Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed some typos in the README.md file. #160

Merged
merged 1 commit into from
Aug 20, 2018
Merged

Fixed some typos in the README.md file. #160

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ In various places where keys and certificates were modeled as `string`

## Getting Started as a Service Provider

Let us assume we have a simple web appliation to protect. We'll modify this application so it uses SAML to authenticate users.
Let us assume we have a simple web application to protect. We'll modify this application so it uses SAML to authenticate users.
```golang
package main

Expand Down Expand Up @@ -105,12 +105,12 @@ func main() {
}
```

Next we'll have to register our service provider with the identiy provider to establish trust from the service provider to the IDP. For [testshib.org](https://www.testshib.org/), you can do something like:
Next we'll have to register our service provider with the identity provider to establish trust from the service provider to the IDP. For [testshib.org](https://www.testshib.org/), you can do something like:

mdpath=saml-test-$USER-$HOST.xml
curl localhost:8000/saml/metadata > $mdpath

Naviate to https://www.testshib.org/register.html and upload the file you fetched.
Navigate to https://www.testshib.org/register.html and upload the file you fetched.

Now you should be able to authenticate. The flow should look like this:

Expand Down Expand Up @@ -140,7 +140,7 @@ The package supports signed and encrypted SAML assertions. It does not support s

## RelayState

The *RelayState* parameter allows you to pass user state information across the authentication flow. The most common use for this is to allow a user to request a deep link into your site, be redirected through the SAML login flow, and upon successful completion, be directed to the originaly requested link, rather than the root.
The *RelayState* parameter allows you to pass user state information across the authentication flow. The most common use for this is to allow a user to request a deep link into your site, be redirected through the SAML login flow, and upon successful completion, be directed to the originally requested link, rather than the root.

Unfortunately, *RelayState* is less useful than it could be. Firstly, it is **not** authenticated, so anything you supply must be signed to avoid XSS or CSRF. Secondly, it is limited to 80 bytes in length, which precludes signing. (See section 3.6.3.1 of SAMLProfiles.)

Expand Down