askvortsov/flarum-saml

SAML2 SSO for Flarum

Installs: 77

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 1

Forks: 0

Open Issues: 0

Type:flarum-extension

v1.0.1 2020-02-26 04:34 UTC

This package is auto-updated.

Last update: 2020-03-26 21:39:21 UTC


README

License Latest Stable Version

A Flarum extension to support SAML2 SSO Login and Registration on Flarum. This opens up Flarum for use as an internal corporate discussion/community tool.

Installation

Use Bazaar or install manually with composer:

composer require askvortsov/flarum-saml

Updating

composer update askvortsov/flarum-saml

Attribute Sync

Flarum SAML integrates with Flarum Auth Sync, which lets you sync user avatars, bios, groups, and masquerade attributes via SAML Response Attributes. To this feature:

Have your SAML Identity Provider include the following in attributes (make sure that keys are lowercase):

  • avatar: A URL pointing to an image for the user's avatar. Make sure that the file type is compatible with Flarum (jpeg or png I believe).
  • groups: A comma-separated list of ids for groups that a user should belong to. Keep in mind that this will both add and remove groups, so make sure that all desired groups are included.
  • bio: A string that will be synced to the user's bio if Friends of Flarum User Bios is enabled
  • For any masquerade attributes you want to sync, make sure that the SAML attribute key matches the name of the profile field.

If one of these isn't included, or doesn't work, the rest should still work.

TODO

  • Replace CSRF exemption workaround when Flarum Beta 12 is released.
  • Add support for signing/encrypting SAMLRequests.

Feedback

Super excited to be posting my first extensions, hopefully more to follow! If you run into issues or have feature requests, let me know and I'll look into it!

Links