Initial commit

Signed-off-by: rustyclock <[email protected]>

Author: rustycl0ck

LICENSE

@@ -0,0 +1,27 @@
+# go-openconnect-sso
+
+A tool for getting login details through Two Factor Authentication for the openconnect clients. This tool only generates a config file with the `cookie`, `servercert` and `host` details which can be used to connect to the OpenConnect VPN server.
+
+### Usage
+
+```shell
+go get -u github.com/rustycl0ck/go-openconnect-sso
+go-openconnect-sso --server='https://vpn.server.myorg.com' --config ~/my-vpn-cookie/cookie.txt
+```
+
+The generate opneconnect config file:
+```
+$ cat ~/my-vpn-cookie/cookie.txt
+cookie=1234567890ABCDEF123
+servercert=4567890DEFABC321
+# host=https://vpn-cluster-2.server.myorg.com/
+```
+
+After the file is successfully generated, you can run the following to connect to the VPN server:
+```
+openconnect <any-additional-params> --verbose --config ~/my-vpn-cookie/cookie.txt https://vpn-cluster-2.server.myorg.com
+```
+
+---
+**Credits:** This tool has been inspired by (and ported to go from) https://github.com/vlaci/openconnect-sso
+

README.md

@@ -0,0 +1,61 @@
+package config
+
+import "encoding/xml"
+
+/*******************************************************
+Initialization XML Response
+**********************************************
+  <?xml version="1.0" encoding="UTF-8"?>
+  <config-auth some="attr">
+    <opaque another="attr">
+      <tunnel-group>Profile_Name</tunnel-group>
+      <auth-method>single-sign-on-v2</auth-method>
+      <config-hash>1234567890123</config-hash>
+    </opaque>
+    <auth id="main">
+      <title>Login</title>
+      <message>Some useful message for the user to inform about next step for login</message>
+      <banner></banner>
+      <sso-v2-login>https://vpn.server.myorg.com/path/to/login/page</sso-v2-login>
+      <sso-v2-login-final>https://vpn.server.myorg.com/login/successful/page</sso-v2-login-final>
+      <sso-v2-token-cookie-name>someCookieNameWhichContainsToken</sso-v2-token-cookie-name>
+      <sso-v2-error-cookie-name>someCookieNameWhichContainsError</sso-v2-error-cookie-name>
+      <form>
+        <input type="sso" name="sso-token"></input>
+      </form>
+    </auth>
+  </config-auth>"
+*******************************************************/
+type InitializationResponse struct {
+	XMLName         xml.Name `xml:"config-auth"`
+	LoginURL        string   `xml:"auth>sso-v2-login"`
+	LoginFinalURL   string   `xml:"auth>sso-v2-login-final"`
+	TokenCookieName string   `xml:"auth>sso-v2-token-cookie-name"`
+	Opaque          struct {
+		Value string `xml:",innerxml"`
+	} `xml:"opaque"`
+}
+
+type FinalizationResponse struct {
+	XMLName     xml.Name `xml:"config-auth"`
+	Cookie      string   `xml:"session-token"`
+	Fingerprint string   `xml:"config>vpn-base-config>server-cert-hash"`
+}
+
+/*******************************************************
+Finalization XML Response
+**********************************************
+  <?xml version="1.0" encoding="UTF-8"?>
+  <config-auth client="vpn" type="complete" aggregate-auth-version="2">
+    <session-id>2345678901234</session-id>
+    <session-token>somelongrandomtokenhere</session-token>
+    <auth id="success">
+      <banner>Some useful pop up message after successful login</banner>
+    </auth>
+    <config attr1="val1">
+      <vpn-base-config>
+        <server-cert-hash>0123456789ABCDEF0123</server-cert-hash>
+      </vpn-base-config>
+    </config>
+  </config-auth>
+*******************************************************/

config/config.go

@@ -0,0 +1,10 @@
+module github.com/rustycl0ck/go-openconnect-sso
+
+go 1.16
+
+require (
+	github.com/alecthomas/units v0.0.0-20210208195552-ff826a37aa15 // indirect
+	github.com/go-kit/kit v0.10.0
+	github.com/mxschmitt/playwright-go v0.1100.1-0.20210430103100-de638a4c485a
+	gopkg.in/alecthomas/kingpin.v2 v2.2.6
+)