Skip to content

Commit ef5e154

Browse files
author
Boy Baukema
committed
Rewrite php-saml to use ZF naming conventions, PSR-0 structure, improve repo layout, add Metadata generation, improve tests
1 parent 6ab665a commit ef5e154

37 files changed

+301
-329
lines changed

consume.php

Lines changed: 0 additions & 28 deletions
This file was deleted.

demo/consume.php

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
<?php
2+
/**
3+
* SAMPLE Code to demonstrate how to handle a SAML assertion response.
4+
*
5+
* The URL of this file will have been given during the SAML authorization.
6+
* After a successful authorization, the browser will be directed to this
7+
* link where it will send a certified response via $_POST.
8+
*/
9+
10+
error_reporting(E_ALL);
11+
12+
require 'settings.php';
13+
14+
require 'lib/onelogin/saml.php';
15+
16+
$samlResponse = new OneLogin_Saml_Response(saml_get_settings(), $_POST['SAMLResponse']);
17+
18+
try {
19+
if ($samlResponse->is_valid()) {
20+
echo "You are: " . $samlResponse->get_nameid();
21+
}
22+
else {
23+
echo "Invalid SAML response.";
24+
}
25+
}
26+
catch (Exception $e) {
27+
echo "Invalid SAML response: " . $e->getMessage();
28+
}

demo/index.php

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
<?php
2+
/**
3+
* SAMPLE Code to demonstrate how to initiate a SAML Authorization request
4+
*
5+
* When the user visits this URL, the browser will be redirected to the SSO
6+
* IdP with an authorization request. If successful, it will then be
7+
* redirected to the consume URL (specified in settings) with the auth
8+
* details.
9+
*/
10+
11+
error_reporting(E_ALL);
12+
13+
require 'settings.php';
14+
15+
require 'lib/onelogin/saml.php';
16+
17+
$authrequest = new OneLogin_Saml_AuthRequest(saml_get_settings());
18+
$url = $authrequest->create();
19+
20+
header("Location: $url");

demo/metadata.php

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
<?php
2+
/**
3+
* Created by JetBrains PhpStorm.
4+
* User: boy
5+
* Date: 4/6/12
6+
* Time: 9:31 AM
7+
* To change this template use File | Settings | File Templates.
8+
*/

demo/settings.php

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
<?php
2+
/**
3+
* SAMPLE Code to demonstrate how provide SAML settings.
4+
*
5+
* The settings are contained within a SamlSettings object. You need to
6+
* provide, at a minimum, the following things:
7+
* - idp_sso_target_url: This is the URL to forward to for auth requests.
8+
* It will be provided by your IdP.
9+
* - x509certificate: This is a certificate required to authenticate your
10+
* request. This certificate should be provided by your IdP.
11+
* - assertion_consumer_service_url: The URL that the IdP should redirect
12+
* to once the authorization is complete. You must provide this, and it
13+
* should point to the consume.php script or its equivalent.
14+
*/
15+
16+
define('XMLSECLIB_DIR', './../src')
17+
18+
define('ONELOGIN_SAML_DIR', './../src/OneLogin/Saml/');
19+
require ONELOGIN_SAML_DIR . 'AuthRequest.php';
20+
require ONELOGIN_SAML_DIR . 'Response.php';
21+
require ONELOGIN_SAML_DIR . 'Settings.php';
22+
require ONELOGIN_SAML_DIR . 'XmlSec.php';
23+
24+
/**
25+
* Return a SamlSettings object with user settings.
26+
*/
27+
function saml_get_settings()
28+
{
29+
// This function should be modified to return the SAML settings for the current user
30+
31+
$settings = new OneLogin_Saml_Settings();
32+
33+
// When using Service Provider Initiated SSO (starting at index.php), this URL asks the IdP to authenticate the user.
34+
$settings->idp_sso_target_url = "https://app.onelogin.com/saml/signon/6171";
35+
36+
// The certificate for the users account in the IdP
37+
$settings->x509certificate = <<<ENDCERTIFICATE
38+
-----BEGIN CERTIFICATE-----
39+
MIIBrTCCAaGgAwIBAgIBATADBgEAMGcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApD
40+
YWxpZm9ybmlhMRUwEwYDVQQHDAxTYW50YSBNb25pY2ExETAPBgNVBAoMCE9uZUxv
41+
Z2luMRkwFwYDVQQDDBBhcHAub25lbG9naW4uY29tMB4XDTEwMDMwOTA5NTgzNFoX
42+
DTE1MDMwOTA5NTgzNFowZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju
43+
aWExFTATBgNVBAcMDFNhbnRhIE1vbmljYTERMA8GA1UECgwIT25lTG9naW4xGTAX
44+
BgNVBAMMEGFwcC5vbmVsb2dpbi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
45+
AoGBANtmwriqGBbZy5Dwy2CmJEtHEENVPoATCZP3UDESRDQmXy9Q0Kq1lBt+KyV4
46+
kJNHYAAQ9egLGWQ8/1atkPBye5s9fxROtf8VO3uk/x/X5VSRODIrhFISGmKUnVXa
47+
UhLFIXkGSCAIVfoR5S2ggdfpINKUWGsWS/lEzLNYMBkURXuVAgMBAAEwAwYBAAMB
48+
AA==
49+
-----END CERTIFICATE-----
50+
ENDCERTIFICATE;
51+
52+
// The URL where to the SAML Response/SAML Assertion will be posted
53+
$settings->assertion_consumer_service_url = "http://localhost/php-saml/consume.php";
54+
55+
// Name of this application
56+
$settings->issuer = "php-saml";
57+
58+
// Tells the IdP to return the email address of the current user
59+
$settings->name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
60+
61+
62+
return $settings;
63+
}

lib/xmlseclibs/CHANGELOG.txt renamed to ext/xmlseclibs/CHANGELOG.txt

File renamed without changes.

lib/xmlseclibs/xmlseclibs.php renamed to ext/xmlseclibs/xmlseclibs.php

File renamed without changes.

index.php

Lines changed: 0 additions & 21 deletions
This file was deleted.

lib/onelogin/saml.php

Lines changed: 0 additions & 5 deletions
This file was deleted.

lib/onelogin/saml/authrequest.php

Lines changed: 0 additions & 62 deletions
This file was deleted.

0 commit comments

Comments
 (0)