New browser experience provider for browser based authentication. (#121)
- Added a new Browser experience (browserne) that uses the clients default browser and SSO instead of running an alternate browser with Chromedp in debug mode to steal the SAMLResponse. This new way is cleaner but, does require changes to the config since aws-runas will be creating the SAMLRequest itself. This method also has the SAMLResponse delivered to a localhost:port/saml/acs address. This causes the normal saml:aud check that most have in the SSO integration to require updates to the trust policy to allow for this new Recipient - http://localhost:*/saml/acs
Also a new required parameter or command line flag to specify the EntityId for the SAML Idp. In the case of EntraID this differentiates multiple applications from each other.
-
Added a command line flag for the EntityID configuration
-
Updated the config document to include the new browserne provider