Skip to main content

SamlConfig

rustauth_saml::options

Type Alias SamlConfig 

Source 
pub type SamlConfig = SamlProviderConfig;
Expand description

Backward-compatible SAML config alias.

Aliased Type§

pub struct SamlConfig {
Show 17 fields
    pub issuer: String,
    pub entry_point: String,
    pub cert: String,
    pub callback_url: String,
    pub acs_url: Option<String>,
    pub audience: Option<String>,
    pub idp_metadata: Option<SamlIdpMetadata>,
    pub sp_metadata: SamlSpMetadata,
    pub mapping: Option<SamlMapping>,
    pub want_assertions_signed: bool,
    pub authn_requests_signed: bool,
    pub signature_algorithm: Option<String>,
    pub digest_algorithm: Option<String>,
    pub identifier_format: Option<String>,
    pub private_key: Option<SecretString>,
    pub decryption_pvk: Option<SecretString>,
    pub additional_params: Option<BTreeMap<String, Value>>,

}

Fields§

§issuer: String

Service provider issuer/entity id expected by the IdP.

§entry_point: String

IdP SSO entry point for AuthnRequest redirects.

§cert: String

IdP signing certificate, either PEM or base64 body.

§callback_url: String

RustAuth callback URL used after SAML login.

§acs_url: Option<String>

Explicit assertion consumer service URL.

§audience: Option<String>

Expected SAML audience. Defaults to issuer semantics when omitted.

§idp_metadata: Option<SamlIdpMetadata>

Parsed or configured IdP metadata.

§sp_metadata: SamlSpMetadata

Service provider metadata configuration.

§mapping: Option<SamlMapping>

Provider attribute mapping.

§want_assertions_signed: bool

Require valid XMLDSig over the SAML Assertion.

§authn_requests_signed: bool

Sign outbound AuthnRequest messages.

§signature_algorithm: Option<String>

Signature algorithm URI or short name for outbound signed requests.

§digest_algorithm: Option<String>

Digest algorithm URI or short name for outbound signed requests.

§identifier_format: Option<String>

SAML NameID format requested from the IdP.

§private_key: Option<SecretString>

Service provider signing private key. Debug output is redacted.

§decryption_pvk: Option<SecretString>

Service provider decryption private key for encrypted assertions.

§additional_params: Option<BTreeMap<String, Value>>

Additional AuthnRequest parameters sent to the IdP.