From 718a20f5a94d59fab770a2f7061271c7c7600dac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ou=C5=A1ek?= <brousek@cesnet.cz>
Date: Wed, 1 May 2024 21:54:01 +0000
Subject: [PATCH] docs: custom SP
---
README.md | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 7310cd1..b32448e 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ If neither of these previously mentioned endpoints are available, we can try to
* a generic template which will assume that the button is on the home page ("/") and it has the words "log in" or "sign in" on it, and it is a link which will directly select the conformance IdP
* this can be further extended to be able to bypass well-known discovery services by performing the selection of conformance IdP on the DS (only applicable if the conformance IdP is going to be in the DS)
-* a SP-specific template for SP-specific behavior
+* a SP-specific (or SP software-specific) template for SP-specific behavior
## Requirements
@@ -135,6 +135,17 @@ where
* `<workflow_name>` is either `saml-request-init` for request initiation endpoint or `saml-discovery-response` for discovery response endpoint
* `https://sp.example.com/` is the address of a (potential) SP server (only the domain is relevant)
+### SP (software)-specific template
+
+To test a service provider which does not provide the previously mentioned endpoints,
+create a copy of `saml-raw-all.yaml` or `saml-headless-all.yaml` and instead of the IdP-initiated login,
+perform the SP-specific action. If you need to run Javascript, click a button etc., you might need the headless
+version; otherwise the raw version is preferred.
+
+More information on writing templates for [HTML raw](https://docs.projectdiscovery.io/templates/protocols/http/raw-http)
+and [headless](https://docs.projectdiscovery.io/templates/protocols/headless) nuclei protocols is available
+in the official documentation.
+
## Current limitations
* templates are only usable with the conformace IdP
--
GitLab