qbnk / frontend-components-saml2
Saml2 package, part of Frontend Components for Slim-based frontends.
3.0.1
2023-10-06 13:52 UTC
Requires
- php: ^8.1
- qbnk/frontend-components: ^6.0.1
- qbnk/php-saml: ^4.0
- slim/psr7: ^1.6
- slim/slim: ^4.11.0
- dev-master
- 3.0.1
- 3.0.0
- v2.3.1
- v2.3.0
- v2.2.3
- v2.2.2
- 2.2.1
- v2.2
- 2.1
- 2.0.1
- v2.0
- 1.2.7
- v1.2.6
- v1.2.5
- v1.2.4
- v1.2.3
- 1.2.2
- v1.2.1
- v1.2
- v1.1
- v1.0.5
- v1.0.4
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0
- v0.1.1
- v0.1
- dev-hotfix/1.2.7
- dev-hotfix/session-helper-usage
- dev-fixForNoAdGroups
- dev-backport/getUserType-v3
- dev-backport/route-prefixes
- dev-v1-settings-getter-setter
This package is auto-updated.
Last update: 2024-12-03 16:44:34 UTC
README
A part of the qbnk/frontend-components package. This package contains a saml2 authentication adapter which is used to log the user in via an external Identity provider
use Slim\App;
use OneLogin\Saml2\Constants;
$app = new App();
$adapter = new Saml2($app, $settings);
$adapter->authenticate($returnUrl);
Register routes for the Slim router
$adapter->registerRoutes($app);
Settings sample
$settings = [
'addQBankAccount' => true,
'responseUsername' => 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',
'responseFirstname' => 'FirstName',
'responseLastname' => 'LastName',
'includeUserDataCookie' => true, // For them SPA's
'jit' => [
// If enabled, these settings will override the 'addQBankAccount' flag
'enabled' => true,
'userType' => 'Frontend',
'responseGroups' => 'Groups',
'groupMapping' => [
'qbankDefaultGroups' => [
{QBankGroupId1}, {QBankGroupId2}
],
'adGroup1' => [
{QBankGroupId3}, {QBankGroupId4}
],
'adGroup2' => [
{QBankGroupId3}, {QBankGroupId5}
]
]
],
'security' => [
'wantNameId' => true,
'nameIdEncrypted' => false,
'authnRequestsSigned' => false,
'logoutRequestSigned' => false,
'logoutResponseSigned' => false,
'signMetadata' => true,
'wantMessagesSigned' => true,
'wantAssertionsSigned' => true,
'wantNameIdEncrypted' => false,
'requestedAuthnContext' => false,
'wantXMLValidation' => true,
],
'contactPerson' => [
'technical' => [
'givenName' => 'QBNK Tech',
'emailAddress' => 'tech@qbank.se'
],
'support' => [
'givenName' => 'QBNK Support',
'emailAddress' => 'support@qbank.se'
],
],
'organization' => [
'en-US' => [
'name' => 'QBNK Company',
'displayname' => 'QBNK Company',
'url' => 'https://qbank.se/'
],
],
'strict' => false,
'debug' => true,
'sp' => [
'entityId' => '**FILLED IN AUTOMATICALLY**',
'assertionConsumerService' => [
'url' => '**FILLED IN AUTOMATICALLY**',
'binding' => Constants::BINDING_HTTP_POST,
],
'singleLogoutService' => [
'url' => '**FILLED IN AUTOMATICALLY**',
'binding' => Constants::BINDING_HTTP_REDIRECT,
],
'NameIDFormat' => Constants::NAMEID_UNSPECIFIED
],
'idp' => [
'entityId' => '{url}',
'singleSignOnService' => [
'url' => '{url}',
'binding' => Constants::BINDING_HTTP_POST
],
'x509cert' => '{base64}'
]
]