theodorejb/saml-utils

Utilities to streamline Light Saml usage

Maintainers

Details

github.com/theodorejb/saml-utils

Source

Issues

Installs: 3 112

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 0

Open Issues: 0

pkg:composer/theodorejb/saml-utils

v1.2.0 2024-10-09 20:24 UTC

Requires

Requires (Dev)

MIT 73593363041336a9da7ab2b54ce2a4d813c06980

  • Theodore Brown <theodorejb.woop@outlook.com>

This package is auto-updated.

Last update: 2025-10-17 14:58:06 UTC

README

This package provides a few helpful utilities on top of Lite Saml to streamline common tasks.

Install via Composer

composer require theodorejb/saml-utils

Working with metadata

The SamlMetadata class simplifies getting data from Identity Provider metadata. Call SamlMetadata::fromXml($xml) to create an instance from an Entity Descriptor XML string.

The underlying EntityDescriptor object can be accessed via a readonly $entityDescriptor property.

SamlMetadata implements the following methods:

getIdpCertificate()

Returns an X509Certificate instance for the Identity Provider certificate.

getIdpSsoService()

Returns the Redirect or POST SingleSignOnService defined by the Identity Provider for receiving a SAML request to initiate single sign-on.

getIdpLogoutService()

Returns the Redirect or POST SingleLogoutService defined by the Identity Provider.

Utility methods

The SamlUtils class implements the following static utility methods:

getRequestFromGlobals(): MessageContext

Returns an object for the SAML request or response from the global GET/POST data.

getMessageHttpResponse(SamlMessage $message, string $bindingType): Response

Returns a Symfony\Component\HttpFoundation\Response instance for sending the SAML message.

validateSignature(SamlMessage $message, X509Certificate $certificate): void

Throws an Exception if the message signature is missing or fails verification with the certificate.

getSubjectNameId(SamlResponse $response): string

Returns the user identity being asserted by the identity provider.

getFirstAttributeStatement(SamlResponse $response): AttributeStatement|null

Returns the first assertion attribute statement if one exists.

getAttributeStatementValue(AttributeStatement $statement, string $name): string

Returns the assertion attribute value for the specified attribute name. Throws an exception if the attribute doesn't exist.

getResponseAttributeValue(SamlResponse $response, string $name): string

Same as getAttributeStatementValue(), but can be used directly from a SamlResponse rather than an AttributeStatement.