Skip to content

Commit

Permalink
Add Auth0 provider (without MFA support)
Browse files Browse the repository at this point in the history
  • Loading branch information
noissefnoc committed May 9, 2021
1 parent 49701e7 commit 5da3559
Show file tree
Hide file tree
Showing 7 changed files with 1,137 additions and 5 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ The process goes something like this:
* OneLogin
* NetIQ
* Browser, this uses [playwright-go](github.com/mxschmitt/playwright-go) to run a sandbox chromium window.
* [Auth0](pkg/provider/auth0/README.md) NOTE: Currently, MFA not supported
* AWS SAML Provider configured

## Caveats
Expand Down
2 changes: 1 addition & 1 deletion cmd/saml2aws/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ func main() {
commonFlags := new(flags.CommonFlags)
app.Flag("config", "Path/filename of saml2aws config file (env: SAML2AWS_CONFIGFILE)").Envar("SAML2AWS_CONFIGFILE").StringVar(&commonFlags.ConfigFile)
app.Flag("idp-account", "The name of the configured IDP account. (env: SAML2AWS_IDP_ACCOUNT)").Envar("SAML2AWS_IDP_ACCOUNT").Short('a').Default("default").StringVar(&commonFlags.IdpAccount)
app.Flag("idp-provider", "The configured IDP provider. (env: SAML2AWS_IDP_PROVIDER)").Envar("SAML2AWS_IDP_PROVIDER").EnumVar(&commonFlags.IdpProvider, "Akamai", "AzureAD", "ADFS", "ADFS2", "GoogleApps", "Ping", "JumpCloud", "Okta", "OneLogin", "PSU", "KeyCloak", "F5APM", "Shibboleth", "ShibbolethECP", "NetIQ")
app.Flag("idp-provider", "The configured IDP provider. (env: SAML2AWS_IDP_PROVIDER)").Envar("SAML2AWS_IDP_PROVIDER").EnumVar(&commonFlags.IdpProvider, "Akamai", "AzureAD", "ADFS", "ADFS2", "GoogleApps", "Ping", "JumpCloud", "Okta", "OneLogin", "PSU", "KeyCloak", "F5APM", "Shibboleth", "ShibbolethECP", "NetIQ", "Auth0")
app.Flag("mfa", "The name of the mfa. (env: SAML2AWS_MFA)").Envar("SAML2AWS_MFA").StringVar(&commonFlags.MFA)
app.Flag("skip-verify", "Skip verification of server certificate. (env: SAML2AWS_SKIP_VERIFY)").Envar("SAML2AWS_SKIP_VERIFY").Short('s').BoolVar(&commonFlags.SkipVerify)
app.Flag("url", "The URL of the SAML IDP server used to login. (env: SAML2AWS_URL)").Envar("SAML2AWS_URL").StringVar(&commonFlags.URL)
Expand Down
33 changes: 33 additions & 0 deletions pkg/provider/auth0/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
## Auth0 Provider

* https://auth0.com/

## Instructions

You need the SAML policy ID for the AWS account and Auth0 issues URL like below:

```
https://<YOUR_TENANT_NAME>.auth0.com/samlp/<AUTH0_CLIENT_ID>
```

Example config:

```ini
[default]
url = https://<YOUR_TENANT_NAME>.auth0.com/samlp/<AUTH0_CLIENT_ID>
username = <YOUR_USRNAME>
provider = Auth0
skip_verify = false
timeout = 0
aws_urn = urn:amazon:webservices
aws_session_duration = 3600
aws_profile = <AWS_PROFILE_NAME_FOR_DEFAULT_USE>
```

## Features

* Currently, this provider does not support MFA.

## More details

* https://auth0.com/docs/protocols/saml-protocol/saml-configuration-options/configure-saml2-web-app-addon-for-aws
Loading

0 comments on commit 5da3559

Please sign in to comment.