Download the PHP package cirrusidentity/simplesamlphp-module-cirrusgeneral without Composer

On this page you can find all versions of the php package cirrusidentity/simplesamlphp-module-cirrusgeneral. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of cirrusidentity/simplesamlphp-module-cirrusgeneral

Informations about the package simplesamlphp-module-cirrusgeneral

Table of Contents generated with DocToc

Installation

For SSP 2, use version 3 of the module

composer require cirrusidentity/simplesamlphp-module-cirrusgeneral:v3.0.0-alpha.1

For SSP 1.X use version 2 of the module

ModifyingMetadataSource

There is often a need to adjust the metadata for an entityId to fix certain values, or to add SSP specific config items. This is difficult to achieve if metadata is loaded from a remote source. The ModifyingMetadataSource allows you to configure different strategies to change the metadata that is loaded. The source delegates to other sources (like mdq or the serialize source) and then edits the metadata before returning it.

Strategies

AdfsMetadataStrategy

Add disable_scoping to any metadata that looks like ADFS

OverridingMetadataStrategy

Load additonal metadata from a source and combine it with the main metadata using +. A flatfile override strategy for saml20-sp-remote would look in the file saml20-sp-remote-override.php and then return the metadata as $overrideMetadata + $unalteredMetadata which will keep keys from the override metadata if the same key exists in the regular metadata.

PhpMetadtaStrategy

This strategy allows you to run php code snippets to adjust metadata. Your code will have 3 variables available: array $metadata, string $set, and string $entityId. $metadata will contain the current metadata for the entity and your code can make changes to this array.

If you have complex code logic you are better off creating your own strategy with unit tests.

AttributeSplitter

This AuthProc filter will split an attributes values on a delimiter and turn it into an array. Some systems stores the multi valued attributes, such as eduPersonAffiliation, as a comma delimited list - student,member This filter will split that into multiple values

Usage:

AttributeValueMapper

Maps a source attribute name and value to a new attribute name and values(s) based on csv file or or in php config. Useful when a datasource (for groups, entitlements, etc) contains names and values that need to be mapped to something new.

CSV file format

Each line contains a source attribute and value, and if a user has an attribute of that value then they get the resulting destinationAttribute populated with the destinationValue. Duplicates are removed

PromptAttributeRelease

If a user has a multi-valued attribute and the SP can only use/expects one value, then the PromptAttributeRelease filter can prompt the user to pick which value should be released to the SP. An example, an SP has different functionality depending on the eduPersonAffiliation value. This filter would allow user to select which of their affiliations to release.

ConditionalSetAuthnContext

This AuthProc filter allows you to assert a specific authnContextClassRef if value in the users state equals some expected value. For example some upstream systems may indicate the user was required to perform MFA by setting an attribute on the user. This filter will allow you to assert https://refeds.org/profile/mfa if that attribute is present.

Usage:

AttributeRemove

This AuthProc filter allows you to define attributes that should always be removed. We use it with AzureAD since it always returns certain extra attributes (such as tenantId )that we want removed from the users attributes.

Usage:

ObjectSidConverter

ActiveDirectory's objectSid can be a in a binary format or as a formatted string. Sometimes you'll receive one and expect the other.

Conditional AuthProc Insertion

There are use cases where you want to run a set of authproc filters, but only if a certain condition is met when a user is logging in. Not all authproc filters support conditional use. Subclasses of BaseConditionalAuthProcInserter allow you to insert an arbitrary number of authproc filters at the BaseConditionalAuthProcInserter priority during authproc processing. This allows you to check things in the user's state prior to creating the filters.

PhpConditionalAuthProcInserter

PhpConditionalAuthProcInserter is an example of defining a boolean expression that determines if the authproc filters are created. Two variables are available: array $attributes and array $state

Development

Run phpcs to check code style

./vendor/bin/phpcs

Run phpunit to test

./vendor/bin/phpunit

You can auto correct some findings from phpcs. It is recommended you do this after stage your changes (or maybe even commit) since there is a non-trivial chance it will just mess up your code.

./vendor/bin/phpcbf

Run psalm to find issues

./vendor/bin/psalm   --no-cache

Exploring with Docker

You can explore these features with Docker.

Then log in as admin:secret to https://cirrusgeneral.local.stack-dev.cirrusidentity.com/simplesaml/module.php/core/frontpage_welcome.php to confirm things work.

Things to try

Attribute prompt/picker

The Idp has the PromptAttributeRelease authproc filter enabled for the eduPersonAffiliation attribute. If a user has more than one value they will need to pick which value to release. See authsources.php for the available users. To make the IdP run it's authproc filters you need to send a login from an SP, and the sp-auth source will do that login.

All versions of simplesamlphp-module-cirrusgeneral with dependencies

PHP Build Version
Package Version
Requires php Version >=7.4
simplesamlphp/composer-module-installer Version ^1.1
simplesamlphp/simplesamlphp Version >=1.18
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package cirrusidentity/simplesamlphp-module-cirrusgeneral contains the following files

Loading the files please wait ....