Download the PHP package mediadreams/md_saml without Composer

On this page you can find all versions of the php package mediadreams/md_saml. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of mediadreams/md_saml

Informations about the package md_saml

TYPO3 Extension md_saml

Single Sign-on extension for TYPO3. It enables you, to log into the TYPO3 backend or the website frontend by using an Identity Provider (IdP), for example an ADFS server (Active Directory Federation Services). It is fully configurable by TypoScript.

Screenshots

TYPO3 login:

Frontend login:

Requirements

Installation

Configuration

Site Set

The Service Provider (SP) and Identity Provider (IdP) can be configured by adding the settings in the Site Set MdSaml base configuration (ext:md_saml), which is shipped with this extension.

Include the Site Set MdSaml base configuration (ext:md_saml) in the Site Configuration of your website.

Now modify the settings according to your needs. In order to get your custom configuration in place, add a Site Set in your site package as shown below:

The following example shows, how to modify the default configuration of ext:md_saml:

EXT:my_extension/Configuration/Sets/MdSamlOverrides/config.yaml:

name: my_extension/md_saml
label: MdSaml config for my website
dependencies:
  - mediadreams/md_saml

EXT:my_extension/Configuration/Sets/MdSamlOverrides/settings.yaml:

md_saml:
  mdsamlSpBaseUrl: 'https://%env(BASE_DOMAIN)%'

  be_users:
    databaseDefaults:
      usergroup: 3
      lang: 'de'

  fe_users:
    saml:
      sp:
        entityId: '/login/?loginProvider=1648123062&mdsamlmetadata'
        assertionConsumerService:
          url: '/login/?loginProvider=1648123062&login-provider=md_saml&login_status=login&acs&logintype=login'

  saml:
    sp:
      x509cert: '%env(SAML_SP_X509CERT)%'
      privateKey: '%env(SAML_SP_PRIVATE_KEY)%'

    idp:
      entityId: 'https://auth.myprovider.de/adfs/services/trust'
      singleSignOnService:
        url: 'https://auth.myprovider.de/adfs/ls/'

      singleLogoutService:
        url: 'https://auth.myprovider.de/adfs/ls/'

      x509cert: '%env(SAML_IDP_X509CERT)%'

baseVariants:
  - condition: 'applicationContext == "Development"'
    md_saml:
      mdsamlSpBaseUrl: "https://mysite.ddev.site"

  - condition: 'applicationContext == "Testing"'
    md_saml:
      mdsamlSpBaseUrl: "https://test.domain.com"

As you can see, you can use either environment variables or baseVariants in your configuration in order to configure different setups.

ATTENTION Somehow, it is not possible to use environment variables in site sets at the moment. So if you want to use env vars, do it in the general site configuration in <project-root>/config/sites/<identifier>/settings.yaml. Add following in the settings file:

md_saml:
  mdsamlSpBaseUrl: '%env(SAML_BASE_DOMAIN)%'

General information on site sets can be found here.

SAML

Backend

Activate backend login in the extension configuration. Go to Settings -> Extension Configuration -> md_saml and check/uncheck the checkbox.

Frontend

By default frontend login is enabled and it will load a different login template. Deactivate the frontend login by setting md_saml.fe_users.active = false.

Note

All default settings, which are configured in md_saml.saml can be overwritten for backend or frontend needs with properties in md_saml.be_users.saml... (backend) and md_saml.fe_users.saml... (frontend).

As underlying SAML toolkit the library of OneLogin is used (no account with OneLogin is needed!). See full documentation for details on the configuration.

Users

You are able to create new users, if they are not present at the time of login.

You are able to update existing users, if they are already present at the time of login.

Backend

Frontend

SSO

The returned value of the SSO provider can be anything. With the following configuration set the names of the returned values to the ones needed in TYPO3:

Backend

Frontend

ADFS

The following steps are an example on how to configure an ADFS server as IdP (Identity Provider).

Since I don't have the configuration in english, the following section is available in german only. I am sorry for that!

ACHTUNG:
Die Reihenfolge der Regeln ist wichtig! Die erste muss die Name Identifier Regel sein!

Als letztes muss noch im Reiter Bezeichner der Vertrauensstellung im Feld Bezeichner der vertrauenden Seite der Wert, der in md_saml.mdsamlSpBaseUrl eingegeben werden.

TYPO3

General

Site Config

Change User Event

event to customize user data before insert/update on login

You must register the event listener in Services.yaml

FAQ

Is is possible, to remove the default login with username and password?
Yes, just add following line in the `ext_localconf.php` of your the extension:
unset($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['backend']['loginProviders'][1433416747]);
I get a `1648646492 RuntimeException, The site configuration could not be resolved.`
Make sure, that the domain of your website is configured in the site configuration (`sites/identifier/config.yaml`) for `base`.
The template for the frontend login is not loaded.
If the website uses a mixed setup consisting of a TypoScript template (sys_template) and site sets, it is important to uncheck the "Clear" flag for constants and setup in the TypoScript template. If the "Clear" flag is checked (default), TypoScript settings from site sets are cleared and do therefore not apply.

Troubleshooting

If your login fails with the parameter ?commandLI=setCookie (typo3/index.php?commandLI=setCookie), please make sure, that you have set $GLOBALS['TYPO3_CONF_VARS']['BE']['cookieSameSite'] = 'lax'.

Bugs and Known Issues

If you find a bug, it would be nice if you add an issue on Github.

THANKS

Thanks a lot to all who make this outstanding TYPO3 project possible!

Credits

All versions of md_saml with dependencies

PHP Build Version
Package Version
Requires php Version >=8.2
onelogin/php-saml Version ^4.0
typo3/cms-backend Version ^13.4
typo3/cms-core Version ^13.4
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mediadreams/md_saml contains the following files

Loading the files please wait ....