stefna / islandis-auth
Library to do auth against island.is
Requires
- php: ^7.1 || ^8.0
- ext-dom: *
- ext-libxml: *
- ext-openssl: *
- phpseclib/phpseclib: ^3.0
- robrichards/xmlseclibs: ^3.1
Requires (Dev)
- phpstan/phpstan: ^0.12.65
- phpunit/phpunit: ^7.0 || ^8.5 || ^9.5
This package is auto-updated.
Last update: 2024-04-13 08:54:21 UTC
README
Library to make it easier to handle logging in with island.is
To get started with Island.is Identification and Authentication Services (IAS) you'll need to apply: https://island.is/innskraningarthjonusta.
How it works
The token the Ísland.is IAS returns to the service provider(you), for decoding by the service provider, is a digitally signed SAML 2 token encoded in Base 64 and UTF-8.
The SAML message returned by IAS will be digitally signed with a certificate issued by Traustur bunadur. Furthermore, the message will have been transformed with xml-exc-c14n, prior to being digested with SHA256 and signed with a 2048-bit RSA key.
This library helps with validating and verifying the SAML token, and the provided signature.
If you want more information about how this work you can read the technical specification here: https://vefur.island.is/media/pdf-skjol-a-island.is-2014/island.is-ias-services-instructions.pdf
Installation
composer require stefna/islandis-auth
Usage
Example usage
<?php if (isset($_POST['token'])) { $audienceUrl = 'login.example.com'; $authentication = new Islandis\Authenticate(new \Islandis\Verifier($audienceUrl)); try { $user = $authentication->verify($_POST['token']); $kennitala = $user->getKennitala(); //is authenticated } catch (\Islandis\Exception\AuthenticateError $e) { echo $e->getMessage(); //failed authentication } }
Contribute
We are always happy to receive bug/security reports and bug/security fixes