rediris-es / simplesamlphp-module-papi
A SimpleSAMLphp module adding support for the PAPI protocol.
Installs: 14 926
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 3
Forks: 0
Open Issues: 1
Type:simplesamlphp-module
Requires
This package is auto-updated.
Last update: 2024-12-13 12:59:43 UTC
README
The papi module provides a single authentication module:
papi:PAPI
: authenticate using the PAPI protocol.
This authentication module makes use of an external library, phpPoA, in order to authenticate users by means of the PAPI protocol. It can therefore be used to bridge between protocols, behaving like a PAPI Point of Access or as a Service Provider.
Installation
Once you have installed SimpleSAMLphp, installing this module is very simple. Just execute the following command in the root of your SimpleSAMLphp installation:
composer.phar require rediris-es/simplesamlphp-module-papi:dev-master
where dev-master
instructs Composer to install the master
branch from the Git repository. See the
releases available if you
want to use a stable version of the module.
Usage
To use this module, enable it by creating a file named enable
in the modules/papi/
directory. Then you need to add
an authentication source which makes use of the papi:PAPI
module to the config/authsources.php
file:
'example-papi' => array( 'papi:PAPI', /* * The site identifier that allows the module to determine which * configuration of the phpPoA to use. */ 'site' => 'example', /* * The Home Locator Identifier. Use this if your phpPoA configuration * points to a GPoA instead of an Authentication Server (AS), and you * want to skip the identity provider selection page, by directly * selecting one here. */ 'hli' => 'exampleAS', ),
User attributes
If user attributes were received upon successful authentication, then their exact names and values will be transferred
into the $state['Attributes']
array. Please note that attribute name mapping could be needed. There's no support for
asking specific attributes during PAPI authentication. Attributes released to a Service Provider must be agreed and
configured on beforehand.