feat: authorization

README.md

@@ -38,14 +38,14 @@ Then you need to connect SPs to the conformance IdP (exchange metadata), so that
 Run against one target:
 
 ```sh
-nuclei -u ACS_URL_HERE -V "ENTITY_ID=ENTITY_ID_HERE" \
+nuclei -u ACS_URL_HERE -V "ENTITY_ID=ENTITY_ID_HERE" -V "AUTHORIZATION=AUTHORIZATION_HERE" \
     -duc -ms -t nuclei-templates/ -nmhe -lna -dka 30 -dt 30
 ```
 
 or using docker:
 
 ```sh
-docker run --rm -v ./:/app/ projectdiscovery/nuclei -u ACS_URL_HERE -V "ENTITY_ID=ENTITY_ID_HERE" \
+docker run --rm -v ./:/app/ projectdiscovery/nuclei -u ACS_URL_HERE -V "ENTITY_ID=ENTITY_ID_HERE" -V "AUTHORIZATION=AUTHORIZATION_HERE" \
     -duc -ms -t /app/nuclei-templates/ -nmhe -lna -dka 30 -dt 30
 ```
 
@@ -53,6 +53,7 @@ where
 
 * `ACS_URL_HERE` is the assertion consumer service endpoint URL
 * `ENTITY_ID_HERE` is the entity ID of the SP
+* `AUTHORIZATION_HERE` is the authorization header, e.g. `Bearer abcd...789`
 
 It is expected that the SP will return HTTP code 200/302/303 on success
 and a different HTTP code on failure (e.g. when SAML response is not signed).

nuclei-templates/saml-raw.yaml

@@ -5,6 +5,7 @@ info:
   severity: high
   tags: saml
 variables:
+  AUTHORIZATION: "Bearer abcd...789"
   CONFORMANCE_IDP_HOSTNAME: conformance-idp.maiv1.incubator.geant.org
   TEST_CASES:
     - noSignature
@@ -27,11 +28,13 @@ http:
         @Host: https://{{CONFORMANCE_IDP_HOSTNAME}}
         POST /module.php/conformance/test/setup?testId={{url_encode(TEST_CASE)}}&spEntityId={{url_encode(ENTITY_ID)}} HTTP/1.1
         Host: {{CONFORMANCE_IDP_HOSTNAME}}
+        Authorization: {{AUTHORIZATION}}
 
       - |
         @Host: https://{{CONFORMANCE_IDP_HOSTNAME}}
         GET /saml2/idp/SSOService.php?spentityid={{url_encode(ENTITY_ID)}}&ConsumerURL={{url_encode(BaseURL)}} HTTP/1.1
         Host: {{CONFORMANCE_IDP_HOSTNAME}}
+        Authorization: {{AUTHORIZATION}}
     disable-path-automerge: true
     extractors:
       - type: xpath