: t()) :: list()

Return a list of service aliases as atoms.

These can be passed instead of the full Shibboleth service ID.

Examples 

Shin.IdP.service_aliases(idp)
# => [:relying_party_resolver, :metadata_resolver, :attribute_registry, :attribute_resolver, :attribute_filter ...]
Link to this function

service_ids(idp)

View Source

Specs

service_ids(idp :: t()) :: list()

Return a list of service IDs, as used by the Shibboleth IdP software.

Examples 

Shin.IdP.service_ids(idp)
# => ["shibboleth.RelyingPartyResolverService", "shibboleth.MetadataResolverService", "shibboleth.LoggingService" ...]
Link to this function

validate_metric_group(idp, group)

View Source

Specs

validate_metric_group(idp :: t(), service :: atom() | binary()) :: {:ok, atom()}

Checks if a metric group is present in the IdP configuration and returns a normalised version.

Returns an atom.

Examples 

  Shin.IdP.validate_metric_group(idp, "core")
  # => :core
Link to this function

validate_service(idp, service)

View Source

Specs

validate_service(idp :: t(), service :: atom() | binary()) :: {:ok, binary()}

Checks if a service ID or service alias is present in the IdP configuration and returns a normalised version.

Returns the full Shibboleth IdP service ID if passed an alias atom.

Examples 

  Shin.IdP.validate_service(idp, :attribute_registry)
  # => "shibboleth.AttributeRegistryService"