Download the PHP package smindel/saml without Composer
On this page you can find all versions of the php package smindel/saml. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Please rate this library. Is it a good library?
Informations about the package saml
PHP SAML 2.0 Adapter
This library helps creating AuthnRequest and LogoutRequest objects and validating identity provider (IdP) responses. It is designed to be used in a MVC framework to implement a SAML 2.0 service provider (SP).
Standard
As a first step the library is aiming at, but not yet complying to OASIS SAML 2.0 SP Lite conformance. (http://docs.oasis-open.org/security/saml/v2.0/saml-conformance-2.0-os.pdf)
- Web SSO,
, HTTP redirect: check - Web SSO,
, HTTP POST: check - Web SSO,
, HTTP artifact - Artifact Resolution, SOAP
- Enhanced Client/Proxy SSO, PAOS
- Single Logout (IdP-initiated) – HTTP redirect
- Single Logout (SP-initiated) – HTTP redirect: check
Security Features
- Schema validation
- Signature validation
Usage
Request Authentication
This goes in a controller action:
if (isset($_POST['SAMLResponse'])) {
$requestID = $_SESSION['SAML.AuthnRequest.ID'];
$raw = base64_decode($_POST['SAMLResponse']);
$samlResponse = \Smindel\SAML\IdentityProvider\Response::fromXML($raw);
$idpId = [IDP_ID];
if ($samlResponse->validate($requestID, $idpId)) {
$_SESSION['SAML.ID'] = $samlResponse->getSubjectId();
var_dump($samlResponse->getSubject());
} else {
$_SESSION['SAML.ID'] = null;
$_SESSION['SAML.AuthnRequest.ID'] = null;
var_dump($samlResponse->getValidationError());die;
}
}
if (!$_SESSION['SAML.ID']) {
$idpUrl = [IDP_LOGIN_URL];
$acs = Director::absoluteUrl($this->link());
$samlRequest = \Smindel\SAML\ServiceProvider\AuthnRequest::create($idpUrl, $acs, $requestID);
$_SESSION['SAML.AuthnRequest.ID'] = $samlRequest['ID'];
$url = $idpUrl . '?' . http_build_query(['SAMLRequest' => $samlRequest->deflate()]);
return $this->redirect($url);
}
var_dump('logged id');
Reads
- https://en.wikipedia.org/wiki/SAML_2.0
- https://github.com/jch/saml
- https://www.owasp.org/index.php/SAML_Security_Cheat_Sheet
- http://xacmlinfo.org/2013/06/28/how-saml2-single-logout-works/
- https://stackoverflow.com/questions/19538561/verify-digital-signature-in-saml-response-against-certificate-in-php
- https://github.com/robrichards/xmlseclibs/blob/master/tests/xmlsec-verify.phpt
Tools / Validators
todos
- Validation
- verify certificate
- SSL
- For how long do we store request ids to prevent replay???
- Logout response
- Tests
- MetadataProvider
All versions of saml with dependencies
PHP Build Version
Package Version
Requires
ext-dom Version
*
ext-openssl Version *
psr/container Version 1.0.0
robrichards/xmlseclibs Version dev-master
ext-openssl Version *
psr/container Version 1.0.0
robrichards/xmlseclibs Version dev-master
The package smindel/saml contains the following files
Loading the files please wait ....