On Fri, Jul 5, 2019 at 11:12 AM Andrew Heberle <andrew.hebe...@gmail.com> wrote:
> Hi All, > > I have put together a Go based proof of concept SPOE agent that also > implements a SAML 2 Service Provider (SP) in order to do "SSO" in > HAProxy. > > The code is located here: > > https://gitlab.com/andrewheberle/go-http-auth-sso > > The basic process is that SPOA is used to check if the user is logged > in or not and then based on the set variables you can make decisions > via "http-request" rules. > > This originally started out without the SPOE part and was using the > Lua http-auth-request script > (https://github.com/TimWolla/haproxy-auth-request), however with the > release of the Go SPOE package > (https://github.com/Aestek/haproxy-connect/tree/master/spoe) I rewrote > it based on that. > > Our use case is to have the SP pointed to a IdP in Azure so we can do > single-sign-on to Office 365 and we have "http-request" rules in place > to set some custom headers that our application uses for > authentication/authorisation. These are set based on the variables > that come back from the SPOA, which come from the claims in the > authentication process. > > Hopefully this is of some use to people. > > Any feedback and constructive criticism is welcome. > > -- > Andrew Heberle > > Thanks for sharing Andrew! Cheers, Igor