Files

Gabriel Adrian Samfira 204fb83a27 Add SAML2 support

This change adds SAML2 support through the use of a new keystone SAML
integrator charm (keystone-saml-k8s).

Needed changes have also been made in the keystone charm to make use of
the new relation.

A new option has also been added to keystone-k8s through which a secret
can be specified which should contain the x509 certificate an the
corresponding key from which it was derived, used to generate the keystone
SP metadata file.

Change-Id: Id9b6ab2a51891ac378a2cb406dbe3a456bc24fc4
Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>

2025-08-20 09:28:30 +03:00

lib/charms/keystone_saml_k8s/v1

Add SAML2 support

2025-08-20 09:28:30 +03:00

src

Add SAML2 support

2025-08-20 09:28:30 +03:00

tests/unit

Add SAML2 support

2025-08-20 09:28:30 +03:00

.sunbeam-build.yaml

Add SAML2 support

2025-08-20 09:28:30 +03:00

charmcraft.yaml

Add SAML2 support

2025-08-20 09:28:30 +03:00

LICENSE

Add SAML2 support

2025-08-20 09:28:30 +03:00

pyproject.toml

Add SAML2 support

2025-08-20 09:28:30 +03:00

README.md

Add SAML2 support

2025-08-20 09:28:30 +03:00

rebuild

Add SAML2 support

2025-08-20 09:28:30 +03:00

requirements.txt

Add SAML2 support

2025-08-20 09:28:30 +03:00

README.md

keystone-saml-k8s

This charm allows conveying necessary SAML2 settings to the keystone charm, in order for keystone to create it's SAML2 identity provider configuration.

Deployment

juju deploy keystone-saml-k8s keystone-saml-entra
juju config keystone-saml-entra \
    name="entra" \
    label="Log in with Entra SAML2" \
    metadata-url="https://login.microsoftonline.com/{YOUR_TENANT}/federationmetadata/2007-06/federationmetadata.xml?appid={YOUR_APP_ID}"

Integrate with keystone:

juju relate keystone-saml-entra:keystone-saml keystone:keystone-saml